All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.fitbur.bouncycastle.cert.X509ExtensionUtils Maven / Gradle / Ivy

There is a newer version: 1.0.0
Show newest version
package com.fitbur.bouncycastle.cert;

import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;

import com.fitbur.bouncycastle.asn1.ASN1OctetString;
import com.fitbur.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
import com.fitbur.bouncycastle.asn1.x509.Extension;
import com.fitbur.bouncycastle.asn1.x509.GeneralName;
import com.fitbur.bouncycastle.asn1.x509.GeneralNames;
import com.fitbur.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import com.fitbur.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import com.fitbur.bouncycastle.operator.DigestCalculator;

/**
 * General utility class for creating calculated extensions using the standard methods.
 * 

* Note: This class is not thread safe! *

*/ public class X509ExtensionUtils { private DigestCalculator calculator; public X509ExtensionUtils(DigestCalculator calculator) { this.calculator = calculator; } public AuthorityKeyIdentifier createAuthorityKeyIdentifier( X509CertificateHolder certHolder) { if (certHolder.getVersionNumber() != 3) { GeneralName genName = new GeneralName(certHolder.getIssuer()); SubjectPublicKeyInfo info = certHolder.getSubjectPublicKeyInfo(); return new AuthorityKeyIdentifier( calculateIdentifier(info), new GeneralNames(genName), certHolder.getSerialNumber()); } else { GeneralName genName = new GeneralName(certHolder.getIssuer()); Extension ext = certHolder.getExtension(Extension.subjectKeyIdentifier); if (ext != null) { ASN1OctetString str = ASN1OctetString.getInstance(ext.getParsedValue()); return new AuthorityKeyIdentifier( str.getOctets(), new GeneralNames(genName), certHolder.getSerialNumber()); } else { SubjectPublicKeyInfo info = certHolder.getSubjectPublicKeyInfo(); return new AuthorityKeyIdentifier( calculateIdentifier(info), new GeneralNames(genName), certHolder.getSerialNumber()); } } } public AuthorityKeyIdentifier createAuthorityKeyIdentifier(SubjectPublicKeyInfo publicKeyInfo) { return new AuthorityKeyIdentifier(calculateIdentifier(publicKeyInfo)); } public AuthorityKeyIdentifier createAuthorityKeyIdentifier(SubjectPublicKeyInfo publicKeyInfo, GeneralNames generalNames, BigInteger serial) { return new AuthorityKeyIdentifier(calculateIdentifier(publicKeyInfo), generalNames, serial); } /** * Return a RFC 3280 type 1 key identifier. As in: *
     * (1) The keyIdentifier is com.fitburposed of the 160-bit SHA-1 hash of the
     * value of the BIT STRING subjectPublicKey (excluding the tag,
     * length, and number of unused bits).
     * 
* @param publicKeyInfo the key info object containing the subjectPublicKey field. * @return the key identifier. */ public SubjectKeyIdentifier createSubjectKeyIdentifier( SubjectPublicKeyInfo publicKeyInfo) { return new SubjectKeyIdentifier(calculateIdentifier(publicKeyInfo)); } /** * Return a RFC 3280 type 2 key identifier. As in: *
     * (2) The keyIdentifier is com.fitburposed of a four bit type field with
     * the value 0100 followed by the least significant 60 bits of the
     * SHA-1 hash of the value of the BIT STRING subjectPublicKey.
     * 
* @param publicKeyInfo the key info object containing the subjectPublicKey field. * @return the key identifier. */ public SubjectKeyIdentifier createTruncatedSubjectKeyIdentifier(SubjectPublicKeyInfo publicKeyInfo) { byte[] digest = calculateIdentifier(publicKeyInfo); byte[] id = new byte[8]; System.arraycopy(digest, digest.length - 8, id, 0, id.length); id[0] &= 0x0f; id[0] |= 0x40; return new SubjectKeyIdentifier(id); } private byte[] calculateIdentifier(SubjectPublicKeyInfo publicKeyInfo) { byte[] bytes = publicKeyInfo.getPublicKeyData().getBytes(); OutputStream cOut = calculator.getOutputStream(); try { cOut.write(bytes); cOut.close(); } catch (IOException e) { // it's hard to imagine this happening, but yes it does! throw new CertRuntimeException("unable to calculate identifier: " + e.getMessage(), e); } return calculator.getDigest(); } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy