private X509Certificate sign(TBSCertificate toSign, AlgorithmIdentifier sigAlg,
String sigAlgName,
PrivateKey key, String provider, SecureRandom random)
throws InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException,
SignatureException, IOException, CertificateParsingException
{
byte[] signature = calculateSignature(sigAlgName,
provider, key, random, toSign);
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(toSign);
v.add(sigAlg.toASN1Primitive());
v.add(new DERBitString(signature));
DERSequence derCertificate = new DERSequence(v);
CertificateFactory factory;
try
{
factory = CertificateFactory.getInstance("X.509");
ByteArrayInputStream bais = new ByteArrayInputStream(derCertificate.getEncoded(ASN1Encoding.DER));
return (X509Certificate) factory.generateCertificate(bais);
} catch (CertificateException e)
{
throw new RuntimeException("The generated proxy " +
"certificate was not parsed by the JDK", e);
}
}