cn.tdchain.tdmsp.util

类 PkiUtil

java.lang.Object

cn.tdchain.tdmsp.util.PkiUtil

public final class PkiUtil
extends java.lang.Object

Utility.

版本:

2.0

作者:

Houmj 2018-09-18

方法概要

限定符和类型	方法和说明
static org.bouncycastle.pkcs.PKCS10CertificationRequest	generateEccEncryptEnrollCARequest(java.security.KeyPair keyPair, java.lang.String country, java.lang.String company, java.lang.String name)
static java.security.KeyPair	generateEccKeyPair() Generate ECC key pair.
static java.security.KeyPair	generateEcEncryptKeyPair() Create encryption key pair.
static org.bouncycastle.pkcs.PKCS10CertificationRequest	generateEnrollRequest(java.security.KeyPair keyPair, java.lang.String algorithm, java.lang.String name, java.lang.String company, java.lang.String country) Create E-cert request.
static java.security.KeyPair	generateRsaKeyPair() Create a random 1024 bit RSA key pair.
static java.security.KeyPair	generateSm2KeyPair() Generate SM2 keys.
static java.security.cert.X509Certificate	getCertFromCer(java.lang.String filePath)
static byte[]	getEncodedHolder(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo subPubKeyInfo, org.bouncycastle.asn1.x500.X500Name x500Name, int validTime, org.bouncycastle.asn1.x500.X500Name subject, java.security.PrivateKey privateKey, java.lang.String algorithm, java.security.PublicKey rootPublickey) Get encoded X509CertificateHolder.
static java.security.KeyStore	getKeyStore(java.lang.String filePath, java.lang.String ksPassword, java.lang.String keyStoreType) Get enroll keystore.
static org.bouncycastle.asn1.x500.X500Name	getNameBuilder(java.lang.String name, java.lang.String company, java.lang.String country) Get X500Name.
static org.bouncycastle.asn1.x500.X500Name	getOuNameBuilder(java.lang.String name, java.lang.String company, java.lang.String country)
static byte[]	getRootEncodedHolder(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo subPubKeyInfo, org.bouncycastle.asn1.x500.X500Name x500Name, int validTime, org.bouncycastle.asn1.x500.X500Name subject, java.security.PrivateKey privateKey, java.lang.String algorithm)
static org.bouncycastle.operator.ContentSigner	getSigner(java.security.PrivateKey privateKey, java.lang.String algorithm) Create signer.
static void	saveCertToFile(java.lang.String fileName, java.security.cert.X509Certificate cert)
static void	saveToKeystore(KeyStoreParam param, java.security.PrivateKey privateKey, java.lang.String keyStoreType) Save cert to key store.

从类继承的方法 java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

方法详细资料

generateRsaKeyPair

public static java.security.KeyPair generateRsaKeyPair()
                                                throws java.security.NoSuchAlgorithmException,
                                                       java.security.NoSuchProviderException

Create a random 1024 bit RSA key pair.

返回:

keypair

抛出:

java.security.NoSuchProviderException - exception

java.security.NoSuchAlgorithmException - exception

generateSm2KeyPair

public static java.security.KeyPair generateSm2KeyPair()
                                                throws java.lang.Exception

Generate SM2 keys.

返回:

KeyPair

抛出:

java.lang.Exception - NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException

generateEccKeyPair

public static java.security.KeyPair generateEccKeyPair()
                                                throws java.security.InvalidAlgorithmParameterException,
                                                       java.security.NoSuchAlgorithmException,
                                                       java.security.NoSuchProviderException

Generate ECC key pair.

Private keypairs are encoded using PKCS8 Private keys are encoded using X.509

返回:

ECC KeyPair

抛出:

java.security.InvalidAlgorithmParameterException - This is the exception for invalid or inappropriate algorithm parameters.

java.security.NoSuchAlgorithmException - This exception is thrown when a particular cryptographic algorithm is requested but is not available in the environment.

java.security.NoSuchProviderException - This exception is thrown when a particular security provider is requested but is not available in the environment.

generateEcEncryptKeyPair

public static java.security.KeyPair generateEcEncryptKeyPair()
                                                      throws java.security.NoSuchAlgorithmException,
                                                             java.security.NoSuchProviderException,
                                                             java.security.InvalidAlgorithmParameterException

Create encryption key pair.

