List of usage examples for org.bouncycastle.asn1.x509 V1TBSCertificateGenerator setSignature
public void setSignature(AlgorithmIdentifier signature)
From source file:com.vmware.identity.rest.core.test.util.CertificateGenerator.java
License:Open Source License
/** * Generate a self-signed X.509 certificate * * @param pair the key pair to use when signing the certificate * @param algorithm the signing algorithm to use * @param dn the X.509 distinguished name for the certificate * @return a self-signed X.509 certificate * @throws NoSuchAlgorithmException/* ww w . j a v a2 s . c o m*/ * @throws NoSuchProviderException * @throws InvalidKeyException * @throws SignatureException * @throws IOException * @throws CertificateException */ public static X509Certificate generateSelfSignedCertificate(KeyPair pair, AlgorithmName algorithm, String dn) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException, IOException, CertificateException { if (Security.getProvider("BC") == null) { Security.addProvider(new BouncyCastleProvider()); } AtomicLong serialNumber = new AtomicLong(System.currentTimeMillis()); X500Name owner = new X500Name(dn); V1TBSCertificateGenerator generator = new V1TBSCertificateGenerator(); long time = System.currentTimeMillis(); generator.setSerialNumber(new ASN1Integer(serialNumber.getAndIncrement())); generator.setIssuer(owner); generator.setSubject(owner); generator.setStartDate(new Time(new Date(time - 5000))); generator.setEndDate(new Time(new Date(time + 30 * 60 * 1000))); generator.setSignature(ALGORITHM_IDS.get(algorithm)); generator.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded())); Signature sig = Signature.getInstance(algorithm.toString(), "BC"); sig.initSign(pair.getPrivate()); sig.update(generator.generateTBSCertificate().getEncoded(ASN1Encoding.DER)); TBSCertificate tbsCert = generator.generateTBSCertificate(); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(tbsCert); v.add(ALGORITHM_IDS.get(algorithm)); v.add(new DERBitString(sig.sign())); return (X509Certificate) CertificateFactory.getInstance("X.509", "BC") .generateCertificate(new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER))); }