生成基于RSA与SM2数字证书的请求PKCS10CertificationRequest
申请证书时生成的req文件需要:主题 密钥对 签名加密算法
写道
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.SignatureException;
import javax.security.auth.x500.X500Principal;
import sun.misc.BASE64Encoder;
/**
* @param algorithm签名算法 1.SHA1withRSA 2.SM3WITHSM2
* @param dn主题
* @param keyPair密钥对
* @param keyType密钥类型 SM2|RSA
* @return 返回p10请求的字符串
* @throws SignatureException
* @throws NoSuchProviderException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
* @throws KeyPairException
*/
private static String getP10ReqestBC(String algorithm, String dn, KeyPair keyPair,String keyType) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException
{
String p10RequestString = null;
byte[] p10buffer = null;
if(keyType.equals("SM2")){
fisher.man.jce.PKCS10CertificationRequest p10Request;
p10Request = new fisher.man.jce.PKCS10CertificationRequest(
algorithm, new X500Principal(dn), keyPair.getPublic(),
null, keyPair.getPrivate());
p10buffer = p10Request.getDEREncoded();
}else{
org.bouncycastle.jce.PKCS10CertificationRequest p10Request;
p10Request = new org.bouncycastle.jce.PKCS10CertificationRequest(
algorithm, new X500Principal(dn), keyPair.getPublic(),
null, keyPair.getPrivate());
p10buffer = p10Request.getDEREncoded();
}
p10RequestString = new BASE64Encoder().encode(p10buffer);
return p10RequestString;
}
public static void main(String[] args) throws IOException, InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException {
// algorithm签名算法 SM2
String algorithm = "SM3WITHSM2";
// dn主题
String dn = "CN=dfg, OU=aert, O=45y, L=sdfg, ST=fg, C=CN";
KeyPairGenerator ecPair = null;
SecureRandom rand = null;
rand = SecureRandom.getInstance("TrueRandom", "FishermanJCE");
ecPair = KeyPairGenerator.getInstance("SM2", "FishermanJCE");
ecPair.initialize(256, new SecureRandom());
// keyPair密钥对
KeyPair keyPair = ecPair.generateKeyPair();
String requestReq = getP10ReqestBC(algorithm,dn,keyPair,"SM2");
System.out.println("SM2 私钥=" + keyPair.getPrivate());
System.out.println("SM2 公钥=" + keyPair.getPublic());
System.out.println("SM2 p10请求的字符串=" + requestReq);
System.err.println("************************************");
System.err.println("************************************");
System.err.println("************************************");
// algorithm签名算法 RSA
String algorithm2 = "SHA1withRSA";
// dn主题
String dn2 = "CN=zdfg, OU=ert, O=er, L=fgj, ST=vfgh, C=CN";
rand = SecureRandom.getInstance("TrueRandom", "FishermanJCE");
ecPair = KeyPairGenerator.getInstance("RSA", "BC");
ecPair.initialize(1024, new SecureRandom());
// keyPair密钥对
KeyPair keyPair2 = ecPair.generateKeyPair();
String requestReq2 = getP10ReqestBC(algorithm2,dn2,keyPair2,"RSA");
System.out.println("RSA 私钥=" + keyPair.getPrivate());
System.out.println("RSA 公钥=" + keyPair.getPublic());
System.out.println("RSA p10请求的字符串=" + requestReq2);
}
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.SignatureException;
import javax.security.auth.x500.X500Principal;
import sun.misc.BASE64Encoder;
/**
* @param algorithm签名算法 1.SHA1withRSA 2.SM3WITHSM2
* @param dn主题
* @param keyPair密钥对
* @param keyType密钥类型 SM2|RSA
* @return 返回p10请求的字符串
* @throws SignatureException
* @throws NoSuchProviderException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
* @throws KeyPairException
*/
private static String getP10ReqestBC(String algorithm, String dn, KeyPair keyPair,String keyType) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException
{
String p10RequestString = null;
byte[] p10buffer = null;
if(keyType.equals("SM2")){
fisher.man.jce.PKCS10CertificationRequest p10Request;
p10Request = new fisher.man.jce.PKCS10CertificationRequest(
algorithm, new X500Principal(dn), keyPair.getPublic(),
null, keyPair.getPrivate());
