[FIX] CertificateAutogenTask

This commit is contained in:
Gravit 2019-12-23 11:18:50 +07:00
parent 5e923ec479
commit 284f550a9f
No known key found for this signature in database
GPG key ID: 061981E1E85D3216

View file

@ -3,8 +3,7 @@
import org.bouncycastle.asn1.x500.X500Name; import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder; import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle; import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.Extension; import org.bouncycastle.asn1.x509.*;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509CertificateHolder; import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.X509v3CertificateBuilder; import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
@ -59,7 +58,8 @@ public Path process(Path inputFile) throws IOException {
Date.from(startDate.plusDays(3650).atZone(ZoneId.systemDefault()).toInstant()), Date.from(startDate.plusDays(3650).atZone(ZoneId.systemDefault()).toInstant()),
new X500Name("CN=ca"), new X500Name("CN=ca"),
SubjectPublicKeyInfo.getInstance(server.publicKey.getEncoded())); SubjectPublicKeyInfo.getInstance(server.publicKey.getEncoded()));
builder.addExtension(Extension.getInstance("1.3.6.1.5.5.7.3.3")); builder.addExtension(Extension.extendedKeyUsage, false, new ExtendedKeyUsage(KeyPurposeId.id_kp_codeSigning));
builder.addExtension(Extension.keyUsage, false, new KeyUsage(1));
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256WITHECDSA"); JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256WITHECDSA");
ContentSigner signer = csBuilder.build(server.privateKey); ContentSigner signer = csBuilder.build(server.privateKey);
bcCertificate = builder.build(signer); bcCertificate = builder.build(signer);