得到了java.security.InvalidKeyException：IOException：ObjectIdentifier（）-数据不是对象ID（标记= -96）

Question

注意： String cert是通过REST API作为HashMap发送的，不确定此处有什么问题。

HashMap<String, Object> extraParams = //API brings this HashMap here.
String cert = (String) extraParams.get("certificate");
cert = cert.replaceAll("-----BEGIN CERTIFICATE-----", "").
                replaceAll("-----END CERTIFICATE-----", "").replaceAll("\r", "").replaceAll("\n", "");
byte[] decodedBytes = Base64.decodeBase64(cert.getBytes("UTF-8"));
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(decodedBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
PublicKey pk = kf.generatePublic(publicKeySpec);

我来自原始服务器的证书字符串和我通过API收到的证书字符串相同，但是仍然收到此错误，不确定为什么？

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException: ObjectIdentifier() -- data isn't an object ID (tag = -96)

Answer 1

正如我在问题本身中提到的，我的String Cert已通过REST HTTP ，我怀疑UTF-8编码可能是一个问题。 那就是我所缺少的。 下面的代码对我来说就像是魅​​力。 部分复制自https://stackoverflow.com/a/34549537/1665592

String cert = "...";
byte[] encodedCert = cert.getBytes("UTF-8");
byte[] decodedCert = Base64.decodeBase64(encodedCert);
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
InputStream in = new ByteArrayInputStream(decodedCert);
X509Certificate certificate = (X509Certificate)certFactory.generateCertificate(in);
PublicKey publicKey = ((RSAPublicKey)certificate.getPublicKey());