1

我们正在尝试生成一个 PKCS10CertificationRequest(也称为 Der 格式的 CSR),我们知道如何完成我将放置那一代的代码,但是对于 X500Name,我们使用的 X500NameBuilder 确实很有帮助,但我们使用的样式是 BCStyle,包括几乎所有必须存在的数据。

问题是我们需要放置另一个不在 bcstyle 中的数据(数据在此处http://www.alvestrand.no/objectid/2.5.4.45.html和此处http://www.alvestrand 中指定。 no/objectid/2.5.4.23.html ) 实在看不出来怎么说,我们认为是创建一个新的X500NameStyle,但我们不明白怎么做。

谁能向我们解释怎么做

感谢您的支持

PS:我们正在使用的代码

public PKCS10CertificationRequest generatedCSR(PrivateKey key, PublicKey pkey, Map<String,String> certdata, String CSRAlgorithm, String name, KeyFileManager kfm) throws OperatorCreationException, IOException
{
    Log.i(LOGCERT, "iniciando generacion de CSR");
    this.mensaje(LogType.MENI, "Se a iniciado la generacion de un CSR");
    ContentSigner signer = new JcaContentSignerBuilder(CSRAlgorithm).build(key);
    X500NameBuilder namebuilder = new X500NameBuilder(X500Name.getDefaultStyle());
    namebuilder.addRDN(BCStyle.CN, certdata.get("CN"));
    namebuilder.addRDN(BCStyle.OU, certdata.get("OU"));
    namebuilder.addRDN(BCStyle.O, certdata.get("O"));
    namebuilder.addRDN(BCStyle.L, certdata.get("L"));
    namebuilder.addRDN(BCStyle.ST, certdata.get("ST"));
    namebuilder.addRDN(BCStyle.C, certdata.get("C"));
    namebuilder.addRDN(BCStyle.EmailAddress, certdata.get("EMAIL"));
    PKCS10CertificationRequestBuilder csrbuilder = new JcaPKCS10CertificationRequestBuilder(namebuilder.build(),pkey);
    PKCS10CertificationRequest csr = csrbuilder.build(signer);
    if(kfm.salvarLlave(csr.getEncoded(), KeyFileManager.CSRFILE, name)){
        Log.i(LOGCERT, "CSR Almacenado");
        return csr;
    }
    else{
        Log.i(LOGCERT, "CSR no almacenado");
        return csr;
    }
}
4

2 回答 2

1

使用此构建器:

public class X500VgaNameBuilder {
  private X500NameBuilder x500NameBuilder;

  public X500VgaNameBuilder()
  {
    x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
  }

  private String    BUSINESS_CATEGORY;  
  private String    C;
  private String    CN;
  private String    COUNTRY_OF_CITIZENSHIP;  
  private String    COUNTRY_OF_RESIDENCE;  
  private String    DATE_OF_BIRTH;  
  private String    DC;
  private String    DMD_NAME;  
  private String    DN_QUALIFIER;  
  private String    E; 
  private String    EmailAddress;  
  private String    GENDER;  
  private String    GENERATION;
  private String    GIVENNAME;
  private String    INITIALS;
  private String    L;
  private String    NAME;  
  private String    NAME_AT_BIRTH;
  private String    O;
  private String    OU;
  private String    PLACE_OF_BIRTH;
  private String    POSTAL_ADDRESS;
  private String    POSTAL_CODE;
  private String    PSEUDONYM;
  private String    SERIALNUMBER;
  private String    SN;
  private String    ST;
  private String    STREET;
  private String    SURNAME;  
  private String    T;
  private String    TELEPHONE_NUMBER;
  private String    UID;
  private String    UNIQUE_IDENTIFIER;  
  private String    UnstructuredAddress;    
  private String    UnstructuredName;

  public String getBUSINESS_CATEGORY() {
    return BUSINESS_CATEGORY;
  }

  public X500VgaNameBuilder setBUSINESS_CATEGORY(String businessCategory) {
    this.BUSINESS_CATEGORY = businessCategory;
    x500NameBuilder.addRDN(BCStyle.BUSINESS_CATEGORY, businessCategory);
    return this;
  }

  public String getC() {
    return C;
  }

  public X500VgaNameBuilder setC(String countryCode) {
    C = countryCode;
    x500NameBuilder.addRDN(BCStyle.C, countryCode);
    return this;
  }

