FileDocCategorySizeDatePackage
X509V2AttributeCertificateGenerator.javaAPI DocAndroid 1.5 API8193Wed May 06 22:41:06 BST 2009org.bouncycastle.x509

X509V2AttributeCertificateGenerator

public class X509V2AttributeCertificateGenerator extends Object
class to produce an X.509 Version 2 AttributeCertificate.

Fields Summary
private org.bouncycastle.asn1.x509.V2AttributeCertificateInfoGenerator
acInfoGen
private org.bouncycastle.asn1.DERObjectIdentifier
sigOID
private org.bouncycastle.asn1.x509.AlgorithmIdentifier
sigAlgId
private String
signatureAlgorithm
private Hashtable
extensions
private Vector
extOrdering
Constructors Summary
public X509V2AttributeCertificateGenerator()


     
    
        acInfoGen = new V2AttributeCertificateInfoGenerator();
Methods Summary
public voidaddAttribute(X509Attribute attribute)
add an attribute

        acInfoGen.addAttribute(Attribute.getInstance(attribute.toASN1Object()));
public voidaddExtension(java.lang.String OID, boolean critical, org.bouncycastle.asn1.ASN1Encodable value)
add a given extension field for the standard extensions tag

throws
IOException

        this.addExtension(OID, critical, value.getEncoded());
public voidaddExtension(java.lang.String OID, boolean critical, byte[] value)
add a given extension field for the standard extensions tag The value parameter becomes the contents of the octet string associated with the extension.

        if (extensions == null)
        {
            extensions = new Hashtable();
            extOrdering = new Vector();
        }

        DERObjectIdentifier oid = new DERObjectIdentifier(OID);
        
        extensions.put(oid, new X509Extension(critical, new DEROctetString(value)));
        extOrdering.addElement(oid);
public X509AttributeCertificategenerateCertificate(java.security.PrivateKey key, java.lang.String provider)
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing.

        return generateCertificate(key, provider, null);
public X509AttributeCertificategenerateCertificate(java.security.PrivateKey key, java.lang.String provider, java.security.SecureRandom random)
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing and the supplied source of randomness, if required.

        Signature sig = null;

        if (sigOID == null)
        {
            throw new IllegalStateException("no signature algorithm specified");
        }

        try
        {
            sig = Signature.getInstance(sigOID.getId(), provider);
        }
        catch (NoSuchAlgorithmException ex)
        {
            try
            {
                sig = Signature.getInstance(signatureAlgorithm, provider);
            }
            catch (NoSuchAlgorithmException e)
            {
                throw new SecurityException("exception creating signature: " + e.toString());
            }
        }

        if (random != null)
        {
            sig.initSign(key, random);
        }
        else
        {
            sig.initSign(key);
        }

        if (extensions != null)
        {
            acInfoGen.setExtensions(new X509Extensions(extOrdering, extensions));
        }

        AttributeCertificateInfo acInfo = acInfoGen.generateAttributeCertificateInfo();

        try
        {
            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
            DEROutputStream         dOut = new DEROutputStream(bOut);

            dOut.writeObject(acInfo);

            sig.update(bOut.toByteArray());
        }
        catch (Exception e)
        {
            throw new SecurityException("exception encoding Attribute cert - " + e);
        }

        ASN1EncodableVector  v = new ASN1EncodableVector();

        v.add(acInfo);
        v.add(sigAlgId);
        v.add(new DERBitString(sig.sign()));

        try
        {
            return new X509V2AttributeCertificate(new AttributeCertificate(new DERSequence(v)));
        }
        catch (IOException e)
        {
            throw new RuntimeException("constructed invalid certificate!");
        }
public java.util.IteratorgetSignatureAlgNames()
Return an iterator of the signature names supported by the generator.

return
an iterator containing recognised names.

        return X509Util.getAlgNames();
public voidreset()
reset the generator

        acInfoGen = new V2AttributeCertificateInfoGenerator();
        extensions = null;
        extOrdering = null;
public voidsetHolder(AttributeCertificateHolder holder)
Set the Holder of this Attribute Certificate

        acInfoGen.setHolder(holder.holder);
public voidsetIssuer(AttributeCertificateIssuer issuer)
Set the issuer

        acInfoGen.setIssuer(AttCertIssuer.getInstance(issuer.form));
public voidsetIssuerUniqueId(boolean[] iui)

        // [TODO] convert boolean array to bit string
        //acInfoGen.setIssuerUniqueID(iui);
        throw new RuntimeException("not implemented (yet)");
public voidsetNotAfter(java.util.Date date)

        acInfoGen.setEndDate(new DERGeneralizedTime(date));
public voidsetNotBefore(java.util.Date date)

        acInfoGen.setStartDate(new DERGeneralizedTime(date));
public voidsetSerialNumber(java.math.BigInteger serialNumber)
set the serial number for the certificate.

        acInfoGen.setSerialNumber(new DERInteger(serialNumber));
public voidsetSignatureAlgorithm(java.lang.String signatureAlgorithm)
Set the signature algorithm. This can be either a name or an OID, names are treated as case insensitive.

param
signatureAlgorithm string representation of the algorithm name.

        this.signatureAlgorithm = signatureAlgorithm;

        try
        {
            sigOID = X509Util.getAlgorithmOID(signatureAlgorithm);
        }
        catch (Exception e)
        {
            throw new IllegalArgumentException("Unknown signature type requested");
        }

        // BEGIN android-changed
        sigAlgId = new AlgorithmIdentifier(this.sigOID, DERNull.THE_ONE);
        // END android-changed

        acInfoGen.setSignature(sigAlgId);