Examples of org.bouncycastle.asn1.x509.SubjectPublicKeyInfo

org.bouncycastle.asn1.x509.SubjectPublicKeyInfo
The object that contains the public key stored in a certficate.
The getEncoded() method in the public keys in the JCE produces a DER encoded one of these.

            }
        }


        // Authority key identifier
        if (getUseAuthorityKeyIdentifier() == true) {
            SubjectPublicKeyInfo apki = new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream(
                new ByteArrayInputStream(getCAToken().getPublicKey(SecConst.CAKEYPURPOSE_CRLSIGN).getEncoded())).readObject());
            AuthorityKeyIdentifier aki = new AuthorityKeyIdentifier(apki);
            crlgen.addExtension(X509Extensions.AuthorityKeyIdentifier.getId(), getAuthorityKeyIdentifierCritical(), aki);
        }
        // CRLNumber extension

View Full Code Here

        byte[] request = Base64.decode(req.getBytes());
        ASN1InputStream in = new ASN1InputStream(request);
        ASN1Sequence    crmfSeq = (ASN1Sequence) in.readObject();
        ASN1Sequence reqSeq =  (ASN1Sequence) ((ASN1Sequence) crmfSeq.getObjectAt(0)).getObjectAt(0);
        CertRequest certReq = new CertRequest( reqSeq );
        SubjectPublicKeyInfo pKeyInfo = certReq.getCertTemplate().getPublicKey();
        KeyFactory keyFact = KeyFactory.getInstance("RSA", "BC");
        KeySpec keySpec = new X509EncodedKeySpec( pKeyInfo.getEncoded() );
        PublicKey pubKey = keyFact.generatePublic(keySpec); // just check it's ok
        imsg = new SimpleRequestMessage(pubKey, username, password);
        // a simple crmf is not a complete PKI message, as desired by the CrmfRequestMessage class
        //PKIMessage msg = PKIMessage.getInstance(new ASN1InputStream(new ByteArrayInputStream(request)).readObject());
        //CrmfRequestMessage reqmsg = new CrmfRequestMessage(msg, null, true, null);
        //imsg = reqmsg;
      } else if (reqType == SecConst.CERT_REQ_TYPE_PUBLICKEY) {
        byte[] request;
        // Request can be Base64 encoded or in PEM format
        try {
          request = FileTools.getBytesFromPEM(req.getBytes(), CertTools.BEGIN_PUBLIC_KEY, CertTools.END_PUBLIC_KEY);
        } catch (IOException ex) {
          try {
            request = Base64.decode(req.getBytes());
            if (request == null) {
              throw new IOException("Base64 decode of buffer returns null");
            }          
          } catch (ArrayIndexOutOfBoundsException ae) {
            throw new IOException("Base64 decode fails, message not base64 encoded: " + ae.getMessage());
          }
        }
        final ASN1InputStream in = new ASN1InputStream(request);
        final SubjectPublicKeyInfo keyInfo = SubjectPublicKeyInfo.getInstance(in.readObject());
        final AlgorithmIdentifier keyAlg = keyInfo.getAlgorithmId();
        final X509EncodedKeySpec xKeySpec = new X509EncodedKeySpec(new DERBitString(keyInfo).getBytes());
        final KeyFactory keyFact = KeyFactory.getInstance(keyAlg.getObjectId().getId(), "BC");
        final PublicKey pubKey = keyFact.generatePublic(xKeySpec);
        imsg = new SimpleRequestMessage(pubKey, username, password);
      }

View Full Code Here

  
  @Override
  public PublicKey getRequestPublicKey() throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException {
    final CertRequest request = getReq().getCertReq();
    final CertTemplate templ = request.getCertTemplate();
    final SubjectPublicKeyInfo keyInfo = templ.getPublicKey();
    final PublicKey pk = getPublicKey(keyInfo, "BC");
    return pk;
  }

View Full Code Here

          if (subject != null && !subject.toString().equals(pski.getSender().getName().toString())) {
            log.info("Subject '"+subject.toString()+"̈́', is not equal to '"+pski.getSender().toString()+"'.");
            protObject = null;  // pski is not a valid protection object
          }
          // If public key is present in cert template it must be the same as in POPOSigningKeyInput
          final SubjectPublicKeyInfo pk = req.getCertTemplate().getPublicKey();
          if (pk != null && !Arrays.areEqual(pk.getEncoded(), pski.getPublicKey().getEncoded())) {
            log.info("Subject key in cert template, is not equal to subject key in POPOSigningKeyInput.");
            protObject = null;  // pski is not a valid protection object
          }
        }
        // If a protectObject is present we extract the bytes and verify it

