Example 51 with GeneralNames
use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project athenz by yahoo.
the class Crypto method generateX509CSR.
public static String generateX509CSR(PrivateKey privateKey, PublicKey publicKey, String x500Principal, GeneralName[] sanArray) throws OperatorCreationException, IOException {
// Create Distinguished Name
X500Principal subject = new X500Principal(x500Principal);
// Create ContentSigner
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(Crypto.RSA_SHA256);
ContentSigner signer = csBuilder.build(privateKey);
// Create the CSR
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(subject, publicKey);
if (sanArray != null) {
ExtensionsGenerator extGen = new ExtensionsGenerator();
GeneralNames subjectAltNames = new GeneralNames(sanArray);
extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltNames);
p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
}
PKCS10CertificationRequest csr = p10Builder.build(signer);
// write to openssl PEM format
PemObject pemObject = new PemObject("CERTIFICATE REQUEST", csr.getEncoded());
StringWriter strWriter;
try (JcaPEMWriter pemWriter = new JcaPEMWriter(strWriter = new StringWriter())) {
pemWriter.writeObject(pemObject);
}
return strWriter.toString();
}
Also used :
PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest)
JcaPKCS10CertificationRequest(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest)
PemObject(org.bouncycastle.util.io.pem.PemObject)
JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
StringWriter(java.io.StringWriter)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
ContentSigner(org.bouncycastle.operator.ContentSigner)
X500Principal(javax.security.auth.x500.X500Principal)
JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder)
JcaPEMWriter(org.bouncycastle.openssl.jcajce.JcaPEMWriter)
ExtensionsGenerator(org.bouncycastle.asn1.x509.ExtensionsGenerator)
Aggregations
GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)34
GeneralName (org.bouncycastle.asn1.x509.GeneralName)28
IOException (java.io.IOException)16
X509Certificate (java.security.cert.X509Certificate)16
ArrayList (java.util.ArrayList)15
Date (java.util.Date)10
List (java.util.List)10
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)10
GeneralNames (sun.security.x509.GeneralNames)10
X500Name (org.bouncycastle.asn1.x500.X500Name)9
X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)9
JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)9
BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)8
DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)8
GeneralSecurityException (java.security.GeneralSecurityException)7
SecureRandom (java.security.SecureRandom)7
X509CertSelector (java.security.cert.X509CertSelector)7
X500Principal (javax.security.auth.x500.X500Principal)7
DERIA5String (org.bouncycastle.asn1.DERIA5String)7
CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)7
