無法編寫使用org.bouncycastle.asn1.pkcs.CertificationRequest以PEM文件格式生成的CSR

Question

我正在使用帶bcprov-jdk15on-147 jar的BouncyCastle API生成CSR。

CertificationRequestInfo certInfo = new CertificationRequestInfo(subject, subKeyInfo, new DERSet(attribute)); 
org.bouncycastle.operator.ContentSigner sigGen = null; 
sigGen = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(privateKey); 
org.bouncycastle.asn1.pkcs.CertificationRequest ctest = new org.bouncycastle.asn1.pkcs.CertificationRequest(certInfo,sigAlgName,new DERBitString(sigGen.getSignature())); 

我傳遞這obejct到我的調用函數：

GenerateCSR gcsr = GenerateCSR.getInstance(); 
System.out.println("Public Key:\n"+gcsr.getPublicKey().toString()); 

System.out.println("Private Key:\n"+gcsr.getPrivateKey().toString()); 
org.bouncycastle.asn1.pkcs.CertificationRequest csr = gcsr.getCSR("IMO"); 
System.out.println("CSR Request Generated!!"); 
FileWriter fcsr = new FileWriter("C:\\test.txt"); 
PEMWriter w1 = new PEMWriter(fcsr); 
w1.writeObject(csr); 

但我得到以下異常：

Exception in thread "main" org.bouncycastle.util.io.pem.PemGenerationException: unknown object passed - can't encode. 
    at org.bouncycastle.openssl.MiscPEMGenerator.createPemObject(Unknown Source)" 

Answer 1

我結束了手動創建PEM對象是這樣的。 。

String code = "-----BEGIN CERTIFICATE REQUEST-----\n"; 
    code += new String(Base64.encodeBase64Chunked(request.getEncoded())); 
    code += "-----END CERTIFICATE REQUEST-----"; 
    System.out.println(code); 

我猜它是PemWriter無法輸出CertificationRequest對象的錯誤，因爲它看起來像BouncyCastle v1.47仍然充滿了其他錯誤。

Answer 2

更好的解決方案是使用PemObject。

String type = "CERTIFICATE REQUEST"; 
    byte[] encoding = pkcs10.getEncoded(); 

    PemObject pemObject = new PemObject(type, encoding); 

    StringWriter str = new StringWriter(); 
    PEMWriter pemWriter = new PEMWriter(str); 
    pemWriter.writeObject(pemObject); 
    pemWriter.close(); 
    str.close(); 

    System.out.println(str);