// After signing, update the algorithm ID to the actual signature algorithm algId = (AlgorithmId) cert.get(X509CertImpl.SIG_ALG); info.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, algId); cert = new X509CertImpl(info); cert.sign(keyPair.getPrivate(), sigAlg); return cert;
package com.example.keygen;
// Subject & Issuer (self‑signed => same) info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(subject)); info.set(X509CertInfo.ISSUER, new CertificateIssuerName(subject)); keygen intellij
// ---- 2️⃣ Load (or create) a PKCS#12 keystore ---- KeyStore ks = KeyStore.getInstance("PKCS12"); if (Files.exists(filePath)) try (InputStream in = Files.newInputStream(filePath)) ks.load(in, password); else ks.load(null, null); // create empty keystore
public static void main(String[] args) throws Exception KeyPair kp = generate("secp256r1"); System.out.println("EC Public (Base64): " + java.util.Base64.getEncoder().encodeToString(kp.getPublic().getEncoded())); // After signing, update the algorithm ID to
// The following uses internal Sun classes (available on Oracle/OpenJDK). For a pure‑API // approach, consider BouncyCastle's X509v3CertificateBuilder. X509CertInfo info = new X509CertInfo();
public static void main(String[] args) throws Exception SecretKey secret = generate(256); System.out.println("AES key (Base64): " + java.util.Base64.getEncoder().encodeToString(secret.getEncoded())); // After signing
public class KeyStoreUtil