import java.nio.Buffer; /** * @author TBear * */ import java.awt.TexturePaintContext.Byte; import java.security.InvalidKeyException; import java.security.KeyPair; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.PrivateKey; import java.security.SignatureException; import java.security.cert.Certificate; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateParsingException import java.security.cert.X509Certificate; import javax.security.auth.x500.X500Principal; import org.bouncycastle.asn1.ASN1encodableVector; import org.bouncycastle.asn1.DERBitString import org.bouncycastle.asn1.DERInteger import org.bouncycastle.asn1.DERSequence import org.bouncycastle.asn1.DERUTCTime import org.bouncycastle.asn1.x509.AlgorithmIdentifier import org.bouncycastle.asn1.x509.BasicConstraints import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator import org.bouncycastle.asn1.x509.X509CertificateStructure import org.bouncycastle.asn1.x509.X509Extensions; import org.bouncycastle.asn1.x509.X509ExtensionsGenerator; import org.bouncycastle.asn1.x509.X509Name import org.bouncycastle.jce.provider.BouncyCastleProvider import org.bouncycastle.jce.provider.X509CertificateObject import org.bouncycastle.x509.extension.SubjectKeyIdentifierStructure; import com.itrus.raapi.info.CertInfo; public class CertService{ public static void main(String[] args) { X509CertificateObject certificate = genSM2_Cert(); byte[] buffer = certificate.getEncoded(); bufferedoutputstream outputStream = new bufferedoutputstream(new FileOutputStream(new File('E:/abc.cer'))); outputStream.write buffer; outputStream.flush(); outputStream.close(); } //X509CertificateObject static X509CertificateObject genSM2_Cert() throws CertificateParsingException{ long currTime = new Date().getTime(); String issuerDN = "cn=ibm"; String subjectDN = "cn=ibm"; int vday = 10; //证书生成 V3TBSCertificateGenerator v3CertGen = new V3TBSCertificateGenerator(); //系列号 DERInteger serialNumber = new DERInteger(BigInteger.valueOf(currTime)); v3CertGen.setSerialNumber(serialNumber); //发行人 v3CertGen.setIssuer(new X509Name(issuerDN)); //开始时间和结束时间 v3CertGen.setStartDate(new DERUTCTime(new Date(currTime))); v3CertGen.setEndDate(new DERUTCTime(new Date(currTime + vday*24*60*60*1000))); //主题 v3CertGen.setSubject(new X509Name(subjectDN)); //签名算法 AlgorithmIdentifier algSign = new AlgorithmIdentifier("1.2.156.197.1.501"); v3CertGen.setSignature(algSign); //公钥算法 AlgorithmIdentifier algKey = new AlgorithmIdentifier("1.2.156.197.1.301"); byte[] pubData = new byte[65]; pubData[0] = 0; for(byte i=1;i<pubData.length;i++){ pubData[i] = i; } //有公钥算法和签名算法生成公钥信息摘要 SubjectPublicKeyInfo pubKeyInfo = new SubjectPublicKeyInfo(algKey,pubData); v3CertGen.setSubjectPublicKeyInfo(pubKeyInfo); byte[] signInfo = new byte[69]; for(byte i=1;i<pubData.length;i++){ pubData[i] = i; } X509ExtensionsGenerator extenGen = new X509ExtensionsGenerator(); //extenGen.addExtension(paramDERObjectIdentifier,paramBoolean,paramArrayOfByte); X509Extensions exten = extenGen.generate(); v3CertGen.setExtensions(exten); ASN1encodableVector asn1encodablevector = new ASN1encodableVector(); asn1encodablevector.add(v3CertGen.generateTBSCertificate()); asn1encodablevector.add(algSign); asn1encodablevector.add(new DERBitString(signInfo)); return new X509CertificateObject(new X509CertificateStructure(new DERSequence(asn1encodablevector))); } }
注意最终的输出流必须用bufferedoutputstream;其他的流写不出!
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