  public String getCN() {
    return CN;
  }

  public X500VgaNameBuilder setCN(String commonName) {
    this.CN = commonName;
    x500NameBuilder.addRDN(BCStyle.CN, commonName);
    return this;
  }

  public String getCOUNTRY_OF_CITIZENSHIP() {
    return COUNTRY_OF_CITIZENSHIP;
  }

  public X500VgaNameBuilder setCOUNTRY_OF_CITIZENSHIP(String countryOfCitizenship) {
    this.COUNTRY_OF_CITIZENSHIP = countryOfCitizenship;
    x500NameBuilder.addRDN(BCStyle.COUNTRY_OF_CITIZENSHIP, countryOfCitizenship);
    return this;
  }

  public String getCOUNTRY_OF_RESIDENCE() {
    return COUNTRY_OF_RESIDENCE;
  }

  public X500VgaNameBuilder setCOUNTRY_OF_RESIDENCE(String countryOfResidence) {
    this.COUNTRY_OF_RESIDENCE = countryOfResidence;
    x500NameBuilder.addRDN(BCStyle.COUNTRY_OF_RESIDENCE, countryOfResidence);
    return this;
  }

  public String getDATE_OF_BIRTH() {
    return DATE_OF_BIRTH;
  }

  public X500VgaNameBuilder setDATE_OF_BIRTH(String dateOfBirth) {
    this.DATE_OF_BIRTH = dateOfBirth;
    x500NameBuilder.addRDN(BCStyle.DATE_OF_BIRTH, dateOfBirth);
    return this;
  }

  public String getDC() {
    return DC;
  }

  public X500VgaNameBuilder setDC(String DC) {
    this.DC = DC;
    x500NameBuilder.addRDN(BCStyle.DC, DC);
    return this;
  }

  public String getDMD_NAME() {
    return DMD_NAME;
  }

  public X500VgaNameBuilder setDMD_NAME(String dmdName) {
    this.DMD_NAME = dmdName;
    x500NameBuilder.addRDN(BCStyle.DMD_NAME, dmdName);
    return this;
  }

  public String getDN_QUALIFIER() {
    return DN_QUALIFIER;
  }

  public X500VgaNameBuilder setDN_QUALIFIER(String dnQualifier) {
    this.DN_QUALIFIER = dnQualifier;
    x500NameBuilder.addRDN(BCStyle.DN_QUALIFIER, dnQualifier);
    return this;
  }

  public String getE() {
    return E;
  }

  public X500VgaNameBuilder setE(String emailVerisign) {
    E = emailVerisign;
    x500NameBuilder.addRDN(BCStyle.E, emailVerisign);
    return this;
  }

  public String getEmailAddress() {
    return EmailAddress;
  }

  public X500VgaNameBuilder setEmailAddress(String emailAddressPkcs9) {
    EmailAddress = emailAddressPkcs9;
    x500NameBuilder.addRDN(BCStyle.EmailAddress, emailAddressPkcs9);
    return this;
  }

  public String getGENDER() {
    return GENDER;
  }

  public X500VgaNameBuilder setGENDER(String gender_size1) {
    this.GENDER = gender_size1;
    x500NameBuilder.addRDN(BCStyle.GENDER, gender_size1);
    return this;
  }

  public String getGENERATION() {
    return GENERATION;
  }

  public X500VgaNameBuilder setGENERATION(String generation) {
    this.GENERATION = generation;
    x500NameBuilder.addRDN(BCStyle.GENERATION, generation);
    return this;
  }

  public String getGIVENNAME() {
    return GIVENNAME;
  }

  public X500VgaNameBuilder setGIVENNAME(String givenname) {
    this.GIVENNAME = givenname;
    x500NameBuilder.addRDN(BCStyle.GIVENNAME, givenname);
    return this;
  }

  public String getINITIALS() {
    return INITIALS;
  }

  public X500VgaNameBuilder setINITIALS(String initials) {
    this.INITIALS = initials;
    x500NameBuilder.addRDN(BCStyle.INITIALS, initials);
    return this;
  }

  public String getL() {
    return L;
  }

  public X500VgaNameBuilder setL(String localityName) {
    L = localityName;
    x500NameBuilder.addRDN(BCStyle.L, localityName);
    return this;
  }

  public String getNAME() {
    return NAME;
  }

  public X500VgaNameBuilder setNAME(String name_idatname) {
    this.NAME = name_idatname;
    x500NameBuilder.addRDN(BCStyle.NAME, name_idatname);
    return this;
  }

