net.ripe.rpki.commons.crypto.x509cert
Class X509CertificateBuilderHelper
java.lang.Object
net.ripe.rpki.commons.crypto.x509cert.X509CertificateBuilderHelper
public final class X509CertificateBuilderHelper
- extends Object
Fairly generic helper for X509CertificateBuilders. Intended to be used by
(delegated to, not extended) specific certificate builders.
Because we want to maintain the pattern where a specific Certificate builder
can be chained like: builder.withValidity(val).withSubjectDn(subject) etc...
dynamic typing would be required.. hence delegation.
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
DEFAULT_SIGNATURE_ALGORITHM
public static final String DEFAULT_SIGNATURE_ALGORITHM
- See Also:
- Constant Field Values
DEFAULT_SIGNATURE_PROVIDER
public static final String DEFAULT_SIGNATURE_PROVIDER
- See Also:
- Constant Field Values
X509CertificateBuilderHelper
public X509CertificateBuilderHelper()
withSignatureProvider
public X509CertificateBuilderHelper withSignatureProvider(String signatureProvider)
withSerial
public X509CertificateBuilderHelper withSerial(BigInteger serial)
withSubjectDN
public X509CertificateBuilderHelper withSubjectDN(X500Principal subjectDN)
withIssuerDN
public X509CertificateBuilderHelper withIssuerDN(X500Principal issuerDN)
withValidityPeriod
public X509CertificateBuilderHelper withValidityPeriod(ValidityPeriod validityPeriod)
withResources
public X509CertificateBuilderHelper withResources(net.ripe.ipresource.IpResourceSet resources)
withPublicKey
public X509CertificateBuilderHelper withPublicKey(PublicKey publicKey)
withSigningKeyPair
public X509CertificateBuilderHelper withSigningKeyPair(KeyPair signingKey)
withSignatureAlgorithm
public X509CertificateBuilderHelper withSignatureAlgorithm(String signatureAlgorithm)
- Careful! You probably want to stick to the default. This method is here
mainly to allow for testing the parser -> it should reject sig algos not
allowed by RFC
withKeyUsage
public X509CertificateBuilderHelper withKeyUsage(int keyUsage)
withCa
public X509CertificateBuilderHelper withCa(boolean ca)
withSubjectKeyIdentifier
public X509CertificateBuilderHelper withSubjectKeyIdentifier(boolean add)
withAuthorityKeyIdentifier
public X509CertificateBuilderHelper withAuthorityKeyIdentifier(boolean add)
withCrlDistributionPoints
public X509CertificateBuilderHelper withCrlDistributionPoints(URI... uris)
withAuthorityInformationAccess
public X509CertificateBuilderHelper withAuthorityInformationAccess(X509CertificateInformationAccessDescriptor... descriptors)
withSubjectInformationAccess
public X509CertificateBuilderHelper withSubjectInformationAccess(X509CertificateInformationAccessDescriptor... descriptors)
withPolicies
public X509CertificateBuilderHelper withPolicies(org.bouncycastle.asn1.x509.PolicyInformation... policies)
withInheritedResourceTypes
public X509CertificateBuilderHelper withInheritedResourceTypes(EnumSet<net.ripe.ipresource.IpResourceType> resourceTypes)
generateCertificate
public X509Certificate generateCertificate()
createCertificateGenerator
protected org.bouncycastle.cert.X509v3CertificateBuilder createCertificateGenerator()
- Override this to add your extensions to the certificate generator
Copyright © 2008-2013 RIPE NCC, the Netherlands. All Rights Reserved.