blob: 84ac04611e08e176e5cd6f2ec363211077224b7a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
package org.bouncycastle.pkix;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cms.KeyTransRecipientId;
import org.bouncycastle.cms.RecipientId;
/**
* Holder class for public/private key based identity information.
*/
public class PKIXIdentity
{
private final PrivateKeyInfo privateKeyInfo;
private final X509CertificateHolder[] certificateHolders;
public PKIXIdentity(PrivateKeyInfo privateKeyInfo, X509CertificateHolder[] certificateHolders)
{
this.privateKeyInfo = privateKeyInfo;
this.certificateHolders = new X509CertificateHolder[certificateHolders.length];
System.arraycopy(certificateHolders, 0, this.certificateHolders, 0, certificateHolders.length);
}
/**
* Return the private key info for this identity.
*
* @return the identity's private key (if available, null otherwise).
*/
public PrivateKeyInfo getPrivateKeyInfo()
{
return privateKeyInfo;
}
/**
* Return the certificate associated with the private key info.
*
* @return a X509CertificateHolder
*/
public X509CertificateHolder getCertificate()
{
return certificateHolders[0];
}
/**
* Return a RecipientId for the identity's (private key, certificate) pair.
*/
public RecipientId getRecipientId()
{
// TODO: handle key agreement
return new KeyTransRecipientId(certificateHolders[0].getIssuer(), certificateHolders[0].getSerialNumber(), getSubjectKeyIdentifier());
}
private byte[] getSubjectKeyIdentifier()
{
SubjectKeyIdentifier subId = SubjectKeyIdentifier.fromExtensions(certificateHolders[0].getExtensions());
if (subId == null)
{
return null;
}
return subId.getKeyIdentifier();
}
}
|
