You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I'm a newbie, how to generate a csr string to get the same value as the csr from the java code below. Shield is great, hope to get help, thanks a lot.
/**
* Create the certificate signing request (CSR) from private and public keys
*/
public static String generateCSR(KeyPair keyPair, String deviceId) throws IOException,
OperatorCreationException {
String principal = String.format("CN=%s, O=, OU=, C=ZH", "CM-" + deviceId);
Logan.debug(principal);
ContentSigner signer = new JcaContentSignerBuilder("SHA256withRSA").build(keyPair.getPrivate());
PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(
new X500Name(principal), keyPair.getPublic());
ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
extensionsGenerator.addExtension(Extension.basicConstraints, true, new BasicConstraints(
true));
csrBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest,
extensionsGenerator.generate());
StringWriter writer = new StringWriter();
PemWriter pemWriter = new PemWriter(writer);
pemWriter.writeObject(new PemObject("CERTIFICATE REQUEST", csrBuilder.build(signer).getEncoded()));
pemWriter.flush();
pemWriter.close();
return writer.toString();
}
public static KeyPair generateSelfSignedKeyPair(String deviceId) {
try {
java.security.KeyPairGenerator generator = KeyPairGenerator.getInstance(
KeyProperties.KEY_ALGORITHM_RSA, "AndroidKeyStore");
Date now = new Date();
Calendar calendar = Calendar.getInstance();
calendar.setTime(now);
calendar.set(Calendar.YEAR, calendar.get(Calendar.YEAR) + 1);
Date period = calendar.getTime();
generator.initialize(new KeyGenParameterSpec.Builder(
deviceId,
KeyProperties.PURPOSE_SIGN | KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
.setUserAuthenticationRequired(false)
.setCertificateNotBefore(now)
.setCertificateNotBefore(period)
.setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PKCS1)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
.setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA384, KeyProperties.DIGEST_SHA512)
.setKeySize(2048)
.build()
);
return generator.generateKeyPair();
} catch (Exception error) {
Logan.error(error);
}
return null;
}
Beta Was this translation helpful? Give feedback.
All reactions