本文整理汇总了Java中org.bouncycastle.asn1.x509.SubjectKeyIdentifier.getKeyIdentifier方法的典型用法代码示例。如果您正苦于以下问题:Java SubjectKeyIdentifier.getKeyIdentifier方法的具体用法?Java SubjectKeyIdentifier.getKeyIdentifier怎么用?Java SubjectKeyIdentifier.getKeyIdentifier使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.asn1.x509.SubjectKeyIdentifier的用法示例。
在下文中一共展示了SubjectKeyIdentifier.getKeyIdentifier方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getSki
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入方法依赖的package包/类
/**
* This method returns SKI bytes from certificate.
*
* @param certificateToken
* {@code CertificateToken}
* @param computeIfMissing
* if the extension is missing and computeIfMissing = true, it will compute the SKI value from the Public
* Key
* @return ski bytes from the given certificate
* @throws DSSException
*/
public static byte[] getSki(final CertificateToken certificateToken, boolean computeIfMissing) throws DSSException {
try {
byte[] sKI = certificateToken.getCertificate().getExtensionValue(Extension.subjectKeyIdentifier.getId());
if (Utils.isArrayNotEmpty(sKI)) {
ASN1Primitive extension = X509ExtensionUtil.fromExtensionValue(sKI);
SubjectKeyIdentifier skiBC = SubjectKeyIdentifier.getInstance(extension);
return skiBC.getKeyIdentifier();
} else if (computeIfMissing) {
// If extension not present, we compute it from the certificate public key
DLSequence seq = (DLSequence) DERSequence.fromByteArray(certificateToken.getPublicKey().getEncoded());
DERBitString item = (DERBitString) seq.getObjectAt(1);
return DSSUtils.digest(DigestAlgorithm.SHA1, item.getOctets());
}
return null;
} catch (Exception e) {
throw new DSSException(e);
}
}
示例2: getSenderPublicKeyInfo
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入方法依赖的package包/类
private SubjectPublicKeyInfo getSenderPublicKeyInfo(AlgorithmIdentifier recKeyAlgId,
OriginatorIdentifierOrKey originator)
throws CMSException, IOException
{
OriginatorPublicKey opk = originator.getOriginatorKey();
if (opk != null)
{
return getPublicKeyInfoFromOriginatorPublicKey(recKeyAlgId, opk);
}
OriginatorId origID;
IssuerAndSerialNumber iAndSN = originator.getIssuerAndSerialNumber();
if (iAndSN != null)
{
origID = new OriginatorId(iAndSN.getName(), iAndSN.getSerialNumber().getValue());
}
else
{
SubjectKeyIdentifier ski = originator.getSubjectKeyIdentifier();
origID = new OriginatorId(ski.getKeyIdentifier());
}
return getPublicKeyInfoFromOriginatorId(origID);
}
示例3: getSubjectKeyIndentifierStringValue
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入方法依赖的package包/类
private String getSubjectKeyIndentifierStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* SubjectKeyIdentifier ::= KeyIdentifier
*
* KeyIdentifier ::= OCTET STRING
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
SubjectKeyIdentifier subjectKeyIdentifier = SubjectKeyIdentifier.getInstance(value);
// Get key identifier from octet string
byte[] keyIdentifierBytes = subjectKeyIdentifier.getKeyIdentifier();
sb.append(MessageFormat.format(res.getString("SubjectKeyIdentifier"),
HexUtil.getHexString(keyIdentifierBytes)));
sb.append(NEWLINE);
return sb.toString();
}
示例4: getSubjectKeyIdentifier
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入方法依赖的package包/类
private byte[] getSubjectKeyIdentifier()
{
SubjectKeyIdentifier subId = SubjectKeyIdentifier.fromExtensions(certificateHolders[0].getExtensions());
if (subId == null)
{
return null;
}
return subId.getKeyIdentifier();
}
示例5: getSubjectKeyId
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入方法依赖的package包/类
private byte[] getSubjectKeyId(X509Certificate cert) throws IOException {
byte[] extvalue = cert.getExtensionValue(X509Extensions.SubjectKeyIdentifier.getId());
if (extvalue == null) {
return null;
}
ASN1OctetString str = ASN1OctetString
.getInstance(new ASN1InputStream(new ByteArrayInputStream(extvalue)).readObject());
SubjectKeyIdentifier keyId = SubjectKeyIdentifier
.getInstance(new ASN1InputStream(new ByteArrayInputStream(str.getOctets())).readObject());
return keyId.getKeyIdentifier();
}
示例6: checkExtensionSubjectKeyIdentifier
