Java Code Examples for org.bouncycastle.asn1.x509.SubjectKeyIdentifier#getInstance()

The following examples show how to use org.bouncycastle.asn1.x509.SubjectKeyIdentifier#getInstance() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: X509Ext.java    From keystore-explorer with GNU General Public License v3.0 6 votes vote down vote up 
private String getSubjectKeyIndentifierStringValue(byte[] value) throws IOException {
	// @formatter:off

	/*
	 * SubjectKeyIdentifier ::= KeyIdentifier
	 *
	 * KeyIdentifier ::= OCTET STRING
	 */

	// @formatter:on

	StringBuilder sb = new StringBuilder();

	SubjectKeyIdentifier subjectKeyIdentifier = SubjectKeyIdentifier.getInstance(value);

	// Get key identifier from octet string
	byte[] keyIdentifierBytes = subjectKeyIdentifier.getKeyIdentifier();

	sb.append(MessageFormat.format(res.getString("SubjectKeyIdentifier"),
			HexUtil.getHexString(keyIdentifierBytes)));
	sb.append(NEWLINE);

	return sb.toString();
}
Example 2
Source File: DSSASN1Utils.java    From dss with GNU Lesser General Public License v2.1 6 votes vote down vote up 
/**
 * This method returns SKI bytes from certificate.
 *
 * @param certificateToken
 *            {@code CertificateToken}
 * @param computeIfMissing
 *            if the extension is missing and computeIfMissing = true, it will compute the SKI value from the Public
 *            Key
 * @return ski bytes from the given certificate
 */
public static byte[] getSki(final CertificateToken certificateToken, boolean computeIfMissing) {
	try {
		byte[] extensionValue = certificateToken.getCertificate().getExtensionValue(Extension.subjectKeyIdentifier.getId());
		if (Utils.isArrayNotEmpty(extensionValue)) {
			ASN1Primitive extension = JcaX509ExtensionUtils.parseExtensionValue(extensionValue);
			SubjectKeyIdentifier skiBC = SubjectKeyIdentifier.getInstance(extension);
			return skiBC.getKeyIdentifier();
		} else if (computeIfMissing) {
			// If extension not present, we compute it from the certificate public key
			return computeSkiFromCert(certificateToken);
		}
		return null;
	} catch (IOException e) {
		throw new DSSException(e);
	}
}
Example 3
Source File: EmailService.java    From FairEmail with GNU General Public License v3.0 5 votes vote down vote up 
private static String getKeyId(X509Certificate certificate) {
    try {
        byte[] extension = certificate.getExtensionValue(Extension.subjectKeyIdentifier.getId());
        if (extension == null)
            return null;
        byte[] bytes = DEROctetString.getInstance(extension).getOctets();
        SubjectKeyIdentifier keyId = SubjectKeyIdentifier.getInstance(bytes);
        return Helper.hex(keyId.getKeyIdentifier());
    } catch (Throwable ex) {
        Log.e(ex);
        return null;
    }
}
Example 4
Source File: ExtensionsChecker.java    From xipki with Apache License 2.0 5 votes vote down vote up 
private void checkExtnSubjectKeyIdentifier(StringBuilder failureMsg,
    byte[] extensionValue, SubjectPublicKeyInfo subjectPublicKeyInfo) {
  // subjectKeyIdentifier
  SubjectKeyIdentifier asn1 = SubjectKeyIdentifier.getInstance(extensionValue);
  byte[] ski = asn1.getKeyIdentifier();
  byte[] pkData = subjectPublicKeyInfo.getPublicKeyData().getBytes();
  byte[] expectedSki = HashAlgo.SHA1.hash(pkData);
  if (!Arrays.equals(expectedSki, ski)) {
    addViolation(failureMsg, "SKI", hex(ski), hex(expectedSki));
  }
}
Example 5
Source File: SignedCertificateGenerator.java    From credhub with Apache License 2.0 4 votes vote down vote up 
private SubjectKeyIdentifier getSubjectKeyIdentifierFrom(final X509Certificate certificate) throws Exception {
  final byte[] extensionValue = certificate.getExtensionValue(Extension.subjectKeyIdentifier.getId());
  return extensionValue == null ?
    new SubjectKeyIdentifier(null) :
    SubjectKeyIdentifier.getInstance(parseExtensionValue(extensionValue));
}
Example 6
Source File: DSubjectKeyIdentifier.java    From keystore-explorer with GNU General Public License v3.0 4 votes vote down vote up 
private void prepopulateWithValue(byte[] value) throws IOException {
	SubjectKeyIdentifier subjectKeyIdentifier = SubjectKeyIdentifier.getInstance(value);

	jkiKeyIdentifier.setKeyIdentifier(subjectKeyIdentifier.getKeyIdentifier());
}
Example 7
Source File: CertificateModel.java    From Spark with Apache License 2.0 4 votes vote down vote up 
private String subjectKeyIdentifierExtractor(ASN1Primitive primitive) {
	SubjectKeyIdentifier subjectKeyIdentifier = SubjectKeyIdentifier.getInstance(primitive);
	return Hex.toHexString(subjectKeyIdentifier.getKeyIdentifier());
}
Example 8
Source File: X509Ext.java    From portecle with GNU General Public License v2.0 3 votes vote down vote up 
/**
 * Get Subject Key Identifier (2.5.29.14) extension value as a string.
 *
 * <pre>
 * SubjectKeyIdentifier ::= KeyIdentifier
 * KeyIdentifier ::= OCTET STRING
 * </pre>
 *
 * @param bValue The octet string value
 * @return Extension value as a string
 */
private String getSubjectKeyIdentifierStringValue(byte[] bValue)
{
	SubjectKeyIdentifier ski = SubjectKeyIdentifier.getInstance(bValue);
	byte[] bKeyIdent = ski.getKeyIdentifier();

	// Output as a hex string
	return convertToHexString(bKeyIdent);
}