  public String getNAME_AT_BIRTH() {
    return NAME_AT_BIRTH;
  }

  public X500VgaNameBuilder setNAME_AT_BIRTH(String nameAtBirth) {
    this.NAME_AT_BIRTH = nameAtBirth;
    x500NameBuilder.addRDN(BCStyle.NAME_AT_BIRTH, nameAtBirth);
    return this;
  }

  public String getO() {
    return O;
  }

  public X500VgaNameBuilder setO(String organization) {
    O = organization;
    x500NameBuilder.addRDN(BCStyle.O, organization);
    return this;
  }

  public String getOU() {
    return OU;
  }

  public X500VgaNameBuilder setOU(String organizationUnit) {
    this.OU = organizationUnit;
    x500NameBuilder.addRDN(BCStyle.OU, organizationUnit);
    return this;
  }

  public String getPLACE_OF_BIRTH() {
    return PLACE_OF_BIRTH;
  }

  public X500VgaNameBuilder setPLACE_OF_BIRTH(String placeOfBirth) {
    this.PLACE_OF_BIRTH = placeOfBirth;
    x500NameBuilder.addRDN(BCStyle.PLACE_OF_BIRTH, placeOfBirth);
    return this;
  }

  public String getPOSTAL_ADDRESS() {
    return POSTAL_ADDRESS;
  }

  public X500VgaNameBuilder setPOSTAL_ADDRESS(String postalAddress) {
    this.POSTAL_ADDRESS = postalAddress;
    x500NameBuilder.addRDN(BCStyle.POSTAL_ADDRESS, postalAddress);
    return this;
  }

  public String getPOSTAL_CODE() {
    return POSTAL_CODE;
  }

  public X500VgaNameBuilder setPOSTAL_CODE(String postalCode) {
    this.POSTAL_CODE = postalCode;
    x500NameBuilder.addRDN(BCStyle.POSTAL_CODE, postalCode);
    return this;
  }

  public String getPSEUDONYM() {
    return PSEUDONYM;
  }

  public X500VgaNameBuilder setPSEUDONYM(String pseudonym) {
    this.PSEUDONYM = pseudonym;
    x500NameBuilder.addRDN(BCStyle.PSEUDONYM, pseudonym);
    return this;
  }

  public String getSERIALNUMBER() {
    return SERIALNUMBER;
  }

  public X500VgaNameBuilder setSERIALNUMBER(String serialNumber) {
    this.SERIALNUMBER = serialNumber;
    x500NameBuilder.addRDN(BCStyle.SERIALNUMBER, serialNumber);
    return this;
  }

  public String getSN() {
    return SN;
  }

  public X500VgaNameBuilder setSN(String serialNumber) {
    this.SN = serialNumber;
    x500NameBuilder.addRDN(BCStyle.SN, serialNumber);
    return this;
  }

  public String getST() {
    return ST;
  }

  public X500VgaNameBuilder setST(String stateOrProvince) {
    this.ST = stateOrProvince;
    x500NameBuilder.addRDN(BCStyle.ST, stateOrProvince);
    return this;
  }

  public String getSTREET() {
    return STREET;
  }

  public X500VgaNameBuilder setSTREET(String street) {
    this.STREET = street;
    x500NameBuilder.addRDN(BCStyle.STREET, street);
    return this;
  }

  public String getSURNAME() {
    return SURNAME;
  }

  public X500VgaNameBuilder setSURNAME(String surname) {
    this.SURNAME = surname;
    x500NameBuilder.addRDN(BCStyle.SURNAME, surname);
    return this;
  }

  public String getT() {
    return T;
  }

  public X500VgaNameBuilder setT(String title) {
    T = title;
    x500NameBuilder.addRDN(BCStyle.T, title);
    return this;
  }

  public String getTELEPHONE_NUMBER() {
    return TELEPHONE_NUMBER;
  }

  public X500VgaNameBuilder setTELEPHONE_NUMBER(String telephoneNumber_idattn) {
    this.TELEPHONE_NUMBER = telephoneNumber_idattn;
    x500NameBuilder.addRDN(BCStyle.TELEPHONE_NUMBER, telephoneNumber_idattn);
    return this;
  }

  public String getUID() {
    return UID;
  }

  public X500VgaNameBuilder setUID(String userId_LDAP) {
    this.UID = userId_LDAP;
    x500NameBuilder.addRDN(BCStyle.UID, userId_LDAP);
    return this;
  }

