Examples of org.bouncycastle.asn1.x509.AuthorityKeyIdentifier

org.bouncycastle.asn1.x509.AuthorityKeyIdentifier

The AuthorityKeyIdentifier object.

 id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 35 } AuthorityKeyIdentifier ::= SEQUENCE { keyIdentifier             [0] IMPLICIT KeyIdentifier           OPTIONAL, authorityCertIssuer       [1] IMPLICIT GeneralNames            OPTIONAL, authorityCertSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL  } KeyIdentifier ::= OCTET STRING

        if (authExt == null)
        {
            fail("failed to find CRL extension");
        }
        
        AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
        
        X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
        
        if (entry == null)
        {

View Full Code Here

        if (authExt == null)
        {
            fail("failed to find CRL extension");
        }
        
        AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
        
        X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
        
        if (entry == null)
        {

View Full Code Here


    if ((request.getIssuerPrivateKey() != null) && (request.getIssuerCertificate() != null)) {
      builder = new JcaX509v3CertificateBuilder(request.getIssuerCertificate(), request.getSerialNumber(), request.getNotBefore(), request.getNotAfter(), request.getSubjectAsX500Principal(), request.getPublicKey());


      if (request.isCa()) {
        AuthorityKeyIdentifier authorityKeyIdentifier = new JcaX509ExtensionUtils().createAuthorityKeyIdentifier(request.getIssuerCertificate().getPublicKey());
        builder.addExtension(X509Extension.authorityKeyIdentifier, false, authorityKeyIdentifier);
      }


      SubjectKeyIdentifier subjectKeyIdentifier = new JcaX509ExtensionUtils().createSubjectKeyIdentifier(request.getIssuerCertificate().getPublicKey());
      builder.addExtension(X509Extension.subjectKeyIdentifier, false, subjectKeyIdentifier);

View Full Code Here

            if(!(key instanceof ASN1Sequence)) {
                key = get(key);
            }
            
            ASN1Sequence seq = (ASN1Sequence)key;
            AuthorityKeyIdentifier sakid = null;
            if(seq.size() == 1 && (seq.getObjectAt(0) instanceof ASN1OctetString)) {
                sakid = new AuthorityKeyIdentifier(new DERSequence(new DERTaggedObject(0, seq.getObjectAt(0))));
            } else {
                sakid = new AuthorityKeyIdentifier(seq);
            }


            if(sakid.getKeyIdentifier() != null) {
                if(issuer.getExtensionValue("2.5.29.14") != null) {
                    DEROctetString der = (DEROctetString)get(issuer.getExtensionValue("2.5.29.14"));
                    if(der.getOctets().length > 20) {
                        der = (DEROctetString)get(der.getOctets());
                    }
                    SubjectKeyIdentifier iskid = new SubjectKeyIdentifier(der);
                    if(iskid.getKeyIdentifier() != null) {
                        if(!Arrays.equals(sakid.getKeyIdentifier(),iskid.getKeyIdentifier())) {
                            return V_ERR_AKID_SKID_MISMATCH;
                        }
                    }
                }
            }
            if(sakid.getAuthorityCertSerialNumber() != null && !sakid.getAuthorityCertSerialNumber().equals(issuer.getSerialNumber())) {
                return V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
            }
            if(sakid.getAuthorityCertIssuer() != null) {
                GeneralName[] gens = sakid.getAuthorityCertIssuer().getNames();
                org.bouncycastle.asn1.x509.X509Name nm = null;
                for(int i=0;i<gens.length;i++) {
                    if(gens[i].getTagNo() == GeneralName.directoryName) {
                        DEREncodable nameTmp = gens[i].getName();
                        if (nameTmp instanceof org.bouncycastle.asn1.x509.X509Name) {

View Full Code Here


            SubjectKeyIdentifier subjectKeyIdentifier = jxeu.createSubjectKeyIdentifier(pubKey);
            certificateBuilder.addExtension(
                    X509Extension.subjectKeyIdentifier, false, subjectKeyIdentifier);


