Constructor Detail

• JcaX509ExtensionUtils

  public JcaX509ExtensionUtils()
                        throws java.security.NoSuchAlgorithmException

  Create a utility class pre-configured with a SHA-1 digest calculator based on the default implementation.

  Throws:

  java.security.NoSuchAlgorithmException

• JcaX509ExtensionUtils

  public JcaX509ExtensionUtils​(DigestCalculator calculator)

Method Detail

• createAuthorityKeyIdentifier

  public org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier​(java.security.cert.X509Certificate cert)
                                                                                 throws java.security.cert.CertificateEncodingException

  Throws:

  java.security.cert.CertificateEncodingException

• createAuthorityKeyIdentifier

  public org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier​(java.security.PublicKey pubKey)

• createAuthorityKeyIdentifier

  public org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier​(java.security.PublicKey pubKey,
                                                                                        javax.security.auth.x500.X500Principal name,
                                                                                        java.math.BigInteger serial)

• createAuthorityKeyIdentifier

  public org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier​(java.security.PublicKey pubKey,
                                                                                        org.bouncycastle.asn1.x509.GeneralNames generalNames,
                                                                                        java.math.BigInteger serial)

• createSubjectKeyIdentifier

  public org.bouncycastle.asn1.x509.SubjectKeyIdentifier createSubjectKeyIdentifier​(java.security.PublicKey publicKey)

  Return a RFC 3280 type 1 key identifier. As in:

   (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the
   value of the BIT STRING subjectPublicKey (excluding the tag,
   length, and number of unused bits).
   

  Parameters:

  publicKey - the key object containing the key identifier is to be based on.

  Returns:

  the key identifier.

• createTruncatedSubjectKeyIdentifier

  public org.bouncycastle.asn1.x509.SubjectKeyIdentifier createTruncatedSubjectKeyIdentifier​(java.security.PublicKey publicKey)

  Return a RFC 3280 type 2 key identifier. As in:

   (2) The keyIdentifier is composed of a four bit type field with
   the value 0100 followed by the least significant 60 bits of the
   SHA-1 hash of the value of the BIT STRING subjectPublicKey.
   

  Parameters:

  publicKey - the key object of interest.

  Returns:

  the key identifier.

• parseExtensionValue

  public static org.bouncycastle.asn1.ASN1Primitive parseExtensionValue​(byte[] encExtValue)
                                                                 throws java.io.IOException

  Return the ASN.1 object contained in a byte[] returned by a getExtensionValue() call.

  Parameters:

  encExtValue - DER encoded OCTET STRING containing the DER encoded extension object.

  Returns:

  an ASN.1 object

  Throws:

  java.io.IOException - on a parsing error.

• getIssuerAlternativeNames

  public static java.util.Collection getIssuerAlternativeNames​(java.security.cert.X509Certificate cert)
                                                        throws java.security.cert.CertificateParsingException

  Throws:

  java.security.cert.CertificateParsingException

• getSubjectAlternativeNames

  public static java.util.Collection getSubjectAlternativeNames​(java.security.cert.X509Certificate cert)
                                                         throws java.security.cert.CertificateParsingException

  Throws:

  java.security.cert.CertificateParsingException