iaik.x509.extensions
Class SubjectKeyIdentifier

java.lang.Object
  |
  +--iaik.x509.V3Extension
        |
        +--iaik.x509.extensions.SubjectKeyIdentifier

public class SubjectKeyIdentifier

extends V3Extension

This class implements the SubjectKeyIdentifier extension.

The SubjectKeyIdentifier extension is a non critical standard X509v3 extension.

Each extension is associated with a specific certificateExtension object identifier, derived from:

 certificateExtension  OBJECT IDENTIFIER ::=
                            {joint-iso-ccitt(2) ds(5) 29}
 id-ce                 OBJECT IDENTIFIER ::=  certificateExtension
 

The object identifier for the SubjectKeyIdentifier extension is defined as:

id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 }

which corresponds to the OID string "2.5.29.14".

The X.509 Certificate and CRL profile presented in the PKIX internet draft draft-ietf-pkix-ipki-part1-07.txt specifies the subject key identifier extension for providing a means of identifying the particular public key used in an application. Where a reference to a public key identifier is needed (as with an Authority Key Identifier) and one is not included in the associated certificate, a SHA-1 hash of the subject public key shall be used. The hash shall be calculated over the value (excluding tag and length) of the subject public key field in the certificate.

ASN.1 definition:

 SubjectKeyIdentifier ::= KeyIdentifier
 

 KeyIdentifier ::= OCTET STRING
 

For adding a SubjectKeyIdentifier extension object to a X509Certificate, use the a addExtension method of the iaik.X509Certificate class, e.g.:

 SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifier(new byte[] {1,2,3,4,5,6,7,8,9});
 X505Certificate cert = new X509Certificate();
   ...
 cert.addExtension(subjectKeyIdentifier);
 

See Also:

OCTET_STRING, AuthorityKeyIdentifier, V3Extension, X509Extensions, X509Certificate

Field Summary

static ObjectID

oid The object identifier of this SubjectKeyIdentifier extension.

Fields inherited from class iaik.x509.V3Extension

critical

Constructor Summary

SubjectKeyIdentifier()
Default constructor.

SubjectKeyIdentifier(byte[] identifier)
Creates a SubjectKeyIdentifier extension with a defined identifier.

Method Summary

byte[]	get() Returns the identifier of this extension.
ObjectID	getObjectID() Returns the object ID of this SubjectKeyIdentifier extension
int	hashCode() Returns a hashcode for this identity.
void	init(ASN1Object obj) Inits this SubjectKeyIdentifier implementation with an ASN1object representing the value of this extension.
void	set(byte[] identifier) Sets the identifier of this SubjectKeyIdentifier extension.
ASN1Object	toASN1Object() Returns an ASN1Object representing the value of this SubjectKeyIdentifier extension object.
java.lang.String	toString() Returns a string that represents the contents of this SubjectKeyIdentifier extension.

Methods inherited from class iaik.x509.V3Extension

getName, isCritical, setCritical

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

oid

public static final ObjectID oid

The object identifier of this SubjectKeyIdentifier extension. The corresponding OID string is "2.5.29.14".

Constructor Detail

SubjectKeyIdentifier

public SubjectKeyIdentifier()

Default constructor. Creates an empty SubjectKeyIdentifier object.

Use the set method for setting the key identifier value, e.g.:

 SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifier();
 subjectKeyIdentifier.set(new byte[] {1,2,3,4,5,6,7,8,9});
 

SubjectKeyIdentifier

public SubjectKeyIdentifier(byte[] identifier)

Creates a SubjectKeyIdentifier extension with a defined identifier.

For instance:

 SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifier(new byte[] {1,2,3,4,5,6,7,8,9});
 

Parameters:

identifier - the subject key identifier as byte array

Method Detail

getObjectID

public ObjectID getObjectID()

Returns the object ID of this SubjectKeyIdentifier extension

Overrides:

getObjectID in class V3Extension

Returns:

the object ID

init

public void init(ASN1Object obj)

Inits this SubjectKeyIdentifier implementation with an ASN1object representing the value of this extension.

The given ASN1Object represents the key identifier value.

The given ASN1Object is the one created by toASN1Object().

This method is used by the X509Extensions class when parsing the ASN.1 representation of a certificate for properly initializing an included SubjectKeyIdentifier extension. This method initializes the extension only with its value, but not with its critical specification. For that reason, this method shall not be explicitly called by an application.

Overrides:

init in class V3Extension

Parameters:

obj - the SubjectKeyIdentifier as ASN1Object

toASN1Object

public ASN1Object toASN1Object()

Returns an ASN1Object representing the value of this SubjectKeyIdentifier extension object.

The returned ASN1Object is an ASN.1 OCTET_STRING representing the key identifier value:

 SubjectKeyIdentifier ::= KeyIdentifier

 KeyIdentifier ::= OCTET STRING
 

Overrides:

toASN1Object in class V3Extension

Returns:

the value of this SubjectKeyIdentifier as ASN1Object

set

public void set(byte[] identifier)

Sets the identifier of this SubjectKeyIdentifier extension.

For instance:

 SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifier();
 subjectKeyIdentifier.set(new byte[] {1,2,3,4,5,6,7,8,9});
 

Parameters:

identifier - a identifier as byte array

get

public byte[] get()

Returns the identifier of this extension.

Returns:

the identifier, as byte array

See Also:

set(byte[])

hashCode

public int hashCode()

Returns a hashcode for this identity.

Overrides:

hashCode in class V3Extension

Returns:

a hash code for this identity

toString

public java.lang.String toString()

Returns a string that represents the contents of this SubjectKeyIdentifier extension.

Overrides:

toString in class java.lang.Object

Returns:

the string representation