put atributes to X500NameBuilder Bouncy Castle to Generarte a PKCS10

Question

we are trying to generate a PKCS10CertificationRequest (AKA CSR in Der Format), we know how is done i will put the code of that generation, but for the X500Name we are using X500NameBuilder that is really helpful but the style we are using is BCStyle, include almost al the data ned to be there.

the problem is we need to put another data that is not in the bcstyle (the data is specified in here http://www.alvestrand.no/objectid/2.5.4.45.html, and here http://www.alvestrand.no/objectid/2.5.4.23.html) and really can't see how to put it, we thinks is creating a new X500NameStyle, but we dont understand how to do it.

could anyone explain to us how to do it

thanks for the support

PS: the Code we are using

public PKCS10CertificationRequest generatedCSR(PrivateKey key, PublicKey pkey, Map<String,String> certdata, String CSRAlgorithm, String name, KeyFileManager kfm) throws OperatorCreationException, IOException
{
    Log.i(LOGCERT, "iniciando generacion de CSR");
    this.mensaje(LogType.MENI, "Se a iniciado la generacion de un CSR");
    ContentSigner signer = new JcaContentSignerBuilder(CSRAlgorithm).build(key);
    X500NameBuilder namebuilder = new X500NameBuilder(X500Name.getDefaultStyle());
    namebuilder.addRDN(BCStyle.CN, certdata.get("CN"));
    namebuilder.addRDN(BCStyle.OU, certdata.get("OU"));
    namebuilder.addRDN(BCStyle.O, certdata.get("O"));
    namebuilder.addRDN(BCStyle.L, certdata.get("L"));
    namebuilder.addRDN(BCStyle.ST, certdata.get("ST"));
    namebuilder.addRDN(BCStyle.C, certdata.get("C"));
    namebuilder.addRDN(BCStyle.EmailAddress, certdata.get("EMAIL"));
    PKCS10CertificationRequestBuilder csrbuilder = new JcaPKCS10CertificationRequestBuilder(namebuilder.build(),pkey);
    PKCS10CertificationRequest csr = csrbuilder.build(signer);
    if(kfm.salvarLlave(csr.getEncoded(), KeyFileManager.CSRFILE, name)){
        Log.i(LOGCERT, "CSR Almacenado");
        return csr;
    }
    else{
        Log.i(LOGCERT, "CSR no almacenado");
        return csr;
    }
}

Answer 1

Use this builder:

public class X500VgaNameBuilder {
  private X500NameBuilder x500NameBuilder;

  public X500VgaNameBuilder()
  {
    x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
  }

  private String    BUSINESS_CATEGORY;  
  private String    C;
  private String    CN;
  private String    COUNTRY_OF_CITIZENSHIP;  
  private String    COUNTRY_OF_RESIDENCE;  
  private String    DATE_OF_BIRTH;  
  private String    DC;
  private String    DMD_NAME;  
  private String    DN_QUALIFIER;  
  private String    E; 
  private String    EmailAddress;  
  private String    GENDER;  
  private String    GENERATION;
  private String    GIVENNAME;
  private String    INITIALS;
  private String    L;
  private String    NAME;  
  private String    NAME_AT_BIRTH;
  private String    O;
  private String    OU;
  private String    PLACE_OF_BIRTH;
  private String    POSTAL_ADDRESS;
  private String    POSTAL_CODE;
  private String    PSEUDONYM;
  private String    SERIALNUMBER;
  private String    SN;
  private String    ST;
  private String    STREET;
  private String    SURNAME;  
  private String    T;
  private String    TELEPHONE_NUMBER;
  private String    UID;
  private String    UNIQUE_IDENTIFIER;  
  private String    UnstructuredAddress;    
  private String    UnstructuredName;

  public String getBUSINESS_CATEGORY() {
    return BUSINESS_CATEGORY;
  }

  public X500VgaNameBuilder setBUSINESS_CATEGORY(String businessCategory) {
    this.BUSINESS_CATEGORY = businessCategory;
    x500NameBuilder.addRDN(BCStyle.BUSINESS_CATEGORY, businessCategory);
    return this;
  }

  public String getC() {
    return C;
  }

  public X500VgaNameBuilder setC(String countryCode) {
    C = countryCode;
    x500NameBuilder.addRDN(BCStyle.C, countryCode);
    return this;
  }

