FileDocCategorySizeDatePackage
X509V1CertificateGenerator.javaAPI DocAndroid 1.5 API8787Wed May 06 22:41:06 BST 2009org.bouncycastle.x509

X509V1CertificateGenerator

public class X509V1CertificateGenerator extends Object
class to produce an X.509 Version 1 certificate.

Fields Summary
private org.bouncycastle.asn1.x509.V1TBSCertificateGenerator
tbsGen
private org.bouncycastle.asn1.DERObjectIdentifier
sigOID
private org.bouncycastle.asn1.x509.AlgorithmIdentifier
sigAlgId
private String
signatureAlgorithm
Constructors Summary
public X509V1CertificateGenerator()

        tbsGen = new V1TBSCertificateGenerator();
    
Methods Summary
public java.security.cert.X509CertificategenerateX509Certificate(java.security.PrivateKey key)
generate an X509 certificate, based on the current issuer and subject using the default provider "BC".

        try
        {
            return generateX509Certificate(key, "BC", null);
        }
        catch (NoSuchProviderException e)
        {
            throw new SecurityException("BC provider not installed!");
        }
    
public java.security.cert.X509CertificategenerateX509Certificate(java.security.PrivateKey key, java.security.SecureRandom random)
generate an X509 certificate, based on the current issuer and subject using the default provider "BC" and the passed in source of randomness

        try
        {
            return generateX509Certificate(key, "BC", random);
        }
        catch (NoSuchProviderException e)
        {
            throw new SecurityException("BC provider not installed!");
        }
    
public java.security.cert.X509CertificategenerateX509Certificate(java.security.PrivateKey key, java.lang.String provider)
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing, and the passed in source of randomness (if required).

        return generateX509Certificate(key, provider, null);
    
public java.security.cert.X509CertificategenerateX509Certificate(java.security.PrivateKey key, java.lang.String provider, java.security.SecureRandom random)
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing, and the passed in source of randomness (if required).

        Signature sig = null;

        try
        {
            sig = Signature.getInstance(sigOID.getId(), provider);
        }
        catch (NoSuchAlgorithmException ex)
        {
            try
            {
                sig = Signature.getInstance(signatureAlgorithm, provider);
            }
            catch (NoSuchAlgorithmException e)
            {
                throw new SecurityException("exception creating signature: " + e.toString());
            }
        }

        if (random != null)
        {
            sig.initSign(key, random);
        }
        else
        {
            sig.initSign(key);
        }

        TBSCertificateStructure tbsCert = tbsGen.generateTBSCertificate();

        try
        {
            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
            DEROutputStream         dOut = new DEROutputStream(bOut);

            dOut.writeObject(tbsCert);

            sig.update(bOut.toByteArray());
        }
        catch (Exception e)
        {
            throw new SecurityException("exception encoding TBS cert - " + e);
        }

        ASN1EncodableVector  v = new ASN1EncodableVector();

        v.add(tbsCert);
        v.add(sigAlgId);
        v.add(new DERBitString(sig.sign()));

        return new X509CertificateObject(new X509CertificateStructure(new DERSequence(v)));
    
public java.util.IteratorgetSignatureAlgNames()
Return an iterator of the signature names supported by the generator.

return
an iterator containing recognised names.

        return X509Util.getAlgNames();
    
public voidreset()
reset the generator

        tbsGen = new V1TBSCertificateGenerator();
    
public voidsetIssuerDN(javax.security.auth.x500.X500Principal issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.

        try
        {
            tbsGen.setIssuer(new X509Principal(issuer.getEncoded()));
        }
        catch (IOException e)
        {
            throw new IllegalArgumentException("can't process principal: " + e);
        }
    
public voidsetIssuerDN(org.bouncycastle.asn1.x509.X509Name issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.

        tbsGen.setIssuer(issuer);
    
public voidsetNotAfter(java.util.Date date)

        tbsGen.setEndDate(new Time(date));
    
public voidsetNotBefore(java.util.Date date)

        tbsGen.setStartDate(new Time(date));
    
public voidsetPublicKey(java.security.PublicKey key)

        try
        {
            tbsGen.setSubjectPublicKeyInfo(new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream(
                                new ByteArrayInputStream(key.getEncoded())).readObject()));
        }
        catch (Exception e)
        {
            throw new IllegalArgumentException("unable to process key - " + e.toString());
        }
    
public voidsetSerialNumber(java.math.BigInteger serialNumber)
set the serial number for the certificate.

        if (serialNumber.compareTo(BigInteger.ZERO) <= 0)
        {
            throw new IllegalArgumentException("serial number must be a positive integer");
        }
        
        tbsGen.setSerialNumber(new DERInteger(serialNumber));
    
public voidsetSignatureAlgorithm(java.lang.String signatureAlgorithm)
Set the signature algorithm. This can be either a name or an OID, names are treated as case insensitive.

param
signatureAlgorithm string representation of the algorithm name.

        this.signatureAlgorithm = signatureAlgorithm;

        try
        {
            sigOID = X509Util.getAlgorithmOID(signatureAlgorithm);
        }
        catch (Exception e)
        {
            throw new IllegalArgumentException("Unknown signature type requested");
        }

        sigAlgId = X509Util.getSigAlgID(sigOID);

        tbsGen.setSignature(sigAlgId);
    
public voidsetSubjectDN(javax.security.auth.x500.X500Principal subject)
Set the subject distinguished name. The subject describes the entity associated with the public key.

        try
        {
            tbsGen.setSubject(new X509Principal(subject.getEncoded()));
        }
        catch (IOException e)
        {
            throw new IllegalArgumentException("can't process principal: " + e);
        }
    
public voidsetSubjectDN(org.bouncycastle.asn1.x509.X509Name subject)
Set the subject distinguished name. The subject describes the entity associated with the public key.

        tbsGen.setSubject(subject);