Problem with Subject directory attributes

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Problem with Subject directory attributes

Nikola Milenic
Hello everyone,

I am trying to use Bouncy Castle to work with X509 Certificates. So far I have ran into quite a few problems, but have always managed to solve them with the help of various tutorials and example codes. However, now I need to add Subject directory attributes extension to the certificate, and I am unable to find any example code, documentation, or other resource that would help me understand how to do that. I am able to add common extensions, such as key usage, but this one in particular is troublesome. I have no idea how to instantiate SubjectDirectoryAttributes class or how to create Attributes or the ASN1Sequence that it requires. I have date of birth, place of birth, country of citizenship and gender stored in variables as standard non-bouncycastle datatypes, and I need to put them into a Subject directory attributes extension.  Any help would be greatly appreciated.

Thanks in advance,
Nikola Milenić
Reply | Threaded
Open this post in threaded view
|

Re: Problem with Subject directory attributes

Gurmeen Bindra
Hi Nikola,

You can use the subject directory attributes class from bouncy castle
and add attributes as follows:

ASN1EncodableVector dirName = new ASN1EncodableVector();
//dirName.add(asn1-of-the-attribute-value)
DERSet valueSet = new DERSet(dirName);
Attribute attr = new Attribute(new ASN1ObjectIdentifier(oid, valueSet);

attributes.add(attr);   //add as many attributes to it
SubjectDirectoryAttributes subjectDirAttr = new
SubjectDirectoryAttributes(attributes);

I hope this helps.

- Gurmeen




On 14/06/2019 22:52, Nikola Milenic wrote:

> Hello everyone,
>
> I am trying to use Bouncy Castle to work with X509 Certificates. So far
> I have ran into quite a few problems, but have always managed to solve
> them with the help of various tutorials and example codes. However, now
> I need to add Subject directory attributes extension to the certificate,
> and I am unable to find any example code, documentation, or other
> resource that would help me understand how to do that. I am able to add
> common extensions, such as key usage, but this one in particular is
> troublesome. I have no idea how to instantiate
> SubjectDirectoryAttributes class or how to create Attributes or the
> ASN1Sequence that it requires. I have date of birth, place of birth,
> country of citizenship and gender stored in variables as standard
> non-bouncycastle datatypes, and I need to put them into a Subject
> directory attributes extension.  Any help would be greatly appreciated.
>
> Thanks in advance,
> Nikola Milenić