001/* 002 * Copyright 2017-2019 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright (C) 2017-2019 Ping Identity Corporation 007 * 008 * This program is free software; you can redistribute it and/or modify 009 * it under the terms of the GNU General Public License (GPLv2 only) 010 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 011 * as published by the Free Software Foundation. 012 * 013 * This program is distributed in the hope that it will be useful, 014 * but WITHOUT ANY WARRANTY; without even the implied warranty of 015 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 016 * GNU General Public License for more details. 017 * 018 * You should have received a copy of the GNU General Public License 019 * along with this program; if not, see <http://www.gnu.org/licenses>. 020 */ 021package com.unboundid.util.ssl.cert; 022 023 024 025import com.unboundid.asn1.ASN1OctetString; 026import com.unboundid.util.Debug; 027import com.unboundid.util.NotMutable; 028import com.unboundid.util.OID; 029import com.unboundid.util.StaticUtils; 030import com.unboundid.util.ThreadSafety; 031import com.unboundid.util.ThreadSafetyLevel; 032 033import static com.unboundid.util.ssl.cert.CertMessages.*; 034 035 036 037/** 038 * This class provides an implementation of the subject key identifier X.509 039 * certificate extension as described in 040 * <A HREF="https://www.ietf.org/rfc/rfc5280.txt">RFC 5280</A> section 4.2.1.2. 041 * The OID for this extension is 2.5.29.14. The value is an octet string and is 042 * intended to identify the public key used by a certificate. The actual format 043 * of the key identifier is not specified, although RFC 5280 does specify a 044 * couple of possibilities. 045 */ 046@NotMutable() 047@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 048public final class SubjectKeyIdentifierExtension 049 extends X509CertificateExtension 050{ 051 /** 052 * The OID (2.5.29.14) for subject key identifier extensions. 053 */ 054 public static final OID SUBJECT_KEY_IDENTIFIER_OID = new OID("2.5.29.14"); 055 056 057 058 /** 059 * The serial version UID for this serializable class. 060 */ 061 private static final long serialVersionUID = -7175921866230880172L; 062 063 064 065 // The key identifier for this extension. 066 private final ASN1OctetString keyIdentifier; 067 068 069 070 /** 071 * Creates a new subject key identifier extension with the provided 072 * information. 073 * 074 * @param isCritical Indicates whether this extension should be 075 * considered critical. 076 * @param keyIdentifier The key identifier for this extension. It must not 077 * be {@code null}. 078 */ 079 SubjectKeyIdentifierExtension(final boolean isCritical, 080 final ASN1OctetString keyIdentifier) 081 { 082 super(SUBJECT_KEY_IDENTIFIER_OID, isCritical, 083 keyIdentifier.encode()); 084 085 this.keyIdentifier = keyIdentifier; 086 } 087 088 089 090 /** 091 * Creates a new subject key identifier extension from the provided generic 092 * extension. 093 * 094 * @param extension The extension to decode as a subject key identifier 095 * extension. 096 * 097 * @throws CertException If the provided extension cannot be decoded as a 098 * subject alternative name extension. 099 */ 100 SubjectKeyIdentifierExtension(final X509CertificateExtension extension) 101 throws CertException 102 { 103 super(extension); 104 105 try 106 { 107 keyIdentifier = ASN1OctetString.decodeAsOctetString(extension.getValue()); 108 } 109 catch (final Exception e) 110 { 111 Debug.debugException(e); 112 throw new CertException( 113 ERR_SUBJECT_KEY_ID_EXTENSION_CANNOT_PARSE.get( 114 String.valueOf(extension), StaticUtils.getExceptionMessage(e)), 115 e); 116 } 117 } 118 119 120 121 /** 122 * Retrieves the key identifier for this extension. 123 * 124 * @return The key identifier for this extension. 125 */ 126 public ASN1OctetString getKeyIdentifier() 127 { 128 return keyIdentifier; 129 } 130 131 132 133 /** 134 * {@inheritDoc} 135 */ 136 @Override() 137 public String getExtensionName() 138 { 139 return INFO_SUBJECT_KEY_IDENTIFIER_EXTENSION_NAME.get(); 140 } 141 142 143 144 /** 145 * {@inheritDoc} 146 */ 147 @Override() 148 public void toString(final StringBuilder buffer) 149 { 150 buffer.append("SubjectKeyIdentifierExtension(oid='"); 151 buffer.append(getOID()); 152 buffer.append(", isCritical="); 153 buffer.append(isCritical()); 154 buffer.append(", identifierBytes='"); 155 StaticUtils.toHex(keyIdentifier.getValue(), ":", buffer); 156 buffer.append("')"); 157 } 158}