using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Oiw; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.X509.Extension { public class X509ExtensionUtilities { internal static Asn1OctetString CalculateKeyIdentifier(AsymmetricKeyParameter publicKey) { return CalculateKeyIdentifier(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey)); } internal static Asn1OctetString CalculateKeyIdentifier(SubjectPublicKeyInfo spki) { return new DerOctetString(CalculateSha1(spki)); } internal static Asn1OctetString CalculateKeyIdentifier(X509Certificate certificate) { return CalculateKeyIdentifier(certificate.CertificateStructure.SubjectPublicKeyInfo); } private static byte[] CalculateSha1(SubjectPublicKeyInfo spki) { return CalculateSha1(spki.PublicKey.GetBytes()); } private static byte[] CalculateSha1(byte[] data) { return DigestUtilities.CalculateDigest(OiwObjectIdentifiers.IdSha1, data); } public static AuthorityKeyIdentifier CreateAuthorityKeyIdentifier(AsymmetricKeyParameter publicKey) { return new AuthorityKeyIdentifier(CalculateKeyIdentifier(publicKey)); } public static AuthorityKeyIdentifier CreateAuthorityKeyIdentifier(AsymmetricKeyParameter publicKey, GeneralNames issuer, BigInteger serialNumber) { return new AuthorityKeyIdentifier(CalculateKeyIdentifier(publicKey), issuer, new DerInteger(serialNumber)); } public static AuthorityKeyIdentifier CreateAuthorityKeyIdentifier(SubjectPublicKeyInfo spki) { return new AuthorityKeyIdentifier(CalculateKeyIdentifier(spki)); } public static AuthorityKeyIdentifier CreateAuthorityKeyIdentifier(SubjectPublicKeyInfo spki, GeneralNames issuer, DerInteger serialNumber) { return new AuthorityKeyIdentifier(CalculateKeyIdentifier(spki), issuer, serialNumber); } public static AuthorityKeyIdentifier CreateAuthorityKeyIdentifier(X509Certificate certificate) { Asn1OctetString keyIdentifier = DeriveAuthCertKeyID(certificate); GeneralNames authorityCertIssuer = new GeneralNames(new GeneralName(certificate.IssuerDN)); DerInteger serialNumber = certificate.CertificateStructure.SerialNumber; return new AuthorityKeyIdentifier(keyIdentifier, authorityCertIssuer, serialNumber); } public static SubjectKeyIdentifier CreateSubjectKeyIdentifier(AsymmetricKeyParameter publicKey) { return new SubjectKeyIdentifier(CalculateKeyIdentifier(publicKey)); } public static SubjectKeyIdentifier CreateSubjectKeyIdentifier(SubjectPublicKeyInfo spki) { return new SubjectKeyIdentifier(CalculateKeyIdentifier(spki)); } public static SubjectKeyIdentifier CreateTruncatedSubjectKeyIdentifier(SubjectPublicKeyInfo spki) { byte[] array = CalculateSha1(spki); byte[] array2 = Arrays.CopyOfRange(array, array.Length - 8, array.Length); array2[0] &= 15; array2[0] |= 64; return new SubjectKeyIdentifier(array2); } internal static Asn1OctetString DeriveAuthCertKeyID(X509Certificate authorityCert) { SubjectKeyIdentifier subjectKeyIdentifier = GetSubjectKeyIdentifier(authorityCert); if (subjectKeyIdentifier != null) return DerOctetString.WithContents(subjectKeyIdentifier.GetKeyIdentifier()); return CalculateKeyIdentifier(authorityCert); } public static Asn1Object FromExtensionValue(Asn1OctetString extensionValue) { return Asn1Object.FromByteArray(extensionValue.GetOctets()); } public static Asn1Object FromExtensionValue(IX509Extension extensions, DerObjectIdentifier oid) { return extensions.GetExtension(oid, Asn1Object.FromByteArray); } public static AuthorityKeyIdentifier GetAuthorityKeyIdentifier(IX509Extension extension) { return extension.GetExtension(X509Extensions.AuthorityKeyIdentifier, AuthorityKeyIdentifier.GetInstance); } public static SubjectKeyIdentifier GetSubjectKeyIdentifier(IX509Extension extension) { return extension.GetExtension(X509Extensions.SubjectKeyIdentifier, SubjectKeyIdentifier.GetInstance); } } }