我从字符串生成RSAPublicKey时遇到问题。
public RSAPublicKey getPublickey() throws NoSuchAlgorithmException,InvalidKeySpecException {
String publicKeyContent = "MIIC5jCCAc6gAwIBAgIGAXFv6JtpMA0GCSqGSIb3DQEBCwUAMDQxCzAJBgNVBAYTAkRLMQwwCgYDVQQKEwN0ZGMxFzAVBgNVBAMTDm9pLXNpZ25pbmdjZXJ0MB4XDTIwMDQxMjE5NDA0NloXDTIxMDQxMjE5NDA0N1owNDELMAkGA1UEBhMCREsxDDAKBgNVBAoTA3RkYzEXMBUGA1UEAxMOb2ktc2lnbmluZ2NlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeITu7qWYKDw1gZ/ZG2YbvulJ5RzDpC9QXGOKov2dz8f9+Il3LWuq16o0obQTPiE6ZLG/7PiTQoxtEHEr1aIexUw0NkB+kA2fqgrHDhFZPabHELFoTJ8Jc83gethziFztyCG7fLGgH2kezFndG2VKBuF6/XmDl5sHrax2QZHE5Jcepdo+bEFeA+wUGPNEfidqbOnGeimwDkt7eW/P4pjPjCeT+2Hu4Qo9N6pmxcUGYuPvJ81dA0CiEtoYlSW80aROr5welBAGM2DydSvdCp2FHj+fEFE+uxoWfClccq74KYiqHGg7WmZfLxkcK9OhxhHoqctxtFlK1OD4DkBnRBPgjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIs22S5YalOoYCi/fQCXWk8JQwFKDagriroga4gg715bOaXUkrJVgiMrlyKhXCskx3njaYDG/+UQ0EzbQzTfqC8YtijeOXpJgz9T4fieWuLuen//nHXSb/9I07J/qC31JjI2NjR2LIKumS59DF40VPsliYGhxAH17CECIWTyb5vTJcm6c38OF2MpaRBcX3tF1fncPPHmRX6K0npjWtEm5yb5/YeEIS2SlkB9dFvx+2CbzGezEwhITnMwpo2lthkC18DV8ma2kUUDjocQtwLwO1eStKG5HF29dRnUGyNTyp/a0P9PNngI7FhC1ce5L/LtB6YZyajsCFqDsMunXOlbjqQ=";
KeyFactory kf = KeyFactory.getInstance("RSA");
System.out.println("publicKeyContent: " + publicKeyContent);
X509EncodedKeySpec keySpecX509 = new X509EncodedKeySpec(Base64.getDecoder().decode(publicKeyContent));
RSAPublicKey pubKey = (RSAPublicKey)kf.generatePublic(keySpecX509);
System.out.println(("Pubkey: " + pubKey));
return pubKey;
}
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException: ObjectIdentifier() -- data isn't an object ID (tag = -96)
at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:205) [?:?]
at java.security.KeyFactory.generatePublic(KeyFactory.java:334) [?:?]
at com.comarch.aif.proxy.processors.AuthorizeProcessor.getPublickey(AuthorizeProcessor.java:130) [30:aif-tdc-proxy:3.2.0.SNAPSHOT]
at com.comarch.aif.proxy.processors.AuthorizeProcessor.process(AuthorizeProcessor.java:58) [30:aif-tdc-proxy:3.2.0.SNAPSHOT]
at org.apache.camel.processor.DelegateSyncProcessor.process(DelegateSyncProcessor.java:63) [89:org.apache.camel.camel-core:2.19.0]
at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:77) [89:org.apache.camel.camel-core:2.19.0]
at org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:541) [89:org.apache.camel.camel-core:2.19.0]
at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:198) [89:org.apache.camel.camel-core:2.19.0]
at org.apache.camel.processor.Pipeline.process(Pipeline.java:120) [89:org.apache.camel.camel-core:2.19.0]
at org.apache.camel.processor.Pipeline.process(Pipeline.java:83) [89:org.apache.camel.camel-core:2.19.0]
at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:198) [89:org.apache.camel.camel-core:2.19.0]
at org.apache.camel.component.jetty.CamelContinuationServlet.doService(CamelContinuationServlet.java:192) [95:org.apache.camel.camel-jetty-common:2.19.0]
at org.apache.camel.http.common.CamelServlet.service(CamelServlet.java:74) [94:org.apache.camel.camel-http-common:2.19.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [64:javax.servlet-api:3.1.0]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:845) [270:org.eclipse.jetty.servlet:9.3.14.v20161028]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1712) [270:org.eclipse.jetty.servlet:9.3.14.v20161028]
at org.eclipse.jetty.servlets.MultiPartFilter.doFilter(MultiPartFilter.java:148) [271:org.eclipse.jetty.servlets:9.3.14.v20161028]
at org.apache.camel.component.jetty.CamelFilterWrapper.doFilter(CamelFilterWrapper.java:43) [95:org.apache.camel.camel-jetty-common:2.19.0]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1699) [270:org.eclipse.jetty.servlet:9.3.14.v20161028]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582) [270:org.eclipse.jetty.servlet:9.3.14.v20161028]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) [269:org.eclipse.jetty.server:9.3.14.v20161028]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512) [270:org.eclipse.jetty.servlet:9.3.14.v20161028]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) [269:org.eclipse.jetty.server:9.3.14.v20161028]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [269:org.eclipse.jetty.server:9.3.14.v20161028]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) [269:org.eclipse.jetty.server:9.3.14.v20161028]
at org.eclipse.jetty.server.Server.handle(Server.java:534) [269:org.eclipse.jetty.server:9.3.14.v20161028]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320) [269:org.eclipse.jetty.server:9.3.14.v20161028]
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) [269:org.eclipse.jetty.server:9.3.14.v20161028]
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273) [261:org.eclipse.jetty.io:9.3.14.v20161028]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95) [261:org.eclipse.jetty.io:9.3.14.v20161028]
at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93) [261:org.eclipse.jetty.io:9.3.14.v20161028]
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) [272:org.eclipse.jetty.util:9.3.14.v20161028]
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) [272:org.eclipse.jetty.util:9.3.14.v20161028]
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) [272:org.eclipse.jetty.util:9.3.14.v20161028]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671) [272:org.eclipse.jetty.util:9.3.14.v20161028]
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589) [272:org.eclipse.jetty.util:9.3.14.v20161028]
at java.lang.Thread.run(Thread.java:748) [?:?]
