Generating the CSR using BouncyCastle API(使用 BouncyCastle API 生成 CSR)
问题描述
我是 Java 安全方面的新手,偶然发现了这个名为 BouncyCastle 的库.但是他们提供的示例和互联网上的示例要求使用
return new PKCS10CertificationRequest("SHA256withRSA", new X500Principal(CN=请求的测试证书")、pair.getPublic()、null、pair.getPrivate()但是当我使用 PKCS10CertificationRequest 时,它似乎已被弃用.所以我开始研究另一种使用 CertificationRequest 类的方法.但我真的很困惑,构造函数不采用相同的参数,而是采用 CertificationRequestInfo 类,我不知道如何填写.
CertificationRequest 请求 = new CertificationRequest(...);如果有人能帮我弄清楚如何制作 CSR 以便我可以将其发送到服务器进行签名,那就太棒了.
对于最新版本的 BouncyCastle,建议使用 org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder 类创建 CSR.p>
您可以使用此代码片段:
KeyPair pair = generateKeyPair();PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(new X500Principal("CN=Requested Test Certificate"), pair.getPublic());JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");ContentSigner 签名者 = csBuilder.build(pair.getPrivate());PKCS10CertificationRequest csr = p10Builder.build(signer);I am new to the security side of Java and stumbled across this library called BouncyCastle. But the examples that they provide and the ones out on the internet ask to use
return new PKCS10CertificationRequest("SHA256withRSA", new X500Principal(
"CN=Requested Test Certificate"), pair.getPublic(), null, pair.getPrivate()
But when I use PKCS10CertificationRequest, it looks like it is deprecated. So I started looking at another method where I use CertificationRequest class. But I am really confused, the constructor does not take the same parameters instead it takes CertificationRequestInfo class which I am not sure how to fill up.
CertificationRequest request = new CertificationRequest(...);
It would be awesome if someone could help me figure out how to make a CSR so that I can send it to the server for getting it signed.
With the recent versions of BouncyCastle it is recommended to create the CSR using the org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder class.
You can use this code snipppet:
KeyPair pair = generateKeyPair();
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
new X500Principal("CN=Requested Test Certificate"), pair.getPublic());
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
ContentSigner signer = csBuilder.build(pair.getPrivate());
PKCS10CertificationRequest csr = p10Builder.build(signer);
这篇关于使用 BouncyCastle API 生成 CSR的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:使用 BouncyCastle API 生成 CSR
- 未找到/usr/local/lib 中的库 2022-01-01
- java.lang.IllegalStateException:Bean 名称“类别"的 BindingResult 和普通目标对象都不能用作请求属性 2022-01-01
- 将 Java Swing 桌面应用程序国际化的最佳实践是什么? 2022-01-01
- 在 Java 中,如何将 String 转换为 char 或将 char 转换 2022-01-01
- Eclipse 的最佳 XML 编辑器 2022-01-01
- 获取数字的最后一位 2022-01-01
- 如何指定 CORS 的响应标头? 2022-01-01
- GC_FOR_ALLOC 是否更“严重"?在调查内存使用情况时? 2022-01-01
- 如何使 JFrame 背景和 JPanel 透明且仅显示图像 2022-01-01
- 转换 ldap 日期 2022-01-01
