Package org.bouncycastle.asn1.x509

Examples of org.bouncycastle.asn1.x509.BasicConstraints


        new SubjectKeyIdentifierStructure(keyPair.getPublic()));

    v3CertGen.addExtension(
        X509Extensions.BasicConstraints,
        true,
        new BasicConstraints(0));

    v3CertGen.addExtension(
        X509Extensions.KeyUsage,
        false,
        new KeyUsage(KeyUsage.cRLSign | KeyUsage.keyCertSign) );
View Full Code Here


    }
  }

  protected void addV3CAExtensions(final JcaX509v3CertificateBuilder builder, final BouncyCastleCertificateRequest request) throws CertIOException {
    if (request.isCa()) {
      builder.addExtension(X509Extension.basicConstraints, true, new BasicConstraints(true));
    }
  }
View Full Code Here

          webDN,
          pair.getPublic());

      JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
      certBuilder.addExtension(X509Extension.subjectKeyIdentifier, false, extUtils.createSubjectKeyIdentifier(pair.getPublic()));
      certBuilder.addExtension(X509Extension.basicConstraints, false, new BasicConstraints(false));
      certBuilder.addExtension(X509Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(caCert.getPublicKey()));

      // support alternateSubjectNames for SSL certificates
      List<GeneralName> altNames = new ArrayList<GeneralName>();
      if (HttpUtils.isIpAddress(sslMetadata.commonName)) {
View Full Code Here

          caPair.getPublic());

      JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
      caBuilder.addExtension(X509Extension.subjectKeyIdentifier, false, extUtils.createSubjectKeyIdentifier(caPair.getPublic()));
      caBuilder.addExtension(X509Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(caPair.getPublic()));
      caBuilder.addExtension(X509Extension.basicConstraints, false, new BasicConstraints(true));
      caBuilder.addExtension(X509Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));

      JcaX509CertificateConverter converter = new JcaX509CertificateConverter().setProvider(BC);
      X509Certificate cert = converter.getCertificate(caBuilder.build(caSigner));
View Full Code Here

          userDN,
          pair.getPublic());

      JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
      certBuilder.addExtension(X509Extension.subjectKeyIdentifier, false, extUtils.createSubjectKeyIdentifier(pair.getPublic()));
      certBuilder.addExtension(X509Extension.basicConstraints, false, new BasicConstraints(false));
      certBuilder.addExtension(X509Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(caCert.getPublicKey()));
      certBuilder.addExtension(X509Extension.keyUsage, true, new KeyUsage(KeyUsage.keyEncipherment | KeyUsage.digitalSignature));
      if (!StringUtils.isEmpty(clientMetadata.emailAddress)) {
        GeneralNames subjectAltName = new GeneralNames(
                    new GeneralName(GeneralName.rfc822Name, clientMetadata.emailAddress));
View Full Code Here

                begin, ends, subject, pubKey);

        if (subject.equals(issuer)) {
            certificateBuilder.addExtension(
                    X509Extension.basicConstraints, true,
                    new BasicConstraints(5));
        } else {
            JcaX509ExtensionUtils jxeu = new JcaX509ExtensionUtils();

            if (baseCrt != null) {
                byte[] sans = baseCrt.getExtensionValue(X509Extension.subjectAlternativeName.getId());
                if (sans != null) {
                    certificateBuilder.copyAndAddExtension(X509Extension.subjectAlternativeName, true, baseCrt);
                }
            }

            SubjectKeyIdentifier subjectKeyIdentifier = jxeu.createSubjectKeyIdentifier(pubKey);
            certificateBuilder.addExtension(
                    X509Extension.subjectKeyIdentifier, false, subjectKeyIdentifier);

            AuthorityKeyIdentifier authorityKeyIdentifier = jxeu.createAuthorityKeyIdentifier(caPubKey);
            certificateBuilder.addExtension(
                    X509Extension.authorityKeyIdentifier, false,
                    authorityKeyIdentifier);

            certificateBuilder.addExtension(
                    X509Extension.basicConstraints, true,
                    new BasicConstraints(false));

            NetscapeCertType netscapeCertType = new NetscapeCertType(NetscapeCertType.sslClient | NetscapeCertType.sslServer);
            certificateBuilder.addExtension(
                    MiscObjectIdentifiers.netscapeCertType, false,
                    netscapeCertType);
View Full Code Here

    v3CertGen.setSerialNumber(new BigInteger(Long.toString(System.currentTimeMillis())));

    v3CertGen.addExtension(
        X509Extensions.BasicConstraints,
        true,
        new BasicConstraints(false) );

    v3CertGen.addExtension(
        X509Extensions.SubjectKeyIdentifier,
        false,
        new SubjectKeyIdentifierStructure(newPubKey));
View Full Code Here

        new SubjectKeyIdentifierStructure(keyPair.getPublic()));

    v3CertGen.addExtension(
        X509Extensions.BasicConstraints,
        true,
        new BasicConstraints(0));

    v3CertGen.addExtension(
        X509Extensions.KeyUsage,
        false,
        new KeyUsage(KeyUsage.cRLSign | KeyUsage.keyCertSign) );
View Full Code Here

        this.certGen.setSignatureAlgorithm(this.caX509.getSigAlgName());
        this.certGen.setIssuerDN(this.caX509Name);

        this.certGen.addExtension(X509Extensions.BasicConstraints,
                                 true,
                                 new BasicConstraints(false));

        this.certGen.addExtension(X509Extensions.KeyUsage,
                                  true,
                                  new KeyUsage(KeyUsage.digitalSignature |
                                               KeyUsage.keyEncipherment));
View Full Code Here

                new AuthorityKeyIdentifier(spki, generalNames, BigInteger.ZERO);


        this.certGen.addExtension(X509Extensions.BasicConstraints,
                                 true,
                                 new BasicConstraints(true));

        /*
        this.certGen.addExtension(X509Extensions.KeyUsage,
                                  true,
                                  new KeyUsage(KeyUsage.digitalSignature |
View Full Code Here

TOP

Related Classes of org.bouncycastle.asn1.x509.BasicConstraints

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.