问题
I have an X509Certificate accessed by a variable ...
when i try to get the details of the certificate i manage to get the CriticalExtensions value easly by the functions provided.
however what i'm trying to reach is the none critical extension which is stored in certifcate and represented by Object ID # 2.5.29.32
what i'm trying to access is the policy identifier number which is show in this image: http://i.stack.imgur.com/xo8zX.png
i used the following function
cert.getExtensionValue("2.5.29.32");
but it doesn't give me the value .. anyone can tell me what i'm doing wrong ?
P.S: i'm using the java.security.cert.X509Certificate;
回答1:
Found the issue .
The returned value was DER Octet encoded value which needed to be decoded, here is the code i used to decode the value :
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.ASN1InputStream;
.
.
.
.
byte[] UID = cert.getExtensionValue("2.5.29.32");
DERObject derObject = toDERObject(UID);
if (derObject instanceof DEROctetString)
{
DEROctetString derOctetString = (DEROctetString)derObject;
derObject = toDERObject(derOctetString.getOctets());
}
System.out.println(derObject.toString());
And this is the function to convert DER to object.
Static public DERObject toDERObject(byte[] data) throws IOException
{
ByteArrayInputStream inStream = new ByteArrayInputStream(data);
ASN1InputStream DIS = new ASN1InputStream(inStream);
return DIS.readObject();
}
Hope this helps someone in need .
来源:https://stackoverflow.com/questions/7356072/how-to-access-certificate-extension-information-values