List of usage examples for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers pkcs_9_at_extensionRequest
ASN1ObjectIdentifier pkcs_9_at_extensionRequest
To view the source code for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers pkcs_9_at_extensionRequest.
Click Source Link
From source file:org.xipki.pki.ca.server.impl.X509SelfSignedCertBuilder.java
License:Open Source License
private static X509Certificate generateCertificate(final ConcurrentContentSigner signer, final IdentifiedX509Certprofile certprofile, final CertificationRequest csr, final BigInteger serialNumber, final SubjectPublicKeyInfo publicKeyInfo, final List<String> cacertUris, final List<String> ocspUris, final List<String> crlUris, final List<String> deltaCrlUris) throws OperationException { SubjectPublicKeyInfo tmpPublicKeyInfo; try {/*from w w w . ja v a 2 s . c o m*/ tmpPublicKeyInfo = X509Util.toRfc3279Style(publicKeyInfo); } catch (InvalidKeySpecException ex) { LOG.warn("SecurityUtil.toRfc3279Style", ex); throw new OperationException(ErrorCode.BAD_CERT_TEMPLATE, ex); } try { certprofile.checkPublicKey(tmpPublicKeyInfo); } catch (BadCertTemplateException ex) { LOG.warn("certprofile.checkPublicKey", ex); throw new OperationException(ErrorCode.BAD_CERT_TEMPLATE, ex); } X500Name requestedSubject = csr.getCertificationRequestInfo().getSubject(); SubjectInfo subjectInfo; // subject try { subjectInfo = certprofile.getSubject(requestedSubject); } catch (CertprofileException ex) { throw new OperationException(ErrorCode.SYSTEM_FAILURE, "exception in cert profile " + certprofile.getName()); } catch (BadCertTemplateException ex) { LOG.warn("certprofile.getSubject", ex); throw new OperationException(ErrorCode.BAD_CERT_TEMPLATE, ex); } Date notBefore = certprofile.getNotBefore(null); if (notBefore == null) { notBefore = new Date(); } CertValidity validity = certprofile.getValidity(); if (validity == null) { throw new OperationException(ErrorCode.BAD_CERT_TEMPLATE, "no validity specified in the profile " + certprofile.getName()); } Date notAfter = validity.add(notBefore); X500Name grantedSubject = subjectInfo.getGrantedSubject(); X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder(grantedSubject, serialNumber, notBefore, notAfter, grantedSubject, tmpPublicKeyInfo); PublicCaInfo publicCaInfo = new PublicCaInfo(grantedSubject, serialNumber, null, null, cacertUris, ocspUris, crlUris, deltaCrlUris); Extensions extensions = null; ASN1Set attrs = csr.getCertificationRequestInfo().getAttributes(); for (int i = 0; i < attrs.size(); i++) { Attribute attr = Attribute.getInstance(attrs.getObjectAt(i)); if (PKCSObjectIdentifiers.pkcs_9_at_extensionRequest.equals(attr.getAttrType())) { extensions = Extensions.getInstance(attr.getAttributeValues()[0]); } } try { addExtensions(certBuilder, certprofile, requestedSubject, grantedSubject, extensions, tmpPublicKeyInfo, publicCaInfo, notBefore, notAfter); Certificate bcCert = signer.build(certBuilder).toASN1Structure(); return X509Util.parseCert(bcCert.getEncoded()); } catch (BadCertTemplateException ex) { throw new OperationException(ErrorCode.BAD_CERT_TEMPLATE, ex); } catch (NoIdleSignerException | CertificateException | IOException | CertprofileException | NoSuchAlgorithmException ex) { throw new OperationException(ErrorCode.SYSTEM_FAILURE, ex); } }
From source file:org.xipki.pki.scep.util.ScepUtil.java
License:Open Source License
public static PKCS10CertificationRequest generateRequest(final PrivateKey privatekey, final SubjectPublicKeyInfo subjectPublicKeyInfo, final X500Name subjectDn, final String challengePassword, final List<Extension> extensions) throws OperatorCreationException { ParamUtil.requireNonNull("privatekey", privatekey); ParamUtil.requireNonNull("subjectPublicKeyInfo", subjectPublicKeyInfo); ParamUtil.requireNonNull("subjectDn", subjectDn); Map<ASN1ObjectIdentifier, ASN1Encodable> attributes = new HashMap<ASN1ObjectIdentifier, ASN1Encodable>(); if (challengePassword != null && !challengePassword.isEmpty()) { DERPrintableString asn1Pwd = new DERPrintableString(challengePassword); attributes.put(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, asn1Pwd); }/*from www. j ava2 s . c om*/ if (extensions != null && !extensions.isEmpty()) { Extensions asn1Extensions = new Extensions(extensions.toArray(new Extension[0])); attributes.put(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, asn1Extensions); } return generateRequest(privatekey, subjectPublicKeyInfo, subjectDn, attributes); }
From source file:org.xipki.security.P10RequestGenerator.java
License:Open Source License
public PKCS10CertificationRequest generateRequest(final ContentSigner contentSigner, final SubjectPublicKeyInfo subjectPublicKeyInfo, final X500Name subjectDN, final List<Extension> extensions) { PKCS10CertificationRequestBuilder p10ReqBuilder = new PKCS10CertificationRequestBuilder(subjectDN, subjectPublicKeyInfo);/* w w w.ja v a2s. c om*/ if (CollectionUtil.isNotEmpty(extensions)) { Extensions _extensions = new Extensions(extensions.toArray(new Extension[0])); p10ReqBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, _extensions); } return p10ReqBuilder.build(contentSigner); }