View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.wss4j.common.crypto;
21  
22  import java.security.cert.X509Certificate;
23  
24  import org.bouncycastle.asn1.ASN1OctetString;
25  import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
26  import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
27  
28  public final class BouncyCastleUtils {
29  
30      private BouncyCastleUtils() {
31          // complete
32      }
33  
34      public static byte[] getAuthorityKeyIdentifierBytes(X509Certificate cert) {
35          byte[] extensionValue = cert.getExtensionValue("2.5.29.35"); //NOPMD
36          if (extensionValue != null) {
37              byte[] octets = ASN1OctetString.getInstance(extensionValue).getOctets();
38              AuthorityKeyIdentifier authorityKeyIdentifier =
39                  AuthorityKeyIdentifier.getInstance(octets);
40              return authorityKeyIdentifier.getKeyIdentifier();
41          }
42          return new byte[0];
43      }
44  
45      public static byte[] getSubjectKeyIdentifierBytes(X509Certificate cert) {
46          byte[] extensionValue = cert.getExtensionValue("2.5.29.14"); //NOPMD
47          if (extensionValue != null) {
48              byte[] subjectOctets =
49                  ASN1OctetString.getInstance(extensionValue).getOctets();
50              SubjectKeyIdentifier subjectKeyIdentifier =
51                  SubjectKeyIdentifier.getInstance(subjectOctets);
52              return subjectKeyIdentifier.getKeyIdentifier();
53          }
54          return new byte[0];
55      }
56  
57  }
58  
59