Java Code Examples for org.bouncycastle.asn1.x509.Extension#authorityKeyIdentifier()

The following examples show how to use org.bouncycastle.asn1.x509.Extension#authorityKeyIdentifier() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TlsResourceBuilder.java    From qpid-broker-j with Apache License 2.0 5 votes vote down vote up 
private static Extension createAuthorityKeyExtension(final PublicKey publicKey)
        throws CertificateException
{
    try
    {
        return new Extension(Extension.authorityKeyIdentifier,
                             false,
                             new JcaX509ExtensionUtils().createAuthorityKeyIdentifier(publicKey).getEncoded());
    }
    catch (IOException | NoSuchAlgorithmException e)
    {
        throw new CertificateException(e);
    }
}
Example 2
Source File: CmpCaClient.java    From xipki with Apache License 2.0 5 votes vote down vote up 
public boolean revokeCert(BigInteger serialNumber, CRLReason reason) throws Exception {
  ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder(
      PKIHeader.CMP_2000, requestorSubject, responderSubject);
  builder.setMessageTime(new Date());
  builder.setTransactionID(randomTransactionId());
  builder.setSenderNonce(randomSenderNonce());

  CertTemplateBuilder certTempBuilder = new CertTemplateBuilder();
  certTempBuilder.setIssuer(caSubject);
  certTempBuilder.setSerialNumber(new ASN1Integer(serialNumber));

  AuthorityKeyIdentifier aki = new AuthorityKeyIdentifier(caSubjectKeyIdentifier);
  byte[] encodedAki = aki.getEncoded();

  Extension extAki = new Extension(Extension.authorityKeyIdentifier, false, encodedAki);
  Extensions certTempExts = new Extensions(extAki);
  certTempBuilder.setExtensions(certTempExts);

  ASN1Enumerated asn1Reason = new ASN1Enumerated(reason.getValue().intValue());
  Extensions exts = new Extensions(
      new Extension(Extension.reasonCode, true, new DEROctetString(asn1Reason.getEncoded())));
  RevDetails revDetails = new RevDetails(certTempBuilder.build(), exts);

  RevReqContent content = new RevReqContent(revDetails);
  builder.setBody(new PKIBody(PKIBody.TYPE_REVOCATION_REQ, content));
  ProtectedPKIMessage request = build(builder);

  PKIMessage response = transmit(request, null);
  return parseRevocationResult(response, serialNumber);
}
Example 3
Source File: XijsonCertprofile.java    From xipki with Apache License 2.0 5 votes vote down vote up 
private void initAuthorityKeyIdentifier(Set<ASN1ObjectIdentifier> extnIds,
    Map<String, ExtensionType> extensions) throws CertprofileException {
  ASN1ObjectIdentifier type = Extension.authorityKeyIdentifier;
  if (extensionControls.containsKey(type)) {
    extnIds.remove(type);
    AuthorityKeyIdentifier extConf = getExtension(type, extensions).getAuthorityKeyIdentifier();
    this.useIssuerAndSerialInAki = (extConf == null) ? false : extConf.isUseIssuerAndSerial();
  }
}
Example 4
Source File: CmpAgent.java    From xipki with Apache License 2.0 5 votes vote down vote up 
private static Extensions getCertTempExtensions(byte[] authorityKeyIdentifier)
    throws CmpClientException {
  AuthorityKeyIdentifier aki = new AuthorityKeyIdentifier(authorityKeyIdentifier);
  byte[] encodedAki;
  try {
    encodedAki = aki.getEncoded();
  } catch (IOException ex) {
    throw new CmpClientException("could not encoded AuthorityKeyIdentifier", ex);
  }
  Extension extAki = new Extension(Extension.authorityKeyIdentifier, false, encodedAki);
  Extensions certTempExts = new Extensions(extAki);
  return certTempExts;
}