Misc. pkix refactoring

peterdettman · peterdettman · commit 2670274c8b70 · 2025-03-18T14:17:21.000+07:00
diff --git a/pkix/src/main/java/org/bouncycastle/cert/X509ExtensionUtils.java b/pkix/src/main/java/org/bouncycastle/cert/X509ExtensionUtils.java
@@ -113,23 +113,16 @@ public SubjectKeyIdentifier createTruncatedSubjectKeyIdentifier(SubjectPublicKey
 
     private byte[] getSubjectKeyIdentifier(X509CertificateHolder certHolder)
     {
-        if (certHolder.getVersionNumber() != 3)
-        {
-            return calculateIdentifier(certHolder.getSubjectPublicKeyInfo());
-        }
-        else
+        if (certHolder.getVersionNumber() == 3)
         {
             Extension ext = certHolder.getExtension(Extension.subjectKeyIdentifier);
-
             if (ext != null)
             {
                 return ASN1OctetString.getInstance(ext.getParsedValue()).getOctets();
             }
-            else
-            {
-                return calculateIdentifier(certHolder.getSubjectPublicKeyInfo());
-            }
         }
+
+        return calculateIdentifier(certHolder.getSubjectPublicKeyInfo());
     }
 
     private byte[] calculateIdentifier(SubjectPublicKeyInfo publicKeyInfo)
diff --git a/pkix/src/test/java/org/bouncycastle/cert/test/CertTest.java b/pkix/src/test/java/org/bouncycastle/cert/test/CertTest.java
@@ -2864,7 +2864,7 @@ public void checkCRLCreation5()
         {
             ASN1Enumerated reasonCode = (ASN1Enumerated)fromExtensionValue(ext);
 
-            if (reasonCode.intValueExact() != CRLReason.privilegeWithdrawn)
+            if (!reasonCode.hasValue(CRLReason.privilegeWithdrawn))
             {
                 fail("CRL entry reasonCode wrong");
             }
diff --git a/pkix/src/test/java/org/bouncycastle/cms/test/NewSignedDataTest.java b/pkix/src/test/java/org/bouncycastle/cms/test/NewSignedDataTest.java
@@ -1976,6 +1976,17 @@ public void testECDSASHA512Encapsulated()
         encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA512withECDSA");
     }
 
+    public void testECDSASHA512EncapsulatedWithKeyFactoryAsEC()
+        throws Exception
+    {
+        X509EncodedKeySpec  pubSpec = new X509EncodedKeySpec(_signEcDsaKP.getPublic().getEncoded());
+        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(_signEcDsaKP.getPrivate().getEncoded());
+        KeyFactory          keyFact = KeyFactory.getInstance("EC", BC);
+        KeyPair             kp = new KeyPair(keyFact.generatePublic(pubSpec), keyFact.generatePrivate(privSpec));
+        
+        encapsulatedTest(kp, _signEcDsaCert, "SHA512withECDSA");
+    }
+
     public void testECDSASHA3_224Encapsulated()
         throws Exception
     {
@@ -2048,17 +2059,6 @@ public void testPLAIN_ECDSASHA3_512Encapsulated()
         encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA3-512withPLAIN-ECDSA");
     }
 
-    public void testECDSASHA512EncapsulatedWithKeyFactoryAsEC()
-        throws Exception
-    {
-        X509EncodedKeySpec  pubSpec = new X509EncodedKeySpec(_signEcDsaKP.getPublic().getEncoded());
-        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(_signEcDsaKP.getPrivate().getEncoded());
-        KeyFactory          keyFact = KeyFactory.getInstance("EC", BC);
-        KeyPair             kp = new KeyPair(keyFact.generatePublic(pubSpec), keyFact.generatePrivate(privSpec));
-        
-        encapsulatedTest(kp, _signEcDsaCert, "SHA512withECDSA");
-    }
-
     public void testDSAEncapsulated()
         throws Exception
     {
diff --git a/prov/src/main/java/org/bouncycastle/x509/extension/AuthorityKeyIdentifierStructure.java b/prov/src/main/java/org/bouncycastle/x509/extension/AuthorityKeyIdentifierStructure.java
@@ -1,6 +1,7 @@
 package org.bouncycastle.x509.extension;
 
 import java.io.IOException;
+import java.math.BigInteger;
 import java.security.InvalidKeyException;
 import java.security.PublicKey;
 import java.security.cert.CertificateParsingException;
@@ -59,48 +60,36 @@ public AuthorityKeyIdentifierStructure(
         super((ASN1Sequence)extension.getParsedValue());
     }
 
