Self-made jce provider issues national secret certificate

Others 2022-04-28 02:40:59 views: 0
There is currently no public jce provider that implements SM3withSM2 signatures. And the implementation of sm3, sm2, SM3withSM2 algorithm really abounds. QQ: 22066821
The JCE Provider that implements only the signature algorithm does not require SUN (now Oracle) to sign the jar package, and can be implemented by itself.
This article is developed based on the BC 157 version. In the BC 157 version, the national secret algorithms such as SM2/SM3/SM4 have been supported. Of course, the supported method is the light weight API, not in the Provider.
An example of a self-made JeffProvider is as follows: 
public JeffProvider() {
		AccessController.doPrivileged(new PrivilegedAction<Object>() {
			@Override
			public Object run() {
				// Put your own basic implementation class//Format: Type. Algorithm
				put("Signature.SHA1withRSA", "com.lgao.provider.sign.Sha1RSA");
				put("Signature.MD5withRSA", "com.lgao.provider.sign.Md5RSA");
				put("Signature.SM3withSM2", "com.lgao.provider.sign.SM3withSM2");
				return null;
			}
		});
	}

An example of certificate generation can be as follows: 
		String alg = "SM3withSM2";

		Date dateBegin = new Date(System.currentTimeMillis() - 1000 * 60 * 60 * 24);
		Date dateEnd = new Date(System.currentTimeMillis() + 1000L * 60 * 60 * 24 * 365 * 32);

		X500Name issuer = new X500Name("C=CN,ST=SD,L=QD,O=Lgao,OU=KJ,CN=user001");
		BigInteger serial = BigInteger.valueOf(System.currentTimeMillis());
		
		PKCS10CertificationRequest p10 = new PKCS10CertificationRequest(BaseUtils.hex2byte(p10s));
		Logger.debug(p10.getSubject());
		Logger.debug(BaseUtils.byte2hex(p10.getSubjectPublicKeyInfo().getEncoded()));
		X509v3CertificateBuilder v3builder = new X509v3CertificateBuilder(issuer, serial, dateBegin, dateEnd,p10.getSubject(), p10.getSubjectPublicKeyInfo());
		//
		ContentSigner sigGen = new JcaContentSignerBuilderXA(alg).setProvider(new JeffProvider()).build(null);
		X509CertificateHolder holder = v3builder.build (sigGen);
		BaseUtils.saveData(holder.toASN1Structure().getEncoded(), "e:/temp/sm2.dat");
		Logger.debug(BaseUtils.byte2hex(holder.toASN1Structure().getEncoded()));

In this article, JcaContentSignerBuilderXA is completed with reference to JcaContentSignerBuilder. For details, please refer to the previous article http://linuxgao.iteye.com/blog/2207557

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=326032733&siteId=291194637
Recommended
Ranking
A quick primer on numpy basics
Two sister tease python project
Java | Multiple keywords in the replacement content are returned to the front end in red style
C ++: references
The string leetcood 1018 is a binary prefix divisible by 5
Flutter 布局组件
Java combat spingboot-redis
PMP pre-exam sprint and wrong questions sorting
ActiveMq C# Message Features: Delayed and Timed Message Delivery
DSP28377S_ copy a program from the RAM to FLASH portion DETAILS
Daily
More
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)

Code World

© 2018 codetd.com