String aki = DatatypeConverter.printHexBinary(AuthorityKeyIdentifier.getInstance(akiOc.getOctets()).getKeyIdentifier());
@Override public byte[] getAuthorityKeyIdentifier() { AuthorityKeyIdentifier id = AuthorityKeyIdentifier.fromExtensions(this.extensions); return (id != null) ? id.getKeyIdentifier() : null; }
private static Map<String, Object> authorityKeyIdToMap(AuthorityKeyIdentifier akid) throws IOException { Map<String, Object> ret = new HashMap<String, Object>(); ret.put("issuer", generalNamesToMap(akid.getAuthorityCertIssuer())); ret.put("serial_number", akid.getAuthorityCertSerialNumber()); ret.put("key_identifier", akid.getKeyIdentifier()); return ret; }
private static Map<String, Object> authorityKeyIdToMap(AuthorityKeyIdentifier akid) throws IOException { Map<String, Object> ret = new HashMap<String, Object>(); ret.put("issuer", generalNamesToMap(akid.getAuthorityCertIssuer())); ret.put("serial_number", akid.getAuthorityCertSerialNumber()); ret.put("key_identifier", akid.getKeyIdentifier()); return ret; }
private String authorityKeyIdentifierExtractor(ASN1Primitive primitive) { AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(primitive); return Hex.toHexString(authorityKeyIdentifier.getKeyIdentifier()); }
public static byte[] extractAki(X509Certificate cert) throws CertificateEncodingException { byte[] extValue = getCoreExtValue(cert, Extension.authorityKeyIdentifier); if (extValue == null) { return null; } try { AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(extValue); return aki.getKeyIdentifier(); } catch (IllegalArgumentException ex) { throw new CertificateEncodingException("invalid extension AuthorityKeyIdentifier: " + ex.getMessage()); } }
private static byte[] extractAki(X509Certificate cert) throws CertificateEncodingException { byte[] extValue = getCoreExtValue(cert, Extension.authorityKeyIdentifier); if (extValue == null) { return null; } try { AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(extValue); return aki.getKeyIdentifier(); } catch (IllegalArgumentException ex) { throw new CertificateEncodingException( "invalid extension AuthorityKeyIdentifier: " + ex.getMessage()); } }
public static byte[] extractAki(final X509Certificate cert) throws CertificateEncodingException { byte[] extValue = getCoreExtValue(cert, Extension.authorityKeyIdentifier); if (extValue == null) { return null; } try { AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(extValue); return aki.getKeyIdentifier(); } catch (IllegalArgumentException ex) { throw new CertificateEncodingException("invalid extension AuthorityKeyIdentifier: " + ex.getMessage()); } }
private void prepopulateWithValue(byte[] value) throws IOException { AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(value); if (authorityKeyIdentifier.getKeyIdentifier() != null) { jkiKeyIdentifier.setKeyIdentifier(authorityKeyIdentifier.getKeyIdentifier()); } GeneralNames authorityCertIssuer = authorityKeyIdentifier.getAuthorityCertIssuer(); if (authorityCertIssuer != null) { jgnAuthorityCertIssuer.setGeneralNames(authorityCertIssuer); } BigInteger authorityCertSerialNumber = authorityKeyIdentifier.getAuthorityCertSerialNumber(); if (authorityCertSerialNumber != null) { jtfAuthorityCertSerialNumber.setText("" + authorityCertSerialNumber.longValue()); jtfAuthorityCertSerialNumber.setCaretPosition(0); } }
byte[] keyIdentifier = authorityKeyIdentifier.getKeyIdentifier(); GeneralNames authorityCertIssuer = authorityKeyIdentifier.getAuthorityCertIssuer(); BigInteger certificateSerialNumber = authorityKeyIdentifier.getAuthorityCertSerialNumber();
private byte[] getAuthorityKeyId(X509Certificate cert) throws IOException { byte[] extvalue = cert.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId()); if (extvalue == null) { return null; } DEROctetString oct = (DEROctetString) (new ASN1InputStream(new ByteArrayInputStream(extvalue)).readObject()); AuthorityKeyIdentifier keyId = new AuthorityKeyIdentifier( (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(oct.getOctets())).readObject()); return keyId.getKeyIdentifier(); } }
/** * Gets the authority key identifier of the given certificate in delimited hexadecimal format, e.g. <code> * 25:48:2f:28:ec:5d:19:bb:1d:25:ae:94:93:b1:7b:b5:35:96:24:66</code>. * * @param cert Certificate to process. * * @return Authority key identifier in colon-delimited hex format. * * @throws EncodingException on cert field extraction. */ public static String authorityKeyId(final X509Certificate cert) throws EncodingException { return CodecUtil.hex(new ExtensionReader(cert).readAuthorityKeyIdentifier().getKeyIdentifier(), true); } }
