groovy生成证书 X509CertificateObject

import java.nio.Buffer;/** * @author TBear * */import java.awt.TexturePaintContext.Byte;import java.security.InvalidKeyException;import java.security.KeyPair;import java.security.NoSuchAlgorithmException;import java.security.NoSuchProviderException;import java.security.PrivateKey;import java.security.SignatureException;import java.security.cert.Certificate;import java.security.cert.CertificateEncodingException;import java.security.cert.CertificateParsingExceptionimport java.security.cert.X509Certificate;import javax.security.auth.x500.X500Principal;import org.bouncycastle.asn1.ASN1EncodableVector;import org.bouncycastle.asn1.DERBitStringimport org.bouncycastle.asn1.DERIntegerimport org.bouncycastle.asn1.DERSequenceimport org.bouncycastle.asn1.DERUTCTimeimport org.bouncycastle.asn1.x509.AlgorithmIdentifierimport org.bouncycastle.asn1.x509.BasicConstraintsimport org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;import org.bouncycastle.asn1.x509.V3TBSCertificateGeneratorimport org.bouncycastle.asn1.x509.X509CertificateStructureimport org.bouncycastle.asn1.x509.X509Extensions;import org.bouncycastle.asn1.x509.X509ExtensionsGenerator;import org.bouncycastle.asn1.x509.X509Nameimport org.bouncycastle.jce.provider.BouncyCastleProviderimport org.bouncycastle.jce.provider.X509CertificateObjectimport org.bouncycastle.x509.extension.SubjectKeyIdentifierStructure;import com.itrus.raapi.info.CertInfo;public class CertService{public static void main(String[] args) {X509CertificateObject certificate =  genSM2_Cert();byte[] buffer  = certificate.getEncoded();BufferedOutputStream outputStream = new BufferedOutputStream(new FileOutputStream(new File('E:/abc.cer')));outputStream.write buffer;outputStream.flush();outputStream.close();}//X509CertificateObjectstatic X509CertificateObject genSM2_Cert() throws CertificateParsingException{long currTime = new Date().getTime();String issuerDN = "cn=ibm";String subjectDN = "cn=ibm";int vday = 10;//证书生成V3TBSCertificateGenerator v3CertGen = new V3TBSCertificateGenerator();//系列号DERInteger serialNumber = new DERInteger(BigInteger.valueOf(currTime));v3CertGen.setSerialNumber(serialNumber);//发行人v3CertGen.setIssuer(new X509Name(issuerDN));//开始时间和结束时间v3CertGen.setStartDate(new DERUTCTime(new Date(currTime)));v3CertGen.setEndDate(new DERUTCTime(new Date(currTime + vday*24*60*60*1000)));//主题v3CertGen.setSubject(new X509Name(subjectDN));//签名算法AlgorithmIdentifier  algSign = new AlgorithmIdentifier("1.2.156.197.1.501");v3CertGen.setSignature(algSign);//公钥算法AlgorithmIdentifier algKey = new AlgorithmIdentifier("1.2.156.197.1.301");byte[] pubData = new byte[65];pubData[0] = 0;for(byte i=1;i<pubData.length;i++){pubData[i] = i;}//有公钥算法和签名算法生成公钥信息摘要SubjectPublicKeyInfo pubKeyInfo = new SubjectPublicKeyInfo(algKey,pubData);v3CertGen.setSubjectPublicKeyInfo(pubKeyInfo);byte[] signInfo = new byte[69];for(byte i=1;i<pubData.length;i++){pubData[i] = i;}X509ExtensionsGenerator extenGen = new X509ExtensionsGenerator();//extenGen.addExtension(paramDERObjectIdentifier, paramBoolean, paramArrayOfByte);X509Extensions exten = extenGen.generate();v3CertGen.setExtensions(exten);ASN1EncodableVector asn1encodablevector = new ASN1EncodableVector();asn1encodablevector.add(v3CertGen.generateTBSCertificate());asn1encodablevector.add(algSign);asn1encodablevector.add(new DERBitString(signInfo));return new X509CertificateObject(new X509CertificateStructure(new DERSequence(asn1encodablevector)));}}

?注意最终的输出流必须用BufferedOutputStream；其他的流写不出！