纯纯Java实现数字证书生成签名的简单实例实现数字证书生成签名的简单实例
下面小编就为大家带来一篇纯Java实现数字证书生成签名的简单实例。小编觉得挺不错的,现在就分享给大
家,也给大家做个参考。一起跟随小编过来看看吧
package com.ylsoft.cert;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Vector;
import sun.misc.BASE64Encoder;
import sun.security.util.ObjectIdentifier;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertAndKeyGen;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateExtensions;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.ExtendedKeyUsageExtension;
import sun.security.x509.Extension;
import sun.security.x509.KeyIdentifier;
import sun.security.x509.KeyUsageExtension;
import sun.security.x509.SubjectKeyIdentifierExtension;
import sun.security.x509.X500Name;
import sun.security.x509.X500Signer;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;
/**
* 首先生成CA的根证书,然后有CA的根证书签署生成ScriptX的证书
*
* @author Administrator
*
*/
public class GenX509Cert {
/** 提供强加密随机数生成器 (RNG)* */
private SecureRandom sr;
public GenX509Cert() throws NoSuchAlgorithmException,
NoSuchProviderException {
// 返回实现指定随机数生成器 (RNG) 算法的 SecureRandom 对象。
sr = SecureRandom.getInstance("SHA1PRNG", "SUN");
}
public void createCert(X509Certificate certificate, PrivateKey rootPrivKey,
KeyPair kp) throws CertificateException, IOException,
InvalidKeyException, NoSuchAlgorithmException,
NoSuchProviderException, SignatureException {
// X.509 v1 证书的抽象类。此类提供了一种访问 X.509 v1 证书所有属性的标准方式。
byte certbytes[] = certificate.getEncoded();
评论1