Examples of codec.x509.SubjectPublicKeyInfo

• org.apache.harmony.security.x509.SubjectPublicKeyInfo
  Subject Public Key Info according to RFC2459. Consists of an AlgorithmID and the corresponding public key

   SubjectPublicKeyInfo  ::=  SEQUENCE  { algorithm            AlgorithmIdentifier, subjectPublicKey     BIT STRING } 

  Raw public key material embedded in this structure need not be ASN.1/DER encoded. Some crypto systems such as elliptic curve systems use specific encodings of keys. For this reason, keys can be retrieved by means of two alternative ways:

  • Raw encoded keys, returned as byte arrays, and
  • Raw decoded keys, returned as ASN.1 types.

  Only ASN.1/DER is supported as decoding method. Keys encoded in another code must be decoded externally. Creation date: (18.08.99 15:23:09) @author Markus Tak @version "$Id: SubjectPublicKeyInfo.java,v 1.3 2004/08/16 08:53:58 pebingerExp $"

     */
    public DSAPublicKeyImpl(DSAPublicKeySpec keySpec) {

        super("DSA"); //$NON-NLS-1$

        SubjectPublicKeyInfo spki;

        BigInteger p = keySpec.getP();
        BigInteger q = keySpec.getQ();
        BigInteger g = keySpec.getG();

        ThreeIntegerSequence threeInts = new ThreeIntegerSequence(p
                .toByteArray(), q.toByteArray(), g.toByteArray());

        AlgorithmIdentifier ai = new AlgorithmIdentifier(AlgNameMapper
                .map2OID("DSA"), //$NON-NLS-1$
                threeInts.getEncoded());

        y = keySpec.getY();

        spki = new SubjectPublicKeyInfo(ai, ASN1Integer.getInstance().encode(
                y.toByteArray()));
        setEncoding(spki.getEncoded());

        params = (DSAParams) (new DSAParameterSpec(p, q, g));
    }

        super("DSA"); //$NON-NLS-1$

        AlgorithmIdentifier ai;
        ThreeIntegerSequence threeInts = null;

        SubjectPublicKeyInfo subjectPublicKeyInfo = null;

        byte encoding[] = keySpec.getEncoded();

        String alg, algName;

        try {
            subjectPublicKeyInfo = (SubjectPublicKeyInfo) SubjectPublicKeyInfo.ASN1
                    .decode(encoding);
        } catch (IOException e) {
            throw new InvalidKeySpecException(Messages.getString(
                    "security.19A", e)); //$NON-NLS-1$
        }

        try {
            y = new BigInteger((byte[]) ASN1Integer.getInstance().decode(
                    subjectPublicKeyInfo.getSubjectPublicKey()));
        } catch (IOException e) {
            throw new InvalidKeySpecException(Messages.getString(
                    "security.19B", e)); //$NON-NLS-1$
        }

        ai = subjectPublicKeyInfo.getAlgorithmIdentifier();

        try {
            threeInts = (ThreeIntegerSequence) ThreeIntegerSequence.ASN1
                    .decode(ai.getParameters());
        } catch (IOException e) {

     *
     */
    public void testCertificationRequestInfo() throws IOException {
        int version = 2;// X.509 v3
        Name subject = new Name("O=subject");
        SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo(
                new AlgorithmIdentifier("1.2.840.113549.1.1.2"), new byte[4]);
        List attributes = new ArrayList();
        // 1.2.840.113549.1.9.1 is OID of EMAILADDRESS
        attributes.add(new AttributeTypeAndValue("1.2.840.113549.1.9.1",
                new AttributeValue("a@b.com", false)));

        CertificationRequestInfo certReqInfo = new CertificationRequestInfo(
                version, subject, spki, attributes);

        // check what we have constructed
        assertEquals(version, certReqInfo.getVersion());
        assertEquals(subject.getName(X500Principal.RFC1779), certReqInfo
                .getSubject().getName(X500Principal.RFC1779));
        assertTrue(Arrays.equals(spki.getEncoded(), certReqInfo
                .getSubjectPublicKeyInfo().getEncoded()));
        assertEquals(attributes, certReqInfo.getAttributes());

