|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objecteu.emi.security.authn.x509.helpers.proxy.X509v3CertificateBuilder
public class X509v3CertificateBuilder
Class to produce an X.509 Version 3 certificate. Based on the BC bcmail library and deprecated class of the BC. We don't use BC mail as adding an another big dependency only for the certificate creation doesn't make much sense.
Constructor Summary | |
---|---|
X509v3CertificateBuilder(X500Name issuer,
BigInteger serial,
Date notBefore,
Date notAfter,
X500Name subject,
SubjectPublicKeyInfo publicKeyInfo)
Create a builder for a version 3 certificate. |
Method Summary | |
---|---|
X509v3CertificateBuilder |
addExtension(ASN1ObjectIdentifier oid,
boolean isCritical,
ASN1Encodable value)
Add a given extension field for the standard extensions tag (tag 3) |
X509Certificate |
build(PrivateKey key,
AlgorithmIdentifier sigAlg,
String sigAlgName,
String provider,
SecureRandom random)
Generate the certificate, signing it with the provided private key and using the specified algorithm. |
static AlgorithmIdentifier |
extractAlgorithmId(X509Certificate cert)
Extracts the full algorithm identifier from the given certificate. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public X509v3CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, SubjectPublicKeyInfo publicKeyInfo)
issuer
- the certificate issuerserial
- the certificate serial numbernotBefore
- the date before which the certificate is not validnotAfter
- the date after which the certificate is not validsubject
- the certificate subjectpublicKeyInfo
- the info structure for the public key to be associated
with this certificate.Method Detail |
---|
public X509v3CertificateBuilder addExtension(ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value)
oid
- the OID defining the extension type.isCritical
- true if the extension is critical, false otherwise.value
- the ASN.1 structure that forms the extension's value.
public X509Certificate build(PrivateKey key, AlgorithmIdentifier sigAlg, String sigAlgName, String provider, SecureRandom random) throws InvalidKeyException, CertificateParsingException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, IOException
key
- to be used for signingsigAlg
- oid and paramters of the signature algsigAlgName
- name of the signature algprovider
- can be null -> default will be usedrandom
- can be null -> default will be used
InvalidKeyException
CertificateParsingException
NoSuchProviderException
NoSuchAlgorithmException
SignatureException
IOException
public static AlgorithmIdentifier extractAlgorithmId(X509Certificate cert) throws IOException
cert
- input certificate
IOException
- if parameters of the algorithm can not be parsed
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |