我们正在尝试生成一个PKCS10CertificationRequest(在Der格式中的AKA CSR),我们知道如何完成我将放置那一代的代码,但是对于X500Name我们使用的X500NameBuilder非常有帮助,但我们正在使用的样式是BCStyle,几乎包括那里的数据。
问题是我们需要放置另一个不在bcstyle中的数据(数据在此处http://www.alvestrand.no/objectid/2.5.4.45.html指定,此处http://www.alvestrand.no/objectid/2.5.4.23.html)并且实际上看不到如何放置它,我们认为是创建一个新的X500NameStyle,但我们不明白该怎么做。
任何人都可以向我们解释如何做到这一点
感谢您的支持
PS:我们正在使用的代码
public PKCS10CertificationRequest generatedCSR(PrivateKey key, PublicKey pkey, Map<String,String> certdata, String CSRAlgorithm, String name, KeyFileManager kfm) throws OperatorCreationException, IOException
{
Log.i(LOGCERT, "iniciando generacion de CSR");
this.mensaje(LogType.MENI, "Se a iniciado la generacion de un CSR");
ContentSigner signer = new JcaContentSignerBuilder(CSRAlgorithm).build(key);
X500NameBuilder namebuilder = new X500NameBuilder(X500Name.getDefaultStyle());
namebuilder.addRDN(BCStyle.CN, certdata.get("CN"));
namebuilder.addRDN(BCStyle.OU, certdata.get("OU"));
namebuilder.addRDN(BCStyle.O, certdata.get("O"));
namebuilder.addRDN(BCStyle.L, certdata.get("L"));
namebuilder.addRDN(BCStyle.ST, certdata.get("ST"));
namebuilder.addRDN(BCStyle.C, certdata.get("C"));
namebuilder.addRDN(BCStyle.EmailAddress, certdata.get("EMAIL"));
PKCS10CertificationRequestBuilder csrbuilder = new JcaPKCS10CertificationRequestBuilder(namebuilder.build(),pkey);
PKCS10CertificationRequest csr = csrbuilder.build(signer);
if(kfm.salvarLlave(csr.getEncoded(), KeyFileManager.CSRFILE, name)){
Log.i(LOGCERT, "CSR Almacenado");
return csr;
}
else{
Log.i(LOGCERT, "CSR no almacenado");
return csr;
}
}
答案 0 :(得分:1)
我们找到了解决问题的方法我们唯一需要做的就是创建ASN1ObjectIdentifier(“");, to put the missing data to the CSR
here is the correcte code
public PKCS10CertificationRequest generatedCSR(PrivateKey key, PublicKey pkey, Map<String,String> certdata, String CSRAlgorithm, String name, KeyFileManager kfm) throws OperatorCreationException, IOException
{
Log.i(LOGCERT, "iniciando generacion de CSR");
this.mensaje(LogType.MENI, "Se a iniciado la generacion de un CSR");
ContentSigner signer = new JcaContentSignerBuilder(CSRAlgorithm).build(key);
X500NameBuilder namebuilder = new X500NameBuilder(X500Name.getDefaultStyle());
namebuilder.addRDN(BCStyle.CN, certdata.get("CN"));
namebuilder.addRDN(BCStyle.OU, certdata.get("OU"));
namebuilder.addRDN(BCStyle.O, certdata.get("O"));
namebuilder.addRDN(BCStyle.L, certdata.get("L"));
namebuilder.addRDN(BCStyle.ST, certdata.get("ST"));
namebuilder.addRDN(BCStyle.C, certdata.get("C"));
namebuilder.addRDN(BCStyle.EmailAddress, certdata.get("EMAIL"));
namebuilder.addRDN(new ASN1ObjectIdentifier("2.5.4.45"), certdata.get("RIFCI"));
namebuilder.addRDN(new ASN1ObjectIdentifier("2.5.4.23"), certdata.get("FAX"));
PKCS10CertificationRequestBuilder csrbuilder = new JcaPKCS10CertificationRequestBuilder(namebuilder.build(),pkey);
PKCS10CertificationRequest csr = csrbuilder.build(signer);
if(kfm.salvarLlave(csr.getEncoded(), KeyFileManager.CSRFILE, name)){
Log.i(LOGCERT, "CSR Almacenado");
return csr;
}
else{
Log.i(LOGCERT, "CSR no almacenado");
return csr;
}
}
答案 1 :(得分:1)
使用此构建器:
public class X500VgaNameBuilder {
