org.bouncycastle.x509

Class X509V3CertificateGenerator

public class X509V3CertificateGenerator extends Object

class to produce an X.509 Version 3 certificate.
Constructor Summary
X509V3CertificateGenerator()
Method Summary
voidaddExtension(String oid, boolean critical, DEREncodable value)
add a given extension field for the standard extensions tag (tag 3)
voidaddExtension(DERObjectIdentifier oid, boolean critical, DEREncodable value)
add a given extension field for the standard extensions tag (tag 3)
voidaddExtension(String oid, boolean critical, byte[] value)
add a given extension field for the standard extensions tag (tag 3) The value parameter becomes the contents of the octet string associated with the extension.
voidaddExtension(DERObjectIdentifier oid, boolean critical, byte[] value)
add a given extension field for the standard extensions tag (tag 3)
voidcopyAndAddExtension(String oid, boolean critical, X509Certificate cert)
add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.
voidcopyAndAddExtension(DERObjectIdentifier oid, boolean critical, X509Certificate cert)
add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.
X509Certificategenerate(PrivateKey key)
generate an X509 certificate, based on the current issuer and subject using the default provider.
X509Certificategenerate(PrivateKey key, SecureRandom random)
generate an X509 certificate, based on the current issuer and subject using the default provider, and the passed in source of randomness (if required).
X509Certificategenerate(PrivateKey key, String provider)
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing.
X509Certificategenerate(PrivateKey key, String provider, SecureRandom random)
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing and the supplied source of randomness, if required.
X509CertificategenerateX509Certificate(PrivateKey key)
generate an X509 certificate, based on the current issuer and subject using the default provider "BC".
X509CertificategenerateX509Certificate(PrivateKey key, SecureRandom random)
generate an X509 certificate, based on the current issuer and subject using the default provider "BC", and the passed in source of randomness (if required).
X509CertificategenerateX509Certificate(PrivateKey key, String provider)
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing.
X509CertificategenerateX509Certificate(PrivateKey key, String provider, SecureRandom random)
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing and the supplied source of randomness, if required.
IteratorgetSignatureAlgNames()
Return an iterator of the signature names supported by the generator.
voidreset()
reset the generator
voidsetIssuerDN(X500Principal issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.
voidsetIssuerDN(X509Name issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.
voidsetNotAfter(Date date)
voidsetNotBefore(Date date)
voidsetPublicKey(PublicKey key)
voidsetSerialNumber(BigInteger serialNumber)
set the serial number for the certificate.
voidsetSignatureAlgorithm(String signatureAlgorithm)
Set the signature algorithm.
voidsetSubjectDN(X500Principal subject)
Set the subject distinguished name.
voidsetSubjectDN(X509Name subject)
Set the subject distinguished name.

Constructor Detail

X509V3CertificateGenerator

public X509V3CertificateGenerator()

Method Detail

addExtension

public void addExtension(String oid, boolean critical, DEREncodable value)
add a given extension field for the standard extensions tag (tag 3)

addExtension

public void addExtension(DERObjectIdentifier oid, boolean critical, DEREncodable value)
add a given extension field for the standard extensions tag (tag 3)

addExtension

public void addExtension(String oid, boolean critical, byte[] value)
add a given extension field for the standard extensions tag (tag 3) The value parameter becomes the contents of the octet string associated with the extension.

addExtension

public void addExtension(DERObjectIdentifier oid, boolean critical, byte[] value)
add a given extension field for the standard extensions tag (tag 3)

copyAndAddExtension

public void copyAndAddExtension(String oid, boolean critical, X509Certificate cert)
add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.

Throws: CertificateParsingException if the extension cannot be extracted.

copyAndAddExtension

public void copyAndAddExtension(DERObjectIdentifier oid, boolean critical, X509Certificate cert)
add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.

Throws: CertificateParsingException if the extension cannot be extracted.

generate

public X509Certificate generate(PrivateKey key)
generate an X509 certificate, based on the current issuer and subject using the default provider.

Note: this differs from the deprecated method in that the default provider is used - not "BC".

generate

public X509Certificate generate(PrivateKey key, SecureRandom random)
generate an X509 certificate, based on the current issuer and subject using the default provider, and the passed in source of randomness (if required).

Note: this differs from the deprecated method in that the default provider is used - not "BC".

generate

public X509Certificate generate(PrivateKey key, String provider)
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing.

generate

public X509Certificate generate(PrivateKey key, String provider, SecureRandom random)
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing and the supplied source of randomness, if required.

generateX509Certificate

public X509Certificate generateX509Certificate(PrivateKey key)

Deprecated: use generate(key, "BC")

generate an X509 certificate, based on the current issuer and subject using the default provider "BC".

generateX509Certificate

public X509Certificate generateX509Certificate(PrivateKey key, SecureRandom random)

Deprecated: use generate(key, random, "BC")

generate an X509 certificate, based on the current issuer and subject using the default provider "BC", and the passed in source of randomness (if required).

generateX509Certificate

public X509Certificate generateX509Certificate(PrivateKey key, String provider)

Deprecated: use generate()

generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing.

generateX509Certificate

public X509Certificate generateX509Certificate(PrivateKey key, String provider, SecureRandom random)

Deprecated: use generate()

generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing and the supplied source of randomness, if required.

getSignatureAlgNames

public Iterator getSignatureAlgNames()
Return an iterator of the signature names supported by the generator.

Returns: an iterator containing recognised names.

reset

public void reset()
reset the generator

setIssuerDN

public void setIssuerDN(X500Principal issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.

setIssuerDN

public void setIssuerDN(X509Name issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.

setNotAfter

public void setNotAfter(Date date)

setNotBefore

public void setNotBefore(Date date)

setPublicKey

public void setPublicKey(PublicKey key)

setSerialNumber

public void setSerialNumber(BigInteger serialNumber)
set the serial number for the certificate.

setSignatureAlgorithm

public void setSignatureAlgorithm(String signatureAlgorithm)
Set the signature algorithm. This can be either a name or an OID, names are treated as case insensitive.

Parameters: signatureAlgorithm string representation of the algorithm name.

setSubjectDN

public void setSubjectDN(X500Principal subject)
Set the subject distinguished name. The subject describes the entity associated with the public key.

setSubjectDN

public void setSubjectDN(X509Name subject)
Set the subject distinguished name. The subject describes the entity associated with the public key.