  public String getCN() {
    return CN;
  }

  public X500VgaNameBuilder setCN(String commonName) {
    this.CN = commonName;
    x500NameBuilder.addRDN(BCStyle.CN, commonName);
    return this;
  }

  public String getCOUNTRY_OF_CITIZENSHIP() {
    return COUNTRY_OF_CITIZENSHIP;
  }

  public X500VgaNameBuilder setCOUNTRY_OF_CITIZENSHIP(String countryOfCitizenship) {
    this.COUNTRY_OF_CITIZENSHIP = countryOfCitizenship;
    x500NameBuilder.addRDN(BCStyle.COUNTRY_OF_CITIZENSHIP, countryOfCitizenship);
    return this;
  }

  public String getCOUNTRY_OF_RESIDENCE() {
    return COUNTRY_OF_RESIDENCE;
  }

  public X500VgaNameBuilder setCOUNTRY_OF_RESIDENCE(String countryOfResidence) {
    this.COUNTRY_OF_RESIDENCE = countryOfResidence;
    x500NameBuilder.addRDN(BCStyle.COUNTRY_OF_RESIDENCE, countryOfResidence);
    return this;
  }

  public String getDATE_OF_BIRTH() {
    return DATE_OF_BIRTH;
  }

  public X500VgaNameBuilder setDATE_OF_BIRTH(String dateOfBirth) {
    this.DATE_OF_BIRTH = dateOfBirth;
    x500NameBuilder.addRDN(BCStyle.DATE_OF_BIRTH, dateOfBirth);
    return this;
  }

  public String getDC() {
    return DC;
  }

  public X500VgaNameBuilder setDC(String DC) {
    this.DC = DC;
    x500NameBuilder.addRDN(BCStyle.DC, DC);
    return this;
  }

  public String getDMD_NAME() {
    return DMD_NAME;
  }

  public X500VgaNameBuilder setDMD_NAME(String dmdName) {
    this.DMD_NAME = dmdName;
    x500NameBuilder.addRDN(BCStyle.DMD_NAME, dmdName);
    return this;
  }

  public String getDN_QUALIFIER() {
    return DN_QUALIFIER;
  }

  public X500VgaNameBuilder setDN_QUALIFIER(String dnQualifier) {
    this.DN_QUALIFIER = dnQualifier;
    x500NameBuilder.addRDN(BCStyle.DN_QUALIFIER, dnQualifier);
    return this;
  }

  public String getE() {
    return E;
  }

  public X500VgaNameBuilder setE(String emailVerisign) {
    E = emailVerisign;
    x500NameBuilder.addRDN(BCStyle.E, emailVerisign);
    return this;
  }

  public String getEmailAddress() {
    return EmailAddress;
  }

  public X500VgaNameBuilder setEmailAddress(String emailAddressPkcs9) {
    EmailAddress = emailAddressPkcs9;
    x500NameBuilder.addRDN(BCStyle.EmailAddress, emailAddressPkcs9);
    return this;
  }

  public String getGENDER() {
    return GENDER;
  }

  public X500VgaNameBuilder setGENDER(String gender_size1) {
    this.GENDER = gender_size1;
    x500NameBuilder.addRDN(BCStyle.GENDER, gender_size1);
    return this;
  }

  public String getGENERATION() {
    return GENERATION;
  }

  public X500VgaNameBuilder setGENERATION(String generation) {
    this.GENERATION = generation;
    x500NameBuilder.addRDN(BCStyle.GENERATION, generation);
    return this;
  }

  public String getGIVENNAME() {
    return GIVENNAME;
  }

  public X500VgaNameBuilder setGIVENNAME(String givenname) {
    this.GIVENNAME = givenname;
    x500NameBuilder.addRDN(BCStyle.GIVENNAME, givenname);
    return this;
  }

  public String getINITIALS() {
    return INITIALS;
  }

  public X500VgaNameBuilder setINITIALS(String initials) {
    this.INITIALS = initials;
    x500NameBuilder.addRDN(BCStyle.INITIALS, initials);
    return this;
  }

  public String getL() {
    return L;
  }

  public X500VgaNameBuilder setL(String localityName) {
    L = localityName;
    x500NameBuilder.addRDN(BCStyle.L, localityName);
    return this;
  }

  public String getNAME() {
    return NAME;
  }

  public X500VgaNameBuilder setNAME(String name_idatname) {
    this.NAME = name_idatname;
    x500NameBuilder.addRDN(BCStyle.NAME, name_idatname);
    return this;
  }

