Class PKCS10CertificationRequestBuilder

java.lang.Object
org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder
Direct Known Subclasses:
BcPKCS10CertificationRequestBuilder, JcaPKCS10CertificationRequestBuilder

public class PKCS10CertificationRequestBuilder extends Object
A class for creating PKCS#10 Certification requests.
 CertificationRequest ::= SEQUENCE {
   certificationRequestInfo  CertificationRequestInfo,
   signatureAlgorithm        AlgorithmIdentifier{{ SignatureAlgorithms }},
   signature                 BIT STRING
 }

 CertificationRequestInfo ::= SEQUENCE {
   version             INTEGER { v1(0) } (v1,...),
   subject             Name,
   subjectPKInfo   SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
   attributes          [0] Attributes{{ CRIAttributes }}
  }

  Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }}

  Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
    type    ATTRIBUTE.&id({IOSet}),
    values  SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type})
  }
 
  • Constructor Details

    • PKCS10CertificationRequestBuilder

      public PKCS10CertificationRequestBuilder(PKCS10CertificationRequestBuilder original)
    • PKCS10CertificationRequestBuilder

      public PKCS10CertificationRequestBuilder(org.bouncycastle.asn1.x500.X500Name subject, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
      Basic constructor.
      Parameters:
      subject - the X.500 Name defining the certificate subject this request is for.
      publicKeyInfo - the info structure for the public key to be associated with this subject.
  • Method Details

    • setAttribute

      public PKCS10CertificationRequestBuilder setAttribute(org.bouncycastle.asn1.ASN1ObjectIdentifier attrType, org.bouncycastle.asn1.ASN1Encodable attrValue)
      Set an attribute to the certification request we are building. Removed existing attributes with the same attrType.
      Parameters:
      attrType - the OID giving the type of the attribute.
      attrValue - the ASN.1 structure that forms the value of the attribute.
      Returns:
      this builder object.
    • setAttribute

      public PKCS10CertificationRequestBuilder setAttribute(org.bouncycastle.asn1.ASN1ObjectIdentifier attrType, org.bouncycastle.asn1.ASN1Encodable[] attrValue)
      Add an attribute with multiple values to the certification request we are building. Removed existing attributes with the same attrType.
      Parameters:
      attrType - the OID giving the type of the attribute.
      attrValue - the ASN.1 structure that forms the value of the attribute.
      Returns:
      this builder object.
    • addAttribute

      public PKCS10CertificationRequestBuilder addAttribute(org.bouncycastle.asn1.ASN1ObjectIdentifier attrType, org.bouncycastle.asn1.ASN1Encodable attrValue)
      Add an attribute to the certification request we are building.
      Parameters:
      attrType - the OID giving the type of the attribute.
      attrValue - the ASN.1 structure that forms the value of the attribute.
      Returns:
      this builder object.
    • addAttribute

      public PKCS10CertificationRequestBuilder addAttribute(org.bouncycastle.asn1.ASN1ObjectIdentifier attrType, org.bouncycastle.asn1.ASN1Encodable[] attrValues)
      Add an attribute with multiple values to the certification request we are building.
      Parameters:
      attrType - the OID giving the type of the attribute.
      attrValues - an array of ASN.1 structures that form the value of the attribute.
      Returns:
      this builder object.
    • setLeaveOffEmptyAttributes

      public PKCS10CertificationRequestBuilder setLeaveOffEmptyAttributes(boolean leaveOffEmpty)
      The attributes field in PKCS10 should encoded to an empty tagged set if there are no attributes. Some CAs will reject requests with the attribute field present.
      Parameters:
      leaveOffEmpty - true if empty attributes should be left out of the encoding false otherwise.
      Returns:
      this builder object.
    • build

      Generate an PKCS#10 request based on the past in signer.
      Parameters:
      signer - the content signer to be used to generate the signature validating the certificate.
      Returns:
      a holder containing the resulting PKCS#10 certification request.