diff options
Diffstat (limited to 'libraries/spongycastle/prov/src/main/java/org/spongycastle/x509/extension/AuthorityKeyIdentifierStructure.java')
-rw-r--r-- | libraries/spongycastle/prov/src/main/java/org/spongycastle/x509/extension/AuthorityKeyIdentifierStructure.java | 152 |
1 files changed, 152 insertions, 0 deletions
diff --git a/libraries/spongycastle/prov/src/main/java/org/spongycastle/x509/extension/AuthorityKeyIdentifierStructure.java b/libraries/spongycastle/prov/src/main/java/org/spongycastle/x509/extension/AuthorityKeyIdentifierStructure.java new file mode 100644 index 000000000..bb1380220 --- /dev/null +++ b/libraries/spongycastle/prov/src/main/java/org/spongycastle/x509/extension/AuthorityKeyIdentifierStructure.java @@ -0,0 +1,152 @@ +package org.spongycastle.x509.extension; + +import java.io.IOException; +import java.security.InvalidKeyException; +import java.security.PublicKey; +import java.security.cert.CertificateParsingException; +import java.security.cert.X509Certificate; + +import org.spongycastle.asn1.ASN1InputStream; +import org.spongycastle.asn1.ASN1OctetString; +import org.spongycastle.asn1.ASN1Sequence; +import org.spongycastle.asn1.x509.AuthorityKeyIdentifier; +import org.spongycastle.asn1.x509.Extension; +import org.spongycastle.asn1.x509.GeneralName; +import org.spongycastle.asn1.x509.GeneralNames; +import org.spongycastle.asn1.x509.SubjectPublicKeyInfo; +import org.spongycastle.asn1.x509.X509Extension; +import org.spongycastle.asn1.x509.X509Extensions; +import org.spongycastle.jce.PrincipalUtil; + +/** + * A high level authority key identifier. + * @deprecated use JcaX509ExtensionUtils and AuthorityKeyIdentifier.getInstance() + */ +public class AuthorityKeyIdentifierStructure + extends AuthorityKeyIdentifier +{ + /** + * Constructor which will take the byte[] returned from getExtensionValue() + * + * @param encodedValue a DER octet encoded string with the extension structure in it. + * @throws IOException on parsing errors. + */ + public AuthorityKeyIdentifierStructure( + byte[] encodedValue) + throws IOException + { + super((ASN1Sequence)X509ExtensionUtil.fromExtensionValue(encodedValue)); + } + + /** + * Constructor which will take an extension + * + * @param extension a X509Extension object containing an AuthorityKeyIdentifier. + * @deprecated use constructor that takes Extension + */ + public AuthorityKeyIdentifierStructure( + X509Extension extension) + { + super((ASN1Sequence)extension.getParsedValue()); + } + + /** + * Constructor which will take an extension + * + * @param extension a X509Extension object containing an AuthorityKeyIdentifier. + */ + public AuthorityKeyIdentifierStructure( + Extension extension) + { + super((ASN1Sequence)extension.getParsedValue()); + } + + private static ASN1Sequence fromCertificate( + X509Certificate certificate) + throws CertificateParsingException + { + try + { + if (certificate.getVersion() != 3) + { + GeneralName genName = new GeneralName(PrincipalUtil.getIssuerX509Principal(certificate)); + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( + (ASN1Sequence)new ASN1InputStream(certificate.getPublicKey().getEncoded()).readObject()); + + return (ASN1Sequence)new AuthorityKeyIdentifier( + info, new GeneralNames(genName), certificate.getSerialNumber()).toASN1Object(); + } + else + { + GeneralName genName = new GeneralName(PrincipalUtil.getIssuerX509Principal(certificate)); + + byte[] ext = certificate.getExtensionValue(X509Extensions.SubjectKeyIdentifier.getId()); + + if (ext != null) + { + ASN1OctetString str = (ASN1OctetString)X509ExtensionUtil.fromExtensionValue(ext); + + return (ASN1Sequence)new AuthorityKeyIdentifier( + str.getOctets(), new GeneralNames(genName), certificate.getSerialNumber()).toASN1Object(); + } + else + { + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( + (ASN1Sequence)new ASN1InputStream(certificate.getPublicKey().getEncoded()).readObject()); + + return (ASN1Sequence)new AuthorityKeyIdentifier( + info, new GeneralNames(genName), certificate.getSerialNumber()).toASN1Object(); + } + } + } + catch (Exception e) + { + throw new CertificateParsingException("Exception extracting certificate details: " + e.toString()); + } + } + + private static ASN1Sequence fromKey( + PublicKey pubKey) + throws InvalidKeyException + { + try + { + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( + (ASN1Sequence)new ASN1InputStream(pubKey.getEncoded()).readObject()); + + return (ASN1Sequence)new AuthorityKeyIdentifier(info).toASN1Object(); + } + catch (Exception e) + { + throw new InvalidKeyException("can't process key: " + e); + } + } + + /** + * Create an AuthorityKeyIdentifier using the passed in certificate's public + * key, issuer and serial number. + * + * @param certificate the certificate providing the information. + * @throws CertificateParsingException if there is a problem processing the certificate + */ + public AuthorityKeyIdentifierStructure( + X509Certificate certificate) + throws CertificateParsingException + { + super(fromCertificate(certificate)); + } + + /** + * Create an AuthorityKeyIdentifier using just the hash of the + * public key. + * + * @param pubKey the key to generate the hash from. + * @throws InvalidKeyException if there is a problem using the key. + */ + public AuthorityKeyIdentifierStructure( + PublicKey pubKey) + throws InvalidKeyException + { + super(fromKey(pubKey)); + } +} |