返回:

encryption key pair

抛出:

java.security.NoSuchAlgorithmException - exception

java.security.NoSuchProviderException - exception

java.security.InvalidAlgorithmParameterException - exception

getNameBuilder

public static org.bouncycastle.asn1.x500.X500Name getNameBuilder(java.lang.String name,
                                                                 java.lang.String company,
                                                                 java.lang.String country)

Get X500Name.

参数:

name - user full name

company - String

country - String

返回:

X500Name

getOuNameBuilder

public static org.bouncycastle.asn1.x500.X500Name getOuNameBuilder(java.lang.String name,
                                                                   java.lang.String company,
                                                                   java.lang.String country)

getRootEncodedHolder

public static byte[] getRootEncodedHolder(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo subPubKeyInfo,
                                          org.bouncycastle.asn1.x500.X500Name x500Name,
                                          int validTime,
                                          org.bouncycastle.asn1.x500.X500Name subject,
                                          java.security.PrivateKey privateKey,
                                          java.lang.String algorithm)
                                   throws java.lang.Exception

抛出:

java.lang.Exception

getEncodedHolder

public static byte[] getEncodedHolder(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo subPubKeyInfo,
                                      org.bouncycastle.asn1.x500.X500Name x500Name,
                                      int validTime,
                                      org.bouncycastle.asn1.x500.X500Name subject,
                                      java.security.PrivateKey privateKey,
                                      java.lang.String algorithm,
                                      java.security.PublicKey rootPublickey)
                               throws java.lang.Exception

Get encoded X509CertificateHolder.

参数:

subPubKeyInfo - SubjectPublicKeyInfo

x500Name - X500Name

validTime - cert valid time by year

subject - X500Name

privateKey - PrivateKey

algorithm - SHA256withRSA/SHA256withECDSA/SM3withSM2

返回:

encoded X509CertificateHolder

抛出:

java.lang.Exception - exception

generateEnrollRequest

public static org.bouncycastle.pkcs.PKCS10CertificationRequest generateEnrollRequest(java.security.KeyPair keyPair,
                                                                                     java.lang.String algorithm,
                                                                                     java.lang.String name,
                                                                                     java.lang.String company,
                                                                                     java.lang.String country)
                                                                              throws java.lang.Exception

Create E-cert request.

参数:

keyPair - KeyPair

algorithm - SHA256withRSA/SHA256withECDSA/SM3withSM2

name - user full name

company - user company

country - user country

返回:

PKCS10CertificationRequest

抛出:

java.lang.Exception - exception

generateEccEncryptEnrollCARequest

public static org.bouncycastle.pkcs.PKCS10CertificationRequest generateEccEncryptEnrollCARequest(java.security.KeyPair keyPair,
                                                                                                 java.lang.String country,
                                                                                                 java.lang.String company,
                                                                                                 java.lang.String name)
                                                                                          throws java.lang.Exception

抛出:

java.lang.Exception

getSigner

public static org.bouncycastle.operator.ContentSigner getSigner(java.security.PrivateKey privateKey,
                                                                java.lang.String algorithm)
                                                         throws org.bouncycastle.operator.OperatorCreationException

Create signer.

参数:

privateKey - PrivateKey

algorithm - SHA256withRSA/SHA256withECDSA/SM3withSM2

返回:

ContentSigner

抛出:

org.bouncycastle.operator.OperatorCreationException - OperatorCreationException

saveToKeystore

public static void saveToKeystore(KeyStoreParam param,
                                  java.security.PrivateKey privateKey,
                                  java.lang.String keyStoreType)
                           throws java.lang.Exception

Save cert to key store.

参数:

param - KeyStoreParam

privateKey - private key

keyStoreType - key store type: JCELS, PKCS12

抛出:

java.lang.Exception - exception

getKeyStore

public static java.security.KeyStore getKeyStore(java.lang.String filePath,
                                                 java.lang.String ksPassword,
                                                 java.lang.String keyStoreType)
                                          throws java.lang.Exception

Get enroll keystore.

参数:

filePath - keystore path + keystore file name

ksPassword - keystore password

keyStoreType - key store type: JCELS, PKCS12

返回:

keystore

抛出:

java.lang.Exception - exception

saveCertToFile

public static void saveCertToFile(java.lang.String fileName,
                                  java.security.cert.X509Certificate cert)

getCertFromCer

public static java.security.cert.X509Certificate getCertFromCer(java.lang.String filePath)