  public String getNAME_AT_BIRTH() {
    return NAME_AT_BIRTH;
  }

  public X500VgaNameBuilder setNAME_AT_BIRTH(String nameAtBirth) {
    this.NAME_AT_BIRTH = nameAtBirth;
    x500NameBuilder.addRDN(BCStyle.NAME_AT_BIRTH, nameAtBirth);
    return this;
  }

  public String getO() {
    return O;
  }

  public X500VgaNameBuilder setO(String organization) {
    O = organization;
    x500NameBuilder.addRDN(BCStyle.O, organization);
    return this;
  }

  public String getOU() {
    return OU;
  }

  public X500VgaNameBuilder setOU(String organizationUnit) {
    this.OU = organizationUnit;
    x500NameBuilder.addRDN(BCStyle.OU, organizationUnit);
    return this;
  }

  public String getPLACE_OF_BIRTH() {
    return PLACE_OF_BIRTH;
  }

  public X500VgaNameBuilder setPLACE_OF_BIRTH(String placeOfBirth) {
    this.PLACE_OF_BIRTH = placeOfBirth;
    x500NameBuilder.addRDN(BCStyle.PLACE_OF_BIRTH, placeOfBirth);
    return this;
  }

  public String getPOSTAL_ADDRESS() {
    return POSTAL_ADDRESS;
  }

  public X500VgaNameBuilder setPOSTAL_ADDRESS(String postalAddress) {
    this.POSTAL_ADDRESS = postalAddress;
    x500NameBuilder.addRDN(BCStyle.POSTAL_ADDRESS, postalAddress);
    return this;
  }

  public String getPOSTAL_CODE() {
    return POSTAL_CODE;
  }

  public X500VgaNameBuilder setPOSTAL_CODE(String postalCode) {
    this.POSTAL_CODE = postalCode;
    x500NameBuilder.addRDN(BCStyle.POSTAL_CODE, postalCode);
    return this;
  }

  public String getPSEUDONYM() {
    return PSEUDONYM;
  }

  public X500VgaNameBuilder setPSEUDONYM(String pseudonym) {
    this.PSEUDONYM = pseudonym;
    x500NameBuilder.addRDN(BCStyle.PSEUDONYM, pseudonym);
    return this;
  }

  public String getSERIALNUMBER() {
    return SERIALNUMBER;
  }

  public X500VgaNameBuilder setSERIALNUMBER(String serialNumber) {
    this.SERIALNUMBER = serialNumber;
    x500NameBuilder.addRDN(BCStyle.SERIALNUMBER, serialNumber);
    return this;
  }

  public String getSN() {
    return SN;
  }

  public X500VgaNameBuilder setSN(String serialNumber) {
    this.SN = serialNumber;
    x500NameBuilder.addRDN(BCStyle.SN, serialNumber);
    return this;
  }

  public String getST() {
    return ST;
  }

  public X500VgaNameBuilder setST(String stateOrProvince) {
    this.ST = stateOrProvince;
    x500NameBuilder.addRDN(BCStyle.ST, stateOrProvince);
    return this;
  }

  public String getSTREET() {
    return STREET;
  }

  public X500VgaNameBuilder setSTREET(String street) {
    this.STREET = street;
    x500NameBuilder.addRDN(BCStyle.STREET, street);
    return this;
  }

  public String getSURNAME() {
    return SURNAME;
  }

  public X500VgaNameBuilder setSURNAME(String surname) {
    this.SURNAME = surname;
    x500NameBuilder.addRDN(BCStyle.SURNAME, surname);
    return this;
  }

  public String getT() {
    return T;
  }

  public X500VgaNameBuilder setT(String title) {
    T = title;
    x500NameBuilder.addRDN(BCStyle.T, title);
    return this;
  }

  public String getTELEPHONE_NUMBER() {
    return TELEPHONE_NUMBER;
  }

  public X500VgaNameBuilder setTELEPHONE_NUMBER(String telephoneNumber_idattn) {
    this.TELEPHONE_NUMBER = telephoneNumber_idattn;
    x500NameBuilder.addRDN(BCStyle.TELEPHONE_NUMBER, telephoneNumber_idattn);
    return this;
  }

