Raj*_*lli 5 java bouncycastle java-me x509certificate
我使用Bouncy Castle软件包在平台上生成密钥对.
SecureRandom random = new SecureRandom();
ECKeyPairGenerator pGen = new ECKeyPairGenerator();
ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(params,random);
pGen.init(genParam);
AsymmetricCipherKeyPair pair = pGen.generateKeyPair();
这里pair是类型AsymmetricCipherKeyPair.而且,我需要使用这一对在服务器上生成X509V1Certificate.但是,X509Certificate setPublicKey(PublicKey pubkey)只接受类型的对象PublicKey.所以我需要PublicKey从AsymmetricCipherKeyPair服务器检索一个.但是,我得到了ECPublicKeyParameters,这在setPublicKey方法中是不被接受的.
所以,我在这里的要求是得到PublicKey一个AsymmetricCipherKeyPair.
小智 3
最简单的方法是使用 BouncyCastle 作为 JavaCryptoProvider :
生成密钥对
KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", "BC");
ECGenParameterSpec ecsp = new ECGenParameterSpec(keyAlg);
kpg.initialize(ecsp);
KeyPair kp = kpg.generateKeyPair();
制作 X509v1 证书
X509V1CertificateGenerator certGen = new X509V1CertificateGenerator();
X500Principal dnName = new X500Principal("CN=C3");
Calendar c = Calendar.getInstance();
c.add(Calendar.YEAR, 10);
certGen.setSerialNumber(keyId);
certGen.setIssuerDN(dnName);
certGen.setNotBefore(new Date());
certGen.setNotAfter(c.getTime());
certGen.setSubjectDN(dnName);
certGen.setPublicKey(keyPair.getPublic());
certGen.setSignatureAlgorithm("SHA256withECDSA");
certGen.generate(keyPair.getPrivate(), "BC");