/** * Constructs a new <code>GetCert</code> from its components. Neither component may be <code>null * </code>. */ public GetCert(ANY issuerName, INTEGER serialNumber) { if (issuerName == null || serialNumber == null) { throw new IllegalArgumentException("parameter to GetCert constructor is null"); } sequence = new SEQUENCE(); this.issuerName = issuerName; sequence.addElement(issuerName); this.serialNumber = serialNumber; sequence.addElement(serialNumber); }
CertificationRequest( CertificationRequestInfo info, // byte[] infoEncoding, AlgorithmIdentifier algId, byte[] signature) throws IOException { this.info = info; // this.infoEncoding = infoEncoding; this.algId = algId; this.signature = signature; // bundle everything into a SEQUENCE sequence = new SEQUENCE(); sequence.addElement(info); sequence.addElement(algId); sequence.addElement(new BIT_STRING(signature, 0)); }
/** * Creates and signs an X.509 CertificationRequest. * * @param info A CertificationRequestInfo (TBSCertificationRequest), which specifies the actual * information of the CertificationRequest. * @param privKey The private key with which to sign the certificat. * @param signingAlg The algorithm to use to sign the CertificationRequest. It must match the * algorithm specified in the CertificationRequestInfo. * @exception IOException If an error occurred while encoding the CertificationRequest. * @exception CryptoManager.NotInitializedException Because this operation involves cryptography * (signing), CryptoManager must be initialized before calling it. * @exception TokenException If an error occurs on a PKCS #11 token. * @exception NoSuchAlgorithmException If the OID for the signing algorithm cannot be located. * @exception CertificateException If the signing algorithm specified as a parameter does not * match the one in the CertificationRequest info. * @exception InvalidKeyException If the key does not match the signing algorithm. * @exception SignatureException If an error occurs while signing the CertificationRequest. */ public CertificationRequest( CertificationRequestInfo info, java.security.PrivateKey privKey, SignatureAlgorithm signingAlg) throws IOException, CryptoManager.NotInitializedException, TokenException, NoSuchAlgorithmException, CertificateException, InvalidKeyException, SignatureException { // make sure key is a Ninja private key if (!(privKey instanceof PrivateKey)) { throw new InvalidKeyException("Private Key is does not belong to" + " this provider"); } PrivateKey priv = (PrivateKey) privKey; // create algId if (signingAlg.getSigningAlg() == SignatureAlgorithm.RSASignature) { algId = new AlgorithmIdentifier(signingAlg.toOID(), null); } else { algId = new AlgorithmIdentifier(signingAlg.toOID()); } // encode the cert info this.info = info; infoEncoding = ASN1Util.encode(info); // sign the info encoding CryptoManager cm = CryptoManager.getInstance(); CryptoToken token = priv.getOwningToken(); Signature sig = token.getSignatureContext(signingAlg); sig.initSign(priv); sig.update(infoEncoding); signature = sig.sign(); // bundle everything into a SEQUENCE sequence = new SEQUENCE(); sequence.addElement(info); sequence.addElement(algId); sequence.addElement(new BIT_STRING(signature, 0)); }