Class X509v3CertificateBuilder

    • Constructor Summary

      Constructors 
      Constructor Description
      X509v3CertificateBuilder​(org.bouncycastle.asn1.x500.X500Name issuer, java.math.BigInteger serial, java.util.Date notBefore, java.util.Date notAfter, java.util.Locale dateLocale, org.bouncycastle.asn1.x500.X500Name subject, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
      Create a builder for a version 3 certificate.
      X509v3CertificateBuilder​(org.bouncycastle.asn1.x500.X500Name issuer, java.math.BigInteger serial, java.util.Date notBefore, java.util.Date notAfter, org.bouncycastle.asn1.x500.X500Name subject, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
      Create a builder for a version 3 certificate.
      X509v3CertificateBuilder​(org.bouncycastle.asn1.x500.X500Name issuer, java.math.BigInteger serial, org.bouncycastle.asn1.x509.Time notBefore, org.bouncycastle.asn1.x509.Time notAfter, org.bouncycastle.asn1.x500.X500Name subject, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
      Create a builder for a version 3 certificate.
    • Constructor Detail

      • X509v3CertificateBuilder

        public X509v3CertificateBuilder​(org.bouncycastle.asn1.x500.X500Name issuer,
                                        java.math.BigInteger serial,
                                        java.util.Date notBefore,
                                        java.util.Date notAfter,
                                        org.bouncycastle.asn1.x500.X500Name subject,
                                        org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
        Create a builder for a version 3 certificate.
        Parameters:
        issuer - the certificate issuer
        serial - the certificate serial number
        notBefore - the date before which the certificate is not valid
        notAfter - the date after which the certificate is not valid
        subject - the certificate subject
        publicKeyInfo - the info structure for the public key to be associated with this certificate.
      • X509v3CertificateBuilder

        public X509v3CertificateBuilder​(org.bouncycastle.asn1.x500.X500Name issuer,
                                        java.math.BigInteger serial,
                                        java.util.Date notBefore,
                                        java.util.Date notAfter,
                                        java.util.Locale dateLocale,
                                        org.bouncycastle.asn1.x500.X500Name subject,
                                        org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
        Create a builder for a version 3 certificate. You may need to use this constructor if the default locale doesn't use a Gregorian calender so that the Time produced is compatible with other ASN.1 implementations.
        Parameters:
        issuer - the certificate issuer
        serial - the certificate serial number
        notBefore - the date before which the certificate is not valid
        notAfter - the date after which the certificate is not valid
        dateLocale - locale to be used for date interpretation.
        subject - the certificate subject
        publicKeyInfo - the info structure for the public key to be associated with this certificate.
      • X509v3CertificateBuilder

        public X509v3CertificateBuilder​(org.bouncycastle.asn1.x500.X500Name issuer,
                                        java.math.BigInteger serial,
                                        org.bouncycastle.asn1.x509.Time notBefore,
                                        org.bouncycastle.asn1.x509.Time notAfter,
                                        org.bouncycastle.asn1.x500.X500Name subject,
                                        org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
        Create a builder for a version 3 certificate.
        Parameters:
        issuer - the certificate issuer
        serial - the certificate serial number
        notBefore - the Time before which the certificate is not valid
        notAfter - the Time after which the certificate is not valid
        subject - the certificate subject
        publicKeyInfo - the info structure for the public key to be associated with this certificate.
    • Method Detail

      • setSubjectUniqueID

        public X509v3CertificateBuilder setSubjectUniqueID​(boolean[] uniqueID)
        Set the subjectUniqueID - note: it is very rare that it is correct to do this.
        Parameters:
        uniqueID - a boolean array representing the bits making up the subjectUniqueID.
        Returns:
        this builder object.
      • setIssuerUniqueID

        public X509v3CertificateBuilder setIssuerUniqueID​(boolean[] uniqueID)
        Set the issuerUniqueID - note: it is very rare that it is correct to do this.
        Parameters:
        uniqueID - a boolean array representing the bits making up the issuerUniqueID.
        Returns:
        this builder object.
      • addExtension

        public X509v3CertificateBuilder addExtension​(org.bouncycastle.asn1.ASN1ObjectIdentifier oid,
                                                     boolean isCritical,
                                                     org.bouncycastle.asn1.ASN1Encodable value)
                                              throws CertIOException
        Add a given extension field for the standard extensions tag (tag 3)
        Parameters:
        oid - the OID defining the extension type.
        isCritical - true if the extension is critical, false otherwise.
        value - the ASN.1 structure that forms the extension's value.
        Returns:
        this builder object.
        Throws:
        CertIOException
      • addExtension

        public X509v3CertificateBuilder addExtension​(org.bouncycastle.asn1.x509.Extension extension)
                                              throws CertIOException
        Add a given extension field for the standard extensions tag (tag 3).
        Parameters:
        extension - the full extension value.
        Returns:
        this builder object.
        Throws:
        CertIOException
      • addExtension

        public X509v3CertificateBuilder addExtension​(org.bouncycastle.asn1.ASN1ObjectIdentifier oid,
                                                     boolean isCritical,
                                                     byte[] encodedValue)
                                              throws CertIOException
        Add a given extension field for the standard extensions tag (tag 3) using a byte encoding of the extension value.
        Parameters:
        oid - the OID defining the extension type.
        isCritical - true if the extension is critical, false otherwise.
        encodedValue - a byte array representing the encoding of the extension value.
        Returns:
        this builder object.
        Throws:
        CertIOException
      • copyAndAddExtension

        public X509v3CertificateBuilder copyAndAddExtension​(org.bouncycastle.asn1.ASN1ObjectIdentifier oid,
                                                            boolean isCritical,
                                                            X509CertificateHolder certHolder)
        Add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.
        Parameters:
        oid - the OID defining the extension type.
        isCritical - true if the copied extension is to be marked as critical, false otherwise.
        certHolder - the holder for the certificate that the extension is to be copied from.
        Returns:
        this builder object.
      • build

        public X509CertificateHolder build​(ContentSigner signer)
        Generate an X.509 certificate, based on the current issuer and subject using the passed in signer.
        Parameters:
        signer - the content signer to be used to generate the signature validating the certificate.
        Returns:
        a holder containing the resulting signed certificate.