CertificateBuilder (mc-pki 0.9.0 API)

java.lang.Object
- net.maritimecloud.pki.CertificateBuilder

public class CertificateBuilder
extends Object

Constructor Summary

Constructors
Constructor and Description

CertificateBuilder(KeystoreHandler keystoreHandler)

Constructors
Constructor and Description
`CertificateBuilder(KeystoreHandler keystoreHandler)`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`X509Certificate`	`buildAndSignCert(BigInteger serialNumber, PrivateKey signerPrivateKey, PublicKey signerPublicKey, PublicKey subjectPublicKey, org.bouncycastle.asn1.x500.X500Name issuer, org.bouncycastle.asn1.x500.X500Name subject, Map<String,String> customAttrs, String type, String ocspUrl, String crlUrl)` Builds and signs a certificate.
`HashMap<String,String>`	`convertCommas(String orgName, String type, String callName, String uid)` Converts any commas in the given strings to something that looks like a comma, but isn't
`X509Certificate`	`generateCertForEntity(BigInteger serialNumber, String country, String orgName, String type, String callName, String email, String uid, PublicKey publickey, Map<String,String> customAttr, String signingAlias, String baseCrlOcspURI)` Generates a signed certificate for an entity.
`static KeyPair`	`generateKeyPair()` Generates a keypair (public and private) based on Elliptic curves.
`BigInteger`	`generateSerialNumber()` Generate a unique serial number to uniquely identify certificates.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CertificateBuilder

public CertificateBuilder(KeystoreHandler keystoreHandler)

Method Detail

buildAndSignCert

public X509Certificate buildAndSignCert(BigInteger serialNumber,
                                        PrivateKey signerPrivateKey,
                                        PublicKey signerPublicKey,
                                        PublicKey subjectPublicKey,
                                        org.bouncycastle.asn1.x500.X500Name issuer,
                                        org.bouncycastle.asn1.x500.X500Name subject,
                                        Map<String,String> customAttrs,
                                        String type,
                                        String ocspUrl,
                                        String crlUrl)
                                 throws Exception

Builds and signs a certificate. The certificate will be build on the given subject-public-key and signed with the given issuer-private-key. The issuer and subject will be identified in the strings provided.

Parameters:: serialNumber - The serialnumber of the new certificate.; signerPrivateKey - Private key for signing the certificate; signerPublicKey - Public key of the signing certificate; subjectPublicKey - Public key for the new certificate; issuer - DN of the signing certificate; subject - DN of the new certificate; customAttrs - The custom MC attributes to include in the certificate; type - Type of certificate, can be "ROOT", "INTERMEDIATE" or "ENTITY".; ocspUrl - OCSP endpoint; crlUrl - CRL endpoint - can be null
Returns:: A signed X509Certificate
Throws:: Exception - Throws exception on certificate generation errors.

generateCertForEntity

public X509Certificate generateCertForEntity(BigInteger serialNumber,
                                             String country,
                                             String orgName,
                                             String type,
                                             String callName,
                                             String email,
                                             String uid,
                                             PublicKey publickey,
                                             Map<String,String> customAttr,
                                             String signingAlias,
                                             String baseCrlOcspURI)
                                      throws Exception

Generates a signed certificate for an entity.

Parameters:: country - The country of org/entity; orgName - The name of the organization the entity belongs to; type - The type of the entity; callName - The name of the entity; email - The email of the entity; publickey - The public key of the entity; baseCrlOcspURI - The base URI used for the CRL and OCSP endpoint. This will be prepended: (ocsp|crl)/urn:mrn:mcl:ca:...
Returns:: Returns a signed X509Certificate
Throws:: Exception

generateKeyPair
```
public static KeyPair generateKeyPair()
```
Generates a keypair (public and private) based on Elliptic curves.

Returns:

The generated keypair

generateSerialNumber
```
public BigInteger generateSerialNumber()
```
Generate a unique serial number to uniquely identify certificates.

Returns:

a unique serialnumber

convertCommas

public HashMap<String,String> convertCommas(String orgName,
                                            String type,
                                            String callName,
                                            String uid)

Converts any commas in the given strings to something that looks like a comma, but isn't

Returns:: a HashMap of the converted strings

Class CertificateBuilder

Constructor Summary