private X500NameBuilder x500NameBuilder;
public X500VgaNameBuilder()
{
x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
}
private String BUSINESS_CATEGORY;
private String C;
private String CN;
private String COUNTRY_OF_CITIZENSHIP;
private String COUNTRY_OF_RESIDENCE;
private String DATE_OF_BIRTH;
private String DC;
private String DMD_NAME;
private String DN_QUALIFIER;
private String E;
private String EmailAddress;
private String GENDER;
private String GENERATION;
private String GIVENNAME;
private String INITIALS;
private String L;
private String NAME;
private String NAME_AT_BIRTH;
private String O;
private String OU;
private String PLACE_OF_BIRTH;
private String POSTAL_ADDRESS;
private String POSTAL_CODE;
private String PSEUDONYM;
private String SERIALNUMBER;
private String SN;
private String ST;
private String STREET;
private String SURNAME;
private String T;
private String TELEPHONE_NUMBER;
private String UID;
private String UNIQUE_IDENTIFIER;
private String UnstructuredAddress;
private String UnstructuredName;
public String getBUSINESS_CATEGORY() {
return BUSINESS_CATEGORY;
}
public X500VgaNameBuilder setBUSINESS_CATEGORY(String businessCategory) {
this.BUSINESS_CATEGORY = businessCategory;
x500NameBuilder.addRDN(BCStyle.BUSINESS_CATEGORY, businessCategory);
return this;
}
public String getC() {
return C;
}
public X500VgaNameBuilder setC(String countryCode) {
C = countryCode;
x500NameBuilder.addRDN(BCStyle.C, countryCode);
return this;
}
public String getCN() {
return CN;
}
public X500VgaNameBuilder setCN(String commonName) {
this.CN = commonName;
x500NameBuilder.addRDN(BCStyle.CN, commonName);
return this;
}
public String getCOUNTRY_OF_CITIZENSHIP() {
return COUNTRY_OF_CITIZENSHIP;
}
public X500VgaNameBuilder setCOUNTRY_OF_CITIZENSHIP(String countryOfCitizenship) {
this.COUNTRY_OF_CITIZENSHIP = countryOfCitizenship;
x500NameBuilder.addRDN(BCStyle.COUNTRY_OF_CITIZENSHIP, countryOfCitizenship);
return this;
}
public String getCOUNTRY_OF_RESIDENCE() {
return COUNTRY_OF_RESIDENCE;
}
public X500VgaNameBuilder setCOUNTRY_OF_RESIDENCE(String countryOfResidence) {
this.COUNTRY_OF_RESIDENCE = countryOfResidence;
x500NameBuilder.addRDN(BCStyle.COUNTRY_OF_RESIDENCE, countryOfResidence);
return this;
}
public String getDATE_OF_BIRTH() {
return DATE_OF_BIRTH;
}
public X500VgaNameBuilder setDATE_OF_BIRTH(String dateOfBirth) {
this.DATE_OF_BIRTH = dateOfBirth;
x500NameBuilder.addRDN(BCStyle.DATE_OF_BIRTH, dateOfBirth);
return this;
}
public String getDC() {
return DC;
}
public X500VgaNameBuilder setDC(String DC) {
this.DC = DC;
x500NameBuilder.addRDN(BCStyle.DC, DC);
return this;
}
public String getDMD_NAME() {
return DMD_NAME;
}
public X500VgaNameBuilder setDMD_NAME(String dmdName) {
this.DMD_NAME = dmdName;
x500NameBuilder.addRDN(BCStyle.DMD_NAME, dmdName);
return this;
}
public String getDN_QUALIFIER() {
return DN_QUALIFIER;
}
public X500VgaNameBuilder setDN_QUALIFIER(String dnQualifier) {
this.DN_QUALIFIER = dnQualifier;
x500NameBuilder.addRDN(BCStyle.DN_QUALIFIER, dnQualifier);
return this;
}
public String getE() {