View Full Code Here

    super.setCriticalFlag(certProf.getSubjectKeyIdentifierCritical());
  }
  
  @Override
  public DEREncodable getValue(final UserDataVO subject, final CA ca, final CertificateProfile certProfile, final PublicKey userPublicKey, final PublicKey caPublicKey ) throws CertificateExtentionConfigurationException, CertificateExtensionException {
        SubjectPublicKeyInfo spki;
    try {
      spki = new SubjectPublicKeyInfo(
                (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(userPublicKey.getEncoded())).readObject());
    } catch (IOException e) {
      throw new CertificateExtensionException("IOException parsing user public key: "+e.getMessage(), e);
    }
    return new org.bouncycastle.asn1.x509.SubjectKeyIdentifier(spki);

View Full Code Here

    // Default value is that we calculate it from scratch!
    // (If this is a root CA we must calculate the AuthorityKeyIdentifier from scratch)
    // (If the CA signing this cert does not have a SubjectKeyIdentifier we must calculate the AuthorityKeyIdentifier from scratch)
    try{
      final byte[] keybytes = caPublicKey.getEncoded();
      final SubjectPublicKeyInfo apki = new SubjectPublicKeyInfo((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(keybytes)).readObject());
      ret = new org.bouncycastle.asn1.x509.AuthorityKeyIdentifier(apki);


    // If we have a CA-certificate (i.e. this is not a Root CA), we must take the authority key identifier from 
    // the CA-certificates SubjectKeyIdentifier if it exists. If we don't do that we will get the wrong identifier if the 
    // CA does not follow RFC3280 (guess if MS-CA follows RFC3280?)

View Full Code Here

    public void setPublicKey(
        PublicKey       key)
    {
        try
        {
            tbsGen.setSubjectPublicKeyInfo(new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream(
                                new ByteArrayInputStream(key.getEncoded())).readObject()));
        }
        catch (Exception e)
        {
            throw new IllegalArgumentException("unable to process key - " + e.toString());

View Full Code Here

            PublicKey issuerKey = issuerCert.getPublicKey();




            ASN1InputStream aIn = new ASN1InputStream(
                                    new ByteArrayInputStream(issuerKey.getEncoded()));
            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(
                                                            aIn.readObject());


            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
            ASN1OutputStream        aOut = new ASN1OutputStream(bOut);


            aOut.writeObject(info.getPublicKey());


            digest.update(bOut.toByteArray());


            ASN1OctetString issuerKeyHash = new DEROctetString(digest.digest());

View Full Code Here

        try
        {
            if (certificate.getVersion() != 3)
            {
                GeneralName          genName = new GeneralName(PrincipalUtil.getSubjectX509Principal(certificate));
                SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
                        (ASN1Sequence)new ASN1InputStream(certificate.getPublicKey().getEncoded()).readObject());
                
                return (ASN1Sequence)new AuthorityKeyIdentifier(
                               info, new GeneralNames(genName), certificate.getSerialNumber()).toASN1Object();
            }
            else
            {
                GeneralName             genName = new GeneralName(PrincipalUtil.getSubjectX509Principal(certificate));
                
                byte[]                  ext = certificate.getExtensionValue(X509Extensions.SubjectKeyIdentifier.getId());
                
                if (ext != null)
                {
                    ASN1OctetString     str = (ASN1OctetString)X509ExtensionUtil.fromExtensionValue(ext);
                
                    return (ASN1Sequence)new AuthorityKeyIdentifier(
                                    str.getOctets(), new GeneralNames(genName), certificate.getSerialNumber()).toASN1Object();
                }
                else
                {
                    SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
                            (ASN1Sequence)new ASN1InputStream(certificate.getPublicKey().getEncoded()).readObject());
                    
                    return (ASN1Sequence)new AuthorityKeyIdentifier(
                            info, new GeneralNames(genName), certificate.getSerialNumber()).toASN1Object();
                }

View Full Code Here

        PublicKey pubKey)
        throws InvalidKeyException
    {
        try
        {
            SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
                                        (ASN1Sequence)new ASN1InputStream(pubKey.getEncoded()).readObject());
        
            return (ASN1Sequence)new AuthorityKeyIdentifier(info).toASN1Object();
        }
        catch (Exception e)

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.bouncycastle.asn1.x509.SubjectPublicKeyInfo

com.maverick.crypto.asn1.DERBitString

net.sf.libpdfsign.CRLDownloader

net.sf.libpdfsign.OCSPClient

org.apache.geronimo.crypto.asn1.DERBitString

org.apache.geronimo.crypto.CaUtils

org.apache.geronimo.crypto.jce.PKCS10CertificationRequest

org.apache.geronimo.security.ca.GeronimoCertificationAuthority

org.apache.geronimo.util.asn1.ASN1EncodableVector

org.apache.geronimo.util.asn1.ASN1InputStream

org.apache.geronimo.util.asn1.DERBitString

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.