Bouncy Castle Cryptography Library 1.37

org.bouncycastle.x509
Class X509V3CertificateGenerator

java.lang.Object
  extended by org.bouncycastle.x509.X509V3CertificateGenerator

public class X509V3CertificateGenerator
extends java.lang.Object

class to produce an X.509 Version 3 certificate.


Constructor Summary
X509V3CertificateGenerator()
           
 
Method Summary
 void addExtension(DERObjectIdentifier oid, boolean critical, byte[] value)
          add a given extension field for the standard extensions tag (tag 3)
 void addExtension(DERObjectIdentifier oid, boolean critical, DEREncodable value)
          add a given extension field for the standard extensions tag (tag 3)
 void addExtension(java.lang.String oid, boolean critical, byte[] value)
          add a given extension field for the standard extensions tag (tag 3) The value parameter becomes the contents of the octet string associated with the extension.
 void addExtension(java.lang.String oid, boolean critical, DEREncodable value)
          add a given extension field for the standard extensions tag (tag 3)
 void copyAndAddExtension(DERObjectIdentifier oid, boolean critical, java.security.cert.X509Certificate cert)
          add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.
 void copyAndAddExtension(java.lang.String oid, boolean critical, java.security.cert.X509Certificate cert)
          add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.
 java.security.cert.X509Certificate generate(java.security.PrivateKey key)
          generate an X509 certificate, based on the current issuer and subject using the default provider.
 java.security.cert.X509Certificate generate(java.security.PrivateKey key, java.security.SecureRandom random)
          generate an X509 certificate, based on the current issuer and subject using the default provider, and the passed in source of randomness (if required).
 java.security.cert.X509Certificate generate(java.security.PrivateKey key, java.lang.String provider)
          generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing.
 java.security.cert.X509Certificate generate(java.security.PrivateKey key, java.lang.String provider, java.security.SecureRandom random)
          generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing and the supplied source of randomness, if required.
 java.security.cert.X509Certificate generateX509Certificate(java.security.PrivateKey key)
          Deprecated. use generate(key, "BC")
 java.security.cert.X509Certificate generateX509Certificate(java.security.PrivateKey key, java.security.SecureRandom random)
          Deprecated. use generate(key, random, "BC")
 java.security.cert.X509Certificate generateX509Certificate(java.security.PrivateKey key, java.lang.String provider)
          Deprecated. use generate()
 java.security.cert.X509Certificate generateX509Certificate(java.security.PrivateKey key, java.lang.String provider, java.security.SecureRandom random)
          Deprecated. use generate()
 java.util.Iterator getSignatureAlgNames()
          Return an iterator of the signature names supported by the generator.
 void reset()
          reset the generator
 void setIssuerDN(javax.security.auth.x500.X500Principal issuer)
          Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.
 void setIssuerDN(X509Name issuer)
          Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.
 void setNotAfter(java.util.Date date)
           
 void setNotBefore(java.util.Date date)
           
 void setPublicKey(java.security.PublicKey key)
           
 void setSerialNumber(java.math.BigInteger serialNumber)
          set the serial number for the certificate.
 void setSignatureAlgorithm(java.lang.String signatureAlgorithm)
          Set the signature algorithm.
 void setSubjectDN(javax.security.auth.x500.X500Principal subject)
          Set the subject distinguished name.
 void setSubjectDN(X509Name subject)
          Set the subject distinguished name.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

X509V3CertificateGenerator

public X509V3CertificateGenerator()
Method Detail

reset

public void reset()
reset the generator


setSerialNumber

public void setSerialNumber(java.math.BigInteger serialNumber)
set the serial number for the certificate.


setIssuerDN

public void setIssuerDN(javax.security.auth.x500.X500Principal issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.


setIssuerDN

public void setIssuerDN(X509Name issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.


setNotBefore

public void setNotBefore(java.util.Date date)

setNotAfter

public void setNotAfter(java.util.Date date)

setSubjectDN

public void setSubjectDN(javax.security.auth.x500.X500Principal subject)
Set the subject distinguished name. The subject describes the entity associated with the public key.


setSubjectDN

public void setSubjectDN(X509Name subject)
Set the subject distinguished name. The subject describes the entity associated with the public key.


setPublicKey

public void setPublicKey(java.security.PublicKey key)
                  throws java.lang.IllegalArgumentException
Throws:
java.lang.IllegalArgumentException

setSignatureAlgorithm

public void setSignatureAlgorithm(java.lang.String signatureAlgorithm)
Set the signature algorithm. This can be either a name or an OID, names are treated as case insensitive.

Parameters:
signatureAlgorithm - string representation of the algorithm name.

addExtension

public void addExtension(java.lang.String oid,
                         boolean critical,
                         DEREncodable value)
add a given extension field for the standard extensions tag (tag 3)


addExtension

public void addExtension(DERObjectIdentifier oid,
                         boolean critical,
                         DEREncodable value)
add a given extension field for the standard extensions tag (tag 3)


addExtension

public void addExtension(java.lang.String oid,
                         boolean critical,
                         byte[] value)
add a given extension field for the standard extensions tag (tag 3) The value parameter becomes the contents of the octet string associated with the extension.


addExtension

public void addExtension(DERObjectIdentifier oid,
                         boolean critical,
                         byte[] value)
add a given extension field for the standard extensions tag (tag 3)


copyAndAddExtension

public void copyAndAddExtension(java.lang.String oid,
                                boolean critical,
                                java.security.cert.X509Certificate cert)
                         throws java.security.cert.CertificateParsingException
add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.

