我有一个由HSM生成的RSA公钥(2048位),该密钥已被保存在一个文件中(大小为256字节)并被编码为DER。如何以编程方式生成自签名证书?
使用JDK API(无BouncyCastle)从该文件开始以编程方式创建自签名证书是否可能?
我坚持的第一步,因为我试图加载密钥文件创建一个公开对象:
import java.io.FileInputStream;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import org.apache.commons.io.IOUtils;
public class Crypto {
public static void main(String[] args) throws Exception {
byte[] byteArray = IOUtils.toByteArray(new FileInputStream("/tmp/pub.key"));
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(byteArray);
KeyFactory kf = KeyFactory.getInstance("RSA");
PublicKey pub = kf.generatePublic(spec);
....
}
}
,但我得到这个异常:
Exception in thread "main" java.security.spec.InvalidKeySpecException: Only RSAPublicKeySpec and X509EncodedKeySpec supported for RSA public keys
at sun.security.rsa.RSAKeyFactory.generatePublic(RSAKeyFactory.java:289)
at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:184)
at java.security.KeyFactory.generatePublic(KeyFactory.java:304)
at org.alex.Crypto.main(Crypto.java:17)
是有办法做到这一点?
链接可能有帮助:http://stackoverflow.com/questions/19512088/how-to-generate-apk-file-programmatically-through-java-code –