Java – use struts to check PFX file types

2020-08-02 • Java

Is there any way to check that the uploaded certificate is really a PFX certificate? I try the following code:

LazyValidatorForm lazyForm = (LazyValidatorForm) actionForm;
FormFile cerFile = (FormFile) lazyForm.get("cerFile");

if (!cerFile.getContentType().equals("application/x-pkcs12")) {
    /** return error code **/
}

However, in most cases, the content type is application / octet stream, which is useless

Solution

You can try to load the uploaded file into keystore:

LazyValidatorForm lazyForm = (LazyValidatorForm) actionForm;
FormFile cerFile = (FormFile) lazyForm.get("cerFile");

KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(cerFile.getInputStream(),null);

Even if PFX contains a password - protected private key and should still be loaded PFX (it's basically useless without a password, but it should be loaded)

If there are no exceptions, and the keystore If size () is equal to 1 after loading, it must be PFX file

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.

THE END

Java