dateBuilder.addYears(1);
notAfter = dateBuilder.getDate();
}
if (this.v3) {
JcaX509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(this.toX500Name(issuer), serialNumber, notBefore, notAfter, this.toX500Name(subject), keyPair.getPublic());
JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(signType.getAlgorithm());
contentSignerBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
ContentSigner contentSigner = contentSignerBuilder.build(keyPair.getPrivate());
if (this.keyUsage.size() > 0) {
int usage = 0;
for (KeyUsageType keyUsage : this.keyUsage) {
usage = usage | this.toKeyUsage(keyUsage);
}
org.bouncycastle.asn1.x509.KeyUsage ku = new org.bouncycastle.asn1.x509.KeyUsage(usage);
builder.addExtension(X509Extension.keyUsage, false, ku);
}
if (this.extendedKeyUsage.size() > 0) {
Vector<DERObject> vector = new Vector<DERObject>();
for (ExtendedKeyUsageType keyUsageType : this.extendedKeyUsage) {
KeyPurposeId keyPurposeId = this.toExtendedKeyUsage(keyUsageType);
if (keyPurposeId != null) {
vector.add(keyPurposeId);
}
}
if (vector.size() > 0) {
org.bouncycastle.asn1.x509.ExtendedKeyUsage extendedKeyUsage = new org.bouncycastle.asn1.x509.ExtendedKeyUsage(vector);
builder.addExtension(X509Extension.extendedKeyUsage, true, extendedKeyUsage);
} else {
org.bouncycastle.asn1.x509.ExtendedKeyUsage extendedKeyUsage = new org.bouncycastle.asn1.x509.ExtendedKeyUsage(KeyPurposeId.anyExtendedKeyUsage);
builder.addExtension(X509Extension.extendedKeyUsage, false, extendedKeyUsage);
}
} else {
org.bouncycastle.asn1.x509.ExtendedKeyUsage extendedKeyUsage = new org.bouncycastle.asn1.x509.ExtendedKeyUsage(KeyPurposeId.anyExtendedKeyUsage);
builder.addExtension(X509Extension.extendedKeyUsage, false, extendedKeyUsage);
}
GeneralNames subjectAltName = new GeneralNames(new GeneralName(GeneralName.rfc822Name, subject));
builder.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
SubjectKeyIdentifierStructure subjectKeyIdentifierStructure = new SubjectKeyIdentifierStructure(keyPair.getPublic());
builder.addExtension(X509Extension.subjectKeyIdentifier, false, subjectKeyIdentifierStructure);
X509CertificateHolder holder = builder.build(contentSigner);
certificate = (X509Certificate) SecurityUtils.getCertificateFromFile(holder.getEncoded(), CertificateType.X509);
privateKey = keyPair.getPrivate();
} else {
JcaX509v1CertificateBuilder builder = new JcaX509v1CertificateBuilder(this.toX500Name(issuer), serialNumber, notBefore, notAfter, this.toX500Name(subject), keyPair.getPublic());
JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(signType.getAlgorithm());
contentSignerBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
ContentSigner contentSigner = contentSignerBuilder.build(keyPair.getPrivate());
X509CertificateHolder holder = builder.build(contentSigner);
certificate = (X509Certificate) SecurityUtils.getCertificateFromFile(holder.getEncoded(), CertificateType.X509);
privateKey = keyPair.getPrivate();
}