2023年7月13日发(作者：)

Java将数组转成der编码

import thmId; //导入方法依赖的package包/类

/**

* Encode the bytes for the TBSCertificate structure:

*

* TBSCertificate ::= SEQUENCE {

* version [0] EXPLICIT Version DEFAULT v1,

* serialNumber CertificateSerialNumber,

* signature AlgorithmIdentifier,

* issuer Name,

* validity Validity,

* subject Name,

* subjectPublicKeyInfo SubjectPublicKeyInfo,

* issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,

* -- If present, version MUST be v2 or v3

* subjectUniqueID [2] IMPLICIT UniqueIdentifier

OPTIONAL,

* -- If present, version MUST be v2 or v3

* extensions [3] EXPLICIT Extensions OPTIONAL

* -- If present, version MUST be v3 * }

*

* @param issuerCert The certificate of the issuing

authority, or

* {@code null} if the resulting certificate is self-signed.

* @param signAlg The signature algorithm object

*

* @return The DER-encoded bytes for the TBSCertificate

structure

*

* @throws IOException if an encoding error occurs.

*/

private byte[] encodeTbsCert(X509Certificate issuerCert,

AlgorithmId signAlg) throws IOException {

DerOutputStream tbsCertSeq = new DerOutputStream();

DerOutputStream tbsCertItems = new

DerOutputStream();

// Hardcode to V3

byte[] v3int = {0x02, 0x01, 0x02};

(Tag(_CONTEXT, true,

(byte)0), v3int); // Serial Number

SerialNumber sn = new SerialNumber(serialNumber);

(tbsCertItems);

// Algorithm ID

ode(tbsCertItems);

// Issuer Name

if (issuerCert != null) {

(

jectX500Principal().getEncoded());

} else {

// Self-signed

(oded());

}

// Validity period (set as UTCTime)

DerOutputStream valSeq = new DerOutputStream();

Time(notBefore);

Time(notAfter);

(_Sequence, valSeq);

// Subject Name

(oded());

// SubjectPublicKeyInfo

(oded()); // TODO: Extensions!

encodeExtensions(tbsCertItems);

// Wrap it all up in a SEQUENCE and return the bytes

(_Sequence, tbsCertItems);

return Array();

}