/**
* Generate an X.509 certificate, based on the current issuer and subject using the passed in
* signer.
*
* @param signer the content signer to be used to generate the signature validating the
* certificate.
* @return a holder containing the resulting signed certificate.
*/
public X509CertificateHolder build(ContentSigner signer) {
tbsGen.setSignature(signer.getAlgorithmIdentifier());
if (!extGenerator.isEmpty()) {
tbsGen.setExtensions(extGenerator.generate());
}
return CertUtils.generateFullCert(signer, tbsGen.generateTBSCertificate());
}
/**
* Add a given extension field for the standard extensions tag (tag 3) copying the extension value
* from another certificate.
*
* @param oid the OID defining the extension type.
* @param isCritical true if the copied extension is to be marked as critical, false otherwise.
* @param certHolder the holder for the certificate that the extension is to be copied from.
* @return this builder object.
*/
public X509v3CertificateBuilder copyAndAddExtension(
ASN1ObjectIdentifier oid, boolean isCritical, X509CertificateHolder certHolder) {
X509CertificateStructure cert = certHolder.toASN1Structure();
X509Extension extension = cert.getTBSCertificate().getExtensions().getExtension(oid);
if (extension == null) {
throw new NullPointerException("extension " + oid + " not present");
}
extGenerator.addExtension(oid, isCritical, extension.getValue().getOctets());
return this;
}
/**
* Add a given extension field for the standard extensions tag (tag 3)
*
* @param oid the OID defining the extension type.
* @param isCritical true if the extension is critical, false otherwise.
* @param value the ASN.1 structure that forms the extension's value.
* @return this builder object.
*/
public X509v3CertificateBuilder addExtension(
ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value) {
extGenerator.addExtension(oid, isCritical, value);
return this;
}