Fatal编程技术网
  • java/
  • 以编程方式在Java中生成自签名证书(X509)、私钥和公钥时出现问题

以编程方式在Java中生成自签名证书(X509)、私钥和公钥时出现问题

java android

以编程方式在Java中生成自签名证书(X509)、私钥和公钥时出现问题,java,android,x509certificate,bouncycastle,self-signed,Java,Android,X509certificate,Bouncycastle,Self Signed,我尝试使用BouncyCastle或Sun.Security生成证书时遇到问题。* 要求- Android API支持-适用于API 15和API 8 我试着用以下方法做这件事 1)我尝试将BouncyCastle jar与以下代码一起使用 X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); v3CertGen.setSerialNumber(BigInteger.valueOf(ne

我尝试使用BouncyCastle或Sun.Security生成证书时遇到问题。*

要求- Android API支持-适用于API 15和API 8

我试着用以下方法做这件事

1)我尝试将BouncyCastle jar与以下代码一起使用

    X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();

    v3CertGen.setSerialNumber(BigInteger.valueOf(new SecureRandom().nextInt()));

    v3CertGen.setIssuerDN(new X509Principal("CN=" + domainName + ", OU=None, O=None L=None, C=None"));
    v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
    v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 365*10)));
    v3CertGen.setSubjectDN(new X509Principal("CN=" + domainName + ", OU=None, O=None L=None, C=None"));
    //        
    v3CertGen.setPublicKey(KPair.getPublic());
    v3CertGen.setSignatureAlgorithm("MD5WithRSAEncryption"); 

    X509Certificate PKCertificate = v3CertGen.generateX509Certificate(KPair.getPrivate());

import java.security.cert.X509Certificate;
import sun.security.tools.keytool.CertAndKeyGen;
import sun.security.x509.X500Name;

public class SelfSignedCertificateGeneration {
public static void main(String[] args){
    try{
        CertAndKeyGen keyGen=new CertAndKeyGen("RSA","SHA1WithRSA",null);
        keyGen.generate(1024);

        //Generate self signed certificate
        X509Certificate[] chain=new X509Certificate[1];
        chain[0]=keyGen.getSelfCertificate(new X500Name("CN=ROOT"), (long)365*24*3600);

        System.out.println("Certificate : "+chain[0].toString());
    }catch(Exception ex){
        ex.printStackTrace();
    }
}
此代码面临的问题:

  • 认证发电机已去油
  • 未标识X509V3CertificateGenerator类别
  • 使用不同版本的bouncycastle罐子(1.45、1.46、1.47和1.57)试用
  • 尝试使用CertificateBuilder(代码如下)
  • SubjectPublicKeyInfo使用此代码时未标识此类

        SubjectPublicKeyInfo publicKeyInfo = 
    SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded());

    X509v3CertificateBuilder myX509v3CertificateBuilder = new X509v3CertificateBuilder(new X500Name("c=sree"), BigInteger.valueOf(new Random().nextInt(1000000)), new Date(System.currentTimeMillis()), new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 *365 * 100)), new X500Name("c=sree"), publicKeyInfo);

    ContentSigner signer = new JcaContentSignerBuilder("Sha256withRSA").build(myCAPrivateKey);
    X509CertificateHolder certHolder = myX509v3CertificateBuilder.build(signer);
    X509Certificate cert = (new JcaX509CertificateConverter().getCertificate(certHolder));

    CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
    Certificate certcert = cf.generateCertificate(new ByteArrayInputStream(cert.getEncoded()));
2)我尝试了Sun.Security.*包含以下代码的软件包

    X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();

    v3CertGen.setSerialNumber(BigInteger.valueOf(new SecureRandom().nextInt()));

    v3CertGen.setIssuerDN(new X509Principal("CN=" + domainName + ", OU=None, O=None L=None, C=None"));
    v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
    v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 365*10)));
    v3CertGen.setSubjectDN(new X509Principal("CN=" + domainName + ", OU=None, O=None L=None, C=None"));
    //        
    v3CertGen.setPublicKey(KPair.getPublic());
    v3CertGen.setSignatureAlgorithm("MD5WithRSAEncryption"); 

    X509Certificate PKCertificate = v3CertGen.generateX509Certificate(KPair.getPrivate());

import java.security.cert.X509Certificate;
import sun.security.tools.keytool.CertAndKeyGen;
import sun.security.x509.X500Name;

public class SelfSignedCertificateGeneration {
public static void main(String[] args){
    try{
        CertAndKeyGen keyGen=new CertAndKeyGen("RSA","SHA1WithRSA",null);
        keyGen.generate(1024);

        //Generate self signed certificate
        X509Certificate[] chain=new X509Certificate[1];
        chain[0]=keyGen.getSelfCertificate(new X500Name("CN=ROOT"), (long)365*24*3600);

        System.out.println("Certificate : "+chain[0].toString());
    }catch(Exception ex){
        ex.printStackTrace();
    }
}
}

此代码面临的问题:

  • CertAndKeyGen和其他几个类不可访问
**

还有别的办法吗?请推荐我。

**

旧版本的android附带了精简版的bouncycastle。因此,您不能相信您需要的功能是完整的。试着为Android重新包装Bouncy Castle

在gradle中指定依赖项

compile 'com.madgag.spongycastle:core:1.56.0.0'
compile 'com.madgag.spongycastle:prov:1.56.0.0'
compile 'com.madgag.spongycastle:pkix:1.56.0.0'
compile 'com.madgag.spongycastle:pg:1.56.0.0'
包名称已从
org.bouncycastle.*
更改为
org.spongycastle.*
,提供商名称已从
BC
更改为
SC

这里有一个例子说明@pedrofb再次面临同样的问题时,

这不起作用。是的,我无法编译代码。错误为(无法识别类别)未找到类别定义。gradle是否正常工作?它正在下载依赖项并且是
org.spongycastle.*
可以从您的代码中获得的包吗?我应该在Eclipse上工作。所以,我从您提到并添加的链接下载了JAR。是否将错误日志粘贴到此处?请勿在注释中粘贴代码或跟踪。只需编辑您自己的问题并添加相关信息