List of usage examples for org.bouncycastle.crypto.digests SHA1Digest SHA1Digest
public SHA1Digest()
From source file:org.xipki.ocsp.client.impl.SHA1DigestCalculator.java
License:Open Source License
@Override protected Digest getDigester() { return new SHA1Digest(); }
From source file:org.xipki.ocsp.server.impl.certstore.CrlCertStatusStore.java
License:Open Source License
public CrlCertStatusStore(final String name, final String crlFilename, final String deltaCrlFilename, final X509Certificate caCert, final X509Certificate issuerCert, final String crlUrl, final String certsDirname) { super(name);// ww w . ja va 2 s . co m ParamChecker.assertNotBlank("crlFile", crlFilename); ParamChecker.assertNotNull("caCert", caCert); this.crlFilename = IoUtil.expandFilepath(crlFilename); this.deltaCrlFilename = deltaCrlFilename == null ? null : IoUtil.expandFilepath(deltaCrlFilename); this.caCert = caCert; this.issuerCert = issuerCert; this.crlUrl = crlUrl; this.caNotBefore = caCert.getNotBefore(); this.certsDirname = certsDirname; this.sha1 = new SHA1Digest(); }
From source file:org.xipki.pki.ocsp.server.impl.store.crl.CrlCertStatusStore.java
License:Open Source License
@Override public void init(final String conf, final DataSourceWrapper datasource, final Set<HashAlgoType> certHashAlgos) throws OcspStoreException { ParamUtil.requireNonBlank("conf", conf); this.certHashAlgos = ParamUtil.requireNonNull("certHashAlgos", certHashAlgos); StoreConf storeConf = new StoreConf(conf); this.crlFilename = IoUtil.expandFilepath(storeConf.getCrlFile()); this.crlUrl = storeConf.getCrlUrl(); this.deltaCrlFilename = (storeConf.getDeltaCrlFile() == null) ? null : IoUtil.expandFilepath(storeConf.getDeltaCrlFile()); this.certsDirname = (storeConf.getCertsDir() == null) ? null : IoUtil.expandFilepath(storeConf.getCertsDir()); this.caCert = parseCert(storeConf.getCaCertFile()); this.issuerCert = null; if (storeConf.getIssuerCertFile() != null) { this.issuerCert = parseCert(storeConf.getIssuerCertFile()); }/*from ww w .ja v a 2s .co m*/ this.caNotBefore = caCert.getNotBefore(); this.sha1 = new SHA1Digest(); initializeStore(true); StoreUpdateService storeUpdateService = new StoreUpdateService(); scheduledThreadPoolExecutor = new ScheduledThreadPoolExecutor(1); scheduledThreadPoolExecutor.scheduleAtFixedRate(storeUpdateService, 60, 60, TimeUnit.SECONDS); }
From source file:org.xipki.pki.scep.crypto.ScepHashAlgoType.java
License:Open Source License
public byte[] digest(final byte[] content) { ParamUtil.requireNonNull("content", content); Digest digest;// w w w.j a v a 2s. com if (this == SHA1) { digest = new SHA1Digest(); } else if (this == SHA256) { digest = new SHA256Digest(); } else if (this == SHA512) { digest = new SHA512Digest(); } else if (this == MD5) { digest = new MD5Digest(); } else { throw new RuntimeException("should not reach here"); } byte[] ret = new byte[length]; digest.doFinal(ret, 0); return ret; }
From source file:org.xipki.pki.scep.transaction.TransactionId.java
License:Open Source License
public static TransactionId sha1TransactionId(final byte[] content) { ParamUtil.requireNonNull("content", content); SHA1Digest dgst = new SHA1Digest(); dgst.update(content, 0, content.length); byte[] digest = new byte[20]; dgst.doFinal(digest, 0);/*ww w . j a va 2 s . c om*/ return new TransactionId(digest); }
From source file:org.xipki.security.p11.iaik.IaikP11Slot.java
License:Open Source License
private X509CertificateHolder generateCertificate(final Session session, final byte[] id, final String label, final String subject, final AlgorithmIdentifier signatureAlgId, final PrivateKeyAndPKInfo privateKeyAndPkInfo, Integer keyUsage, List<ASN1ObjectIdentifier> extendedKeyUsage) throws Exception { BigInteger serialNumber = BigInteger.ONE; Date startDate = new Date(); Date endDate = new Date(startDate.getTime() + 20 * YEAR); X500Name x500Name_subject = new X500Name(subject); x500Name_subject = X509Util.sortX509Name(x500Name_subject); V3TBSCertificateGenerator tbsGen = new V3TBSCertificateGenerator(); tbsGen.setSerialNumber(new ASN1Integer(serialNumber)); tbsGen.setSignature(signatureAlgId); tbsGen.setIssuer(x500Name_subject); tbsGen.setStartDate(new Time(startDate)); tbsGen.setEndDate(new Time(endDate)); tbsGen.setSubject(x500Name_subject); tbsGen.setSubjectPublicKeyInfo(privateKeyAndPkInfo.getPublicKeyInfo()); List<Extension> extensions = new ArrayList<>(2); if (keyUsage == null) { keyUsage = KeyUsage.keyCertSign | KeyUsage.cRLSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment; }// w ww . ja v a 2 s.c om extensions.add(new Extension(Extension.keyUsage, true, new DEROctetString(new KeyUsage(keyUsage)))); if (CollectionUtil.isNotEmpty(extendedKeyUsage)) { KeyPurposeId[] kps = new KeyPurposeId[extendedKeyUsage.size()]; int i = 0; for (ASN1ObjectIdentifier oid : extendedKeyUsage) { kps[i++] = KeyPurposeId.getInstance(oid); } extensions.add(new Extension(Extension.extendedKeyUsage, false, new DEROctetString(new ExtendedKeyUsage(kps)))); } Extensions paramX509Extensions = new Extensions(extensions.toArray(new Extension[0])); tbsGen.setExtensions(paramX509Extensions); TBSCertificate tbsCertificate = tbsGen.generateTBSCertificate(); byte[] encodedTbsCertificate = tbsCertificate.getEncoded(); byte[] signature = null; Digest digest = null; Mechanism sigMechanism = null; ASN1ObjectIdentifier sigAlgID = signatureAlgId.getAlgorithm(); if (sigAlgID.equals(PKCSObjectIdentifiers.sha256WithRSAEncryption)) { sigMechanism = Mechanism.get(PKCS11Constants.CKM_SHA256_RSA_PKCS); session.signInit(sigMechanism, privateKeyAndPkInfo.getPrivateKey()); signature = session.sign(encodedTbsCertificate); } else if (sigAlgID.equals(NISTObjectIdentifiers.dsa_with_sha256)) { digest = new SHA256Digest(); byte[] digestValue = new byte[digest.getDigestSize()]; digest.update(encodedTbsCertificate, 0, encodedTbsCertificate.length); digest.doFinal(digestValue, 0); session.signInit(Mechanism.get(PKCS11Constants.CKM_DSA), privateKeyAndPkInfo.getPrivateKey()); byte[] rawSignature = session.sign(digestValue); signature = convertToX962Signature(rawSignature); } else { if (sigAlgID.equals(X9ObjectIdentifiers.ecdsa_with_SHA1)) { digest = new SHA1Digest(); } else if (sigAlgID.equals(X9ObjectIdentifiers.ecdsa_with_SHA256)) { digest = new SHA256Digest(); } else if (sigAlgID.equals(X9ObjectIdentifiers.ecdsa_with_SHA384)) { digest = new SHA384Digest(); } else if (sigAlgID.equals(X9ObjectIdentifiers.ecdsa_with_SHA512)) { digest = new SHA512Digest(); } else { System.err.println("unknown algorithm ID: " + sigAlgID.getId()); return null; } byte[] digestValue = new byte[digest.getDigestSize()]; digest.update(encodedTbsCertificate, 0, encodedTbsCertificate.length); digest.doFinal(digestValue, 0); session.signInit(Mechanism.get(PKCS11Constants.CKM_ECDSA), privateKeyAndPkInfo.getPrivateKey()); byte[] rawSignature = session.sign(digestValue); signature = convertToX962Signature(rawSignature); } // build DER certificate ASN1EncodableVector v = new ASN1EncodableVector(); v.add(tbsCertificate); v.add(signatureAlgId); v.add(new DERBitString(signature)); DERSequence cert = new DERSequence(v); // build and store PKCS#11 certificate object X509PublicKeyCertificate certTemp = new X509PublicKeyCertificate(); certTemp.getToken().setBooleanValue(true); certTemp.getId().setByteArrayValue(id); certTemp.getLabel().setCharArrayValue(label.toCharArray()); certTemp.getSubject().setByteArrayValue(x500Name_subject.getEncoded()); certTemp.getIssuer().setByteArrayValue(x500Name_subject.getEncoded()); certTemp.getSerialNumber().setByteArrayValue(serialNumber.toByteArray()); certTemp.getValue().setByteArrayValue(cert.getEncoded()); session.createObject(certTemp); return new X509CertificateHolder(Certificate.getInstance(cert)); }
From source file:org.xwiki.crypto.internal.digest.factory.BcSHA1DigestFactory.java
License:Open Source License
@Override public Digest getDigestInstance() { return new SHA1Digest(); }
From source file:org.xwiki.crypto.passwd.internal.PBKDF2KeyDerivationFunction.java
License:Open Source License
/** * Default Constructor. * Uses SHA-1 digest for compatabulity with PKCS#5 */ public PBKDF2KeyDerivationFunction() { this(new SHA1Digest()); }
From source file:org.xwiki.crypto.signer.internal.factory.AbstractBcPssSignerFactory.java
License:Open Source License
@Override protected org.bouncycastle.crypto.Signer getSignerInstance(AsymmetricCipherParameters parameters) { if (parameters instanceof AsymmetricKeyParameters) { return new PSSSigner(getCipherEngine(), new SHA1Digest(), 20); } else if (parameters instanceof PssSignerParameters) { PssParameters pssParams = ((PssSignerParameters) parameters).getPssParameters(); Digest digest = getDigestFactory(pssParams.getHashAlgorithm()).getDigestInstance(); return new PSSSigner(getCipherEngine(), digest, getDigestFactory(pssParams.getMaskGenAlgorithm()).getDigestInstance(), pssParams.getSaltLength() >= 0 ? pssParams.getSaltLength() : digest.getDigestSize(), pssParams.getTrailerByte()); }/*w w w.j a v a 2 s . c o m*/ throw new UnsupportedOperationException(PSS_PARAMS_ERROR + parameters.getClass().getName()); }
From source file:org.xwiki.crypto.signer.internal.factory.BcDSAwithSHA1SignerFactory.java
License:Open Source License
@Override protected org.bouncycastle.crypto.Signer getSignerInstance(AsymmetricCipherParameters parameters) { return new DSADigestSigner(new DSASigner(), new SHA1Digest()); }