0

实现 org.jscep.server.ScepServlet 我需要为方法 doEnroll( List<X509Certificate> doEnroll(CertificationRequest certificationRequest)) 提供一个实现。

如何从提供的 CertificationRequest 中返回 X509Certificate?

除了 CertificationRequest 我还有我需要用于签名的证书

从认证请求中获取公钥就足够了,因为我拥有用于​​生成证书的其余代码。

到目前为止我所拥有的:

protected List<X509Certificate> doEnroll(CertificationRequest certificationRequest) throws OperationFailureException, Exception {
    CaCertificate caCertificate = getSelfSignedCertificate();
    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
    certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
    certGen.setIssuerDN(caCertificate.getCertificate().getSubjectX500Principal());
    certGen.setNotBefore(notBefore);
    certGen.setNotAfter(notAfter);
    certGen.setSubjectDN(certificationRequest.getCertificationRequestInfo().getSubject());
    certGen.setPublicKey(publicKey); // this is basically what I need

    X509Certificate issuedCert = certGen.generate(caCertificate.getKeypair().getPrivate());

    List<X509Certificate> x509Certificates = new ArrayList<X509Certificate>();
    x509Certificates.add(issuedCert);

    return x509Certificates;
}
4

1 回答 1

0

在一个 jscep 测试类中找到了这个方法:

public static PublicKey getPublicKey(CertificationRequest csr) throws IOException {
    SubjectPublicKeyInfo pubKeyInfo = csr.getCertificationRequestInfo().getSubjectPublicKeyInfo();
    RSAKeyParameters keyParams = (RSAKeyParameters) PublicKeyFactory.createKey(pubKeyInfo);
    KeySpec keySpec = new RSAPublicKeySpec(keyParams.getModulus(), keyParams.getExponent());

    try {
        KeyFactory kf = KeyFactory.getInstance("RSA");
        return kf.generatePublic(keySpec);
    } catch (Exception e) {
        throw new IOException(e);
    }
}
于 2012-05-23T13:11:30.497 回答