Java BouncyCastle ECC密钥和自签名证书

我在网上搜索了几个小时，寻找有关创建椭圆曲线（EC）密钥和自签名证书的Java示例。到目前为止，我只找到了一些片段和示例，其中许多都无法正常工作。

更新：

我已经取得了一些进展，这是我的代码，希望对需要的人有用！现在只需要解决如何进行自签名！

 import org.bouncycastle.asn1.x500.X500Name;

 import org.bouncycastle.jce.ECNamedCurveTable;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.jce.spec.ECParameterSpec;
 import org.bouncycastle.operator.ContentSigner;
 import org.bouncycastle.operator.ContentVerifierProvider;
 import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
 import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
 import org.bouncycastle.pkcs.PKCS10CertificationRequest;
 import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
 import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
 import java.security.*;

 /**
  * A simple example showing generation and verification of a PKCS#10 request.
  */
 public class genECKeyExample {
     private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
     public static void main(String[] args)
             throws Exception {
         Security.addProvider(new BouncyCastleProvider());


         // Create an eliptic curve key

         ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("prime192v1");
         KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
         g.initialize(ecSpec, new SecureRandom());
         KeyPair pair = g.generateKeyPair();
         System.out.println(pemUtils.toPem(pair.getPrivate()));
         System.out.println(pemUtils.toPem(pair.getPublic()));

         ContentSigner signer = new JcaContentSignerBuilder("SHA1withECDSA").setProvider(BC).build(pair.getPrivate());


         PKCS10CertificationRequestBuilder reqBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Name("CN=XXX"), pair.getPublic());
         PKCS10CertificationRequest req = reqBuilder.build(signer);

         ContentVerifierProvider verifier = new JcaContentVerifierProviderBuilder().setProvider(BC).build(pair.getPublic());
         // System.out.println(verifier);

         req = new PKCS10CertificationRequest(req.getEncoded());
         System.out.println(pemUtils.toPem(req));
         pemUtils.toFile("csr.pem", pemUtils.toPem(req));
         pemUtils.toFile("pkey.pem", pemUtils.toPem(pair.getPrivate()));


     }

 }

我找到了一种方法，但是它不会创建证书签名请求(CSR)或证书。此外，似乎不能选择不同的密钥大小(我想这些是曲线)。有没有人可以分享一些可行的示例呢？

 import org.bouncycastle.openssl.PEMWriter;

 import java.io.StringWriter;
 import java.math.BigInteger;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.MessageDigest;
 import java.security.SecureRandom;
 import java.security.Security;
 import java.security.spec.ECFieldFp;
 import java.security.spec.ECParameterSpec;
 import java.security.spec.ECPoint;
 import java.security.spec.EllipticCurve;

 import javax.crypto.KeyAgreement;

 public class X509CertificateGenerator {
     public static void main(String[] args) throws Exception {
         Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());

         KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ECDH", "BC");
         EllipticCurve curve = new EllipticCurve(new ECFieldFp(new BigInteger(
                 "fffffffffffffffffffffffffffffffeffffffffffffffff", 16)), new BigInteger(
                 "fffffffffffffffffffffffffffffffefffffffffffffffc", 16), new BigInteger(
                 "fffffffffffffffffffffffffffffffefffffffffffffffc", 16));

         ECParameterSpec ecSpec = new ECParameterSpec(curve, new ECPoint(new BigInteger(
                 "fffffffffffffffffffffffffffffffefffffffffffffffc", 16), new BigInteger(
                 "fffffffffffffffffffffffffffffffefffffffffffffffc", 16)), new BigInteger(
                 "fffffffffffffffffffffffffffffffefffffffffffffffc", 16), 1);

         keyGen.initialize(ecSpec, new SecureRandom());

         KeyAgreement aKeyAgree = KeyAgreement.getInstance("ECDH", "BC");
         KeyPair aPair = keyGen.generateKeyPair();
         KeyAgreement bKeyAgree = KeyAgreement.getInstance("ECDH", "BC");
         KeyPair bPair = keyGen.generateKeyPair();

         aKeyAgree.init(aPair.getPrivate());
         bKeyAgree.init(bPair.getPrivate());

         aKeyAgree.doPhase(bPair.getPublic(), true);
         bKeyAgree.doPhase(aPair.getPublic(), true);

         MessageDigest hash = MessageDigest.getInstance("SHA1", "BC");

         System.out.println(new String(hash.digest(aKeyAgree.generateSecret())));
         System.out.println(new String(hash.digest(bKeyAgree.generateSecret())));
         System.out.println(aPair.getPrivate());

         StringWriter pemWrtPublic = new StringWriter();
         PEMWriter pubkey = new PEMWriter(pemWrtPublic);
         pubkey.writeObject(aPair.getPublic());
         pubkey.flush();
         String pemPublicKey = pemWrtPublic.toString();
         System.out.println(pemPublicKey);

         StringWriter pemWrtPrivate = new StringWriter();
         PEMWriter privkey = new PEMWriter(pemWrtPrivate);
         privkey.writeObject(aPair.getPrivate());
         privkey.flush();
         String pemPrivateKey = pemWrtPrivate.toString();
         System.out.println(pemPrivateKey);
     }
 }