public static byte[] extractAki(final org.bouncycastle.asn1.x509.Certificate cert) throws CertificateEncodingException { ParamUtil.requireNonNull("cert", cert); try { AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.fromExtensions( cert.getTBSCertificate().getExtensions()); return (aki == null) ? null : aki.getKeyIdentifier(); } catch (IllegalArgumentException ex) { throw new CertificateEncodingException("invalid extension AuthorityKeyIdentifier: " + ex.getMessage()); } }
public static byte[] extractAki(org.bouncycastle.asn1.x509.Certificate cert) throws CertificateEncodingException { Args.notNull(cert, "cert"); try { AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.fromExtensions( cert.getTBSCertificate().getExtensions()); return (aki == null) ? null : aki.getKeyIdentifier(); } catch (IllegalArgumentException ex) { throw new CertificateEncodingException("invalid extension AuthorityKeyIdentifier: " + ex.getMessage()); } }
public static byte[] getAuthorityKeyIdentifierBytes(X509Certificate cert) { byte[] extensionValue = cert.getExtensionValue("2.5.29.35"); //NOPMD if (extensionValue != null) { byte[] octets = ASN1OctetString.getInstance(extensionValue).getOctets(); AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(octets); return authorityKeyIdentifier.getKeyIdentifier(); } return null; }
/** * Creates a {@link AuthorityKeyIdentifier} object from DER data. * * @param enc DER encoded authority key identifier data. * * @return Authority key identifier. */ public static AuthorityKeyIdentifier createAuthorityKeyIdentifier( final DEREncodable enc) { final org.bouncycastle.asn1.x509.AuthorityKeyIdentifier aki = org.bouncycastle.asn1.x509.AuthorityKeyIdentifier.getInstance(enc); KeyIdentifier keyIdentifier = null; if (aki.getKeyIdentifier() != null) { keyIdentifier = new KeyIdentifier(aki.getKeyIdentifier()); } GeneralNameList issuerNames = null; if (aki.getAuthorityCertIssuer() != null) { issuerNames = createGeneralNameList(aki.getAuthorityCertIssuer()); } Integer issuerSerial = null; if (aki.getAuthorityCertSerialNumber() != null) { issuerSerial = aki.getAuthorityCertSerialNumber().intValue(); } return new AuthorityKeyIdentifier(keyIdentifier, issuerNames, issuerSerial); }
@Test public void getSelfSigned_generatesACertificateWithTheRightValues() throws Exception { final X509Certificate generatedCertificate = subject.getSelfSigned(generatedCertificateKeyPair, certificateGenerationParameters); assertThat(generatedCertificate.getIssuerDN().getName(), containsString("CN=my cert name")); assertThat(generatedCertificate.getSubjectDN().toString(), containsString("CN=my cert name")); generatedCertificate.verify(generatedCertificateKeyPair.getPublic()); final byte[] authorityKeyIdDer = generatedCertificate.getExtensionValue(Extension.authorityKeyIdentifier.getId()); final AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(parseExtensionValue(authorityKeyIdDer)); final byte[] authorityKeyId = authorityKeyIdentifier.getKeyIdentifier(); expectedSubjectKeyIdentifier = jcaX509ExtensionUtils.createSubjectKeyIdentifier(generatedCertificateKeyPair.getPublic()).getKeyIdentifier(); assertThat(authorityKeyId, equalTo(expectedSubjectKeyIdentifier)); assertThat(generatedCertificate.getSerialNumber(), equalTo(BigInteger.valueOf(1337))); }
@Test public void getSignedByIssuer_withSubjectKeyIdentifier_setsAuthorityKeyIdentifier() throws Exception { when(serialNumberGenerator.generate()) .thenReturn(BigInteger.valueOf(1337)) .thenReturn(BigInteger.valueOf(666)); final X509Certificate generatedCertificate = subject.getSignedByIssuer(generatedCertificateKeyPair, certificateGenerationParameters, certificateAuthorityWithSubjectKeyId, issuerKey.getPrivate()); final byte[] authorityKeyIdDer = generatedCertificate.getExtensionValue(Extension.authorityKeyIdentifier.getId()); final AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(parseExtensionValue(authorityKeyIdDer)); assertThat(authorityKeyIdentifier.getKeyIdentifier(), equalTo(caSubjectKeyIdentifier.getKeyIdentifier())); }
private String getCertificateAKI(String alias, KeyStore keyStore) throws CryptoException, KeyStoreException { X509Certificate x509Cert = getCertificate(alias, keyStore); try { byte[] akiValue = x509Cert.getExtensionValue(Extension.authorityKeyIdentifier.getId()); byte[] octets = DEROctetString.getInstance(akiValue).getOctets(); byte[] akiBytes = AuthorityKeyIdentifier.getInstance(octets).getKeyIdentifier(); return HexUtil.getHexString(akiBytes); } catch (Exception e) { return "-"; } }
byte[] keyId = aki.getKeyIdentifier();