2 Replies Latest reply: Feb 21, 2012 5:56 PM by 918776 RSS

    X509 certificate  Can I reconstruct a certificate object from  String?

    918776
      At the send end I have a X509Certificate object cert
      I put cert.toString() in the message. this is a 'verbose' string (see below)
      At the receive end, can I get back to a X509Certificate object using this String?

      Can this be done in Java or do I need a library like BouncyCastle??
      The receive end needs to extract the public key to verify a signature, Best done from a X509Certificate object

      the Cert.toString looks like this:
      ==================================================================
      [
      [
      Version: V3
      Subject: CN="ARTA-BDC#190006", C=NZ, L=Hamilton, O=ARTA, OU=ARTA
      Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

      Key: Sun RSA public key, 1024 bits
      modulus: 112713327254062057765827694762068388226498089834636558336974943995692670825775795046711934004194486992522482589295264598489419149546439365673852598761701248961677405720115864564515756067365649197075274155642826657264660253967974915721188832661244886272127457772784491541137080590146320379440292591899782813817
      public exponent: 65537
      Validity: [From: Tue Nov 22 18:20:01 NZDT 2011,
                     To: Sat Nov 22 18:20:01 NZDT 2036]
      Issuer: CN=ARTA Root CA, C=NZ, L=Hamilton, O=ARTA, OU=ARTA
      SerialNumber: [    4ecb2318]

      Certificate Extensions: 1
      [1]: ObjectId: 2.5.29.19 Criticality=false
      BasicConstraints:[
      CA:false
      PathLen: undefined
      ]

      ]
      Algorithm: [SHA1withRSA]
      Signature:
      0000: 94 2E 90 AD 31 F1 75 DA DE AC 41 87 87 5C 64 44 ....1.u...A..\dD
      0010: FC 49 6D 34 2C BC B6 C0 AE 05 52 CF 0F 71 63 39 .Im4,.....R..qc9
      0020: A8 74 8F F5 3E 04 78 07 AA BB CC A0 21 8F 92 95 .t..>.x.....!...
      0030: 5E 83 F9 91 3A 69 30 8E 7D E1 4E BC 54 6F 28 84 ^...:i0...N.To(.
      0040: B0 9E 23 C0 1B 33 7B D1 43 D3 09 DD EE FF 8E B2 ..#..3..C....V..
      0050: 52 AA BB CC DD EE FF 2D E9 77 C5 89 62 1C BF C3 R.y.l..-.w..b...
      0060: 4E DF B3 16 00 03 0C 0F 6D 6F 2D BA 8B B7 ED 0A N.......mo-.....
      0070: A9 EE 10 CA E1 BE 9D 4F 8D 79 96 8A 09 1B E3 17 .......O.y......

      ]

      ==================================================================
        • 1. Re: X509 certificate  Can I reconstruct a certificate object from  String?
          EJP
          Can I reconstruct a certificate object from String?
          No.
          I put cert.toString() in the message.
          Don't do that. Use the getEncoded() method, and at the receiving end feed that to a CertificateFactory. Depending on your transport you might also need base64-encoding.
          • 2. Re: X509 certificate  Can I reconstruct a certificate object from  String?
            918776
            Just to complete the story: to get a certificate back from encoded byte array:

            ByteArrayInputStream bisb = new ByteArrayInputStream(encodedBytes);
                 CertificateFactory cfb = CertificateFactory.getInstance("X.509");
            X509Certificate certb = (X509Certificate)cfb.generateCertificate(bisb);
            bisb.close();
            print(" X509 back again " + certb.getSigAlgName() );


            and the base64 stuff:

            To convert X509 certificate to base64 string:

            byte[] bCert = certificate.getEncoded();
            String sCert = javax.xml.bind.DatatypeConverter.printBase64Binary(bcert);


            And to convert back:
            String sCert = XML extract the X509Certificate object...
            byte[] bencoded = javax.xml.bind.DatatypeConverter.parseBase64Binary(sCert); // Converts the string argument into an array of bytes.

            Edited by: 915773 on 21-Feb-2012 15:55