Search in sources :

Example 1 with BasicConstraintsExtension

use of sun.security.x509.BasicConstraintsExtension in project OpenAttestation by OpenAttestation.

the class X509Builder method keyUsageCertificateAuthority.

public X509Builder keyUsageCertificateAuthority() {
    try {
        v3();
        // certificate authority basic constraint
        // true indicates this is a CA;  -1 means no restriction on path length;  0 or more to set a restriction on max number of certs under this one in the chain
        BasicConstraintsExtension constraintsExtension = new BasicConstraintsExtension(true, -1);
        // certificate signing extension
        if (keyUsageExtension == null) {
            keyUsageExtension = new KeyUsageExtension();
        }
        keyUsageExtension.set(KeyUsageExtension.KEY_CERTSIGN, true);
        // add both
        if (certificateExtensions == null) {
            certificateExtensions = new CertificateExtensions();
        }
        certificateExtensions.set(keyUsageExtension.getExtensionId().toString(), keyUsageExtension);
        certificateExtensions.set(constraintsExtension.getExtensionId().toString(), constraintsExtension);
        info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
    } catch (Exception e) {
        fault(e, "keyUsageCertificateAuthority");
    }
    return this;
}
Also used : BasicConstraintsExtension(sun.security.x509.BasicConstraintsExtension) CertificateExtensions(sun.security.x509.CertificateExtensions) KeyUsageExtension(sun.security.x509.KeyUsageExtension) ExtendedKeyUsageExtension(sun.security.x509.ExtendedKeyUsageExtension)

Aggregations

BasicConstraintsExtension (sun.security.x509.BasicConstraintsExtension)1 CertificateExtensions (sun.security.x509.CertificateExtensions)1 ExtendedKeyUsageExtension (sun.security.x509.ExtendedKeyUsageExtension)1 KeyUsageExtension (sun.security.x509.KeyUsageExtension)1