/** * generate an X509 certificate, based on the current issuer and subject, * using the passed in provider for the signing. * @deprecated use generate() */ public X509Certificate generateX509Certificate( PrivateKey key, String provider) throws NoSuchProviderException, SecurityException, SignatureException, InvalidKeyException { return generateX509Certificate(key, provider, null); }
/** * generate an X509 certificate, based on the current issuer and subject, * using the passed in provider for the signing. */ public X509Certificate generate( PrivateKey key, String provider) throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException { return generate(key, provider, null); }
v3CertGen.reset(); v3CertGen.setSerialNumber(BigInteger.valueOf(20)); v3CertGen.setIssuerDN(new X509Principal(issuer)); v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30)); v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30))); v3CertGen.setSubjectDN(new X509Principal(order, attrs)); v3CertGen.setPublicKey(pubKey); v3CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption"); v3CertGen.addExtension( MiscObjectIdentifiers.netscapeCertType, false, new NetscapeCertType(NetscapeCertType.objectSigning | NetscapeCertType.smime)); X509Certificate cert = v3CertGen.generate(caPrivKey);
KeyPair pair = keyGen.generateKeyPair(); X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); v3CertGen.setSerialNumber(BigInteger.valueOf(serial < 0 ? -1 * serial : serial)); v3CertGen.setIssuerDN(principal); v3CertGen.setNotBefore(new Date(System.currentTimeMillis())); v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 365 * validity))); //TODO Doesn't take leap days / years into account... v3CertGen.setSubjectDN(principal); v3CertGen.setPublicKey(pair.getPublic()); v3CertGen.setSignatureAlgorithm("MD5WithRSAEncryption"); X509Certificate pkCertificate = v3CertGen.generateX509Certificate(pair.getPrivate());
/** * generate an X509 certificate, based on the current issuer and subject, * using the passed in provider for the signing and the supplied source * of randomness, if required. */ public X509Certificate generate( PrivateKey key, String provider, SecureRandom random) throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException { TBSCertificate tbsCert = generateTbsCert(); byte[] signature; try { signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, provider, key, random, tbsCert); } catch (IOException e) { throw new ExtCertificateEncodingException("exception encoding TBS cert", e); } try { return generateJcaObject(tbsCert, signature); } catch (CertificateParsingException e) { throw new ExtCertificateEncodingException("exception producing certificate object", e); } }
/** * add a given extension field for the standard extensions tag (tag 3) */ public void addExtension( String oid, boolean critical, ASN1Encodable value) { this.addExtension(new ASN1ObjectIdentifier(oid), critical, value); }
/** * Set the subject unique ID - note: it is very rare that it is correct to do this. */ public void setSubjectUniqueID(boolean[] uniqueID) { tbsGen.setSubjectUniqueID(booleanToBitString(uniqueID)); }
/** * add a given extension field for the standard extensions tag (tag 3) * copying the extension value from another certificate. * @throws CertificateParsingException if the extension cannot be extracted. */ public void copyAndAddExtension( ASN1ObjectIdentifier oid, boolean critical, X509Certificate cert) throws CertificateParsingException { this.copyAndAddExtension(oid.getId(), critical, cert); }
v3CertGen.reset(); v3CertGen.setSerialNumber(BigInteger.valueOf(2)); v3CertGen.setIssuerDN(PrincipalUtil.getSubjectX509Principal(caCert)); v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30)); v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30))); v3CertGen.setSubjectDN(new X509Principal(order, attrs)); v3CertGen.setPublicKey(pubKey); v3CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption"); v3CertGen.addExtension( X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(pubKey)); v3CertGen.addExtension( X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); v3CertGen.addExtension( X509Extensions.BasicConstraints, true, new BasicConstraints(0)); X509Certificate cert = v3CertGen.generate(caPrivKey);
throws CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException TBSCertificate tbsCert = generateTbsCert(); byte[] signature; return generateJcaObject(tbsCert, signature);
/** * add a given extension field for the standard extensions tag (tag 3) */ public void addExtension( String oid, boolean critical, ASN1Encodable value) { this.addExtension(new DERObjectIdentifier(oid), critical, value); }
/** * Set the subject unique ID - note: it is very rare that it is correct to do this. */ public void setSubjectUniqueID(boolean[] uniqueID) { tbsGen.setSubjectUniqueID(booleanToBitString(uniqueID)); }
/** * add a given extension field for the standard extensions tag (tag 3) * copying the extension value from another certificate. * @throws CertificateParsingException if the extension cannot be extracted. */ public void copyAndAddExtension( DERObjectIdentifier oid, boolean critical, X509Certificate cert) throws CertificateParsingException { this.copyAndAddExtension(oid.getId(), critical, cert); }
v3CertGen.reset(); v3CertGen.setSerialNumber(BigInteger.valueOf(3)); v3CertGen.setIssuerDN(new X509Principal(sOrder, sAttrs)); v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30)); v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30))); v3CertGen.setSubjectDN(new X509Principal(order, attrs)); v3CertGen.setPublicKey(pubKey); v3CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption"); v3CertGen.addExtension( X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(pubKey)); v3CertGen.addExtension( X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caPubKey)); X509Certificate cert = v3CertGen.generate(caPrivKey);
throws CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException TBSCertificate tbsCert = generateTbsCert(); byte[] signature; return generateJcaObject(tbsCert, signature);
/** * generate an X509 certificate, based on the current issuer and subject, * using the passed in provider for the signing. * @deprecated use generate() */ public X509Certificate generateX509Certificate( PrivateKey key, String provider) throws NoSuchProviderException, SecurityException, SignatureException, InvalidKeyException { return generateX509Certificate(key, provider, null); }
/** * generate an X509 certificate, based on the current issuer and subject, * using the passed in provider for the signing. */ public X509Certificate generate( PrivateKey key, String provider) throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException { return generate(key, provider, null); }
/** * add a given extension field for the standard extensions tag (tag 3) * The value parameter becomes the contents of the octet string associated * with the extension. */ public void addExtension( String oid, boolean critical, byte[] value) { this.addExtension(new ASN1ObjectIdentifier(oid), critical, value); }
/** * Set the issuer unique ID - note: it is very rare that it is correct to do this. */ public void setIssuerUniqueID(boolean[] uniqueID) { tbsGen.setIssuerUniqueID(booleanToBitString(uniqueID)); }
/** * generate an X509 certificate, based on the current issuer and subject, * using the passed in provider for the signing and the supplied source * of randomness, if required. */ public X509Certificate generate( PrivateKey key, String provider, SecureRandom random) throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException { TBSCertificate tbsCert = generateTbsCert(); byte[] signature; try { signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, provider, key, random, tbsCert); } catch (IOException e) { throw new ExtCertificateEncodingException("exception encoding TBS cert", e); } try { return generateJcaObject(tbsCert, signature); } catch (Exception e) { throw new ExtCertificateEncodingException("exception producing certificate object", e); } }