Example usage for org.bouncycastle.asn1.x509 X509Extensions AuthorityKeyIdentifier

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.x509 X509Extensions AuthorityKeyIdentifier.

Prototype

ASN1ObjectIdentifier AuthorityKeyIdentifier

To view the source code for org.bouncycastle.asn1.x509 X509Extensions AuthorityKeyIdentifier.

Click Source Link

Document

Authority Key Identifier

Usage

From source file:utils.Utils.java

License:Apache License

/**
 * Generate a sample V3 certificate to use as an end entity certificate
 *//* w  ww  .  j  a v  a  2s .  c  o  m*/
public static X509Certificate generateEndEntityCert(PublicKey entityKey, PrivateKey caKey,
        X509Certificate caCert, Config config) throws Exception {
    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

    certGen.setSerialNumber(BigInteger.valueOf(1));
    certGen.setIssuerDN(new X509Name(caCert.getSubjectX500Principal().getName()));
    certGen.setNotBefore(new Date(System.currentTimeMillis()));
    certGen.setNotAfter(new Date(System.currentTimeMillis() + VALIDITY_PERIOD));
    certGen.setSubjectDN(new X509Name(new X500Principal("CN=Test End Certificate").getName()));
    certGen.setPublicKey(entityKey);
    if (config.getHash() == 0)
        certGen.setSignatureAlgorithm("SHA1WithRSAEncryption");
    else
        certGen.setSignatureAlgorithm("MD5WithRSAEncryption");

    certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
            new AuthorityKeyIdentifierStructure(caCert));
    certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
            new SubjectKeyIdentifierStructure(entityKey));
    certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
    certGen.addExtension(X509Extensions.KeyUsage, true,
            new org.bouncycastle.asn1.x509.KeyUsage(org.bouncycastle.asn1.x509.KeyUsage.digitalSignature
                    | org.bouncycastle.asn1.x509.KeyUsage.keyEncipherment));

    return certGen.generate(caKey, "BC");
}