Examples of codec.x509.SubjectPublicKeyInfo

• org.apache.harmony.security.x509.SubjectPublicKeyInfo
  Subject Public Key Info according to RFC2459. Consists of an AlgorithmID and the corresponding public key

   SubjectPublicKeyInfo  ::=  SEQUENCE  { algorithm            AlgorithmIdentifier, subjectPublicKey     BIT STRING } 

  Raw public key material embedded in this structure need not be ASN.1/DER encoded. Some crypto systems such as elliptic curve systems use specific encodings of keys. For this reason, keys can be retrieved by means of two alternative ways:

  • Raw encoded keys, returned as byte arrays, and
  • Raw decoded keys, returned as ASN.1 types.

  Only ASN.1/DER is supported as decoding method. Keys encoded in another code must be decoded externally. Creation date: (18.08.99 15:23:09) @author Markus Tak @version "$Id: SubjectPublicKeyInfo.java,v 1.3 2004/08/16 08:53:58 pebingerExp $"

   * places as well, which is easily forgotten).
   *
   * --volker roth
   */
  if ((aReason < 0) || (aReason == 7) || (aReason > 8)) {
      throw new X509Exception("Reasoncode unknown");
  }
  theReason = new ASN1Enumerated(aReason);
  super.setValue(theReason);
    }

        // SPKAC = SEQ {PKAC, SIGN-ALG, SIGN}
        // Get PKAC and obtain PK and C
        DERSequence pkacSeq = (DERSequence)spkacSeq.getObjectAt(0);
        DERObject pk = (DERObject)pkacSeq.getObjectAt(0);
        DERObject ch = (DERObject)pkacSeq.getObjectAt(1);
        SubjectPublicKeyInfo pkInfo = new SubjectPublicKeyInfo((DERSequence)pk);
        PublicKey pubKey =  getPublicKeyObject(pkInfo);

        // Get SIGN-ALG
        DERSequence signAlg = (DERSequence) spkacSeq.getObjectAt(1);
        DERObject alg0 = (DERObject)signAlg.getObjectAt(0);

        ByteArrayInputStream    bIn = new ByteArrayInputStream(bytes);
        ASN1InputStream         dIn = new ASN1InputStream(bIn);

        try
        {
            this.reqInfo = new CertificationRequestInfo(subject, new SubjectPublicKeyInfo((ASN1Sequence)dIn.readObject()), attributes);
        }
        catch (IOException e)
        {
            throw new IllegalArgumentException("can't encode public key");
        }

    public PublicKey getPublicKey(
        String  provider)
        throws NoSuchAlgorithmException, NoSuchProviderException,
                InvalidKeyException
    {
        SubjectPublicKeyInfo    subjectPKInfo = reqInfo.getSubjectPublicKeyInfo();

        try
        {
            X509EncodedKeySpec      xspec = new X509EncodedKeySpec(new DERBitString(subjectPKInfo).getBytes());
            AlgorithmIdentifier     keyAlg = subjectPKInfo.getAlgorithmId ();
            try {

                if (provider == null) {
                    return KeyFactory.getInstance(keyAlg.getObjectId().getId ()).generatePublic(xspec);
                }

    public void setPublicKey(
        PublicKey       key)
    {
        try
        {
            tbsGen.setSubjectPublicKeyInfo(new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream(
                                new ByteArrayInputStream(key.getEncoded())).readObject()));
        }
        catch (Exception e)
        {
            throw new IllegalArgumentException("unable to process key - " + e.toString());

    public byte[] getEncoded()
    {
        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
        DEROutputStream         dOut = new DEROutputStream(bOut);
        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(dsaSpec.getP(), dsaSpec.getQ(), dsaSpec.getG()).getDERObject()), new DERInteger(y));

        try
        {
            dOut.writeObject(info);
            dOut.close();

        Name issuer = new Name(issuerName);
        Name subject = new Name(subjectName);
        Validity validity =
            new Validity(new Date(notBefore), new Date(notAfter));

        SubjectPublicKeyInfo subjectPublicKeyInfo = (SubjectPublicKeyInfo)
            SubjectPublicKeyInfo.ASN1.decode(publicKey.getEncoded());
        keyEncoding = subjectPublicKeyInfo.getEncoded();

        Extensions exts = new Extensions(Arrays.asList(extensions));

        TBSCertificate tbsCertificate =
            new TBSCertificate(version, serialNumber,

        BigInteger serialNumber = BigInteger.valueOf(555L);
        AlgorithmIdentifier signature = new AlgorithmIdentifier("1.2.3.44.555");
        Name issuer = new Name("O=Certificate Issuer");
        Validity validity = new Validity(new Date(100000000),
                                         new Date(200000000));
        SubjectPublicKeyInfo subjectPublicKeyInfo =
            new SubjectPublicKeyInfo(
                    new AlgorithmIdentifier("1.2.840.113549.1.1.2"),
                                            new byte[10]);
        boolean[] issuerUniqueID  = new boolean[]
                    {true, false, true, false, true, false, true, false};
        boolean[] subjectUniqueID = new boolean[]

                new Certificate(
                    new TBSCertificate(2, certSerialNumber1, signature,
                        new Name(certIssuerName),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            X509CertImpl cert2 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber2, signature,
                        new Name(certIssuerName),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            X509CertImpl cert3 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber3, signature,
                        new Name("O=Another Cert Issuer"),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            assertNull("Certificate should not be presented in CRL "
                    + "because issuer is not the same as CRL issuer",
                    crl.getRevokedCertificate(cert1));

                new Certificate(
                    new TBSCertificate(2, certSerialNumber1, signature,
                        new Name(certIssuerName),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            X509CertImpl cert2 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber2, signature,
                        new Name(certIssuerName),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            X509CertImpl cert3 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber3, signature,
                        new Name("O=Another Cert Issuer"),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            assertFalse("Certificate should not be presented in CRL "
                    + "because issuer is not the same as CRL issuer",
                    crl.isRevoked(cert1));