  public String getUNIQUE_IDENTIFIER() {
    return UNIQUE_IDENTIFIER;
  }

  public X500VgaNameBuilder setUNIQUE_IDENTIFIER(String uniqueIdentifier) {
    this.UNIQUE_IDENTIFIER = uniqueIdentifier;
    x500NameBuilder.addRDN(BCStyle.UNIQUE_IDENTIFIER, uniqueIdentifier);
    return this;
  }

  public String getUnstructuredAddress() {
    return UnstructuredAddress;
  }

  public X500VgaNameBuilder setUnstructuredAddress(String unstructuredAddress) {
    UnstructuredAddress = unstructuredAddress;
    x500NameBuilder.addRDN(BCStyle.UnstructuredAddress, unstructuredAddress);
    return this;
  }

  public String getUnstructuredName() {
    return UnstructuredName;
  }

  public X500VgaNameBuilder setUnstructuredName(String unstructuredName) {
    UnstructuredName = unstructuredName;
    x500NameBuilder.addRDN(BCStyle.UnstructuredName, unstructuredName);
    return this;
  }

  public X500Name build()
  {
    return x500NameBuilder.build();
  }
}

像这样:

    X500Name subject = new X500VgaNameBuilder()
        .setC("AU")
        .setO("The Legion of the Bouncy Castle")
        .setL("Melbourne")
        .setST("Victoria")
        .setEmailAddress("feedback-crypto@bouncycastle.org")
        .setCN("Common Name")
        .build();

然后

 PKCS10CertificationRequest certRequest =
        createPKCS10CertificationRequest(subject, "SHA1withRSA", keyPair);
    JcaPKCS10CertificationRequest jcaCertRequest =
        new JcaPKCS10CertificationRequest(certRequest.getEncoded()).setProvider("BC");

但是如果您需要添加自定义属性,那么您需要ASN1ObjectIdentifier在我发布的构建器中为构建器添加一个,考虑到BCStyle._参数只是ASN1ObjectIdentifiers。

例如,

public static final ASN1ObjectIdentifier CN = new ASN1ObjectIdentifier("2.5.4.3");
于 2014-11-06T14:00:08.043 回答
1

我们找到了问题的解决方案,我们唯一需要做的就是创建 ASN1ObjectIdentifier("");, to put the missing data to the CSR

here is the correcte code 

public PKCS10CertificationRequest generatedCSR(PrivateKey key, PublicKey pkey, Map<String,String> certdata, String CSRAlgorithm, String name, KeyFileManager kfm) throws OperatorCreationException, IOException
{
    Log.i(LOGCERT, "iniciando generacion de CSR");
    this.mensaje(LogType.MENI, "Se a iniciado la generacion de un CSR");
    ContentSigner signer = new JcaContentSignerBuilder(CSRAlgorithm).build(key);
    X500NameBuilder namebuilder = new X500NameBuilder(X500Name.getDefaultStyle());
    namebuilder.addRDN(BCStyle.CN, certdata.get("CN"));
    namebuilder.addRDN(BCStyle.OU, certdata.get("OU"));
    namebuilder.addRDN(BCStyle.O, certdata.get("O"));
    namebuilder.addRDN(BCStyle.L, certdata.get("L"));
    namebuilder.addRDN(BCStyle.ST, certdata.get("ST"));
    namebuilder.addRDN(BCStyle.C, certdata.get("C"));
    namebuilder.addRDN(BCStyle.EmailAddress, certdata.get("EMAIL"));
    namebuilder.addRDN(new ASN1ObjectIdentifier("2.5.4.45"), certdata.get("RIFCI"));
    namebuilder.addRDN(new ASN1ObjectIdentifier("2.5.4.23"), certdata.get("FAX"));
    PKCS10CertificationRequestBuilder csrbuilder = new JcaPKCS10CertificationRequestBuilder(namebuilder.build(),pkey);
    PKCS10CertificationRequest csr = csrbuilder.build(signer);
    if(kfm.salvarLlave(csr.getEncoded(), KeyFileManager.CSRFILE, name)){
        Log.i(LOGCERT, "CSR Almacenado");
        return csr;
    }
    else{
        Log.i(LOGCERT, "CSR no almacenado");
        return csr;
    }
}
于 2013-11-08T15:31:39.407 回答