1057 * @return AuthorityKeyIdentifier object or null (if no such object 1058 * in certificate) 1059 */ 1060 public AuthorityKeyIdentifierExtension getAuthorityKeyIdentifierExtension() 1061 { 1062 return (AuthorityKeyIdentifierExtension) 1063 getExtension(PKIXExtensions.AuthorityKey_Id); 1064 } 1065 1066 /** 1067 * Return the issuing authority's key identifier bytes, or null 1068 */ 1069 public byte[] getIssuerKeyIdentifier() 1070 { 1071 if (issuerKeyId == null) { 1072 AuthorityKeyIdentifierExtension aki = 1073 getAuthorityKeyIdentifierExtension(); 1074 if (aki != null) { 1075 1076 try { 1077 issuerKeyId = ((KeyIdentifier) 1078 aki.get(AuthorityKeyIdentifierExtension.KEY_ID)) 1079 .getIdentifier(); 1080 } catch (IOException e) { 1081 // should never happen (because KEY_ID attr is supported) 1082 } 1083 1084 } else { 1085 issuerKeyId = new byte[0]; // no AKID present 1086 } 1087 } 1088 1089 return issuerKeyId.length != 0 ? issuerKeyId : null; 1090 } 1091 1092 /** 1093 * Get BasicConstraints extension 1094 * @return BasicConstraints object or null (if no such object in 1095 * certificate) 1096 */ 1097 public BasicConstraintsExtension getBasicConstraintsExtension() { 1098 return (BasicConstraintsExtension) 1099 getExtension(PKIXExtensions.BasicConstraints_Id); | 1057 * @return AuthorityKeyIdentifier object or null (if no such object 1058 * in certificate) 1059 */ 1060 public AuthorityKeyIdentifierExtension getAuthorityKeyIdentifierExtension() 1061 { 1062 return (AuthorityKeyIdentifierExtension) 1063 getExtension(PKIXExtensions.AuthorityKey_Id); 1064 } 1065 1066 /** 1067 * Return the issuing authority's key identifier bytes, or null 1068 */ 1069 public byte[] getIssuerKeyIdentifier() 1070 { 1071 if (issuerKeyId == null) { 1072 AuthorityKeyIdentifierExtension aki = 1073 getAuthorityKeyIdentifierExtension(); 1074 if (aki != null) { 1075 1076 try { 1077 KeyIdentifier ki = 1078 ((KeyIdentifier) aki.get( 1079 AuthorityKeyIdentifierExtension.KEY_ID)); 1080 if (ki != null) { 1081 issuerKeyId = ki.getIdentifier(); 1082 } else { 1083 issuerKeyId = new byte[0]; // no hash-based AKID present 1084 } 1085 } catch (IOException e) { 1086 // should never happen (because KEY_ID attr is supported) 1087 } 1088 1089 } else { 1090 issuerKeyId = new byte[0]; // no AKID present 1091 } 1092 } 1093 1094 return issuerKeyId.length != 0 ? issuerKeyId : null; 1095 } 1096 1097 /** 1098 * Get BasicConstraints extension 1099 * @return BasicConstraints object or null (if no such object in 1100 * certificate) 1101 */ 1102 public BasicConstraintsExtension getBasicConstraintsExtension() { 1103 return (BasicConstraintsExtension) 1104 getExtension(PKIXExtensions.BasicConstraints_Id); |