我有一个从其他服务接收 X509Certificate 的 Java Web 服务。在 Java Web 服务上,X509Certificate 使用此代码片段序列化为字节数组
for (X509Certificate certificate : certs) {
try (ByteArrayOutputStream bos = new ByteArrayOutputStream()) {
try (ObjectOutput out = new ObjectOutputStream(bos)) {
out.writeObject(certificate);
wrapper = new CustomMapCertificateWrapper();
wrapper.setCustomValue(bos.toByteArray());
response.getCustomMapCertificateWrapper().add(wrapper);
}
}
这里的CustomMapCertificateWrapper 是byte[] value named field 类,将x509certificate 存储为字节数组。我的 .NET 服务收到此对象 CustomMapCertificateWrapper,我尝试使用此代码片段在 C# 端生成 X509Certificate
//Do array reverse because of BigEndian difference between Java and c# languages
Array.Reverse(customMapCertificateWrapper.value);
var certificate = new X509Certificate(customMapCertificateWrapper.value);
这段代码给我带来了如下的惊喜
System.Security.Cryptography.CryptographicException: Cannot find the requested object.
at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._QueryCertBlobType(Byte[] rawData)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData)
最佳答案
Java 的 ObjectOutputStream生成旨在由 Java 的 ObjectInputStream 读取的输出.它不会产生标准的、独立于语言的结果。
为了可移植性,您应该序列化 Java X509Certificate使用 Certificate.getEncoded()方法。然后可以在 C# 端将输出用作 X509Certificate() 的 byte[] 参数。或 X509Certificate2()构造函数。
关于java - X509Certificate 在 Java 中返回到 byte[],在 C# 中返回到 X509Certificate,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45487070/