org.bouncycastle.x509

Class X509V3CertificateGenerator


public class X509V3CertificateGenerator
extends java.lang.Object

class to produce an X.509 Version 3 certificate.

Constructor Summary

X509V3CertificateGenerator()

Method Summary

void
addExtension(String oid, boolean critical, byte[] value)
add a given extension field for the standard extensions tag (tag 3) The value parameter becomes the contents of the octet string associated with the extension.
void
addExtension(String oid, boolean critical, DEREncodable value)
add a given extension field for the standard extensions tag (tag 3)
void
addExtension(DERObjectIdentifier oid, boolean critical, byte[] value)
add a given extension field for the standard extensions tag (tag 3)
void
addExtension(DERObjectIdentifier oid, boolean critical, DEREncodable value)
add a given extension field for the standard extensions tag (tag 3)
void
copyAndAddExtension(String oid, boolean critical, X509Certificate cert)
add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.
void
copyAndAddExtension(DERObjectIdentifier oid, boolean critical, X509Certificate cert)
add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.
X509Certificate
generate(PrivateKey key)
generate an X509 certificate, based on the current issuer and subject using the default provider.
X509Certificate
generate(PrivateKey key, SecureRandom random)
generate an X509 certificate, based on the current issuer and subject using the default provider, and the passed in source of randomness (if required).
X509Certificate
generate(PrivateKey key, String provider)
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing.
X509Certificate
generate(PrivateKey key, String provider, SecureRandom random)
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing and the supplied source of randomness, if required.
X509Certificate
generateX509Certificate(PrivateKey key)
Deprecated. use generate(key, "BC")
X509Certificate
generateX509Certificate(PrivateKey key, SecureRandom random)
Deprecated. use generate(key, random, "BC")
X509Certificate
generateX509Certificate(PrivateKey key, String provider)
Deprecated. use generate()
X509Certificate
generateX509Certificate(PrivateKey key, String provider, SecureRandom random)
Deprecated. use generate()
Iterator
getSignatureAlgNames()
Return an iterator of the signature names supported by the generator.
void
reset()
reset the generator
void
setIssuerDN(X500Principal issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.
void
setIssuerDN(X509Name issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.
void
setNotAfter(Date date)
void
setNotBefore(Date date)
void
setPublicKey(PublicKey key)
void
setSerialNumber(BigInteger serialNumber)
set the serial number for the certificate.
void
setSignatureAlgorithm(String signatureAlgorithm)
Set the signature algorithm.
void
setSubjectDN(X500Principal subject)
Set the subject distinguished name.
void
setSubjectDN(X509Name subject)
Set the subject distinguished name.

Constructor Details

X509V3CertificateGenerator

public X509V3CertificateGenerator()

Method Details

addExtension

public void addExtension(String oid,
                         boolean critical,
                         byte[] value)
add a given extension field for the standard extensions tag (tag 3) The value parameter becomes the contents of the octet string associated with the extension.

addExtension

public void addExtension(String oid,
                         boolean critical,
                         DEREncodable value)
add a given extension field for the standard extensions tag (tag 3)

addExtension

public void addExtension(DERObjectIdentifier oid,
                         boolean critical,
                         byte[] value)
add a given extension field for the standard extensions tag (tag 3)

addExtension

public void addExtension(DERObjectIdentifier oid,
                         boolean critical,
                         DEREncodable value)
add a given extension field for the standard extensions tag (tag 3)

copyAndAddExtension

public void copyAndAddExtension(String oid,
                                boolean critical,
                                X509Certificate cert)
            throws CertificateParsingException
add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.

copyAndAddExtension

public void copyAndAddExtension(DERObjectIdentifier oid,
                                boolean critical,
                                X509Certificate cert)
            throws CertificateParsingException
add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.

generate

public X509Certificate generate(PrivateKey key)
            throws CertificateEncodingException,
                   IllegalStateException,
                   NoSuchAlgorithmException,
                   SignatureException,
                   InvalidKeyException
generate an X509 certificate, based on the current issuer and subject using the default provider.

Note: this differs from the deprecated method in that the default provider is used - not "BC".


generate

public X509Certificate generate(PrivateKey key,
                                SecureRandom random)
            throws CertificateEncodingException,
                   IllegalStateException,
                   NoSuchAlgorithmException,
                   SignatureException,
                   InvalidKeyException
generate an X509 certificate, based on the current issuer and subject using the default provider, and the passed in source of randomness (if required).

Note: this differs from the deprecated method in that the default provider is used - not "BC".


generate

public X509Certificate generate(PrivateKey key,
                                String provider)
            throws CertificateEncodingException,
                   IllegalStateException,
                   NoSuchProviderException,
                   NoSuchAlgorithmException,
                   SignatureException,
                   InvalidKeyException
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing.

generate

public X509Certificate generate(PrivateKey key,
                                String provider,
                                SecureRandom random)
            throws CertificateEncodingException,
                   IllegalStateException,
                   NoSuchProviderException,
                   NoSuchAlgorithmException,
                   SignatureException,
                   InvalidKeyException
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing and the supplied source of randomness, if required.

generateX509Certificate

public X509Certificate generateX509Certificate(PrivateKey key)
            throws SecurityException,
                   SignatureException,
                   InvalidKeyException

Deprecated. use generate(key, "BC")

generate an X509 certificate, based on the current issuer and subject using the default provider "BC".

generateX509Certificate

public X509Certificate generateX509Certificate(PrivateKey key,
                                               SecureRandom random)
            throws SecurityException,
                   SignatureException,
                   InvalidKeyException

Deprecated. use generate(key, random, "BC")

generate an X509 certificate, based on the current issuer and subject using the default provider "BC", and the passed in source of randomness (if required).

generateX509Certificate

public X509Certificate generateX509Certificate(PrivateKey key,
                                               String provider)
            throws NoSuchProviderException,
                   SecurityException,
                   SignatureException,
                   InvalidKeyException

Deprecated. use generate()

generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing.

generateX509Certificate

public X509Certificate generateX509Certificate(PrivateKey key,
                                               String provider,
                                               SecureRandom random)
            throws NoSuchProviderException,
                   SecurityException,
                   SignatureException,
                   InvalidKeyException

Deprecated. use generate()

generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing and the supplied source of randomness, if required.

getSignatureAlgNames

public Iterator getSignatureAlgNames()
Return an iterator of the signature names supported by the generator.
Returns:
an iterator containing recognised names.

reset

public void reset()
reset the generator

setIssuerDN

public void setIssuerDN(X500Principal issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.

setIssuerDN

public void setIssuerDN(X509Name issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.

setNotAfter

public void setNotAfter(Date date)

setNotBefore

public void setNotBefore(Date date)

setPublicKey

public void setPublicKey(PublicKey key)
            throws IllegalArgumentException

setSerialNumber

public void setSerialNumber(BigInteger serialNumber)
set the serial number for the certificate.

setSignatureAlgorithm

public void setSignatureAlgorithm(String signatureAlgorithm)
Set the signature algorithm. This can be either a name or an OID, names are treated as case insensitive.
Parameters:
signatureAlgorithm - string representation of the algorithm name.

setSubjectDN

public void setSubjectDN(X500Principal subject)
Set the subject distinguished name. The subject describes the entity associated with the public key.

setSubjectDN

public void setSubjectDN(X509Name subject)
Set the subject distinguished name. The subject describes the entity associated with the public key.