Caused by: java.security.InvalidKeyException: IOException: ObjectIdentifier() -- data isn't an object ID (tag = -96)
at sun.security.x509.X509Key.decode(X509Key.java:397) ~[?:?]
at sun.security.x509.X509Key.decode(X509Key.java:402) ~[?:?]
at sun.security.rsa.RSAPublicKeyImpl.<init>(RSAPublicKeyImpl.java:86) ~[?:?]
at sun.security.rsa.RSAKeyFactory.generatePublic(RSAKeyFactory.java:298) ~[?:?]
at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:201) ~[?:?]
... 36 more
当我使用不同的publickKeyContent时,例如:
String publicKeyContent = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBdtgPGgQq6i856pnvj6yl+5gHAhHCgsTsrrHR4L4rkwIXYLu/i6O6gBKS2JaQ0kmye05U6S6Qgavmeek7pVefuXB1rFLnGvZJRHCJhZlXJSI5xEYpCuq1bw97iN+B5aSqIPkfbBjcmSQ14Xcm0vFZ65JJA4DjZclbVFSJpxXB4rqN8Rar2C87vMm+8z9rQ9Jn6yGBaVpZ1RnY1GDEv7OfBVcfbtwNeqOV/Qlpb+9aQML7Wf3ZU0Fvqto+WkBjgqZWcoE1qgRWWnYRPyXWsJUQY2u0H8ZVxHJtuQNnQanMBnih1Mh2cjDQKrSxMT2s5C0f+gNhp+mi2jRb0IY/J1PwIDAQAB";
evrything可以正常工作,我在不同的JSON Web令牌上使用JWT.IO上的两个证书,并且在此站点上都可以正常工作。我究竟做错了什么 ?
最佳答案
引发异常的示例不是公共密钥,而是完整的X.509证书。证书具有许多字段,其中只有一个是公共密钥。这是一个简短的示例,显示了如何从证书中提取公钥。
import java.io.ByteArrayInputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Base64;
public class GetCert {
public static void main(String[] args) throws CertificateException {
String certBase64 = "MIIC5jCCAc6gAwIBAgIGAXFv6JtpMA0GCSqGSIb3DQEBCwUAMDQxCzAJBgNVBAYTAkRLMQwwCgYDVQQKEwN0ZGMxFzAVBgNVBAMTDm9pLXNpZ25pbmdjZXJ0MB4XDTIwMDQxMjE5NDA0NloXDTIxMDQxMjE5NDA0N1owNDELMAkGA1UEBhMCREsxDDAKBgNVBAoTA3RkYzEXMBUGA1UEAxMOb2ktc2lnbmluZ2NlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeITu7qWYKDw1gZ/ZG2YbvulJ5RzDpC9QXGOKov2dz8f9+Il3LWuq16o0obQTPiE6ZLG/7PiTQoxtEHEr1aIexUw0NkB+kA2fqgrHDhFZPabHELFoTJ8Jc83gethziFztyCG7fLGgH2kezFndG2VKBuF6/XmDl5sHrax2QZHE5Jcepdo+bEFeA+wUGPNEfidqbOnGeimwDkt7eW/P4pjPjCeT+2Hu4Qo9N6pmxcUGYuPvJ81dA0CiEtoYlSW80aROr5welBAGM2DydSvdCp2FHj+fEFE+uxoWfClccq74KYiqHGg7WmZfLxkcK9OhxhHoqctxtFlK1OD4DkBnRBPgjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIs22S5YalOoYCi/fQCXWk8JQwFKDagriroga4gg715bOaXUkrJVgiMrlyKhXCskx3njaYDG/+UQ0EzbQzTfqC8YtijeOXpJgz9T4fieWuLuen//nHXSb/9I07J/qC31JjI2NjR2LIKumS59DF40VPsliYGhxAH17CECIWTyb5vTJcm6c38OF2MpaRBcX3tF1fncPPHmRX6K0npjWtEm5yb5/YeEIS2SlkB9dFvx+2CbzGezEwhITnMwpo2lthkC18DV8ma2kUUDjocQtwLwO1eStKG5HF29dRnUGyNTyp/a0P9PNngI7FhC1ce5L/LtB6YZyajsCFqDsMunXOlbjqQ=";
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate cert = cf.generateCertificate(
new ByteArrayInputStream(
Base64.getDecoder().decode(certBase64)
)
);
System.out.println(cert.getPublicKey());
}
}