p10buffer = p10Request.getDEREncoded();
}else{
org.bouncycastle.jce.PKCS10CertificationRequest p10Request;
p10Request = new org.bouncycastle.jce.PKCS10CertificationRequest(
algorithm, new X500Principal(dn), keyPair.getPublic(),
null, keyPair.getPrivate());
p10buffer = p10Request.getDEREncoded();
}
p10RequestString = new BASE64Encoder().encode(p10buffer);
return p10RequestString;
}
public static void main(String[] args) throws IOException, InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException {
// algorithm签名算法 SM2
String algorithm = "SM3WITHSM2";
// dn主题
String dn = "CN=dfg, OU=aert, O=45y, L=sdfg, ST=fg, C=CN";
KeyPairGenerator ecPair = null;
SecureRandom rand = null;
rand = SecureRandom.getInstance("TrueRandom", "FishermanJCE");
ecPair = KeyPairGenerator.getInstance("SM2", "FishermanJCE");
ecPair.initialize(256, new SecureRandom());
// keyPair密钥对
KeyPair keyPair = ecPair.generateKeyPair();
String requestReq = getP10ReqestBC(algorithm,dn,keyPair,"SM2");
System.out.println("SM2 私钥=" + keyPair.getPrivate());
System.out.println("SM2 公钥=" + keyPair.getPublic());
System.out.println("SM2 p10请求的字符串=" + requestReq);
System.err.println("************************************");
System.err.println("************************************");
System.err.println("************************************");
// algorithm签名算法 RSA
String algorithm2 = "SHA1withRSA";
// dn主题
String dn2 = "CN=zdfg, OU=ert, O=er, L=fgj, ST=vfgh, C=CN";
rand = SecureRandom.getInstance("TrueRandom", "FishermanJCE");
ecPair = KeyPairGenerator.getInstance("RSA", "BC");
ecPair.initialize(1024, new SecureRandom());
// keyPair密钥对
KeyPair keyPair2 = ecPair.generateKeyPair();
String requestReq2 = getP10ReqestBC(algorithm2,dn2,keyPair2,"RSA");
System.out.println("RSA 私钥=" + keyPair.getPrivate());
System.out.println("RSA 公钥=" + keyPair.getPublic());
System.out.println("RSA p10请求的字符串=" + requestReq2);
}
输出结果:
写道
SM2 私钥=EC Private Key
S: a40ed786b2867685507a4abad7264dbff72341f79503e6ff5366703789a2a7d7
SM2 公钥=EC Public Key
X: c337bb8017d572bcbc03b42280e43114fbefdff1d9a4e08866afb8ebecfe0547
Y: ae5d3c580e5d348be7a1db7d079983f9a4a59866267d951ddbbdcc45775ed82a
SM2 p10请求的字符串=MIIB5jCCAZECAQAwVDELMAkGA1UEBhMCQ04xCzAJBgNVBAgTAmZnMQ0wCwYDVQQHEwRzZGZnMQww
CgYDVQQKEwM0NXkxDTALBgNVBAsTBGFlcnQxDDAKBgNVBAMTA2RmZzCCATQwge0GCCqBHIFFAYIt
MIHgAgEBMCwGByqGSM49AQECIQCFQtaeTARPGOi5JDW/b/feRXKDkVxFUX1yLtuLCPHfwzBEBCB4
eWi0+jLD/SQXhC5zu/7/LzyEi2gx1+DsZSKLOTfkmAQgY+TG07I7DISc+EJBSEv+SPYdWaWxa6Bu
bhLR2ifFJJoEQQRCHevWG2LqtnRkNOvDzDFeMiILO63VC9xMTmwUf+3UPQaAUSvLtCwH1HNJ0hU7
cMTl1/38v6NuoahYQbnkbgmiAiEAhULWnkwETxjouSQ1v2/33Sl3IGMEhWKNWudO58MuebcCAQED
QgAEwze7gBfVcry8A7QigOQxFPvv3/HZpOCIZq+46+z+BUeuXTxYDl00i+eh230HmYP5pKWYZiZ9
lR3bvcxFd17YKjAMBggqgRyBRQGDdQUAA0EAhneSdWonUMXL0Sk4vpzPtqZvUddbYo/Bb7o3a+Te
k4+v/kp8q7hvA+2BubXpTSAE2AjE0qytc4THB++vmI75Lg==
************************************
************************************
************************************
RSA 私钥=EC Private Key
S: a40ed786b2867685507a4abad7264dbff72341f79503e6ff5366703789a2a7d7
RSA 公钥=EC Public Key
X: c337bb8017d572bcbc03b42280e43114fbefdff1d9a4e08866afb8ebecfe0547
Y: ae5d3c580e5d348be7a1db7d079983f9a4a59866267d951ddbbdcc45775ed82a
RSA p10请求的字符串=MIIBkTCB+wIBADBUMQswCQYDVQQGEwJDTjENMAsGA1UECBMEdmZnaDEMMAoGA1UEBxMDZmdqMQsw
CQYDVQQKEwJlcjEMMAoGA1UECxMDZXJ0MQ0wCwYDVQQDEwR6ZGZnMIGfMA0GCSqGSIb3DQEBAQUA
A4GNADCBiQKBgQCPE+/QiaeKTWc/vZueZ6j8D1YaPdW8Hmgq1dJBwKPhGmWpEwbDxMwNpDalHeax
JXnNFVPwtDhzTOGTm9QBLsnhM0/YxrLD/sK5RYD0T8786/HQrRat1n5xg3rnHKntM3QoWbw4iW7h
T62Yrro62xP8hnWArrbOc5dUpDAD/twNIwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAGN8AhMQMToq
IyRlkF3LCkCMT9CKnn4p+qIn3u0WMWIkm7S80/WDBhXMoUSQH2ZK1wcjErCIJwGXmiPmuFU9sD/V
euwF0ul/WxjuQUzU9VHYuNyYajC2xVyVl+rE0Zc8SDMyU80V1/eAAp2fPIcKvET4pKzhYh4n3iDh
Gb0U57Iq