Java generates SM2 certificate based on bouncy castle (CER)
You can add QQ 783021975 to consult with related questions. Part of the code will be updated later
Sorting out. It's generated by calling BouncCastle in Java code. First, let's see that the signature algorithm and the public key parameters are in line with the SM2 algorithm
You can add QQ 783021975 to consult with related questions.
10:37:14 on August 17, 2017, the code for generating cer certificate was added
/** * National secret certificate signature algorithm identification */ private static String SignAlgor = "1.2.156.10197.1.501"; /** * Method of generating national secret ROOT certificate * @param pageCert.getCn()+","+ * @throws Exception */ public static void genSM2CertByRoot() throws Exception { SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); org.bouncycastle.jce.provider.BouncyCastleProvider bouncyCastleProvider = new org.bouncycastle.jce.provider.BouncyCastleProvider(); Security.addProvider(bouncyCastleProvider); //Name of the certificate String fileName = "root"+new Date().getTime()/1000; String path = "Saved path"; String rootCertPath = path+fileName+".cer"; try { KeyPair kp = KeyGenUtil.getKeyPair2SM2(path,fileName);//This is to generate the SM2 public private key pair https://zb.oschina.net/service/70e3fdaf699a724b System.out.println("=====Public key algorithm====="+kp.getPublic().getAlgorithm()); BCECPrivateKey bcecPrivateKey = (BCECPrivateKey) kp.getPrivate();//You can use ecprivatekey privatekey BCECPublicKey bcecPublicKey = (BCECPublicKey) kp.getPublic();//You can use ecpublickey publickey //I get the passed parameters through the web page to apply for the server certificate information. If the test is written to death. There is nothing in this step. X500Principal principal = new X500Principal("CN=Xiaoshuai, blog,O=Xiaoshuai, blog"); //X500Principal principal = new X500Principal("CN="+pageCert.getCn()+",O="+pageCert.getO()); X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis())); certGen.setIssuerDN(principal);certGen.setNotBefore(new Date()); certGen.setNotAfter(CertAuthAssist.getYearLater(5)); certGen.setSubjectDN(principal); certGen.setSignatureAlgorithm(SignAlgor); certGen.setPublicKey(bcecPublicKey); X509Certificate rootCert = certGen.generateX509Certificate(bcecPrivateKey, "BC"); FileOutputStream outputStream = new FileOutputStream(rootCertPath); outputStream.write(rootCert.getEncoded());outputStream.close(); } catch (Exception e) { logger.info("======Root certificate request failed"+e.getMessage());return null; } }
https://zb.oschina.net/service/70e3fdaf699a724b Purchase link. Voluntary purchase
Project support
1. Generate RSA algorithm cer certificate
2.SM2 algorithm cer certificate.
3. Generate root certificate. Child certificate. Certificate III
4. String public private key to public private key object support SM2 algorithm
BC package needed
<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcpkix-jdk15on --> <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcpkix-jdk15on</artifactId> <version>1.57</version> </dependency> <!-- https://mvnrepository.com/artifact/org.bouncycastle/bcmail-jdk16 --> <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcmail-jdk15on</artifactId> <version>1.56</version> </dependency>