Package org.bouncycastle.pkcs

Class PKCS10CertificationRequestBuilder

  • Direct Known Subclasses:
    BcPKCS10CertificationRequestBuilder, JcaPKCS10CertificationRequestBuilder
    public class PKCS10CertificationRequestBuilder
extends java.lang.Object
    A class for creating PKCS#10 Certification requests. 
     CertificationRequest ::= SEQUENCE {
   certificationRequestInfo  CertificationRequestInfo,
   signatureAlgorithm        AlgorithmIdentifier{{ SignatureAlgorithms }},
   signature                 BIT STRING
 }

 CertificationRequestInfo ::= SEQUENCE {
   version             INTEGER { v1(0) } (v1,...),
   subject             Name,
   subjectPKInfo   SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
   attributes          [0] Attributes{{ CRIAttributes }}
  }

  Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }}

  Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
    type    ATTRIBUTE.&id({IOSet}),
    values  SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type})
  }

    • Constructor Detail

      • PKCS10CertificationRequestBuilder

        public PKCS10CertificationRequestBuilder​(org.bouncycastle.asn1.x500.X500Name subject,
                                         org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
        Basic constructor.
        Parameters:
        subject - the X.500 Name defining the certificate subject this request is for.
        publicKeyInfo - the info structure for the public key to be associated with this subject.

    • Method Detail

      • setAttribute

        public PKCS10CertificationRequestBuilder setAttribute​(org.bouncycastle.asn1.ASN1ObjectIdentifier attrType,
                                                      org.bouncycastle.asn1.ASN1Encodable attrValue)
        Set an attribute to the certification request we are building. Removed existing attributes with the same attrType.
        Parameters:
        attrType - the OID giving the type of the attribute.
        attrValue - the ASN.1 structure that forms the value of the attribute.
        Returns:
        this builder object.

      • setAttribute

        public PKCS10CertificationRequestBuilder setAttribute​(org.bouncycastle.asn1.ASN1ObjectIdentifier attrType,
                                                      org.bouncycastle.asn1.ASN1Encodable[] attrValue)
        Add an attribute with multiple values to the certification request we are building. Removed existing attributes with the same attrType.
        Parameters:
        attrType - the OID giving the type of the attribute.
        attrValue - the ASN.1 structure that forms the value of the attribute.
        Returns:
        this builder object.

      • addAttribute

        public PKCS10CertificationRequestBuilder addAttribute​(org.bouncycastle.asn1.ASN1ObjectIdentifier attrType,
                                                      org.bouncycastle.asn1.ASN1Encodable attrValue)
        Add an attribute to the certification request we are building.
        Parameters:
        attrType - the OID giving the type of the attribute.
        attrValue - the ASN.1 structure that forms the value of the attribute.
        Returns:
        this builder object.

      • addAttribute

        public PKCS10CertificationRequestBuilder addAttribute​(org.bouncycastle.asn1.ASN1ObjectIdentifier attrType,
                                                      org.bouncycastle.asn1.ASN1Encodable[] attrValues)
        Add an attribute with multiple values to the certification request we are building.
        Parameters:
        attrType - the OID giving the type of the attribute.
        attrValues - an array of ASN.1 structures that form the value of the attribute.
        Returns:
        this builder object.

      • setLeaveOffEmptyAttributes

        public PKCS10CertificationRequestBuilder setLeaveOffEmptyAttributes​(boolean leaveOffEmpty)
        The attributes field in PKCS10 should encoded to an empty tagged set if there are no attributes. Some CAs will reject requests with the attribute field present.
        Parameters:
        leaveOffEmpty - true if empty attributes should be left out of the encoding false otherwise.
        Returns:
        this builder object.

      • build

        public PKCS10CertificationRequest build​(ContentSigner signer)
        Generate an PKCS#10 request based on the past in signer.
        Parameters:
        signer - the content signer to be used to generate the signature validating the certificate.
        Returns:
        a holder containing the resulting PKCS#10 certification request.