问题在Java中生成自签名证书(X509),私钥和公钥编程方式
问题描述:
,当我试图使用生成或BouncyCastle的Sun.Security证书我面对的问题。*问题在Java中生成自签名证书(X509),私钥和公钥编程方式
要求 - Android的API支持 - 对于15 API和API 8
我尝试以下的方法来做到这一点..
1)使用BouncyCastle的罐子下面的代码
我试着面对这种代码个X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
v3CertGen.setSerialNumber(BigInteger.valueOf(new SecureRandom().nextInt()));
v3CertGen.setIssuerDN(new X509Principal("CN=" + domainName + ", OU=None, O=None L=None, C=None"));
v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 365*10)));
v3CertGen.setSubjectDN(new X509Principal("CN=" + domainName + ", OU=None, O=None L=None, C=None"));
//
v3CertGen.setPublicKey(KPair.getPublic());
v3CertGen.setSignatureAlgorithm("MD5WithRSAEncryption");
X509Certificate PKCertificate = v3CertGen.generateX509Certificate(KPair.getPrivate());
问题:
- CertificateGenerator是depricated
- X509V3CertificateGenerator类是未鉴定
- 尝试与不同版本的BouncyCastle的罐子(1.45,1.46,1.47 & 1.57)
- 尝试使用CertificateBuilder(代码如下)
-
SubjectPublicKeyInfo当我使用这段代码时,这个类没有被识别。
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded()); X509v3CertificateBuilder myX509v3CertificateBuilder = new X509v3CertificateBuilder(new X500Name("c=sree"), BigInteger.valueOf(new Random().nextInt(1000000)), new Date(System.currentTimeMillis()), new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 *365 * 100)), new X500Name("c=sree"), publicKeyInfo); ContentSigner signer = new JcaContentSignerBuilder("Sha256withRSA").build(myCAPrivateKey); X509CertificateHolder certHolder = myX509v3CertificateBuilder.build(signer); X509Certificate cert = (new JcaX509CertificateConverter().getCertificate(certHolder)); CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC"); Certificate certcert = cf.generateCertificate(new ByteArrayInputStream(cert.getEncoded()));
2)我试图与Sun.Security *包与下面码
import java.security.cert.X509Certificate;
import sun.security.tools.keytool.CertAndKeyGen;
import sun.security.x509.X500Name;
public class SelfSignedCertificateGeneration {
public static void main(String[] args){
try{
CertAndKeyGen keyGen=new CertAndKeyGen("RSA","SHA1WithRSA",null);
keyGen.generate(1024);
//Generate self signed certificate
X509Certificate[] chain=new X509Certificate[1];
chain[0]=keyGen.getSelfCertificate(new X500Name("CN=ROOT"), (long)365*24*3600);
System.out.println("Certificate : "+chain[0].toString());
}catch(Exception ex){
ex.printStackTrace();
}
}
}面对这种代码
的问题:
- CertAndKeyGen和其他几个班都不能访问
**
有没有其他办法?请给我建议。
**
答
Android的旧版本附带BouncyCastle的一个简化版本。所以你不能相信你需要的功能是完整的。尝试包括https://rtyley.github.io/spongycastle/,这是一款适用于Android的Bouncy Castle重新包装。
指定从BC到SC
在这里的Gradle依赖
compile 'com.madgag.spongycastle:core:1.56.0.0'
compile 'com.madgag.spongycastle:prov:1.56.0.0'
compile 'com.madgag.spongycastle:pkix:1.56.0.0'
compile 'com.madgag.spongycastle:pg:1.56.0.0'
包名称从org.bouncycastle.*改为org.spongycastle.*和供应商的名字你有using spongycastle to create a selfsigned certificate
这不是工作@pedrofb为例再次面临同样的问题。 – SreeTej
你的意思是你不能编译代码? – pedrofb
是的,我无法编译代码。错误是(无法识别类)找到No.Class.defination。 – SreeTej