说明:我是用BC库(pom依赖如下,解析sm2算法对应的p7b证书链,需要如下两个依赖)解析的sm2算法的p7b证书链,代码如下所示:
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.70</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.70</version>
</dependency>
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.Store;
import sun.misc.BASE64Encoder;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.Collection;
/**
* @DESCRIPTION: BC库解析P7B证书链
* @USER: shg
* @DATE: 2023/9/7 16:13
*/
public class ParseP7BCert_V2 {
public static void main(String[] args) throws IOException, CertificateException, CMSException {
String p7bFilePath = "C:\\fiels\\sm2.ca.p7b";
try {
byte[] p7bData = readP7BFile(p7bFilePath);
String p7bDataString = new String(p7bData);
System.out.println("P7B Data:\n" + p7bDataString);
p7bDataString = p7bDataString.replaceAll("\\n", "").replaceAll("\\r", "").replaceAll("\\s", "").replace("-----BEGINPKCS7-----", "").replace("-----ENDPKCS7-----", "");
parseCertificates(p7bDataString);
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public static void parseCertificates(String certInfo) throws Exception {
Security.addProvider(new BouncyCastleProvider());
CMSSignedData sd = new CMSSignedData(Base64.getDecoder().decode(certInfo));
Store<X509CertificateHolder> store = sd.getCertificates();
Collection<X509CertificateHolder> certificates = store.getMatches(null);
for (X509CertificateHolder x509 : certificates) {
X509Certificate bc = new JcaX509CertificateConverter().setProvider("BC").getCertificate(x509);
System.out.println("颁发者:" + bc.getIssuerDN().getName());
System.out.println("颁发给:" + bc.getSubjectDN().getName());
String encode = new BASE64Encoder().encode(bc.getEncoded());
System.out.println("证书内容:\n" + encode + "\n");
}
}
private static byte[] readP7BFile(String filePath) throws IOException {
FileInputStream fis = null;
try {
fis = new FileInputStream(filePath);
byte[] data = new byte[fis.available()];
fis.read(data);
return data;
} finally {
if (fis != null) {
fis.close();
}
}
}
}