Example usage for org.bouncycastle.cert X509v2AttributeCertificateBuilder addExtension

List of usage examples for org.bouncycastle.cert X509v2AttributeCertificateBuilder addExtension

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.cert.*
  5. X509v2AttributeCertificateBuilder
  6. addExtension

Introduction

In this page you can find the example usage for org.bouncycastle.cert X509v2AttributeCertificateBuilder addExtension.

Prototype

public X509v2AttributeCertificateBuilder addExtension(ASN1ObjectIdentifier oid, boolean isCritical,
        byte[] encodedValue) throws CertIOException

Source Link

Document

Add a given extension field for the standard extensions using a byte encoding of the extension value.

Usage

From source file:org.italiangrid.voms.asn1.VOMSACGenerator.java

License:Apache License

public X509AttributeCertificateHolder generateVOMSAttributeCertificate(
        EnumSet<ACGenerationProperties> generationProperties, List<String> fqans,
        List<VOMSGenericAttribute> gas, List<String> targets, X509Certificate holderCert,
        BigInteger serialNumber, Date notBefore, Date notAfter, String voName, String host, int port) {

    AttributeCertificateHolder holder = null;
    AttributeCertificateIssuer issuer = null;

    try {/*  w  w w. j  av  a  2s. co m*/

        holder = buildHolder(holderCert);
        issuer = buildIssuer();

    } catch (CertificateEncodingException e) {
        throw new VOMSError(e.getMessage(), e);
    }

    X509v2AttributeCertificateBuilder builder = new X509v2AttributeCertificateBuilder(holder, issuer,
            serialNumber, notBefore, notAfter);

    GeneralName policyAuthorityInfo = buildPolicyAuthorityInfo(voName, host, port);

    builder.addAttribute(VOMS_FQANS_OID, buildFQANsAttributeContent(fqans, policyAuthorityInfo));

    if (gas != null && !gas.isEmpty())
        builder.addExtension(VOMS_GENERIC_ATTRS_OID, false,
                buildGAExtensionContent(generationProperties, gas, policyAuthorityInfo));

    if (targets != null && !targets.isEmpty())
        builder.addExtension(X509Extension.targetInformation, true,
                buildTargetsExtensionContent(generationProperties, targets));

    if (!generationProperties.contains(ACGenerationProperties.SKIP_AC_CERTS_EXTENSION))
        builder.addExtension(VOMS_CERTS_OID, false, buildACCertsExtensionContent(generationProperties));

    if (generationProperties.contains(ACGenerationProperties.INCLUDE_FAKE_CRITICAL_EXTENSION))
        builder.addExtension(FAKE_EXT_OID, true, new DERSequence());

    boolean noRevAvailIsCritical = false;
    boolean akidIsCritical = false;

    if (generationProperties.contains(ACGenerationProperties.INCLUDE_CRITICAL_NO_REV_AVAIL_EXTENSION))
        noRevAvailIsCritical = true;

    if (generationProperties.contains(ACGenerationProperties.INCLUDE_CRITICAL_AKID_EXTENSION))
        akidIsCritical = true;

    builder.addExtension(X509Extension.noRevAvail, noRevAvailIsCritical, new DERNull());

    AuthorityKeyIdentifier akid = buildAuthorityKeyIdentifier();

    builder.addExtension(X509Extension.authorityKeyIdentifier, akidIsCritical,
            akid != null ? akid : new DERNull());

    return builder.build(getSigner(generationProperties));

}