-    private static ASN1Sequence fromCertificate(
-        X509Certificate certificate)
+    private static ASN1Sequence fromCertificate(X509Certificate certificate)
         throws CertificateParsingException
     {
         try
         {
-            if (certificate.getVersion() != 3)
-            {
-                GeneralName          genName = new GeneralName(PrincipalUtil.getIssuerX509Principal(certificate));
-                SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(certificate.getPublicKey().getEncoded());
-                
-                return (ASN1Sequence)new AuthorityKeyIdentifier(
-                               info, new GeneralNames(genName), certificate.getSerialNumber()).toASN1Primitive();
-            }
-            else
+            GeneralName genName = new GeneralName(PrincipalUtil.getIssuerX509Principal(certificate));
+            GeneralNames genNames = new GeneralNames(genName);
+            BigInteger serialNumber = certificate.getSerialNumber();
+
+            if (certificate.getVersion() == 3)
             {
-                GeneralName             genName = new GeneralName(PrincipalUtil.getIssuerX509Principal(certificate));
-                
-                byte[]                  ext = certificate.getExtensionValue(Extension.subjectKeyIdentifier.getId());
-                
+                byte[] ext = certificate.getExtensionValue(Extension.subjectKeyIdentifier.getId());
                 if (ext != null)
                 {
-                    ASN1OctetString     str = (ASN1OctetString)X509ExtensionUtil.fromExtensionValue(ext);
-                
-                    return (ASN1Sequence)new AuthorityKeyIdentifier(
-                                    str.getOctets(), new GeneralNames(genName), certificate.getSerialNumber()).toASN1Primitive();
-                }
-                else
-                {
-                    SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(certificate.getPublicKey().getEncoded());
-                    
-                    return (ASN1Sequence)new AuthorityKeyIdentifier(
-                            info, new GeneralNames(genName), certificate.getSerialNumber()).toASN1Primitive();
+                    ASN1OctetString str = (ASN1OctetString)X509ExtensionUtil.fromExtensionValue(ext);
+                    return (ASN1Sequence)new AuthorityKeyIdentifier(str.getOctets(), genNames, serialNumber)
+                        .toASN1Primitive();
                 }
             }
+
+            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(certificate.getPublicKey().getEncoded());
+
+            return (ASN1Sequence)new AuthorityKeyIdentifier(info, genNames, serialNumber).toASN1Primitive();
         }
         catch (Exception e)
         {
             throw new CertificateParsingException("Exception extracting certificate details: " + e.toString());
         }
     }
-    
+
     private static ASN1Sequence fromKey(
         PublicKey pubKey)
         throws InvalidKeyException

Original file line number	Diff line number	Diff line change
`@@ -113,23 +113,16 @@ public SubjectKeyIdentifier createTruncatedSubjectKeyIdentifier(SubjectPublicKey`
`113`	`113`
`114`	`114`	`private byte[] getSubjectKeyIdentifier(X509CertificateHolder certHolder)`
`115`	`115`	`{`
`116`		`- if (certHolder.getVersionNumber() != 3)`
`117`		`- {`
`118`		`- return calculateIdentifier(certHolder.getSubjectPublicKeyInfo());`
`119`		`- }`
`120`		`- else`
	`116`	`+ if (certHolder.getVersionNumber() == 3)`
`121`	`117`	`{`
`122`	`118`	`Extension ext = certHolder.getExtension(Extension.subjectKeyIdentifier);`
`123`		`-`
`124`	`119`	`if (ext != null)`
`125`	`120`	`{`
`126`	`121`	`return ASN1OctetString.getInstance(ext.getParsedValue()).getOctets();`
`127`	`122`	`}`
`128`		`- else`
`129`		`- {`
`130`		`- return calculateIdentifier(certHolder.getSubjectPublicKeyInfo());`
`131`		`- }`
`132`	`123`	`}`
	`124`	`+`
	`125`	`+ return calculateIdentifier(certHolder.getSubjectPublicKeyInfo());`
`133`	`126`	`}`
`134`	`127`
`135`	`128`	`private byte[] calculateIdentifier(SubjectPublicKeyInfo publicKeyInfo)`
Original file line number	Diff line number	Diff line change
`@@ -2864,7 +2864,7 @@ public void checkCRLCreation5()`
`2864`	`2864`	`{`
`2865`	`2865`	`ASN1Enumerated reasonCode = (ASN1Enumerated)fromExtensionValue(ext);`
`2866`	`2866`
`2867`		`- if (reasonCode.intValueExact() != CRLReason.privilegeWithdrawn)`
	`2867`	`+ if (!reasonCode.hasValue(CRLReason.privilegeWithdrawn))`
`2868`	`2868`	`{`
`2869`	`2869`	`fail("CRL entry reasonCode wrong");`
`2870`	`2870`	`}`