            AuthorityKeyIdentifier authorityKeyIdentifier = jxeu.createAuthorityKeyIdentifier(caPubKey);
            certificateBuilder.addExtension(
                    X509Extension.authorityKeyIdentifier, false,
                    authorityKeyIdentifier);


            certificateBuilder.addExtension(

View Full Code Here


        // this is how you'd actually add an entry if we wanted one:
        //this.crlGen.addCRLEntry(BigInteger.ONE, new Date(), CRLReason.PRIVILEGE_WITHDRAWN);


        this.crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
                 new AuthorityKeyIdentifier(
                         new SubjectPublicKeyInfo(
                                 new AlgorithmIdentifier("RSA"), this.caX509.getEncoded())));
        
        this.crlGen.addExtension(X509Extensions.CRLNumber,
                 false, new CRLNumber(BigInteger.ONE));

View Full Code Here


        final ByteArrayInputStream in2 =
                new ByteArrayInputStream(newprincipal.getEncoded());
        final GeneralNames generalNames = new GeneralNames(
                (ASN1Sequence)new DERInputStream(in2).readObject());
        final AuthorityKeyIdentifier aki =
                new AuthorityKeyIdentifier(spki, generalNames, BigInteger.ZERO);




        this.certGen.addExtension(X509Extensions.BasicConstraints,
                                 true,
                                 new BasicConstraints(true));

View Full Code Here


        // this is how you'd actually add an entry if we wanted one:
        //this.crlGen.addCRLEntry(BigInteger.ONE, new Date(), CRLReason.PRIVILEGE_WITHDRAWN);


        this.crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
                 new AuthorityKeyIdentifier(
                         new SubjectPublicKeyInfo(
                                 new AlgorithmIdentifier("RSA"), this.caX509.getEncoded())));
        
        this.crlGen.addExtension(X509Extensions.CRLNumber,
                 false, new CRLNumber(BigInteger.ONE));

View Full Code Here


        final ByteArrayInputStream in2 =
                new ByteArrayInputStream(newprincipal.getEncoded());
        final GeneralNames generalNames = new GeneralNames(
                (ASN1Sequence)new DERInputStream(in2).readObject());
        final AuthorityKeyIdentifier aki =
                new AuthorityKeyIdentifier(spki, generalNames, BigInteger.ZERO);




        this.certGen.addExtension(X509Extensions.BasicConstraints,
                                 true,
                                 new BasicConstraints(true));

View Full Code Here

            , subjectPublicKeyInfo
        );


        X509ExtensionUtils exUtils = new X509ExtensionUtils(digestCalc);
        SubjectKeyIdentifier subKeyId = exUtils.createSubjectKeyIdentifier(subjectPublicKeyInfo);
        AuthorityKeyIdentifier autKeyId = (issuerCertificate != null) 
            ? exUtils.createAuthorityKeyIdentifier(new X509CertificateHolder(issuerCertificate.getEncoded()))
            : exUtils.createAuthorityKeyIdentifier(subjectPublicKeyInfo);


        certificateGenerator.addExtension(Extension.subjectKeyIdentifier, false, subKeyId);
        certificateGenerator.addExtension(Extension.authorityKeyIdentifier, false, autKeyId);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.bouncycastle.asn1.x509.AuthorityKeyIdentifier

br.net.woodstock.rockframework.security.cert.impl.BouncyCastleCertificateGenerator

net.sf.libpdfsign.CRLDownloader

net.sf.libpdfsign.OCSPClient

org.bouncycastle.asn1.ASN1Encodable

org.bouncycastle.asn1.ASN1EncodableVector

org.bouncycastle.asn1.ASN1Enumerated

org.bouncycastle.asn1.ASN1InputStream

org.bouncycastle.asn1.ASN1Integer

org.bouncycastle.asn1.ASN1ObjectIdentifier

org.bouncycastle.asn1.ASN1Primitive

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.