sap*_*pan 5 java bouncycastle x509certificate
我使用BouncyCastle API和bcprov-jdk15on-147罐子生成CSR.
CertificationRequestInfo certInfo = new CertificationRequestInfo(subject, subKeyInfo, new DERSet(attribute));
org.bouncycastle.operator.ContentSigner sigGen = null;
sigGen = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(privateKey);
org.bouncycastle.asn1.pkcs.CertificationRequest ctest = new org.bouncycastle.asn1.pkcs.CertificationRequest(certInfo,sigAlgName,new DERBitString(sigGen.getSignature()));
我将这个obejct传递给我的调用函数:
GenerateCSR gcsr = GenerateCSR.getInstance();
System.out.println("Public Key:\n"+gcsr.getPublicKey().toString());
System.out.println("Private Key:\n"+gcsr.getPrivateKey().toString());
org.bouncycastle.asn1.pkcs.CertificationRequest csr = gcsr.getCSR("IMO");
System.out.println("CSR Request Generated!!");
FileWriter fcsr = new FileWriter("C:\\test.txt");
PEMWriter w1 = new PEMWriter(fcsr);
w1.writeObject(csr);
但我得到以下例外:
Exception in thread "main" org.bouncycastle.util.io.pem.PemGenerationException: unknown object passed - can't encode.
at org.bouncycastle.openssl.MiscPEMGenerator.createPemObject(Unknown Source)"
更好的解决方案是使用PemObject.
String type = "CERTIFICATE REQUEST";
byte[] encoding = pkcs10.getEncoded();
PemObject pemObject = new PemObject(type, encoding);
StringWriter str = new StringWriter();
PEMWriter pemWriter = new PEMWriter(str);
pemWriter.writeObject(pemObject);
pemWriter.close();
str.close();
System.out.println(str);
我最终像这样手动创建了 pem 对象。
String code = "-----BEGIN CERTIFICATE REQUEST-----\n";
code += new String(Base64.encodeBase64Chunked(request.getEncoded()));
code += "-----END CERTIFICATE REQUEST-----";
System.out.println(code);
我猜测 PemWriter 无法输出 CertificationRequest 对象是一个错误,因为看起来 BouncyCastle v1.47 仍然充满其他错误。