multipaz/org.multipaz.mdoc.util/MdocUtil/generateIacaCertificate

generateIacaCertificate

fun generateIacaCertificate(iacaKey: EcPrivateKey, subject: X500Name, serial: ASN1Integer, validFrom: Instant, validUntil: Instant, issuerAltNameUrl: String, crlUrl: String): X509Cert

Generates a self-signed IACA certificate according to ISO/IEC 18013-5:2021 Annex B.1.2.

Return

a X509Cert with all the required extensions.

Parameters

iacaKey

the private key.

subject

the value to use for subject and issuer, e.g. "CN=Test IACA,C=ZZ".

serial

the serial number to use for the certificate.

validFrom

the point in time the certificate should be valid from.

validUntil

the point in time the certificate should be valid until.

issuerAltNameUrl

the issuer alternative name (see RFC 5280 section 4.2.1.7), e.g. "http://issuer.example.com/informative/web/page".

crlUrl

the URL for revocation (see RFC 5280 section 4.2.1.13).