從CertificationRequest獲取到X509證書

Question

實現org.jscep.server.ScepServlet我需要爲方法doEnroll（List<X509Certificate> doEnroll(CertificationRequest certificationRequest)）提供一個實現。

我如何從提供的CertificationRequest獲得返回X509Certificate？

除了CertificationRequest我也有我需要使用簽署

它將與一個方式來獲得認證要求的公共密鑰就足夠了，因爲我有代碼的其餘部分用於生成證書的證書。

我有什麼事到現在：

protected List<X509Certificate> doEnroll(CertificationRequest certificationRequest) throws OperationFailureException, Exception { 
    CaCertificate caCertificate = getSelfSignedCertificate(); 
    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); 
    certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis())); 
    certGen.setIssuerDN(caCertificate.getCertificate().getSubjectX500Principal()); 
    certGen.setNotBefore(notBefore); 
    certGen.setNotAfter(notAfter); 
    certGen.setSubjectDN(certificationRequest.getCertificationRequestInfo().getSubject()); 
    certGen.setPublicKey(publicKey); // this is basically what I need 

    X509Certificate issuedCert = certGen.generate(caCertificate.getKeypair().getPrivate()); 

    List<X509Certificate> x509Certificates = new ArrayList<X509Certificate>(); 
    x509Certificates.add(issuedCert); 

    return x509Certificates; 
} 

Answer 1

發現在jscep測試類此方法：

public static PublicKey getPublicKey(CertificationRequest csr) throws IOException { 
    SubjectPublicKeyInfo pubKeyInfo = csr.getCertificationRequestInfo().getSubjectPublicKeyInfo(); 
    RSAKeyParameters keyParams = (RSAKeyParameters) PublicKeyFactory.createKey(pubKeyInfo); 
    KeySpec keySpec = new RSAPublicKeySpec(keyParams.getModulus(), keyParams.getExponent()); 

    try { 
     KeyFactory kf = KeyFactory.getInstance("RSA"); 
     return kf.generatePublic(keySpec); 
    } catch (Exception e) { 
     throw new IOException(e); 
    } 
}