[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] How to get the 'keyid' part of AuthorityKeyIdentifier from the certificate extension?



Hi, all
I want to read the 'keyid' part of AuthorityKeyIdentifier from the certificate extension. But AuthorityKeyIdentifier hasn't got a constructor for constructing from byte[] and cannot init from an ASN1Object. How can I get the keyid?
 
Any suggestion would be really appreciated

Thank you!
 
Albert
PS.
 FileInputStream file = new FileInputStream("/export/home/yyz/apps/yyz123.pem");
 X509Certificate cert = new X509Certificate(file);
 byte[] cakeyid = cert.getExtensionValue("2.5.29.35");
 System.out.println( "CAKeyID=" + GKUtil.toHexString(cakeyid) );
 ASN1Object obj = null;
 obj = ASN.create(ASN.OCTET_STRING, cakeyid);
 System.out.println("ASN1Object="+obj);
 AuthorityKeyIdentifier aid = new AuthorityKeyIdentifier();
 aid.init(obj);
 System.out.println( "AuthorityKeyIdentifier="+aid.toString() );
 byte[] keyid = aid.getKeyIdentifier();
 System.out.println( "KeyID=" + GKUtil.toHexString(keyid) );
 
Output:
 
CAKeyID=308201088014f9fe9943ac2d75f2a4658af30dc62bae9a029cc0a181eca481e93081e6310b3009060355040613025553311330110603550408130a43616c69666f726e69613111300f060355040713084d696c706974617331253023060355040a131c4e657466726f6e7420636f6d6d756e69636174696f6e732c496e632e31173015060355040b130e4772616e646b65792067726f757031493047060355040313404e657466726f6e74204772616e646b657920434120496e646976696475616c20537562736372696265722d506572736f6e61206e6f742056616c6964617465643124302206092a864886f70d0109011615676b61646d696e406e65742d66726f6e742e636f6d820100
ASN1Object=OCTET STRING = 268 bytes: 30:82:01:08:80...
Exception in thread "main" java.lang.StringIndexOutOfBoundsException: String index out of range: -1
        at java.lang.StringBuffer.setLength(StringBuffer.java, Compiled Code)
        at iaik.x509.extensions.AuthorityKeyIdentifier.toString(Unknown Source)
        at test.t(test.java, Compiled Code)
        at test.main(test.java, Compiled Code)