List of usage examples for org.bouncycastle.cms SignerId getSubjectKeyIdentifier
public byte[] getSubjectKeyIdentifier()
From source file:ee.ria.xroad.common.signature.TimestampVerifier.java
License:Open Source License
private static X509Certificate getTspCertificate(SignerId signerId, List<X509Certificate> tspCerts) throws Exception { log.trace("getTspCertificate({}, {}, {})", new Object[] { signerId.getIssuer(), signerId.getSerialNumber(), Arrays.toString(signerId.getSubjectKeyIdentifier()) }); for (X509Certificate cert : tspCerts) { log.trace("Comparing with cert: {}, {}", cert.getIssuerDN(), cert.getSerialNumber()); if (signerId.match(new X509CertificateHolder(cert.getEncoded()))) { return cert; }/*from ww w. java2 s .c o m*/ } return null; }
From source file:mitm.common.security.cms.SignerInfoImpl.java
License:Open Source License
@Override public SignerIdentifier getSignerId() throws IOException { SignerId id = signerInformation.getSID(); return new SignerIdentifierImpl(X500PrincipalUtils.fromX500Name(id.getIssuer()), id.getSerialNumber(), id.getSubjectKeyIdentifier()); }
From source file:net.ripe.rpki.commons.provisioning.cms.ProvisioningCmsObjectParser.java
License:BSD License
/** * http://tools.ietf.org/html/draft-ietf-sidr-rescerts-provisioning-09#section-3.1.1.6.2 *///from www . j a v a 2 s . com private void verifySubjectKeyIdentifier(SignerInformation signer) { SignerId sid = signer.getSID(); validationResult.rejectIfFalse(Arrays.equals(X509CertificateUtil.getSubjectKeyIdentifier(cmsCertificate), sid.getSubjectKeyIdentifier()), CMS_SIGNER_INFO_SKI); validationResult.rejectIfFalse(sid.getIssuer() == null && sid.getSerialNumber() == null, CMS_SIGNER_INFO_SKI_ONLY); }
From source file:org.xwiki.crypto.signer.internal.cms.BcStoreUtils.java
License:Open Source License
/** * Retrieve the certificate matching the given signer from the certificate provider. * * @param provider a certificate provider. * @param signer the signer for which you want to retrieve the certificate. * @param factory a certificate factory to convert the certificate. * @return a certified public key.//from w ww . j av a 2 s. co m */ public static CertifiedPublicKey getCertificate(CertificateProvider provider, SignerInformation signer, CertificateFactory factory) { SignerId id = signer.getSID(); if (provider instanceof BcStoreX509CertificateProvider) { X509CertificateHolder cert = ((BcStoreX509CertificateProvider) provider).getCertificate(id); return (cert != null) ? BcUtils.convertCertificate(factory, cert) : null; } X500Name bcIssuer = id.getIssuer(); BigInteger serial = id.getSerialNumber(); byte[] keyId = id.getSubjectKeyIdentifier(); if (bcIssuer != null) { PrincipalIndentifier issuer = new DistinguishedName(bcIssuer); if (keyId != null) { return provider.getCertificate(issuer, serial, keyId); } return provider.getCertificate(issuer, serial); } if (keyId != null) { return provider.getCertificate(keyId); } return null; }