public final class PkiUtil extends Object
| 限定符和类型 | 方法和说明 |
|---|---|
static org.bouncycastle.pkcs.PKCS10CertificationRequest |
generateEccEncryptEnrollCARequest(KeyPair keyPair,
String country,
String company,
String name) |
static KeyPair |
generateEccKeyPair()
Generate ECC key pair.
|
static KeyPair |
generateEcEncryptKeyPair()
Create encryption key pair.
|
static org.bouncycastle.pkcs.PKCS10CertificationRequest |
generateEnrollRequest(KeyPair keyPair,
String algorithm,
String name,
String company,
String country)
Create E-cert request.
|
static KeyPair |
generateRsaKeyPair()
Create a random 1024 bit RSA key pair.
|
static KeyPair |
generateSm2KeyPair()
Generate SM2 keys.
|
static X509Certificate |
getCertFromCer(String filePath) |
static byte[] |
getEncodedHolder(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo subPubKeyInfo,
org.bouncycastle.asn1.x500.X500Name x500Name,
int validTime,
org.bouncycastle.asn1.x500.X500Name subject,
PrivateKey privateKey,
String algorithm,
PublicKey rootPublickey)
Get encoded X509CertificateHolder.
|
static KeyStore |
getKeyStore(String filePath,
String ksPassword,
String keyStoreType)
Get enroll keystore.
|
static org.bouncycastle.asn1.x500.X500Name |
getNameBuilder(String name,
String company,
String country)
Get X500Name.
|
static org.bouncycastle.asn1.x500.X500Name |
getOuNameBuilder(String name,
String company,
String country) |
static byte[] |
getRootEncodedHolder(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo subPubKeyInfo,
org.bouncycastle.asn1.x500.X500Name x500Name,
int validTime,
org.bouncycastle.asn1.x500.X500Name subject,
PrivateKey privateKey,
String algorithm) |
static org.bouncycastle.operator.ContentSigner |
getSigner(PrivateKey privateKey,
String algorithm)
Create signer.
|
static void |
saveCertToFile(String fileName,
X509Certificate cert) |
static void |
saveCertToKeystore(SystemConfig param,
PrivateKey privateKey,
String keyStoreType) |
static void |
saveRootToKeystore(SystemConfig param,
PrivateKey privateKey,
String keyStoreType)
Save cert to key store.
|
public static KeyPair generateRsaKeyPair() throws NoSuchAlgorithmException, NoSuchProviderException
NoSuchProviderException - exceptionNoSuchAlgorithmException - exceptionpublic static KeyPair generateSm2KeyPair() throws Exception
Exception - NoSuchAlgorithmException, NoSuchProviderException,
InvalidAlgorithmParameterExceptionpublic static KeyPair generateEccKeyPair() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException
Private keypairs are encoded using PKCS8 Private keys are encoded using X.509
InvalidAlgorithmParameterException - This is the exception for invalid or inappropriate
algorithm parameters.NoSuchAlgorithmException - This exception is thrown when a particular cryptographic
algorithm is requested but is not available in the environment.NoSuchProviderException - This exception is thrown when a particular security provider
is requested but is not available in the environment.public static KeyPair generateEcEncryptKeyPair() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException
public static org.bouncycastle.asn1.x500.X500Name getNameBuilder(String name, String company, String country)
name - user full namecompany - Stringcountry - Stringpublic static org.bouncycastle.asn1.x500.X500Name getOuNameBuilder(String name, String company, String country)
public static byte[] getRootEncodedHolder(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo subPubKeyInfo,
org.bouncycastle.asn1.x500.X500Name x500Name,
int validTime,
org.bouncycastle.asn1.x500.X500Name subject,
PrivateKey privateKey,
String algorithm)
throws Exception
Exceptionpublic static byte[] getEncodedHolder(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo subPubKeyInfo,
org.bouncycastle.asn1.x500.X500Name x500Name,
int validTime,
org.bouncycastle.asn1.x500.X500Name subject,
PrivateKey privateKey,
String algorithm,
PublicKey rootPublickey)
throws Exception
subPubKeyInfo - x500Name - validTime - subject - privateKey - algorithm - rootPublickey - Exceptionpublic static org.bouncycastle.pkcs.PKCS10CertificationRequest generateEnrollRequest(KeyPair keyPair, String algorithm, String name, String company, String country) throws Exception
keyPair - KeyPairalgorithm - SHA256withRSA/SHA256withECDSA/SM3withSM2name - user full namecompany - user companycountry - user countryException - exceptionpublic static org.bouncycastle.pkcs.PKCS10CertificationRequest generateEccEncryptEnrollCARequest(KeyPair keyPair, String country, String company, String name) throws Exception
Exceptionpublic static org.bouncycastle.operator.ContentSigner getSigner(PrivateKey privateKey, String algorithm) throws org.bouncycastle.operator.OperatorCreationException
privateKey - PrivateKeyalgorithm - SHA256withRSA/SHA256withECDSA/SM3withSM2org.bouncycastle.operator.OperatorCreationException - OperatorCreationExceptionpublic static void saveRootToKeystore(SystemConfig param, PrivateKey privateKey, String keyStoreType) throws Exception
param - KeyStoreParamprivateKey - private keykeyStoreType - key store type: JCELS, PKCS12Exception - exceptionpublic static void saveCertToKeystore(SystemConfig param, PrivateKey privateKey, String keyStoreType) throws Exception
Exceptionpublic static KeyStore getKeyStore(String filePath, String ksPassword, String keyStoreType) throws Exception
filePath - ksPassword - keyStoreType - Exceptionpublic static void saveCertToFile(String fileName, X509Certificate cert)
public static X509Certificate getCertFromCer(String filePath)
Copyright © 2020. All Rights Reserved.