List of usage examples for org.bouncycastle.asn1.esf OtherHash OtherHash
public OtherHash(byte[] sha1Hash)
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESProfileC.java
License:Open Source License
/** * Create a reference to a X509Certificate * /*from w ww . j a va 2 s. c om*/ * @param cert * @return * @throws NoSuchAlgorithmException * @throws CertificateEncodingException */ private OtherCertID makeOtherCertID(X509Certificate cert) throws NoSuchAlgorithmException, CertificateEncodingException { MessageDigest sha1digest = MessageDigest.getInstance(X509ObjectIdentifiers.id_SHA1.getId(), new BouncyCastleProvider()); byte[] d = sha1digest.digest(cert.getEncoded()); LOG.info(new DEROctetString(d).getDERObject().toString()); OtherHash hash = new OtherHash(sha1digest.digest(cert.getEncoded())); OtherCertID othercertid = new OtherCertID(new DERSequence(hash.getDERObject())); return othercertid; }
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESProfileC.java
License:Open Source License
/** * Create a reference to a X509CRL//from w w w . jav a 2 s .co m * * @param crl * @return * @throws NoSuchAlgorithmException * @throws CRLException */ private CrlValidatedID makeCrlValidatedID(X509CRL crl) throws NoSuchAlgorithmException, CRLException { MessageDigest sha1digest = MessageDigest.getInstance(X509ObjectIdentifiers.id_SHA1.getId(), new BouncyCastleProvider()); OtherHash hash = new OtherHash(sha1digest.digest(crl.getEncoded())); BigInteger crlnumber; CrlIdentifier crlid; if (crl.getExtensionValue("2.5.29.20") != null) { crlnumber = new DERInteger(crl.getExtensionValue("2.5.29.20")).getPositiveValue(); crlid = new CrlIdentifier(new X500Name(crl.getIssuerX500Principal().getName()), new DERUTCTime(crl.getThisUpdate()), crlnumber); } else { crlid = new CrlIdentifier(new X500Name(crl.getIssuerX500Principal().getName()), new DERUTCTime(crl.getThisUpdate())); } CrlValidatedID crlvid = new CrlValidatedID(hash, crlid); return crlvid; }
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESProfileC.java
License:Open Source License
/** * Create a reference on a OCSPResp//from w w w .j av a 2s .c o m * * @param ocspResp * @return * @throws NoSuchAlgorithmException * @throws OCSPException * @throws IOException */ private OcspResponsesID makeOcspResponsesID(BasicOCSPResp ocspResp) throws NoSuchAlgorithmException, OCSPException, IOException { /* * We hash the complete response, this is not clear in the TS but the issue was addressed here: * http://lists.iaik.tugraz.at/pipermail/jce-general/2007-January/005914.html */ MessageDigest sha1digest = MessageDigest.getInstance(X509ObjectIdentifiers.id_SHA1.getId(), new BouncyCastleProvider()); byte[] digestValue = sha1digest.digest(ocspResp.getEncoded()); OtherHash hash = new OtherHash(digestValue); OcspResponsesID ocsprespid = new OcspResponsesID(new OcspIdentifier( ocspResp.getResponderId().toASN1Object(), new DERGeneralizedTime(ocspResp.getProducedAt())), hash); LOG.info("Incorporate OcspResponseId[hash=" + Hex.encodeHexString(digestValue) + ",producedAt=" + ocspResp.getProducedAt()); return ocsprespid; }
From source file:org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.impl.RevocationRefs.java
License:Open Source License
/** * /*from ww w .j av a2 s .co m*/ * * @param extract * CrlValidatedID from X509CRL * @return a CrlValidatedID * @throws NoSuchAlgorithmException * @throws CRLException */ private CrlValidatedID makeCrlValidatedID(X509CRL crl) throws NoSuchAlgorithmException, CRLException { Digest digest = DigestFactory.getInstance().factoryDefault(); digest.setAlgorithm(DigestAlgorithmEnum.SHA_256); OtherHashAlgAndValue otherHashAlgAndValue = new OtherHashAlgAndValue( new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256), new DEROctetString(digest.digest(crl.getEncoded()))); OtherHash hash = new OtherHash(otherHashAlgAndValue); BigInteger crlnumber; CrlIdentifier crlid; if (crl.getExtensionValue("2.5.29.20") != null) { ASN1Integer varASN1Integer = new ASN1Integer(crl.getExtensionValue("2.5.29.20")); crlnumber = varASN1Integer.getPositiveValue(); crlid = new CrlIdentifier(new X500Name(crl.getIssuerX500Principal().getName()), new DERUTCTime(crl.getThisUpdate()), crlnumber); } else { crlid = new CrlIdentifier(new X500Name(crl.getIssuerX500Principal().getName()), new DERUTCTime(crl.getThisUpdate())); } CrlValidatedID crlvid = new CrlValidatedID(hash, crlid); return crlvid; }