        // decode the encoded CertificationRequestInfo
        byte[] encoding = certReqInfo.getEncoded();

     *
     */
    public void testCertificationRequest() throws IOException {
        int version = 2;// v3
        Name subject = new Name("O=subject");
        SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo(
                new AlgorithmIdentifier("1.2.840.113549.1.1.2"), new byte[4]);
        List attributes = new ArrayList();
        // 1.2.840.113549.1.9.1 is OID of EMAILADDRESS
        attributes.add(new AttributeTypeAndValue("1.2.840.113549.1.9.1",
                new AttributeValue("a@b.com", false)));

        Name issuer = new Name(issuerName);
        Name subject = new Name(subjectName);
        Validity validity =
            new Validity(new Date(notBefore), new Date(notAfter));

        SubjectPublicKeyInfo subjectPublicKeyInfo = (SubjectPublicKeyInfo)
            SubjectPublicKeyInfo.ASN1.decode(publicKey.getEncoded());
        keyEncoding = subjectPublicKeyInfo.getEncoded();

        Extensions exts = new Extensions(Arrays.asList(extensions));

        TBSCertificate tbsCertificate =
            new TBSCertificate(version, serialNumber,

        BigInteger serialNumber = BigInteger.valueOf(555L);
        AlgorithmIdentifier signature = new AlgorithmIdentifier("1.2.3.44.555"); // random value
        Name issuer = new Name("O=Certificate Issuer");
        Validity validity = new Validity(new Date(100000000), new Date(200000000));
        Name subject = new Name("O=Subject Organization");
        SubjectPublicKeyInfo subjectPublicKeyInfo =
            new SubjectPublicKeyInfo(new AlgorithmIdentifier("1.2.840.113549.1.1.2"),
                    new byte[10]);
        boolean[]   issuerUniqueID  = new boolean[]
                    {true, false, true, false, true, false, true, false}; // random value
        boolean[]   subjectUniqueID = new boolean[]
                    {false, true, false, true, false, true, false, true}; // random value

        BigInteger serialNumber = BigInteger.valueOf(555L);
        AlgorithmIdentifier signature = new AlgorithmIdentifier("1.2.3.44.555");
        Name issuer = new Name("O=Certificate Issuer");
        Validity validity = new Validity(new Date(100000000),
                                         new Date(200000000));
        SubjectPublicKeyInfo subjectPublicKeyInfo =
            new SubjectPublicKeyInfo(
                    new AlgorithmIdentifier("1.2.840.113549.1.1.2"),
                                            new byte[10]);
        boolean[] issuerUniqueID  = new boolean[]
                    {true, false, true, false, true, false, true, false};
        boolean[] subjectUniqueID = new boolean[]

                new Certificate(
                    new TBSCertificate(2, certSerialNumber1, signature,
                        new Name(certIssuerName),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            X509CertImpl cert2 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber2, signature,
                        new Name(certIssuerName),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            X509CertImpl cert3 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber3, signature,
                        new Name("O=Another Cert Issuer"),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            assertNull("Certificate should not be presented in CRL "
                    + "because issuer is not the same as CRL issuer",
                    crl.getRevokedCertificate(cert1));

                new Certificate(
                    new TBSCertificate(2, certSerialNumber1, signature,
                        new Name(certIssuerName),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            X509CertImpl cert2 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber2, signature,
                        new Name(certIssuerName),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            X509CertImpl cert3 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber3, signature,
                        new Name("O=Another Cert Issuer"),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            assertFalse("Certificate should not be presented in CRL "
                    + "because issuer is not the same as CRL issuer",
                    crl.isRevoked(cert1));

            throw (IOException) new IOException(
                    "Failed to generate a distinguished name. ").initCause(e);
        }

        // generate a SubjectPublicKeyInfo
        SubjectPublicKeyInfo subjectPublicKeyInfo = null;
        try {
            subjectPublicKeyInfo = (SubjectPublicKeyInfo) SubjectPublicKeyInfo.ASN1
                    .decode(publicKey.getEncoded());
        } catch (IOException e) {
            throw (IOException) new IOException(