Example usage for java.security.cert X509Extension getNonCriticalExtensionOIDs

List of usage examples for java.security.cert X509Extension getNonCriticalExtensionOIDs

Introduction

In this page you can find the example usage for java.security.cert X509Extension getNonCriticalExtensionOIDs.

Prototype

public Set<String> getNonCriticalExtensionOIDs();

Source Link

Document

Gets a Set of the OID strings for the extension(s) marked NON-CRITICAL in the certificate/CRL managed by the object implementing this interface.

Usage

From source file:net.sf.keystore_explorer.crypto.x509.X509CertificateGenerator.java

private X509Certificate generateVersion3(X500Name subject, X500Name issuer, long validity, PublicKey publicKey,
        PrivateKey privateKey, SignatureType signatureType, BigInteger serialNumber, X509Extension extensions,
        Provider provider) throws CryptoException, CertIOException {
    Date notBefore = new Date(System.currentTimeMillis());
    Date notAfter = new Date(System.currentTimeMillis() + validity);

    JcaX509v3CertificateBuilder certBuilder = new JcaX509v3CertificateBuilder(issuer, serialNumber, notBefore,
            notAfter, subject, publicKey);

    if (extensions != null) {
        for (String oid : extensions.getCriticalExtensionOIDs()) {
            certBuilder.addExtension(new ASN1ObjectIdentifier(oid), true, getExtensionValue(extensions, oid));
        }//from ww  w  .  java  2  s. c om

        for (String oid : extensions.getNonCriticalExtensionOIDs()) {
            certBuilder.addExtension(new ASN1ObjectIdentifier(oid), false, getExtensionValue(extensions, oid));
        }
    }

    try {
        ContentSigner certSigner = null;

        if (provider == null) {
            certSigner = new JcaContentSignerBuilder(signatureType.jce()).build(privateKey);
        } else {
            certSigner = new JcaContentSignerBuilder(signatureType.jce()).setProvider(provider)
                    .build(privateKey);
        }

        return new JcaX509CertificateConverter().setProvider("BC")
                .getCertificate(certBuilder.build(certSigner));
    } catch (CertificateException ex) {
        throw new CryptoException(res.getString("CertificateGenFailed.exception.message"), ex);
    } catch (IllegalStateException ex) {
        throw new CryptoException(res.getString("CertificateGenFailed.exception.message"), ex);
    } catch (OperatorCreationException ex) {
        throw new CryptoException(res.getString("CertificateGenFailed.exception.message"), ex);
    }
}

From source file:org.kse.crypto.x509.X509CertificateGenerator.java

private X509Certificate generateVersion3(X500Name subject, X500Name issuer, Date validityStart,
        Date validityEnd, PublicKey publicKey, PrivateKey privateKey, SignatureType signatureType,
        BigInteger serialNumber, X509Extension extensions, Provider provider)
        throws CryptoException, CertIOException {
    Date notBefore = validityStart == null ? new Date() : validityStart;
    Date notAfter = validityEnd == null ? new Date(notBefore.getTime() + TimeUnit.DAYS.toMillis(365))
            : validityEnd;//from   ww w .j av a2s . c  om

    JcaX509v3CertificateBuilder certBuilder = new JcaX509v3CertificateBuilder(issuer, serialNumber, notBefore,
            notAfter, subject, publicKey);

    if (extensions != null) {
        for (String oid : extensions.getCriticalExtensionOIDs()) {
            certBuilder.addExtension(new ASN1ObjectIdentifier(oid), true, getExtensionValue(extensions, oid));
        }

        for (String oid : extensions.getNonCriticalExtensionOIDs()) {
            certBuilder.addExtension(new ASN1ObjectIdentifier(oid), false, getExtensionValue(extensions, oid));
        }
    }

    try {
        ContentSigner certSigner = null;

        if (provider == null) {
            certSigner = new JcaContentSignerBuilder(signatureType.jce()).build(privateKey);
        } else {
            certSigner = new JcaContentSignerBuilder(signatureType.jce()).setProvider(provider)
                    .build(privateKey);
        }

        return new JcaX509CertificateConverter().setProvider("BC")
                .getCertificate(certBuilder.build(certSigner));
    } catch (CertificateException ex) {
        throw new CryptoException(res.getString("CertificateGenFailed.exception.message"), ex);
    } catch (IllegalStateException ex) {
        throw new CryptoException(res.getString("CertificateGenFailed.exception.message"), ex);
    } catch (OperatorCreationException ex) {
        throw new CryptoException(res.getString("CertificateGenFailed.exception.message"), ex);
    }
}