- public static byte[] sign(Trans trans, ASN1Object toSign, PrivateKey pk) throws IOException, InvalidKeyException, SignatureException, NoSuchAlgorithmException {
- TimeTaken tt = trans.start("Encode Security Object", Env.SUB);
- try {
- return sign(trans,toSign.getEncoded(),pk);
- } finally {
- tt.done();
- }
- }
-
- public static CSRMeta createCSRMeta(CA ca, String mechid, String sponsorEmail, List<String> fqdns) throws CertException {
- CSRMeta csr = ca.newCSRMeta();
- boolean first = true;
- // Set CN (and SAN)
- for(String fqdn : fqdns) {
- if(first) {
- first = false;
- csr.cn(fqdn);
- }
- csr.san(fqdn); // duplicate CN in SAN, per RFC 5280 section 4.2.1.6
- }
-
- csr.challenge(new String(Symm.randomGen(24)));
- csr.mechID(mechid);
- csr.email(sponsorEmail);
- String errs;
- if((errs=validateApp(csr))!=null) {
- throw new CertException(errs);
- }
- return csr;
- }
-
- private static String validateApp(CSRMeta csr) {
- CertmanValidator v = new CertmanValidator();
- if(v.nullOrBlank("cn", csr.cn())
- .nullOrBlank("mechID", csr.mechID())
- .nullOrBlank("email", csr.email())
- .err()) {
- return v.errs();
- } else {
- return null;
- }
- }
+ public static byte[] sign(Trans trans, ASN1Object toSign, PrivateKey pk) throws IOException, InvalidKeyException, SignatureException, NoSuchAlgorithmException {
+ TimeTaken tt = trans.start("Encode Security Object", Env.SUB);
+ try {
+ return sign(trans,toSign.getEncoded(),pk);
+ } finally {
+ tt.done();
+ }
+ }
+
+ public static CSRMeta createCSRMeta(CA ca, String mechid, String sponsorEmail, List<String> fqdns) throws CertException {
+ CSRMeta csr = ca.newCSRMeta();
+ boolean first = true;
+ // Set CN (and SAN)
+ for(String fqdn : fqdns) {
+ if(first) {
+ first = false;
+ csr.cn(fqdn);
+ }
+ csr.san(fqdn); // duplicate CN in SAN, per RFC 5280 section 4.2.1.6
+ }
+
+ csr.challenge(new String(Symm.randomGen(24)));
+ csr.mechID(mechid);
+ csr.email(sponsorEmail);
+ String errs;
+ if((errs=validateApp(csr))!=null) {
+ throw new CertException(errs);
+ }
+ return csr;
+ }
+
+ private static String validateApp(CSRMeta csr) {
+ CertmanValidator v = new CertmanValidator();
+ if(v.nullOrBlank("cn", csr.cn())
+ .nullOrBlank("mechID", csr.mechID())
+// .nullOrBlank("email", csr.email())
+ .err()) {
+ return v.errs();
+ } else {
+ return null;
+ }
+ }