1. 技术文章
  2. Providing Key Usage to X509Certificate generated with Java BouncyCastle

Providing Key Usage to X509Certificate generated with Java BouncyCastle

筅森魡賤 提交于 2019-12-11 22:20:19

问题


Here is my piece of code to for generating X509Certificate with BouncyCastle API 

private static X509Certificate createCertificate(String dn, String issuer,
        PublicKey publicKey, PrivateKey privateKey) throws Exception {
    X509V3CertificateGenerator certGenerator = new X509V3CertificateGenerator();
    certGenerator.setSerialNumber(BigInteger.valueOf(Math.abs(new Random()
            .nextLong())));
    certGenerator.setIssuerDN(new X509Name(dn));
    certGenerator.setSubjectDN(new X509Name(dn));
    certGenerator.setIssuerDN(new X509Name(issuer)); // Set issuer!
    certGenerator.setNotBefore(Calendar.getInstance().getTime());
    certGenerator.setNotAfter(Calendar.getInstance().getTime());
    certGenerator.setPublicKey(publicKey);
    certGenerator.setSignatureAlgorithm("SHA1WithRSAEncryption");
    **certGenerator..... ??? what for  key usage ?** 
    X509Certificate certificate = (X509Certificate) certGenerator.generate(
            privateKey, "BC");
    return certificate;
}

Full code you can see here

My question is there is no way to set the key usage for the generated Digital Certificate.

I am trying to set the usage as Encryption.. There is no such method/way in X509V3CertificateGenerator class.

How to go about it.

Thanks for any hints.

来源:https://stackoverflow.com/questions/19421571/providing-key-usage-to-x509certificate-generated-with-java-bouncycastle

标签
java
security
encryption
cryptography
digital-certificate
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!