我正在使用带有bcprov-jdk15on-147 jar的BouncyCastle API生成CSR。
CertificationRequestInfo certInfo = new CertificationRequestInfo(subject, subKeyInfo, new DERSet(attribute));
org.bouncycastle.operator.ContentSigner sigGen = null;
sigGen = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(privateKey);
org.bouncycastle.asn1.pkcs.CertificationRequest ctest = new org.bouncycastle.asn1.pkcs.CertificationRequest(certInfo,sigAlgName,new DERBitString(sigGen.getSignature()));
我将这个obejct传递给我的调用函数:
GenerateCSR gcsr = GenerateCSR.getInstance();
System.out.println("Public Key:n"+gcsr.getPublicKey().toString());
System.out.println("Private Key:n"+gcsr.getPrivateKey().toString());
org.bouncycastle.asn1.pkcs.CertificationRequest csr = gcsr.getCSR("IMO");
System.out.println("CSR Request Generated!!");
FileWriter fcsr = new FileWriter("C:\test.txt");
PEMWriter w1 = new PEMWriter(fcsr);
w1.writeObject(csr);
但我得到了以下例外:
Exception in thread "main" org.bouncycastle.util.io.pem.PemGenerationException: unknown object passed - can't encode.
at org.bouncycastle.openssl.MiscPEMGenerator.createPemObject(Unknown Source)"
更好的解决方案是使用PemObject。
String type = "CERTIFICATE REQUEST";
byte[] encoding = pkcs10.getEncoded();
PemObject pemObject = new PemObject(type, encoding);
StringWriter str = new StringWriter();
PEMWriter pemWriter = new PEMWriter(str);
pemWriter.writeObject(pemObject);
pemWriter.close();
str.close();
System.out.println(str);
我最终像这样手工创建了pem对象。。
String code = "-----BEGIN CERTIFICATE REQUEST-----n";
code += new String(Base64.encodeBase64Chunked(request.getEncoded()));
code += "-----END CERTIFICATE REQUEST-----";
System.out.println(code);
我猜PemWriter无法输出CertificateRequest对象是一个错误,因为看起来BouncyCastle v1.47仍然充满了其他错误。