Throws:
java.security.cert.CertificateParsingException - if the extension cannot be extracted.

copyAndAddExtension

public void copyAndAddExtension(DERObjectIdentifier oid,
                                boolean critical,
                                java.security.cert.X509Certificate cert)
                         throws java.security.cert.CertificateParsingException
add a given extension field for the standard extensions tag (tag 3) copying the extension value from another certificate.

Throws:
java.security.cert.CertificateParsingException - if the extension cannot be extracted.

generateX509Certificate

public java.security.cert.X509Certificate generateX509Certificate(java.security.PrivateKey key)
                                                           throws java.lang.SecurityException,
                                                                  java.security.SignatureException,
                                                                  java.security.InvalidKeyException
Deprecated. use generate(key, "BC")

generate an X509 certificate, based on the current issuer and subject using the default provider "BC".

Throws:
java.lang.SecurityException
java.security.SignatureException
java.security.InvalidKeyException

generateX509Certificate

public java.security.cert.X509Certificate generateX509Certificate(java.security.PrivateKey key,
                                                                  java.security.SecureRandom random)
                                                           throws java.lang.SecurityException,
                                                                  java.security.SignatureException,
                                                                  java.security.InvalidKeyException
Deprecated. use generate(key, random, "BC")

generate an X509 certificate, based on the current issuer and subject using the default provider "BC", and the passed in source of randomness (if required).

Throws:
java.lang.SecurityException
java.security.SignatureException
java.security.InvalidKeyException

generateX509Certificate

public java.security.cert.X509Certificate generateX509Certificate(java.security.PrivateKey key,
                                                                  java.lang.String provider)
                                                           throws java.security.NoSuchProviderException,
                                                                  java.lang.SecurityException,
                                                                  java.security.SignatureException,
                                                                  java.security.InvalidKeyException
Deprecated. use generate()

generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing.

Throws:
java.security.NoSuchProviderException
java.lang.SecurityException
java.security.SignatureException
java.security.InvalidKeyException

generateX509Certificate

public java.security.cert.X509Certificate generateX509Certificate(java.security.PrivateKey key,
                                                                  java.lang.String provider,
                                                                  java.security.SecureRandom random)
                                                           throws java.security.NoSuchProviderException,
                                                                  java.lang.SecurityException,
                                                                  java.security.SignatureException,
                                                                  java.security.InvalidKeyException
Deprecated. use generate()

generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing and the supplied source of randomness, if required.

Throws:
java.security.NoSuchProviderException
java.lang.SecurityException
java.security.SignatureException
java.security.InvalidKeyException

generate

public java.security.cert.X509Certificate generate(java.security.PrivateKey key)
                                            throws java.security.cert.CertificateEncodingException,
                                                   java.lang.IllegalStateException,
                                                   java.security.NoSuchAlgorithmException,
                                                   java.security.SignatureException,
                                                   java.security.InvalidKeyException
generate an X509 certificate, based on the current issuer and subject using the default provider.

Note: this differs from the deprecated method in that the default provider is used - not "BC".

Throws:
java.security.cert.CertificateEncodingException
java.lang.IllegalStateException
java.security.NoSuchAlgorithmException
java.security.SignatureException
java.security.InvalidKeyException

generate

public java.security.cert.X509Certificate generate(java.security.PrivateKey key,
                                                   java.security.SecureRandom random)
                                            throws java.security.cert.CertificateEncodingException,
                                                   java.lang.IllegalStateException,
                                                   java.security.NoSuchAlgorithmException,
                                                   java.security.SignatureException,
                                                   java.security.InvalidKeyException
generate an X509 certificate, based on the current issuer and subject using the default provider, and the passed in source of randomness (if required).

Note: this differs from the deprecated method in that the default provider is used - not "BC".

Throws:
java.security.cert.CertificateEncodingException
java.lang.IllegalStateException
java.security.NoSuchAlgorithmException
java.security.SignatureException
java.security.InvalidKeyException

generate

public java.security.cert.X509Certificate generate(java.security.PrivateKey key,
                                                   java.lang.String provider)
                                            throws java.security.cert.CertificateEncodingException,
                                                   java.lang.IllegalStateException,
                                                   java.security.NoSuchProviderException,
                                                   java.security.NoSuchAlgorithmException,
                                                   java.security.SignatureException,
                                                   java.security.InvalidKeyException
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing.

Throws:
java.security.cert.CertificateEncodingException
java.lang.IllegalStateException
java.security.NoSuchProviderException
java.security.NoSuchAlgorithmException
java.security.SignatureException
java.security.InvalidKeyException

generate

public java.security.cert.X509Certificate generate(java.security.PrivateKey key,
                                                   java.lang.String provider,
                                                   java.security.SecureRandom random)
                                            throws java.security.cert.CertificateEncodingException,
                                                   java.lang.IllegalStateException,
                                                   java.security.NoSuchProviderException,
                                                   java.security.NoSuchAlgorithmException,
                                                   java.security.SignatureException,
                                                   java.security.InvalidKeyException
generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing and the supplied source of randomness, if required.

Throws:
java.security.cert.CertificateEncodingException
java.lang.IllegalStateException
java.security.NoSuchProviderException
java.security.NoSuchAlgorithmException
java.security.SignatureException
java.security.InvalidKeyException

getSignatureAlgNames

public java.util.Iterator getSignatureAlgNames()
Return an iterator of the signature names supported by the generator.

Returns:
an iterator containing recognised names.

Bouncy Castle Cryptography Library 1.37