小白一枚，搞这个弄得心力交瘁，希望对你们有用…

参考了大牛的实现，https://github.com/ZZMarquis/gmhelper

感谢大牛的贡献，不然我等小白真的…

pom.xml

4.0.0

com.jinhongjian.testBCgm

testBCgm-test

1.0-SNAPSHOT

org.apache.maven.plugins

maven-compiler-plugin

6

6

org.bouncycastle

bcprov-jdk15on

1.60

org.bouncycastle

bcpkix-jdk15on

1.60

java程序

程序里面包含的功能有：sm2 公私钥对的生成，x509证书的生成，私钥以及证书转成pem格式保存到文件中

这里面是生成的自签发的CA证书。我也是新手，代码不规范请见谅…

import org.bouncycastle.asn1.gm.GMNamedCurves;

import org.bouncycastle.asn1.x509.*;

import org.bouncycastle.asn1.x500.X500Name;

import org.bouncycastle.asn1.x9.X9ECParameters;

import org.bouncycastle.cert.X509v3CertificateBuilder;

import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;

import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;

import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;

import org.bouncycastle.crypto.params.*;

import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;

import org.bouncycastle.jce.provider.BouncyCastleProvider;

import org.bouncycastle.jce.spec.ECParameterSpec;

import org.bouncycastle.openssl.jcajce.JcaPEMWriter;

import org.bouncycastle.operator.ContentSigner;

import org.bouncycastle.operator.OperatorCreationException;

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

import org.bouncycastle.pkcs.PKCS10CertificationRequest;

import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;

import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;

import org.bouncycastle.util.io.pem.PemObject;

import javax.xml.bind.DatatypeConverter;

import java.io.*;

import java.math.BigInteger;

import java.security.*;

import java.security.cert.X509Certificate;

import java.util.*;

public class x509