Package org.bouncycastle.cert

Class X509ExtensionUtils

  • Direct Known Subclasses:
    BcX509ExtensionUtils, JcaX509ExtensionUtils
    public class X509ExtensionUtils
extends java.lang.Object
    General utility class for creating calculated extensions using the standard methods.

    Note: This class is not thread safe!

    • Constructor Summary

      Constructors 
      Constructor Description
      X509ExtensionUtils​(DigestCalculator calculator)
      Base constructor - for conformance to RFC 5280 use a calculator based on SHA-1.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier​(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
      Create an AuthorityKeyIdentifier from the passed in SubjectPublicKeyInfo.
      org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier​(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo, org.bouncycastle.asn1.x509.GeneralNames generalNames, java.math.BigInteger serial)
      Create an AuthorityKeyIdentifier from the passed in arguments.
      org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier​(X509CertificateHolder certHolder)
      Create an AuthorityKeyIdentifier from the passed in arguments.
      org.bouncycastle.asn1.x509.SubjectKeyIdentifier createSubjectKeyIdentifier​(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
      Return a RFC 5280 type 1 key identifier.
      org.bouncycastle.asn1.x509.SubjectKeyIdentifier createTruncatedSubjectKeyIdentifier​(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
      Return a RFC 5280 type 2 key identifier.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • X509ExtensionUtils

        public X509ExtensionUtils​(DigestCalculator calculator)
        Base constructor - for conformance to RFC 5280 use a calculator based on SHA-1.
        Parameters:
        calculator - a calculator for calculating subject key ids.

    • Method Detail

      • createAuthorityKeyIdentifier

        public org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier​(X509CertificateHolder certHolder)
        Create an AuthorityKeyIdentifier from the passed in arguments.
        Parameters:
        certHolder - the issuer certificate that the AuthorityKeyIdentifier should refer to.
        Returns:
        an AuthorityKeyIdentifier.

      • createAuthorityKeyIdentifier

        public org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier​(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
        Create an AuthorityKeyIdentifier from the passed in SubjectPublicKeyInfo.
        Parameters:
        publicKeyInfo - the SubjectPublicKeyInfo to base the key identifier on.
        Returns:
        an AuthorityKeyIdentifier.

      • createAuthorityKeyIdentifier

        public org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier​(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo,
                                                                                      org.bouncycastle.asn1.x509.GeneralNames generalNames,
                                                                                      java.math.BigInteger serial)
        Create an AuthorityKeyIdentifier from the passed in arguments.
        Parameters:
        publicKeyInfo - the SubjectPublicKeyInfo to base the key identifier on.
        generalNames - the general names to associate with the issuer cert's issuer.
        serial - the serial number of the issuer cert.
        Returns:
        an AuthorityKeyIdentifier.

      • createSubjectKeyIdentifier

        public org.bouncycastle.asn1.x509.SubjectKeyIdentifier createSubjectKeyIdentifier​(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
        Return a RFC 5280 type 1 key identifier. As in: 
         (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the
 value of the BIT STRING subjectPublicKey (excluding the tag,
 length, and number of unused bits).
        Parameters:
        publicKeyInfo - the key info object containing the subjectPublicKey field.
        Returns:
        the key identifier.

      • createTruncatedSubjectKeyIdentifier

        public org.bouncycastle.asn1.x509.SubjectKeyIdentifier createTruncatedSubjectKeyIdentifier​(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
        Return a RFC 5280 type 2 key identifier. As in: 
         (2) The keyIdentifier is composed of a four bit type field with
 the value 0100 followed by the least significant 60 bits of the
 SHA-1 hash of the value of the BIT STRING subjectPublicKey.
        Parameters:
        publicKeyInfo - the key info object containing the subjectPublicKey field.
        Returns:
        the key identifier.