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入方法依赖的package包/类
private void checkExtensionSubjectKeyIdentifier(StringBuilder failureMsg,
byte[] extensionValue, SubjectPublicKeyInfo subjectPublicKeyInfo) {
// subjectKeyIdentifier
SubjectKeyIdentifier asn1 = SubjectKeyIdentifier.getInstance(extensionValue);
byte[] ski = asn1.getKeyIdentifier();
byte[] pkData = subjectPublicKeyInfo.getPublicKeyData().getBytes();
byte[] expectedSki = HashAlgoType.SHA1.hash(pkData);
if (!Arrays.equals(expectedSki, ski)) {
addViolation(failureMsg, "SKI", hex(ski), hex(expectedSki));
}
}
示例7: getSubjectKeyId
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入方法依赖的package包/类
/**
* Get the subject key identifier from a certificate extensions
*
* @param cert certificate containing the extension
* @return byte[] containing the subject key identifier
* @throws IOException if extension can not be parsed
*/
public static byte[] getSubjectKeyId(X509Certificate cert) throws IOException {
byte[] extvalue = cert.getExtensionValue("2.5.29.14");
if (extvalue == null) {
return null;
}
ASN1OctetString str = ASN1OctetString.getInstance(new ASN1InputStream(new ByteArrayInputStream(
extvalue)).readObject());
SubjectKeyIdentifier keyId = SubjectKeyIdentifier.getInstance(new ASN1InputStream(
new ByteArrayInputStream(str.getOctets())).readObject());
return keyId.getKeyIdentifier();
}
示例8: getSignedByIssuer
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入方法依赖的package包/类
private X509Certificate getSignedByIssuer(
X509Certificate issuerCertificate,
PrivateKey issuerKey,
X500Principal issuerDn,
SubjectKeyIdentifier caSubjectKeyIdentifier,
KeyPair keyPair,
CertificateGenerationParameters params) throws Exception {
Instant now = timeProvider.getNow().toInstant();
BigInteger certificateSerialNumber = serialNumberGenerator.generate();
BigInteger caSerialNumber =
issuerCertificate != null ? issuerCertificate.getSerialNumber() : certificateSerialNumber;
final JcaX509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(
issuerDn,
certificateSerialNumber,
Date.from(now),
Date.from(now.plus(Duration.ofDays(params.getDuration()))),
params.getX500Principal(),
keyPair.getPublic()
);
certificateBuilder.addExtension(
Extension.subjectKeyIdentifier,
false,
getSubjectKeyIdentifierFromKeyInfo(keyPair.getPublic()));
if (params.getAlternativeNames() != null) {
certificateBuilder
.addExtension(Extension.subjectAlternativeName, false, params.getAlternativeNames());
}
if (params.getKeyUsage() != null) {
certificateBuilder.addExtension(Extension.keyUsage, true, params.getKeyUsage());
}
if (params.getExtendedKeyUsage() != null) {
certificateBuilder
.addExtension(Extension.extendedKeyUsage, false, params.getExtendedKeyUsage());
}
if (caSubjectKeyIdentifier.getKeyIdentifier() != null) {
PublicKey issuerPublicKey = issuerCertificate != null ? issuerCertificate.getPublicKey() : keyPair.getPublic();
AuthorityKeyIdentifier authorityKeyIdentifier = jcaX509ExtensionUtils
.createAuthorityKeyIdentifier(issuerPublicKey, issuerDn, caSerialNumber);
certificateBuilder
.addExtension(Extension.authorityKeyIdentifier, false, authorityKeyIdentifier);
}
certificateBuilder
.addExtension(Extension.basicConstraints, true, new BasicConstraints(params.isCa()));
ContentSigner contentSigner = jcaContentSignerBuilder.build(issuerKey);
X509CertificateHolder holder = certificateBuilder.build(contentSigner);
return jcaX509CertificateConverter.getCertificate(holder);
}
示例9: getSubjectKeyIdentifierStringValue
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入方法依赖的package包/类
/**
* Get Subject Key Identifier (2.5.29.14) extension value as a string.
*
* <pre>
* SubjectKeyIdentifier ::= KeyIdentifier
* KeyIdentifier ::= OCTET STRING
* </pre>
*
* @param bValue The octet string value
* @return Extension value as a string
* @throws IOException If an I/O problem occurs
*/
private String getSubjectKeyIdentifierStringValue(byte[] bValue)
throws IOException
{
SubjectKeyIdentifier ski = SubjectKeyIdentifier.getInstance(bValue);
byte[] bKeyIdent = ski.getKeyIdentifier();
// Output as a hex string
return convertToHexString(bKeyIdent);
}