Examples of codec.x509.X509TBSCertificate

codec.x509.AlgorithmIdentifier

Implements a X.509v3 certificate TBS block according to the following ASN.1 data structure:

 TBSCertificate  ::=  SEQUENCE  { version         		[0]	EXPLICIT Version DEFAULT v1, serialNumber			CertificateSerialNumber, signature				AlgorithmIdentifier, issuer					Name, validity				Validity, subject					Name, subjectPublicKeyInfo	SubjectPublicKeyInfo, issuerUniqueID			[1]	IMPLICIT UniqueIdentifier OPTIONAL,  -- If present, version must be v2 or v3 subjectUniqueID			[2] IMPLICIT UniqueIdentifier OPTIONAL, -- If present, version must be v2 or v3 extensions      		[3] EXPLICIT Extensions OPTIONAL          -- If present, version must be v3 } UniqueIdentifier  ::=  BIT STRING Validity ::= SEQUENCE { notBefore      Time, notAfter       Time } Time ::= CHOICE { utcTime        UTCTime, generalTime    GeneralizedTime }

If you want to create a certificate, you should create a {@link X509TBSCertificate X509TBSCertificate}, fill it with useful data (certificate serial number, validity period, subject and issuer DN, subject public key) and the signature algorithm!

Note that you have to set the signature algorithm before encoding a X509TBSCertificate or putting it into a X509Certificate!

Certificate version will be set automatically to "V2" if issuerUniqueID or subjectUniqueID is set and to "V3" if any extension is added. Version defaults to "V1".

Example:

 ... tbd

@author Markus Tak

     *                The <code>SignerInfo</code> to add.
     * @throws NullPointerException
     *                 if the <code>info</code> is <code>null</code>.
     */
    public void addSignerInfo(SignerInfo info) {
  AlgorithmIdentifier idn;
  AlgorithmIdentifier idv;
  Iterator i;


  if (info == null) {
      throw new NullPointerException("Need a SignerInfo!");
  }

View Full Code Here

  seq.add(serial_);


  add(seq);


  /* Digest Algorithm Identifier */
  dAlg_ = new AlgorithmIdentifier();
  add(dAlg_);


  /* Authenticated Attributes */
  auth_ = new Attributes();
  add(new ASN1TaggedType(0, auth_, false, true));


  /* Digest Encryption Algorithm Identifier */
  cAlg_ = new AlgorithmIdentifier();
  add(cAlg_);


  /* Encrypted Digest */
  edig_ = new ASN1OctetString();
  add(edig_);

View Full Code Here

  seq.add(serial_);


  add(seq);


  /* Digest Algorithm Identifier */
  dAlg_ = new AlgorithmIdentifier();
  add(dAlg_);


  /* Authenticated Attributes */
  auth_ = new Attributes(registry);
  add(new ASN1TaggedType(0, auth_, false, true));


  /* Digest Encryption Algorithm Identifier */
  cAlg_ = new AlgorithmIdentifier();
  add(cAlg_);


  /* Encrypted Digest */
  edig_ = new ASN1OctetString();
  add(edig_);

View Full Code Here

  if (d == null || c == null) {
      throw new NoSuchAlgorithmException(
        "Cannot resolve signature algorithm!");
  }
  try {
      dAlg_ = new AlgorithmIdentifier(new ASN1ObjectIdentifier(d),
        new ASN1Null());
      cAlg_ = new AlgorithmIdentifier(new ASN1ObjectIdentifier(c),
        new ASN1Null());
  } catch (ASN1Exception e) {
      throw new InconsistentStateException(e);
  }
  /* Digest Algorithm Identifier */

View Full Code Here

  if (d == null || c == null) {
      throw new NoSuchAlgorithmException(
        "Cannot resolve signature algorithm!");
  }
  try {
      dAlg_ = new AlgorithmIdentifier(new ASN1ObjectIdentifier(d),
        new ASN1Null());
      cAlg_ = new AlgorithmIdentifier(new ASN1ObjectIdentifier(c),
        new ASN1Null());
  } catch (ASN1Exception e) {
      throw new InconsistentStateException(e);
  }
  /* Digest Algorithm Identifier */

View Full Code Here

  s = JCA.getOID(algorithm);
  if (s == null) {
      throw new NoSuchAlgorithmException(
        "Cannot resolve signature algorithm!");
  }
  dAlg_ = new AlgorithmIdentifier(s, params);
  cAlg_ = new AlgorithmIdentifier(s);


  /* Digest Algorithm Identifier */
  add(dAlg_);


  /* Authenticated Attributes */

View Full Code Here

  s = JCA.getOID(algorithm);
  if (s == null) {
      throw new NoSuchAlgorithmException(
        "Cannot resolve signature algorithm!");
  }
  dAlg_ = new AlgorithmIdentifier(s, params);
  cAlg_ = new AlgorithmIdentifier(s);


  /* Digest Algorithm Identifier */
  add(dAlg_);


  /* Authenticated Attributes */

View Full Code Here

      CertificateEncodingException {
  setOID(new ASN1ObjectIdentifier(EXTENSION_OID));
  setCritical(false);


  syntax_ = new ASN1Sequence(2);
  hashAlgorithm_ = new AlgorithmIdentifier();
  certificateHash_ = new ASN1OctetString();


  syntax_.add(hashAlgorithm_);
  syntax_.add(certificateHash_);

View Full Code Here

    public CertHashExtension(byte[] cert, String alg) throws ASN1Exception,
      GeneralSecurityException {
  if (cert == null) {
      throw new NullPointerException("cert");
  }
  AlgorithmIdentifier aid;
  MessageDigest dig;
  byte[] buf;


  aid = new AlgorithmIdentifier(alg);
  dig = MessageDigest.getInstance(alg);
  buf = dig.digest(cert);


  syntax_ = new ASN1Sequence(2);
  hashAlgorithm_ = aid;

View Full Code Here

  seq.add(issuer_);
  seq.add(serial_);
  add(seq);


  /* Key Encryption Algorithm Identifier */
  cAlg_ = new AlgorithmIdentifier();
  add(cAlg_);


  /* Encrypted Key */
  ekey_ = new ASN1OctetString();
  add(ekey_);

View Full Code Here

0 1 2 3

TOP

Related Classes of codec.x509.X509TBSCertificate

codec.asn1.ASN1BitString

codec.asn1.ASN1Boolean

codec.asn1.ASN1Choice

codec.asn1.ASN1Enumerated

codec.asn1.ASN1GeneralizedTime

codec.asn1.ASN1IA5String

codec.asn1.ASN1Integer

codec.asn1.ASN1Null

codec.asn1.ASN1ObjectIdentifier

codec.asn1.ASN1OctetString

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.