CODEWITHSUNDEEP
javacryptographyssl-certificatex509certificatebouncycastle
Numeron
Numeron

Reputation: 8823

Generating digital certificates using Bouncycastle

I have determined, after some research, that in order to generate and sign certificates programmatically in java I need the bouncycastle library.

Unfortunately it appears that the library has gone through a major overhaul sometime fairly recently. A great deal of their classes are now deprecated and all of the tutorials and code samples I can find that are simple enough to understand are deprecated along with them.

I am reasonably new to cryptography. Armed with only basic knowledge and fuzzy idea of what I'm actually trying to accomplish, I've fumbled through the out of date tutorials and the assumed-knowledge Bouncycastle documentation, and its been an arduous experience.

Are there any simple to understand, up to date Bouncycastle tutorials, or alternative libraries I should look at? Or should I grit my teeth, ignore the deprecation warnings and hope for the best?

Upvotes: 1

Views: 1906

Answers (2)

President James K. Polk
President James K. Polk

Reputation: 42009

It is a little hard to find, but the bouncycastle wiki has some short but sweet documention. In particular this first example at this page entitled A Simple Operator Example should get you started.

Another perfectly fine alternative is to just use version 1.46 of the library, the last version to use the old api.

Upvotes: 1

DaJunkie
DaJunkie

Reputation: 576

Do you really need to use Bouncycastle directly or can't you use it as a Cryptographic Service Provider? So you do not need to use BCs API. See the JCA Reference Guide. I use for some encryption these lines:

static {
  Security.addProvider(new BouncyCastleProvider());
}

public void someMethod() {
  KeyFactory fact = KeyFactory.getInstance("RSA", "BC");
  Key key = fact.generatePublic(PUB_KEY_SPEC);
  // do stuff
}

You might take a closer look at the CertificateFactory.

Upvotes: 0

Related Questions