Package org.apache.geronimo.util.asn1.x509

Examples of org.apache.geronimo.util.asn1.x509.BasicConstraints


        v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30)));
        v3CertGen.setSubjectDN(new X509Principal(subject));
        v3CertGen.setPublicKey(pubKey);
        v3CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption");
        v3CertGen.addExtension(X509Extensions.CertificatePolicies, true, new DERSequence(policies));
        v3CertGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(true));
        v3CertGen.addExtension(X509Extensions.PolicyMappings, true, new PolicyMappings(policyMap));
        X509Certificate cert = v3CertGen.generateX509Certificate(caPrivKey);
        return cert;
    }
View Full Code Here


        certGen.setPublicKey(intKey);
        certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
   
        certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
        certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(intKey));
        certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0));
        certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));

        return certGen.generateX509Certificate(caKey, "BC");
    }
View Full Code Here

        certGen.setPublicKey(entityKey);
        certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
       
        certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
        certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(entityKey));
        certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
        certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment));

        return certGen.generateX509Certificate(caKey, "BC");
    }
View Full Code Here

        certgen.setSubjectDN(CertTools.stringToBcX509Name(dn));
        certgen.setIssuerDN(CertTools.stringToBcX509Name(dn));
        certgen.setPublicKey(publicKey);

        // Basic constranits is always critical and MUST be present at-least in CA-certificates.
        BasicConstraints bc = new BasicConstraints(isCA);
        certgen.addExtension(X509Extensions.BasicConstraints.getId(), true, bc);

        // Put critical KeyUsage in CA-certificates
        if (isCA) {
            X509KeyUsage ku = new X509KeyUsage(keyusage);
View Full Code Here

  }
 
  @Override
  public DEREncodable getValue(final UserDataVO subject, final CA ca, final CertificateProfile certProfile, final PublicKey userPublicKey, final PublicKey caPublicKey ) throws CertificateExtentionConfigurationException, CertificateExtensionException {
    // Default value, end entity
    BasicConstraints bc = new BasicConstraints(false);
        if ((certProfile.getType() == CertificateProfile.TYPE_SUBCA)
            || (certProfile.getType() == CertificateProfile.TYPE_ROOTCA)){             
          if(certProfile.getUsePathLengthConstraint()){
            bc = new BasicConstraints(certProfile.getPathLengthConstraint());
          }else{
            bc =  new BasicConstraints(true);
          }             
        }
    return bc;
 
View Full Code Here

            new AuthorityKeyIdentifierStructure(caCert));

        v3CertGen.addExtension(
            X509Extensions.BasicConstraints,
            true,
            new BasicConstraints(0));

        X509Certificate cert = v3CertGen.generateX509Certificate(caPrivKey);

        cert.checkValidity(new Date());
View Full Code Here

    BigInteger serialNumber = BigInteger.valueOf((startDate.getTimeInMillis()));
    X500Name issuer = new X500Name(IETFUtils.rDNsFromString(issuerDirString, RFC4519Style.INSTANCE));
    JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(issuer, serialNumber, startDate.getTime(), endDate.getTime(), issuer, kp.getPublic());
    JcaX509ExtensionUtils extensionUtils = new JcaX509ExtensionUtils();
    certGen.addExtension(Extension.subjectKeyIdentifier, false, extensionUtils.createSubjectKeyIdentifier(kp.getPublic()));
    certGen.addExtension(Extension.basicConstraints, false, new BasicConstraints(isCertAuthority));
    certGen.addExtension(Extension.authorityKeyIdentifier, false, extensionUtils.createAuthorityKeyIdentifier(signerPublicKey));
    if (isCertAuthority) {
      certGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.keyCertSign));
    }
    X509CertificateHolder cert = certGen.build(new JcaContentSignerBuilder(signingAlgorithm).build(signerPrivateKey));
View Full Code Here

                        {
                            AuthorityKeyIdentifier    auth = AuthorityKeyIdentifier.getInstance(extIn.readObject());
                        }
                        else if (oid.equals(X509Extensions.BasicConstraints))
                        {
                            BasicConstraints    bc = BasicConstraints.getInstance(extIn.readObject());
                        }
                        else
                        {
                            //System.out.println(oid.getId());
                        }
View Full Code Here

    try
    {
      certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
              new SubjectKeyIdentifierStructure(keypair.getPublic()));
      certGen.addExtension(X509Extensions.BasicConstraints, false,
              new BasicConstraints(true));
      final X509Certificate cert = certGen.generate(keypair.getPrivate());
      return cert;
    }
    catch (final Exception e)
    {
View Full Code Here

    v3CertGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
            new AuthorityKeyIdentifierStructure(caCert.getPublicKey()));

    v3CertGen.addExtension(X509Extensions.BasicConstraints, true,
            new BasicConstraints(0));

    // X509Certificate cert = v3CertGen.generateX509Certificate(caPrivKey);
    final X509Certificate cert = v3CertGen.generate(caPriKey, "BC");
    cert.checkValidity(new Date());
    cert.verify(caCert.getPublicKey());
View Full Code Here

TOP

Related Classes of org.apache.geronimo.util.asn1.x509.BasicConstraints

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.