public class X509v3CertificateBuilder extends Object
Constructor and Description |
---|
X509v3CertificateBuilder(X500Name issuer,
BigInteger serial,
Date notBefore,
Date notAfter,
Locale dateLocale,
X500Name subject,
SubjectPublicKeyInfo publicKeyInfo)
Create a builder for a version 3 certificate.
|
X509v3CertificateBuilder(X500Name issuer,
BigInteger serial,
Date notBefore,
Date notAfter,
X500Name subject,
SubjectPublicKeyInfo publicKeyInfo)
Create a builder for a version 3 certificate.
|
X509v3CertificateBuilder(X500Name issuer,
BigInteger serial,
Time notBefore,
Time notAfter,
X500Name subject,
SubjectPublicKeyInfo publicKeyInfo)
Create a builder for a version 3 certificate.
|
X509v3CertificateBuilder(X509CertificateHolder template)
Create a builder for a version 3 certificate, initialised with another certificate.
|
Modifier and Type | Method and Description |
---|---|
X509v3CertificateBuilder |
addExtension(ASN1ObjectIdentifier oid,
boolean isCritical,
ASN1Encodable value)
Add a given extension field for the standard extensions tag (tag 3)
|
X509v3CertificateBuilder |
addExtension(ASN1ObjectIdentifier oid,
boolean isCritical,
byte[] encodedValue)
Add a given extension field for the standard extensions tag (tag 3) using a byte encoding of the
extension value.
|
X509v3CertificateBuilder |
addExtension(Extension extension)
Add a given extension field for the standard extensions tag (tag 3).
|
X509CertificateHolder |
build(ContentSigner signer)
Generate an X.509 certificate, based on the current issuer and subject
using the passed in signer.
|
X509v3CertificateBuilder |
copyAndAddExtension(ASN1ObjectIdentifier oid,
boolean isCritical,
X509CertificateHolder certHolder)
Add a given extension field for the standard extensions tag (tag 3)
copying the extension value from another certificate.
|
Extension |
getExtension(ASN1ObjectIdentifier oid)
Return the current value of the extension for OID.
|
boolean |
hasExtension(ASN1ObjectIdentifier oid)
Return if the extension indicated by OID is present.
|
X509v3CertificateBuilder |
removeExtension(ASN1ObjectIdentifier oid)
Remove the extension indicated by OID.
|
X509v3CertificateBuilder |
replaceExtension(ASN1ObjectIdentifier oid,
boolean isCritical,
ASN1Encodable value)
Replace the extension field for the passed in extension's extension ID
with a new version.
|
X509v3CertificateBuilder |
replaceExtension(ASN1ObjectIdentifier oid,
boolean isCritical,
byte[] encodedValue)
Replace a given extension field for the standard extensions tag (tag 3) with the passed in
byte encoded extension value.
|
X509v3CertificateBuilder |
replaceExtension(Extension extension)
Replace the extension field for the passed in extension's extension ID
with a new version.
|
X509v3CertificateBuilder |
setIssuerUniqueID(boolean[] uniqueID)
Set the issuerUniqueID - note: it is very rare that it is correct to do this.
|
X509v3CertificateBuilder |
setSubjectUniqueID(boolean[] uniqueID)
Set the subjectUniqueID - note: it is very rare that it is correct to do this.