  public String getUID() {
    return UID;
  }

  public X500VgaNameBuilder setUID(String userId_LDAP) {
    this.UID = userId_LDAP;
    x500NameBuilder.addRDN(BCStyle.UID, userId_LDAP);
    return this;
  }

  public String getUNIQUE_IDENTIFIER() {
    return UNIQUE_IDENTIFIER;
  }

  public X500VgaNameBuilder setUNIQUE_IDENTIFIER(String uniqueIdentifier) {
    this.UNIQUE_IDENTIFIER = uniqueIdentifier;
    x500NameBuilder.addRDN(BCStyle.UNIQUE_IDENTIFIER, uniqueIdentifier);
    return this;
  }

  public String getUnstructuredAddress() {
    return UnstructuredAddress;
  }

  public X500VgaNameBuilder setUnstructuredAddress(String unstructuredAddress) {
    UnstructuredAddress = unstructuredAddress;
    x500NameBuilder.addRDN(BCStyle.UnstructuredAddress, unstructuredAddress);
    return this;
  }

  public String getUnstructuredName() {
    return UnstructuredName;
  }

  public X500VgaNameBuilder setUnstructuredName(String unstructuredName) {
    UnstructuredName = unstructuredName;
    x500NameBuilder.addRDN(BCStyle.UnstructuredName, unstructuredName);
    return this;
  }

  public X500Name build()
  {
    return x500NameBuilder.build();
  }
}

Like this:

    X500Name subject = new X500VgaNameBuilder()
        .setC("AU")
        .setO("The Legion of the Bouncy Castle")
        .setL("Melbourne")
        .setST("Victoria")
        .setEmailAddress("feedback-crypto@bouncycastle.org")
        .setCN("Common Name")
        .build();

Then

 PKCS10CertificationRequest certRequest =
        createPKCS10CertificationRequest(subject, "SHA1withRSA", keyPair);
    JcaPKCS10CertificationRequest jcaCertRequest =
        new JcaPKCS10CertificationRequest(certRequest.getEncoded()).setProvider("BC");

But if you need to add custom attributes, then you need an ASN1ObjectIdentifier for the builder inside the builder I posted, considering the BCStyle._ parameters are just ASN1ObjectIdentifiers.

For example,

public static final ASN1ObjectIdentifier CN = new ASN1ObjectIdentifier("2.5.4.3");

Answer 2

We found the Solution to our Problem the only thing we need to do is create the ASN1ObjectIdentifier("");, to put the missing data to the CSR

here is the correcte code

public PKCS10CertificationRequest generatedCSR(PrivateKey key, PublicKey pkey, Map<String,String> certdata, String CSRAlgorithm, String name, KeyFileManager kfm) throws OperatorCreationException, IOException
{
    Log.i(LOGCERT, "iniciando generacion de CSR");
    this.mensaje(LogType.MENI, "Se a iniciado la generacion de un CSR");
    ContentSigner signer = new JcaContentSignerBuilder(CSRAlgorithm).build(key);
    X500NameBuilder namebuilder = new X500NameBuilder(X500Name.getDefaultStyle());
    namebuilder.addRDN(BCStyle.CN, certdata.get("CN"));
    namebuilder.addRDN(BCStyle.OU, certdata.get("OU"));
    namebuilder.addRDN(BCStyle.O, certdata.get("O"));
    namebuilder.addRDN(BCStyle.L, certdata.get("L"));
    namebuilder.addRDN(BCStyle.ST, certdata.get("ST"));
    namebuilder.addRDN(BCStyle.C, certdata.get("C"));
    namebuilder.addRDN(BCStyle.EmailAddress, certdata.get("EMAIL"));
    namebuilder.addRDN(new ASN1ObjectIdentifier("2.5.4.45"), certdata.get("RIFCI"));
    namebuilder.addRDN(new ASN1ObjectIdentifier("2.5.4.23"), certdata.get("FAX"));
    PKCS10CertificationRequestBuilder csrbuilder = new JcaPKCS10CertificationRequestBuilder(namebuilder.build(),pkey);
    PKCS10CertificationRequest csr = csrbuilder.build(signer);
    if(kfm.salvarLlave(csr.getEncoded(), KeyFileManager.CSRFILE, name)){
        Log.i(LOGCERT, "CSR Almacenado");
        return csr;
    }
    else{
        Log.i(LOGCERT, "CSR no almacenado");
        return csr;
    }
}