Methods Summary |
---|
public java.security.cert.X509Certificate | generateX509Certificate(java.security.PrivateKey key)generate an X509 certificate, based on the current issuer and subject
using the default provider "BC".
try
{
return generateX509Certificate(key, "BC", null);
}
catch (NoSuchProviderException e)
{
throw new SecurityException("BC provider not installed!");
}
|
public java.security.cert.X509Certificate | generateX509Certificate(java.security.PrivateKey key, java.security.SecureRandom random)generate an X509 certificate, based on the current issuer and subject
using the default provider "BC" and the passed in source of randomness
try
{
return generateX509Certificate(key, "BC", random);
}
catch (NoSuchProviderException e)
{
throw new SecurityException("BC provider not installed!");
}
|
public java.security.cert.X509Certificate | generateX509Certificate(java.security.PrivateKey key, java.lang.String provider)generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing, and the passed in source
of randomness (if required).
return generateX509Certificate(key, provider, null);
|
public java.security.cert.X509Certificate | generateX509Certificate(java.security.PrivateKey key, java.lang.String provider, java.security.SecureRandom random)generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing, and the passed in source
of randomness (if required).
Signature sig = null;
try
{
sig = Signature.getInstance(sigOID.getId(), provider);
}
catch (NoSuchAlgorithmException ex)
{
try
{
sig = Signature.getInstance(signatureAlgorithm, provider);
}
catch (NoSuchAlgorithmException e)
{
throw new SecurityException("exception creating signature: " + e.toString());
}
}
if (random != null)
{
sig.initSign(key, random);
}
else
{
sig.initSign(key);
}
TBSCertificateStructure tbsCert = tbsGen.generateTBSCertificate();
try
{
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
DEROutputStream dOut = new DEROutputStream(bOut);
dOut.writeObject(tbsCert);
sig.update(bOut.toByteArray());
}
catch (Exception e)
{
throw new SecurityException("exception encoding TBS cert - " + e);
}
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(tbsCert);
v.add(sigAlgId);
v.add(new DERBitString(sig.sign()));
return new X509CertificateObject(new X509CertificateStructure(new DERSequence(v)));
|
public java.util.Iterator | getSignatureAlgNames()Return an iterator of the signature names supported by the generator.
return X509Util.getAlgNames();
|
public void | reset()reset the generator
tbsGen = new V1TBSCertificateGenerator();
|
public void | setIssuerDN(javax.security.auth.x500.X500Principal issuer)Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
certificate.
try
{
tbsGen.setIssuer(new X509Principal(issuer.getEncoded()));
}
catch (IOException e)
{
throw new IllegalArgumentException("can't process principal: " + e);
}
|
public void | setIssuerDN(org.bouncycastle.asn1.x509.X509Name issuer)Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
certificate.
tbsGen.setIssuer(issuer);
|
public void | setNotAfter(java.util.Date date)
tbsGen.setEndDate(new Time(date));
|
public void | setNotBefore(java.util.Date date)
tbsGen.setStartDate(new Time(date));
|
public void | setPublicKey(java.security.PublicKey key)
try
{
tbsGen.setSubjectPublicKeyInfo(new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream(
new ByteArrayInputStream(key.getEncoded())).readObject()));
}
catch (Exception e)
{
throw new IllegalArgumentException("unable to process key - " + e.toString());
}
|
public void | setSerialNumber(java.math.BigInteger serialNumber)set the serial number for the certificate.
if (serialNumber.compareTo(BigInteger.ZERO) <= 0)
{
throw new IllegalArgumentException("serial number must be a positive integer");
}
tbsGen.setSerialNumber(new DERInteger(serialNumber));
|
public void | setSignatureAlgorithm(java.lang.String signatureAlgorithm)Set the signature algorithm. This can be either a name or an OID, names
are treated as case insensitive.
this.signatureAlgorithm = signatureAlgorithm;
try
{
sigOID = X509Util.getAlgorithmOID(signatureAlgorithm);
}
catch (Exception e)
{
throw new IllegalArgumentException("Unknown signature type requested");
}
sigAlgId = X509Util.getSigAlgID(sigOID);
tbsGen.setSignature(sigAlgId);
|
public void | setSubjectDN(javax.security.auth.x500.X500Principal subject)Set the subject distinguished name. The subject describes the entity associated with the public key.
try
{
tbsGen.setSubject(new X509Principal(subject.getEncoded()));
}
catch (IOException e)
{
throw new IllegalArgumentException("can't process principal: " + e);
}
|
public void | setSubjectDN(org.bouncycastle.asn1.x509.X509Name subject)Set the subject distinguished name. The subject describes the entity associated with the public key.
tbsGen.setSubject(subject);
|