return E;
}
public X500VgaNameBuilder setE(String emailVerisign) {
E = emailVerisign;
x500NameBuilder.addRDN(BCStyle.E, emailVerisign);
return this;
}
public String getEmailAddress() {
return EmailAddress;
}
public X500VgaNameBuilder setEmailAddress(String emailAddressPkcs9) {
EmailAddress = emailAddressPkcs9;
x500NameBuilder.addRDN(BCStyle.EmailAddress, emailAddressPkcs9);
return this;
}
public String getGENDER() {
return GENDER;
}
public X500VgaNameBuilder setGENDER(String gender_size1) {
this.GENDER = gender_size1;
x500NameBuilder.addRDN(BCStyle.GENDER, gender_size1);
return this;
}
public String getGENERATION() {
return GENERATION;
}
public X500VgaNameBuilder setGENERATION(String generation) {
this.GENERATION = generation;
x500NameBuilder.addRDN(BCStyle.GENERATION, generation);
return this;
}
public String getGIVENNAME() {
return GIVENNAME;
}
public X500VgaNameBuilder setGIVENNAME(String givenname) {
this.GIVENNAME = givenname;
x500NameBuilder.addRDN(BCStyle.GIVENNAME, givenname);
return this;
}
public String getINITIALS() {
return INITIALS;
}
public X500VgaNameBuilder setINITIALS(String initials) {
this.INITIALS = initials;
x500NameBuilder.addRDN(BCStyle.INITIALS, initials);
return this;
}
public String getL() {
return L;
}
public X500VgaNameBuilder setL(String localityName) {
L = localityName;
x500NameBuilder.addRDN(BCStyle.L, localityName);
return this;
}
public String getNAME() {
return NAME;
}
public X500VgaNameBuilder setNAME(String name_idatname) {
this.NAME = name_idatname;
x500NameBuilder.addRDN(BCStyle.NAME, name_idatname);
return this;
}
public String getNAME_AT_BIRTH() {
return NAME_AT_BIRTH;
}
public X500VgaNameBuilder setNAME_AT_BIRTH(String nameAtBirth) {
this.NAME_AT_BIRTH = nameAtBirth;
x500NameBuilder.addRDN(BCStyle.NAME_AT_BIRTH, nameAtBirth);
return this;
}
public String getO() {
return O;
}
public X500VgaNameBuilder setO(String organization) {
O = organization;
x500NameBuilder.addRDN(BCStyle.O, organization);
return this;
}
public String getOU() {
return OU;
}
public X500VgaNameBuilder setOU(String organizationUnit) {
this.OU = organizationUnit;
x500NameBuilder.addRDN(BCStyle.OU, organizationUnit);
return this;
}
public String getPLACE_OF_BIRTH() {
return PLACE_OF_BIRTH;
}
public X500VgaNameBuilder setPLACE_OF_BIRTH(String placeOfBirth) {
this.PLACE_OF_BIRTH = placeOfBirth;
x500NameBuilder.addRDN(BCStyle.PLACE_OF_BIRTH, placeOfBirth);
return this;
}
public String getPOSTAL_ADDRESS() {
return POSTAL_ADDRESS;
}
public X500VgaNameBuilder setPOSTAL_ADDRESS(String postalAddress) {
this.POSTAL_ADDRESS = postalAddress;
x500NameBuilder.addRDN(BCStyle.POSTAL_ADDRESS, postalAddress);
return this;
}
public String getPOSTAL_CODE() {
return POSTAL_CODE;
}
public X500VgaNameBuilder setPOSTAL_CODE(String postalCode) {
this.POSTAL_CODE = postalCode;
x500NameBuilder.addRDN(BCStyle.POSTAL_CODE, postalCode);
return this;
}
public String getPSEUDONYM() {
return PSEUDONYM;
}
public X500VgaNameBuilder setPSEUDONYM(String pseudonym) {
this.PSEUDONYM = pseudonym;
x500NameBuilder.addRDN(BCStyle.PSEUDONYM, pseudonym);
return this;
}