|
public X509v3CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, SubjectPublicKeyInfo publicKeyInfo)
issuer
- the certificate issuerserial
- the certificate serial numbernotBefore
- the date before which the certificate is not validnotAfter
- the date after which the certificate is not validsubject
- the certificate subjectpublicKeyInfo
- the info structure for the public key to be associated with this certificate.public X509v3CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, Locale dateLocale, X500Name subject, SubjectPublicKeyInfo publicKeyInfo)
issuer
- the certificate issuerserial
- the certificate serial numbernotBefore
- the date before which the certificate is not validnotAfter
- the date after which the certificate is not validdateLocale
- locale to be used for date interpretation.subject
- the certificate subjectpublicKeyInfo
- the info structure for the public key to be associated with this certificate.public X509v3CertificateBuilder(X500Name issuer, BigInteger serial, Time notBefore, Time notAfter, X500Name subject, SubjectPublicKeyInfo publicKeyInfo)
issuer
- the certificate issuerserial
- the certificate serial numbernotBefore
- the Time before which the certificate is not validnotAfter
- the Time after which the certificate is not validsubject
- the certificate subjectpublicKeyInfo
- the info structure for the public key to be associated with this certificate.public X509v3CertificateBuilder(X509CertificateHolder template)
template
- template certificate to base the new one on.public boolean hasExtension(ASN1ObjectIdentifier oid)
oid
- the OID for the extension of interest.public Extension getExtension(ASN1ObjectIdentifier oid)
oid
- the OID for the extension we want to fetch.public X509v3CertificateBuilder setSubjectUniqueID(boolean[] uniqueID)
uniqueID
- a boolean array representing the bits making up the subjectUniqueID.public X509v3CertificateBuilder setIssuerUniqueID(boolean[] uniqueID)
uniqueID
- a boolean array representing the bits making up the issuerUniqueID.public X509v3CertificateBuilder addExtension(ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value) throws CertIOException
oid
- the OID defining the extension type.isCritical
- true if the extension is critical, false otherwise.value
- the ASN.1 structure that forms the extension's value.CertIOException
- if there is an issue with the new extension value.IllegalArgumentException
- if the OID oid has already been used.public X509v3CertificateBuilder addExtension(Extension extension) throws CertIOException
extension
- the full extension value.CertIOException
- if there is an issue with the new extension value.IllegalArgumentException
- if the OID oid has already been used.public X509v3CertificateBuilder addExtension(ASN1ObjectIdentifier oid, boolean isCritical, byte[] encodedValue) throws CertIOException
oid
- the OID defining the extension type.isCritical
- true if the extension is critical, false otherwise.encodedValue
- a byte array representing the encoding of the extension value.CertIOException
- if there is an issue with the new extension value.IllegalArgumentException
- if the OID oid has already been allocated.public X509v3CertificateBuilder replaceExtension(ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value) throws CertIOException
oid
- the OID defining the extension type.isCritical
- true if the extension is critical, false otherwise.value
- the ASN.1 structure that forms the extension's value.CertIOException
- if there is an issue with the new extension value.IllegalArgumentException
- if the extension to be replaced is not present.public X509v3CertificateBuilder replaceExtension(Extension extension) throws CertIOException
extension
- the full extension value.CertIOException
- if there is an issue with the new extension value.IllegalArgumentException
- if the extension to be replaced is not present.public X509v3CertificateBuilder replaceExtension(ASN1ObjectIdentifier oid, boolean isCritical, byte[] encodedValue) throws CertIOException
oid
- the OID defining the extension type.isCritical
- true if the extension is critical, false otherwise.encodedValue
- a byte array representing the encoding of the extension value.CertIOException
- if there is an issue with the new extension value.IllegalArgumentException
- if the extension to be replaced is not present.public X509v3CertificateBuilder removeExtension(ASN1ObjectIdentifier oid)
oid
- the OID of the extension to be removed.IllegalArgumentException
- if the extension to be removed is not present.public X509v3CertificateBuilder copyAndAddExtension(ASN1ObjectIdentifier oid, boolean isCritical, X509CertificateHolder certHolder)
oid
- the OID defining the extension type.isCritical
- true if the copied extension is to be marked as critical, false otherwise.certHolder
- the holder for the certificate that the extension is to be copied from.public X509CertificateHolder build(ContentSigner signer)
signer
- the content signer to be used to generate the signature validating the certificate.Copyright © 2021 BouncyCastle.org. All rights reserved.