List of usage examples for org.bouncycastle.asn1.ocsp TBSRequest TBSRequest
public TBSRequest(GeneralName requestorName, ASN1Sequence requestList, Extensions requestExtensions)
From source file:org.jruby.ext.openssl.OCSPRequest.java
License:Common Public License
private void addNonceImpl() { GeneralName requestorName = null;/*from w w w.j ava2 s . co m*/ ASN1Sequence requestList = new DERSequence(); Extensions extensions = null; Signature sig = null; List<Extension> tmpExtensions = new ArrayList<Extension>(); if (asn1bcReq != null) { TBSRequest currentTbsReq = asn1bcReq.getTbsRequest(); extensions = currentTbsReq.getRequestExtensions(); sig = asn1bcReq.getOptionalSignature(); Enumeration<ASN1ObjectIdentifier> oids = extensions.oids(); while (oids.hasMoreElements()) { tmpExtensions.add(extensions.getExtension(oids.nextElement())); } } tmpExtensions.add(new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, nonce)); Extension[] exts = new Extension[tmpExtensions.size()]; Extensions newExtensions = new Extensions(tmpExtensions.toArray(exts)); TBSRequest newTbsReq = new TBSRequest(requestorName, requestList, newExtensions); asn1bcReq = new org.bouncycastle.asn1.ocsp.OCSPRequest(newTbsReq, sig); }
From source file:support.revocation.OCSP.java
License:Apache License
/** * @return an OCSP request for the given certificate that was issued by * the issuer which the given issuer certificate is issued for * @param certificate/*from w ww . j a v a 2s. c om*/ * @param issuerCertificate * @throws IOException * @throws GeneralSecurityException */ private static OCSPRequest generateOCSPRequest(X509Certificate certificate, X509Certificate issuerCertificate) throws IOException, GeneralSecurityException { MessageDigest digest = MessageDigest.getInstance("SHA1"); AlgorithmIdentifier digestAlgorithm = new AlgorithmIdentifier( new ASN1ObjectIdentifier(OIWObjectIdentifiers.idSHA1.getId())); if (!issuerCertificate.getSubjectX500Principal().equals(certificate.getIssuerX500Principal())) throw new CertificateException("Issuing cerrtificate and issued certificate mismatch"); // issuer hash digest.update(issuerCertificate.getSubjectX500Principal().getEncoded()); ASN1OctetString issuerNameHash = new DEROctetString(digest.digest()); // issuer public key hash SubjectPublicKeyInfo publicKey = SubjectPublicKeyInfo .getInstance(parseASN1(issuerCertificate.getPublicKey().getEncoded())); digest.update(publicKey.getPublicKeyData().getBytes()); ASN1OctetString issuerKeyHash = new DEROctetString(digest.digest()); // certificate serial number ASN1Integer serialNumber = new ASN1Integer(certificate.getSerialNumber()); // OCSP request CertID certID = new CertID(digestAlgorithm, issuerNameHash, issuerKeyHash, serialNumber); ASN1Sequence requestList = new DERSequence(new Request(certID, null)); TBSRequest request = new TBSRequest(null, requestList, (Extensions) null); return new OCSPRequest(request, null); }