Example usage for org.bouncycastle.cms SignerId getSubjectKeyIdentifier

List of usage examples for org.bouncycastle.cms SignerId getSubjectKeyIdentifier

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.cms.*
  5. SignerId
  6. getSubjectKeyIdentifier

Introduction

In this page you can find the example usage for org.bouncycastle.cms SignerId getSubjectKeyIdentifier.

Prototype

public byte[] getSubjectKeyIdentifier()

Source Link

Usage

From source file:ee.ria.xroad.common.signature.TimestampVerifier.java

License:Open Source License

private static X509Certificate getTspCertificate(SignerId signerId, List<X509Certificate> tspCerts)
        throws Exception {
    log.trace("getTspCertificate({}, {}, {})", new Object[] { signerId.getIssuer(), signerId.getSerialNumber(),
            Arrays.toString(signerId.getSubjectKeyIdentifier()) });
    for (X509Certificate cert : tspCerts) {
        log.trace("Comparing with cert: {}, {}", cert.getIssuerDN(), cert.getSerialNumber());
        if (signerId.match(new X509CertificateHolder(cert.getEncoded()))) {
            return cert;
        }/*from   ww  w. java2 s .c  o m*/
    }

    return null;
}

From source file:mitm.common.security.cms.SignerInfoImpl.java

License:Open Source License

@Override
public SignerIdentifier getSignerId() throws IOException {
    SignerId id = signerInformation.getSID();

    return new SignerIdentifierImpl(X500PrincipalUtils.fromX500Name(id.getIssuer()), id.getSerialNumber(),
            id.getSubjectKeyIdentifier());
}

From source file:net.ripe.rpki.commons.provisioning.cms.ProvisioningCmsObjectParser.java

License:BSD License

/**
 * http://tools.ietf.org/html/draft-ietf-sidr-rescerts-provisioning-09#section-3.1.1.6.2
 *///from www . j  a v a 2  s  .  com
private void verifySubjectKeyIdentifier(SignerInformation signer) {
    SignerId sid = signer.getSID();
    validationResult.rejectIfFalse(Arrays.equals(X509CertificateUtil.getSubjectKeyIdentifier(cmsCertificate),
            sid.getSubjectKeyIdentifier()), CMS_SIGNER_INFO_SKI);
    validationResult.rejectIfFalse(sid.getIssuer() == null && sid.getSerialNumber() == null,
            CMS_SIGNER_INFO_SKI_ONLY);
}

From source file:org.xwiki.crypto.signer.internal.cms.BcStoreUtils.java

License:Open Source License

/**
 * Retrieve the certificate matching the given signer from the certificate provider.
 *
 * @param provider a certificate provider.
 * @param signer the signer for which you want to retrieve the certificate.
 * @param factory a certificate factory to convert the certificate.
 * @return a certified public key.//from   w ww .  j  av a 2 s. co  m
 */
public static CertifiedPublicKey getCertificate(CertificateProvider provider, SignerInformation signer,
        CertificateFactory factory) {
    SignerId id = signer.getSID();

    if (provider instanceof BcStoreX509CertificateProvider) {
        X509CertificateHolder cert = ((BcStoreX509CertificateProvider) provider).getCertificate(id);
        return (cert != null) ? BcUtils.convertCertificate(factory, cert) : null;
    }

    X500Name bcIssuer = id.getIssuer();
    BigInteger serial = id.getSerialNumber();
    byte[] keyId = id.getSubjectKeyIdentifier();

    if (bcIssuer != null) {
        PrincipalIndentifier issuer = new DistinguishedName(bcIssuer);
        if (keyId != null) {
            return provider.getCertificate(issuer, serial, keyId);
        }
        return provider.getCertificate(issuer, serial);
    }

    if (keyId != null) {
        return provider.getCertificate(keyId);
    }

    return null;
}