List of usage examples for org.bouncycastle.cert.ocsp RespID toASN1Primitive
public ResponderID toASN1Primitive()
From source file:eu.europa.esig.dss.validation.OCSPCertificateVerifier.java
License:Open Source License
private void extractSigningCertificateFormResponderId(OCSPToken ocspToken) { final RespID responderId = ocspToken.getBasicOCSPResp().getResponderId(); final ResponderID responderIdAsASN1Object = responderId.toASN1Primitive(); final DERTaggedObject derTaggedObject = (DERTaggedObject) responderIdAsASN1Object.toASN1Primitive(); if (2 == derTaggedObject.getTagNo()) { throw new DSSException("Certificate's key hash management not implemented yet!"); }//from w ww. j ava2 s .c om final ASN1Primitive derObject = derTaggedObject.getObject(); final byte[] derEncoded = DSSASN1Utils.getDEREncoded(derObject); final X500Principal x500Principal_ = new X500Principal(derEncoded); final X500Principal x500Principal = DSSUtils.getNormalizedX500Principal(x500Principal_); final List<CertificateToken> certificateTokens = validationCertPool.get(x500Principal); for (final CertificateToken issuerCertificateToken : certificateTokens) { if (ocspToken.isSignedBy(issuerCertificateToken)) { break; } } }
From source file:eu.europa.esig.dss.xades.signature.XAdESLevelC.java
License:Open Source License
/** * @param completeRevocationRefsDom//from w ww .ja va2s . co m * @param processedRevocationTokens * @throws eu.europa.esig.dss.DSSException */ private void incorporateOCSPRefs(final Element completeRevocationRefsDom, final Set<RevocationToken> processedRevocationTokens) throws DSSException { if (processedRevocationTokens.isEmpty()) { return; } boolean containsOCSPToken = false; for (RevocationToken revocationToken : processedRevocationTokens) { containsOCSPToken = revocationToken instanceof OCSPToken; if (containsOCSPToken) { break; } } if (!containsOCSPToken) { return; } // ...<xades:CRLRefs/> // ...<xades:OCSPRefs> // ......<xades:OCSPRef> // .........<xades:OCSPIdentifier> // ............<xades:ResponderID> // ...............<xades:ByName>C=AA,O=DSS,CN=OCSP A</xades:ByName> // ............</xades:ResponderID> // ............<xades:ProducedAt>2013-11-25T12:33:34.000+01:00</xades:ProducedAt> // .........</xades:OCSPIdentifier> // .........<xades:DigestAlgAndValue> // ............<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> // ............<ds:DigestValue>O1uHdchN+zFzbGrBg2FP3/idD0k=</ds:DigestValue> final Element ocspRefsDom = DSSXMLUtils.addElement(documentDom, completeRevocationRefsDom, XAdESNamespaces.XAdES, "xades:OCSPRefs"); for (RevocationToken revocationToken : processedRevocationTokens) { if (revocationToken instanceof OCSPToken) { BasicOCSPResp basicOcspResp = ((OCSPToken) revocationToken).getBasicOCSPResp(); final Element ocspRefDom = DSSXMLUtils.addElement(documentDom, ocspRefsDom, XAdESNamespaces.XAdES, "xades:OCSPRef"); final Element ocspIdentifierDom = DSSXMLUtils.addElement(documentDom, ocspRefDom, XAdESNamespaces.XAdES, "xades:OCSPIdentifier"); final Element responderIDDom = DSSXMLUtils.addElement(documentDom, ocspIdentifierDom, XAdESNamespaces.XAdES, "xades:ResponderID"); final RespID responderId = basicOcspResp.getResponderId(); final ResponderID responderIdAsASN1Object = responderId.toASN1Primitive(); final DERTaggedObject derTaggedObject = (DERTaggedObject) responderIdAsASN1Object.toASN1Primitive(); if (2 == derTaggedObject.getTagNo()) { final ASN1OctetString keyHashOctetString = (ASN1OctetString) derTaggedObject.getObject(); final byte[] keyHashOctetStringBytes = keyHashOctetString.getOctets(); final String base65EncodedKeyHashOctetStringBytes = Base64 .encodeBase64String(keyHashOctetStringBytes); DSSXMLUtils.addTextElement(documentDom, responderIDDom, XAdESNamespaces.XAdES, "xades:ByKey", base65EncodedKeyHashOctetStringBytes); } else { final ASN1Primitive derObject = derTaggedObject.getObject(); final X500Name name = X500Name.getInstance(derObject); DSSXMLUtils.addTextElement(documentDom, responderIDDom, XAdESNamespaces.XAdES, "xades:ByName", name.toString()); } final Date producedAt = basicOcspResp.getProducedAt(); final XMLGregorianCalendar xmlGregorianCalendar = DSSXMLUtils .createXMLGregorianCalendar(producedAt); final String producedAtXmlEncoded = xmlGregorianCalendar.toXMLFormat(); DSSXMLUtils.addTextElement(documentDom, ocspIdentifierDom, XAdESNamespaces.XAdES, "xades:ProducedAt", producedAtXmlEncoded); final Element digestAlgAndValueDom = DSSXMLUtils.addElement(documentDom, ocspRefDom, XAdESNamespaces.XAdES, "xades:DigestAlgAndValue"); // TODO: to be added as field to eu.europa.esig.dss.AbstractSignatureParameters. DigestAlgorithm digestAlgorithm = DigestAlgorithm.SHA1; incorporateDigestMethod(digestAlgAndValueDom, digestAlgorithm); final InMemoryDocument inMemoryDocument = new InMemoryDocument(revocationToken.getEncoded()); incorporateDigestValue(digestAlgAndValueDom, digestAlgorithm, inMemoryDocument); } } }
From source file:org.digidoc4j.impl.bdoc.xades.TimemarkSignature.java
License:GNU General Public License
private String getOCSPCommonName() { RespID responderId = ocspResponse.getResponderId(); String commonName = getCN(responderId.toASN1Primitive().getName()); logger.debug("OCSP common name: " + commonName); return commonName; }