public String getSERIALNUMBER() {
return SERIALNUMBER;
}
public X500VgaNameBuilder setSERIALNUMBER(String serialNumber) {
this.SERIALNUMBER = serialNumber;
x500NameBuilder.addRDN(BCStyle.SERIALNUMBER, serialNumber);
return this;
}
public String getSN() {
return SN;
}
public X500VgaNameBuilder setSN(String serialNumber) {
this.SN = serialNumber;
x500NameBuilder.addRDN(BCStyle.SN, serialNumber);
return this;
}
public String getST() {
return ST;
}
public X500VgaNameBuilder setST(String stateOrProvince) {
this.ST = stateOrProvince;
x500NameBuilder.addRDN(BCStyle.ST, stateOrProvince);
return this;
}
public String getSTREET() {
return STREET;
}
public X500VgaNameBuilder setSTREET(String street) {
this.STREET = street;
x500NameBuilder.addRDN(BCStyle.STREET, street);
return this;
}
public String getSURNAME() {
return SURNAME;
}
public X500VgaNameBuilder setSURNAME(String surname) {
this.SURNAME = surname;
x500NameBuilder.addRDN(BCStyle.SURNAME, surname);
return this;
}
public String getT() {
return T;
}
public X500VgaNameBuilder setT(String title) {
T = title;
x500NameBuilder.addRDN(BCStyle.T, title);
return this;
}
public String getTELEPHONE_NUMBER() {
return TELEPHONE_NUMBER;
}
public X500VgaNameBuilder setTELEPHONE_NUMBER(String telephoneNumber_idattn) {
this.TELEPHONE_NUMBER = telephoneNumber_idattn;
x500NameBuilder.addRDN(BCStyle.TELEPHONE_NUMBER, telephoneNumber_idattn);
return this;
}
public String getUID() {
return UID;
}
public X500VgaNameBuilder setUID(String userId_LDAP) {
this.UID = userId_LDAP;
x500NameBuilder.addRDN(BCStyle.UID, userId_LDAP);
return this;
}
public String getUNIQUE_IDENTIFIER() {
return UNIQUE_IDENTIFIER;
}
public X500VgaNameBuilder setUNIQUE_IDENTIFIER(String uniqueIdentifier) {
this.UNIQUE_IDENTIFIER = uniqueIdentifier;
x500NameBuilder.addRDN(BCStyle.UNIQUE_IDENTIFIER, uniqueIdentifier);
return this;
}
public String getUnstructuredAddress() {
return UnstructuredAddress;
}
public X500VgaNameBuilder setUnstructuredAddress(String unstructuredAddress) {
UnstructuredAddress = unstructuredAddress;
x500NameBuilder.addRDN(BCStyle.UnstructuredAddress, unstructuredAddress);
return this;
}
public String getUnstructuredName() {
return UnstructuredName;
}
public X500VgaNameBuilder setUnstructuredName(String unstructuredName) {
UnstructuredName = unstructuredName;
x500NameBuilder.addRDN(BCStyle.UnstructuredName, unstructuredName);
return this;
}
public X500Name build()
{
return x500NameBuilder.build();
}
}
像这样:
X500Name subject = new X500VgaNameBuilder()
.setC("AU")
.setO("The Legion of the Bouncy Castle")
.setL("Melbourne")
.setST("Victoria")
.setEmailAddress("feedback-crypto@bouncycastle.org")
.setCN("Common Name")
.build();
然后
PKCS10CertificationRequest certRequest =
createPKCS10CertificationRequest(subject, "SHA1withRSA", keyPair);
JcaPKCS10CertificationRequest jcaCertRequest =
new JcaPKCS10CertificationRequest(certRequest.getEncoded()).setProvider("BC");
但是,如果您需要添加自定义属性,那么我需要为我发布的构建器中的构建器ASN1ObjectIdentifier,BCStyle._参数只是ASN1ObjectIdentifier s。
例如,
public static final ASN1ObjectIdentifier CN = new ASN1ObjectIdentifier("2.5.4.3");