上次把ASN.1解析得到了具体对象,但是难以理解对应的意义。这次是解析为Bouncy Castle下的OCSPRequest结构。
先了解一下OCSPRequest的结构:
public class OCSPRequest
extends ASN1Object
{
TBSRequest tbsRequest;
Signature optionalSignature;
}
public class TBSRequest
extends ASN1Object
{
private static final ASN1Integer V1 = new ASN1Integer(0);
ASN1Integer version;
GeneralName requestorName;
ASN1Sequence requestList;
Extensions requestExtensions;
}
public class Signature
extends ASN1Object
{
AlgorithmIdentifier signatureAlgorithm;
DERBitString signature;
ASN1Sequence certs;
}
public class AlgorithmIdentifier
extends ASN1Object
{
private ASN1ObjectIdentifier algorithm;
private ASN1Encodable parameters;
}
更多结构可点进去查看,这里只写本文用到的。
给定这样一个Bouncy Castle的signedReq:
String signedReq =
"MIIC9jBAMD4wPDA6MAkGBSsOAwIaBQAEFENv0Y4OeruVGFKQSrDhdfbiG4RHBBTc"
+ "Mr1fP+mZAxbF2ZdehWxn6mtAngIBAaCCArAwggKsMA0GCSqGSIb3DQEBBQUAA4GB"
+ "AAzHBm4nL5AcRQB3Jkz7ScNeZF+GbRZ0p4kBDTnqi3IeESuso12yJhpqqyijdnj5"
+ "gd4/GsSAgdluLHyYZ6wgozV7G9MDXCnFnG4PBUW05HaVX81JYAp+amVyU0NOgNrG"
+ "90npVBsHb0o+UlkxNgMiEbSkp/TeGb6YURsYKhmwp7BgoIICFTCCAhEwggINMIIB"
+ "dqADAgECAgEBMA0GCSqGSIb3DQEBBAUAMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0"
+ "bGUxCzAJBgNVBAYTAkFVMB4XDTA0MTAyNDEzNDc0M1oXDTA1MDIwMTEzNDc0M1ow"
+ "JTEWMBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwgZ8wDQYJKoZI"
+ "hvcNAQEBBQADgY0AMIGJAoGBAJBmLeIzthMHUeTkOeJ76iBxcMHY31o/i3a9VT12"
+ "y2FcS/ejJmeUCMTdtwl5alOwXY66vF4DyT1VU/nJG3mHpSoqq7qrMXOIFGcXg1Wf"
+ "oJRrQgTOLdQ6bod7i9ME/EjEJy70orh0nVS7NGcu0R5TjcbLde2J5zxjb/W9wqfy"
+ "RovJAgMBAAGjTTBLMB0GA1UdDgQWBBTcMr1fP+mZAxbF2ZdehWxn6mtAnjAfBgNV"
+ "HSMEGDAWgBTcMr1fP+mZAxbF2ZdehWxn6mtAnjAJBgNVHRMEAjAAMA0GCSqGSIb3"
+ "DQEBBAUAA4GBAF/4EH1KkNrNxocJPIp7lThmG1KIVYESIadowMowrbok46ESofRF"
+ "OIPku07W+e1Y1Y1KXLIiPMG3IGwrBrn04iLsbbBUiN37BcC/VyT4xKJ2MYscGjKL"
+ "ua/9bU0lOyeTRAwqb8towWRd5lLYAI3RQ7dhStUTFp3Vqd803PJ/cpR6";
下面是解析代码:
byte[] d64 = Base64.decode(signedReq); ASN1InputStream asn1InputStream = new ASN1InputStream(d64); try { //强制转换类型 OCSPRequest req = OCSPRequest.getInstance(asn1InputStream.readObject()); //依然是先打断点判断有什么结构,再写结构。 //tbsRequest部分 TBSRequest tbsRequest = req.getTbsRequest(); ASN1Integer asn1Integer = tbsRequest.getVersion(); GeneralName generalName = tbsRequest.getRequestorName(); ASN1Sequence requestList = tbsRequest.getRequestList(); Extensions extensions = tbsRequest.getRequestExtensions(); System.out.println("tbsRequest值:"); System.out.println("version:--------------" + asn1Integer); System.out.println("generalName:--------------" + generalName); System.out.println("requestList:--------------" + requestList); System.out.println("extensions:--------------" + extensions); //signature部分 Signature signature = req.getOptionalSignature(); System.out.println("signature值:"); if (signature == null) { System.out.println("signature为空");//空 } else { AlgorithmIdentifier algorithmIdentifier = signature.getSignatureAlgorithm(); ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm(); ASN1Encodable parameters = algorithmIdentifier.getParameters(); System.out.println("algorithm:--------------"+algorithm); System.out.println("parameters:--------------"+parameters); DERBitString derBitString = signature.getSignature(); System.out.println("signature:--------------"+derBitString); ASN1Sequence certs = signature.getCerts(); System.out.println("certs:--------------"+certs); } } catch (Exception e) { e.printStackTrace(); }
main方法调用一下:
解析完成!