Sur*_*tta 6 java security encryption cryptography bouncycastle
编写代码以使用生成数字证书BouncyCastle.
这是导致问题的代码的基本部分.
public X509Certificate generateCertWithKeypair(KeyPair caPair)
throws InvalidKeyException, SecurityException, SignatureException {
X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
v3CertGen
.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
v3CertGen
.setIssuerDN(new X509Principal("CN=cn, O=o, L=L, ST=il, C= c"));
v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60
* 60 * 24));
v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
+ (1000L * 60 * 60 * 24 * 365 * 10)));
v3CertGen
.setSubjectDN(new X509Principal("CN=cn, O=o, L=L, ST=il, C= c"));
v3CertGen.setPublicKey(caPair.getPublic());
v3CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption");
X509Certificate generateX509Certificate = v3CertGen
.generateX509Certificate(caPair.getPrivate());//**here**
return generateX509Certificate;
}
面临例外
Exception in "main" java.lang.SecurityException: BC provider not installed!
at X509V3CertificateGenerator.generateX509Certificate(Unknown Source)
at chapter4.Dupe.generateCertWithKeypair(Dupe.java:74)
at chapter4.Dupe.main(Dupe.java:32)
在搜索中我发现 最新的jar解决了这个问题,但没有运气.
我错过了什么吗?
你应该在JRE中"注册"BC.您可以通过两种方式完成此操作:将bcprov.jar放在$ JRE/lib/ext文件夹中并添加到$JRE/lib/security/java.security行中
security.provider.N = org.bouncycastle.jce.provider.BouncyCastleProvider
或者将bcprov.jar放在类路径中,不要修改java.security,而是在某处添加代码
static { Security.addProvider(new BouncyCastleProvider()); }
http://www.bouncycastle.org/wiki/display/JA1/Provider+Installation