Example usage for org.bouncycastle.cert X509v3CertificateBuilder addExtension

List of usage examples for org.bouncycastle.cert X509v3CertificateBuilder addExtension

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.cert.*
  5. X509v3CertificateBuilder
  6. addExtension

Introduction

In this page you can find the example usage for org.bouncycastle.cert X509v3CertificateBuilder addExtension.

Prototype

public X509v3CertificateBuilder addExtension(Extension extension) throws CertIOException

Source Link

Document

Add a given extension field for the standard extensions tag (tag 3).

Usage

From source file:org.apache.ace.authentication.processor.clientcert.MemoryKeyStore.java

License:Apache License

private X509Certificate generateRootCertificate(String commonName, Date notBefore, Date notAfter)
        throws Exception {
    X500Name issuer = new X500Name(commonName);
    BigInteger serial = BigInteger.probablePrime(16, new Random());

    SubjectPublicKeyInfo pubKeyInfo = convertToSubjectPublicKeyInfo(m_caKey.getPublic());

    X509v3CertificateBuilder builder = new X509v3CertificateBuilder(issuer, serial, notBefore, notAfter, issuer,
            pubKeyInfo);//from ww w  . j a  v a  2  s.  co m
    builder.addExtension(
            new Extension(Extension.basicConstraints, true, new DEROctetString(new BasicConstraints(true))));

    X509CertificateHolder certHolder = builder
            .build(new JcaContentSignerBuilder(SIGNATURE_ALGORITHM).build(m_caKey.getPrivate()));
    return new JcaX509CertificateConverter().getCertificate(certHolder);
}

From source file:org.apache.felix.deploymentadmin.itest.util.CertificateUtil.java

License:Apache License

private static X509Certificate createSelfSignedCert(String commonName, KeyPair keypair) throws Exception {
    PublicKey publicKey = keypair.getPublic();
    String keyAlg = DPSigner.getSignatureAlgorithm(publicKey);

    X500Name issuer = new X500Name(commonName);
    BigInteger serial = BigInteger.probablePrime(16, new Random());
    Date notBefore = new Date(System.currentTimeMillis() - 1000);
    Date notAfter = new Date(notBefore.getTime() + 6000);

    SubjectPublicKeyInfo pubKeyInfo;/*from w  ww.j  av  a2 s  . co m*/
    try (ASN1InputStream is = new ASN1InputStream(publicKey.getEncoded())) {
        pubKeyInfo = SubjectPublicKeyInfo.getInstance(is.readObject());
    }

    X509v3CertificateBuilder builder = new X509v3CertificateBuilder(issuer, serial, notBefore, notAfter, issuer,
            pubKeyInfo);
    builder.addExtension(
            new Extension(Extension.basicConstraints, true, new DEROctetString(new BasicConstraints(false))));

    X509CertificateHolder certHolder = builder
            .build(new JcaContentSignerBuilder(keyAlg).build(keypair.getPrivate()));
    return new JcaX509CertificateConverter().getCertificate(certHolder);
}