diff options
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/x509')
-rw-r--r-- | bcprov/src/main/java/org/bouncycastle/x509/X509V1CertificateGenerator.java | 16 | ||||
-rw-r--r-- | bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java | 35 |
2 files changed, 25 insertions, 26 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509V1CertificateGenerator.java b/bcprov/src/main/java/org/bouncycastle/x509/X509V1CertificateGenerator.java index 01f4469f..5833d17e 100644 --- a/bcprov/src/main/java/org/bouncycastle/x509/X509V1CertificateGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/x509/X509V1CertificateGenerator.java @@ -1,5 +1,6 @@ package org.bouncycastle.x509; +import java.io.ByteArrayInputStream; import java.io.IOException; import java.math.BigInteger; import java.security.GeneralSecurityException; @@ -11,7 +12,6 @@ import java.security.PublicKey; import java.security.SecureRandom; import java.security.SignatureException; import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateParsingException; import java.security.cert.X509Certificate; import java.util.Date; import java.util.Iterator; @@ -19,19 +19,21 @@ import java.util.Iterator; import javax.security.auth.x500.X500Principal; import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1Encoding; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import org.bouncycastle.asn1.x509.Certificate; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x509.TBSCertificate; import org.bouncycastle.asn1.x509.Time; import org.bouncycastle.asn1.x509.V1TBSCertificateGenerator; import org.bouncycastle.asn1.x509.X509Name; +import org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory; +import org.bouncycastle.jcajce.util.BCJcaJceHelper; +import org.bouncycastle.jcajce.util.JcaJceHelper; import org.bouncycastle.jce.X509Principal; -import org.bouncycastle.jce.provider.X509CertificateObject; /** * class to produce an X.509 Version 1 certificate. @@ -39,6 +41,9 @@ import org.bouncycastle.jce.provider.X509CertificateObject; */ public class X509V1CertificateGenerator { + private final JcaJceHelper bcHelper = new BCJcaJceHelper(); // needed to force provider loading + private final CertificateFactory certificateFactory = new CertificateFactory(); + private V1TBSCertificateGenerator tbsGen; private ASN1ObjectIdentifier sigOID; private AlgorithmIdentifier sigAlgId; @@ -353,9 +358,10 @@ public class X509V1CertificateGenerator try { - return new X509CertificateObject(Certificate.getInstance(new DERSequence(v))); + return (X509Certificate)certificateFactory.engineGenerateCertificate( + new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER))); } - catch (CertificateParsingException e) + catch (Exception e) { throw new ExtCertificateEncodingException("exception producing certificate object", e); } diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java b/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java index 54be0016..28bf5507 100644 --- a/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java @@ -1,5 +1,6 @@ package org.bouncycastle.x509; +import java.io.ByteArrayInputStream; import java.io.IOException; import java.math.BigInteger; import java.security.GeneralSecurityException; @@ -20,26 +21,24 @@ import javax.security.auth.x500.X500Principal; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1Encoding; import org.bouncycastle.asn1.ASN1InputStream; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import org.bouncycastle.asn1.x509.Certificate; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x509.TBSCertificate; import org.bouncycastle.asn1.x509.Time; import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator; import org.bouncycastle.asn1.x509.X509ExtensionsGenerator; import org.bouncycastle.asn1.x509.X509Name; -import org.bouncycastle.jce.X509Principal; -// BEGIN ANDROID-ADDED -// See the definition of the jcaJceHelper field for details. -import org.bouncycastle.jcajce.provider.asymmetric.x509.X509CertificateObject; +import org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory; import org.bouncycastle.jcajce.util.BCJcaJceHelper; import org.bouncycastle.jcajce.util.JcaJceHelper; -// END ANDROID-ADDED +import org.bouncycastle.jce.X509Principal; + import org.bouncycastle.x509.extension.X509ExtensionUtil; /** @@ -48,17 +47,14 @@ import org.bouncycastle.x509.extension.X509ExtensionUtil; */ public class X509V3CertificateGenerator { + private final JcaJceHelper bcHelper = new BCJcaJceHelper(); // needed to force provider loading + private final CertificateFactory certificateFactory = new CertificateFactory(); + private V3TBSCertificateGenerator tbsGen; private ASN1ObjectIdentifier sigOID; private AlgorithmIdentifier sigAlgId; private String signatureAlgorithm; private X509ExtensionsGenerator extGenerator; - // BEGIN ANDROID-ADDED - // Use org.bouncycastle.jcajce.provider.asymmetric.x509.X509CertificateObject - // instead of org.bouncycastle.jce.provider.X509CertificateObject. - // We need to pass one instance of JcaJceHelper in the constructor of the former class. - private final JcaJceHelper jcaJceHelper = new BCJcaJceHelper(); - // END ANDROID-ADDED public X509V3CertificateGenerator() { @@ -452,7 +448,7 @@ public class X509V3CertificateGenerator { return generateJcaObject(tbsCert, signature); } - catch (CertificateParsingException e) + catch (Exception e) { throw new ExtCertificateEncodingException("exception producing certificate object", e); } @@ -497,7 +493,7 @@ public class X509V3CertificateGenerator { return generateJcaObject(tbsCert, signature); } - catch (CertificateParsingException e) + catch (Exception e) { throw new ExtCertificateEncodingException("exception producing certificate object", e); } @@ -514,19 +510,16 @@ public class X509V3CertificateGenerator } private X509Certificate generateJcaObject(TBSCertificate tbsCert, byte[] signature) - throws CertificateParsingException + throws Exception { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(tbsCert); v.add(sigAlgId); v.add(new DERBitString(signature)); - // BEGIN ANDROID-CHANGED - // Was: return new X509CertificateObject(Certificate.getInstance(new DERSequence(v))); - // We are using a different X509CertificateObject class than the original, see definition - // of the jcaJceHelper field for details. - return new X509CertificateObject(jcaJceHelper, Certificate.getInstance(new DERSequence(v))); - // END ANDROID-CHANGED + + return (X509Certificate)certificateFactory.engineGenerateCertificate( + new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER))); } /** |