1 /* |
1 /* |
2 * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
28 import java.io.IOException; |
28 import java.io.IOException; |
29 import java.security.cert.X509Certificate; |
29 import java.security.cert.X509Certificate; |
30 import java.security.cert.CertificateException; |
30 import java.security.cert.CertificateException; |
31 import java.security.cert.CertificateEncodingException; |
31 import java.security.cert.CertificateEncodingException; |
32 import java.security.*; |
32 import java.security.*; |
|
33 import java.security.spec.AlgorithmParameterSpec; |
33 import java.security.spec.ECGenParameterSpec; |
34 import java.security.spec.ECGenParameterSpec; |
34 import java.security.spec.NamedParameterSpec; |
35 import java.security.spec.NamedParameterSpec; |
35 import java.util.Date; |
36 import java.util.Date; |
36 |
37 |
37 import sun.security.pkcs10.PKCS10; |
38 import sun.security.pkcs10.PKCS10; |
38 import sun.security.x509.*; |
39 import sun.security.x509.*; |
39 |
|
40 |
40 |
41 /** |
41 /** |
42 * Generate a pair of keys, and provide access to them. This class is |
42 * Generate a pair of keys, and provide access to them. This class is |
43 * provided primarily for ease of use. |
43 * provided primarily for ease of use. |
44 * |
44 * |
280 |
280 |
281 CertificateValidity interval = |
281 CertificateValidity interval = |
282 new CertificateValidity(firstDate,lastDate); |
282 new CertificateValidity(firstDate,lastDate); |
283 |
283 |
284 X509CertInfo info = new X509CertInfo(); |
284 X509CertInfo info = new X509CertInfo(); |
|
285 AlgorithmParameterSpec params = AlgorithmId |
|
286 .getDefaultAlgorithmParameterSpec(sigAlg, privateKey); |
285 // Add all mandatory attributes |
287 // Add all mandatory attributes |
286 info.set(X509CertInfo.VERSION, |
288 info.set(X509CertInfo.VERSION, |
287 new CertificateVersion(CertificateVersion.V3)); |
289 new CertificateVersion(CertificateVersion.V3)); |
288 info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber( |
290 info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber( |
289 new java.util.Random().nextInt() & 0x7fffffff)); |
291 new java.util.Random().nextInt() & 0x7fffffff)); |
290 AlgorithmId algID = AlgorithmId.get(sigAlg); |
292 AlgorithmId algID = AlgorithmId.getWithParameterSpec(sigAlg, params); |
291 info.set(X509CertInfo.ALGORITHM_ID, |
293 info.set(X509CertInfo.ALGORITHM_ID, |
292 new CertificateAlgorithmId(algID)); |
294 new CertificateAlgorithmId(algID)); |
293 info.set(X509CertInfo.SUBJECT, myname); |
295 info.set(X509CertInfo.SUBJECT, myname); |
294 info.set(X509CertInfo.KEY, new CertificateX509Key(publicKey)); |
296 info.set(X509CertInfo.KEY, new CertificateX509Key(publicKey)); |
295 info.set(X509CertInfo.VALIDITY, interval); |
297 info.set(X509CertInfo.VALIDITY, interval); |
296 info.set(X509CertInfo.ISSUER, myname); |
298 info.set(X509CertInfo.ISSUER, myname); |
297 if (ext != null) info.set(X509CertInfo.EXTENSIONS, ext); |
299 if (ext != null) info.set(X509CertInfo.EXTENSIONS, ext); |
298 |
300 |
299 cert = new X509CertImpl(info); |
301 cert = new X509CertImpl(info); |
300 cert.sign(privateKey, this.sigAlg); |
302 cert.sign(privateKey, |
|
303 params, |
|
304 sigAlg, |
|
305 null); |
301 |
306 |
302 return (X509Certificate)cert; |
307 return (X509Certificate)cert; |
303 |
308 |
304 } catch (IOException e) { |
309 } catch (IOException e) { |
305 throw new CertificateEncodingException("getSelfCert: " + |
310 throw new CertificateEncodingException("getSelfCert: " + |
306 e.getMessage()); |
311 e.getMessage()); |
|
312 } catch (InvalidAlgorithmParameterException e2) { |
|
313 throw new SignatureException( |
|
314 "Unsupported PSSParameterSpec: " + e2.getMessage()); |
307 } |
315 } |
308 } |
316 } |
309 |
317 |
310 // Keep the old method |
318 // Keep the old method |
311 public X509Certificate getSelfCertificate (X500Name myname, long validity) |
319 public X509Certificate getSelfCertificate (X500Name myname, long validity) |
327 * |
335 * |
328 * @param myname X.500 name of the subject |
336 * @param myname X.500 name of the subject |
329 * @exception InvalidKeyException on key handling errors. |
337 * @exception InvalidKeyException on key handling errors. |
330 * @exception SignatureException on signature handling errors. |
338 * @exception SignatureException on signature handling errors. |
331 */ |
339 */ |
|
340 // This method is not used inside JDK. Will not update it. |
332 public PKCS10 getCertRequest (X500Name myname) |
341 public PKCS10 getCertRequest (X500Name myname) |
333 throws InvalidKeyException, SignatureException |
342 throws InvalidKeyException, SignatureException |
334 { |
343 { |
335 PKCS10 req = new PKCS10 (publicKey); |
344 PKCS10 req = new PKCS10 (publicKey); |
336 |
345 |