public static String genCSR(String subject, String alg,String provider) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, OperatorCreationException { String signalg=""; int alglength=0; String keyAlg=""; if(alg.toUpperCase().equals("RSA1024")){ signalg="SHA1WithRSA"; alglength=1024; keyAlg="RSA"; }else if(alg.toUpperCase().equals("RSA2048")){ signalg="SHA1WithRSA"; alglength=2048; keyAlg="RSA"; }else if(alg.toUpperCase().equals("SM2")){ signalg="SM3withSM2"; alglength=256; keyAlg="SM2"; } KeyPairGenerator keyGen = KeyPairGenerator.getInstance(keyAlg); keyGen.initialize(alglength); KeyPair kp = keyGen.generateKeyPair(); PKCS10CertificationRequestBuilder builder = new PKCS10CertificationRequestBuilder(new X500Name(subject),SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded())); JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder(signalg); jcaContentSignerBuilder.setProvider(provider); ContentSigner contentSigner = jcaContentSignerBuilder.build(kp.getPrivate()); builder.build(contentSigner); return builder.toString(); }
一.用到的包
1. bouncycastle:bcmail-jdk15:1.46,org.bouncycastle.pkcs public class PKCS10Certi