/**
* generate an X509 certificate, based on the current issuer and subject, using the passed in
* provider for the signing and the supplied source of randomness, if required.
*/
public X509AttributeCertificate generate(PrivateKey key, String provider, SecureRandom random)
throws CertificateEncodingException, IllegalStateException, NoSuchProviderException,
NoSuchAlgorithmException, SignatureException, InvalidKeyException {
if (!extGenerator.isEmpty()) {
acInfoGen.setExtensions(extGenerator.generate());
}
AttributeCertificateInfo acInfo = acInfoGen.generateAttributeCertificateInfo();
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(acInfo);
v.add(sigAlgId);
try {
v.add(
new DERBitString(
X509Util.calculateSignature(
sigOID, signatureAlgorithm, provider, key, random, acInfo)));
return new X509V2AttributeCertificate(new AttributeCertificate(new DERSequence(v)));
} catch (IOException e) {
throw new ExtCertificateEncodingException("constructed invalid certificate", e);
}
}
/** reset the generator */
public void reset() {
acInfoGen = new V2AttributeCertificateInfoGenerator();
extGenerator.reset();
}
/**
* add a given extension field for the standard extensions tag The value parameter becomes the
* contents of the octet string associated with the extension.
*/
public void addExtension(String oid, boolean critical, byte[] value) {
extGenerator.addExtension(new DERObjectIdentifier(oid), critical, value);
}
/**
* add a given extension field for the standard extensions tag
*
* @throws IOException
*/
public void addExtension(String oid, boolean critical, ASN1Encodable value) throws IOException {
extGenerator.addExtension(new DERObjectIdentifier(oid), critical, value);
}