{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 倾城 Initia 的问题《CertificateException when generateCertificate()》','https://www.manongdao.com/q-512862.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am developing my android app. I am trying to generate the X509Certificate instance from my certificate file stream, but get CertificateException , here is my simple code:
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
...
public class CertMgr {
//my certification file 'mycert.p12' located in my app internal storage
File certFile = GET_CERT();
X509Certificate cert = null;
try {
FileInputStream fis = new FileInputStream(certFile);
BufferedInputStream bis = new BufferedInputStream(fis);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
if(bis.available() > 0){
//I got CertificateException here, see the stack trace
cert = (X509Certificate) cf.generateCertificate(bis); //line nr 150
}
}catch(...)
{...}
...
}
stack trace:
javax.security.cert.CertificateException: org.apache.harmony.security.asn1.ASN1Exception: ASN.1 Sequence: mandatory value is missing at [4]
11-11 17:30:20.731: W/System.err(11529): at javax.security.cert.X509Certificate.getInstance(X509Certificate.java:94)
11-11 17:30:20.731: W/System.err(11529): at javax.security.cert.X509Certificate.getInstance(X509Certificate.java:213)
11-11 17:30:20.731: W/System.err(11529): at com.my.app.CertMgr.getCert(CertMgr.java:150)
Could someone please explain to me why I get this exception?
P.S.: Here are the classes I am using from Android SDK X509Certificate , CertificateFactory
If you are curious about why I am doing this, the reason is that I want my app to be able to install the certificate(mycert.p12) by the following code (if above code is working properly):
Intent installIntent = KeyChain.createInstallIntent();
installIntent.putExtra(KeyChain.EXTRA_CERTIFICATE, cert.getEncoded());
installIntent.putExtra(KeyChain.EXTRA_NAME, MY_CERT);
startActivityForResult(installIntent, INSTALL_KEYCHAIN_CODE);
You are trying to read a PKCS#12 data structure as it was a X509 certificate. The PKCS#12 standard specifies a data structure which can bundle multiple certificates and private keys, optionally protected by a password.
In order to read the PKCS#12 data you need to load it with a KeyStore. This code snippet show how list all entries of the PCKS#12 file:
KeyStore entries can be private key, with or without an associated certificate chain (i.e. a sequence of certificate from the root certificate to the certificate corresponding to the private key), or a trusted certificate. You can determine the entry type by the
KeyStore.isKeyEntryandKeyStore.isCertificateEntrymethods.According to the KeyChain intent you gave, it seems you want to add a new trusted Root CA certificate in the key chain. Therefore I think you should list the certificate entries of the PKCS#12 file.
EDIT (12th nov 2013)
How to get a trusted certificate from the keystore: