List of usage examples for org.bouncycastle.tsp TSPAlgorithms SHA256
ASN1ObjectIdentifier SHA256
To view the source code for org.bouncycastle.tsp TSPAlgorithms SHA256.
Click Source Link
From source file:be.fedict.eid.applet.service.signer.time.TSPTimeStampService.java
License:Open Source License
/** * Sets the digest algorithm used for time-stamping data. Example value: * "SHA-1"./* w w w. j ava 2 s .co m*/ * * @param digestAlgo */ public void setDigestAlgo(String digestAlgo) { if ("SHA-1".equals(digestAlgo)) { this.digestAlgoOid = TSPAlgorithms.SHA1; } else if ("SHA-256".equals(digestAlgo)) { this.digestAlgoOid = TSPAlgorithms.SHA256; } else if ("SHA-384".equals(digestAlgo)) { this.digestAlgoOid = TSPAlgorithms.SHA384; } else if ("SHA-512".equals(digestAlgo)) { this.digestAlgoOid = TSPAlgorithms.SHA512; } else { throw new IllegalArgumentException("unsupported digest algo: " + digestAlgo); } this.digestAlgo = digestAlgo; }
From source file:es.mityc.firmaJava.ts.TSPAlgoritmos.java
License:LGPL
public static String getAlgName(String oid) { if (TSPAlgorithms.SHA1.equals(oid)) return SHA1; else if (TSPAlgorithms.SHA256.equals(oid)) return SHA2; else if (TSPAlgorithms.SHA224.equals(oid)) return SHA224; else if (TSPAlgorithms.SHA256.equals(oid)) return SHA256; else if (TSPAlgorithms.SHA384.equals(oid)) return SHA384; else if (TSPAlgorithms.SHA512.equals(oid)) return SHA512; return oid;/*from w w w. ja va2s. com*/ }
From source file:es.mityc.firmaJava.ts.TSPAlgoritmos.java
License:LGPL
public static String getOID(String algoritmo) { Set permitidos = new HashSet(Arrays.asList(getValoresPermitidos())); if (permitidos.contains(algoritmo)) { if (SHA1.equals(algoritmo)) return TSPAlgorithms.SHA1; else if (SHA2.equals(algoritmo)) return TSPAlgorithms.SHA256; else if (SHA224.equals(algoritmo)) return TSPAlgorithms.SHA224; else if (SHA256.equals(algoritmo)) return TSPAlgorithms.SHA256; else if (SHA384.equals(algoritmo)) return TSPAlgorithms.SHA384; else if (SHA512.equals(algoritmo)) return TSPAlgorithms.SHA512; }/*from w w w. j a v a 2 s.c o m*/ return null; }
From source file:org.demoiselle.signer.timestamp.connector.TimeStampOperator.java
License:Open Source License
/** * Creates a time stamp request, signed with the users's certificate. * * @param privateKey private key to sign with * @param certificates certificate chain * @param content set null if signing only hash * @param hash set null if signing content * @return A time stamp request/*from ww w .j a v a 2 s. co m*/ * @throws CertificateCoreException exception */ public byte[] createRequest(PrivateKey privateKey, Certificate[] certificates, byte[] content, byte[] hash) throws CertificateCoreException { try { logger.info(timeStampMessagesBundle.getString("info.timestamp.digest")); Digest digest = DigestFactory.getInstance().factoryDefault(); String varAlgoOid = null; String varAlgo = null; if (Configuration.getInstance().getSO().toLowerCase().indexOf("indows") > 0) { logger.info(timeStampMessagesBundle.getString("info.timestamp.winhash")); varAlgoOid = TSPAlgorithms.SHA256.getId(); varAlgo = "SHA256withRSA"; digest.setAlgorithm(DigestAlgorithmEnum.SHA_256); } else { logger.info(timeStampMessagesBundle.getString("info.timestamp.linuxhash")); varAlgoOid = TSPAlgorithms.SHA512.getId(); varAlgo = "SHA512withRSA"; digest.setAlgorithm(DigestAlgorithmEnum.SHA_512); } byte[] hashedMessage = null; if (content != null) { hashedMessage = digest.digest(content); //logger.info(Base64.toBase64String(hashedMessage)); } else { hashedMessage = hash; } logger.info(timeStampMessagesBundle.getString("info.timestamp.prepare.request")); TimeStampRequestGenerator timeStampRequestGenerator = new TimeStampRequestGenerator(); timeStampRequestGenerator .setReqPolicy(new ASN1ObjectIdentifier(TimeStampConfig.getInstance().getTSPOid())); timeStampRequestGenerator.setCertReq(true); BigInteger nonce = BigInteger.valueOf(100); timeStampRequest = timeStampRequestGenerator.generate(new ASN1ObjectIdentifier(varAlgoOid), hashedMessage, nonce); byte request[] = timeStampRequest.getEncoded(); logger.info(timeStampMessagesBundle.getString("info.timestamp.sign.request")); RequestSigner requestSigner = new RequestSigner(); byte[] signedRequest = requestSigner.signRequest(privateKey, certificates, request, varAlgo); return signedRequest; } catch (IOException ex) { throw new CertificateCoreException(ex.getMessage()); } }
From source file:org.signserver.module.tsa.RequestedPolicyDispatcherTest.java
License:Open Source License
/** * Tests that requests going through the dispatcher gets the right profiles. *//*from www . j av a 2s . c om*/ @Test public void test03AcceptedProfilesThroughDispatcher() throws Exception { try { TimeStampRequestGenerator gen = new TimeStampRequestGenerator(); TimeStampRequest req; TimeStampResponse res; setDispatchedAuthorizerForAllWorkers(); // Test that a request with WORKER1_PROFILE is accepted gen.setReqPolicy(WORKER1_PROFILE); req = gen.generate(TSPAlgorithms.SHA256, new byte[32], createNounce()); res = requestTimeStamp(DISPATCHER0, req); assertEquals("token granted", PKIStatus.GRANTED, res.getStatus()); assertEquals("right profile", WORKER1_PROFILE, res.getTimeStampToken().getTimeStampInfo().getPolicy().getId()); assertValid(req, res); // Test that a request with WORKER2_PROFILE is accepted gen.setReqPolicy(WORKER2_PROFILE); req = gen.generate(TSPAlgorithms.SHA256, new byte[32], createNounce()); res = requestTimeStamp(DISPATCHER0, req); assertEquals("token granted", PKIStatus.GRANTED, res.getStatus()); assertEquals("right profile", WORKER2_PROFILE, res.getTimeStampToken().getTimeStampInfo().getPolicy().getId()); assertValid(req, res); // Test that a request with WORKER3_PROFILE is accepted gen.setReqPolicy(WORKER3_PROFILE); req = gen.generate(TSPAlgorithms.SHA256, new byte[32], createNounce()); res = requestTimeStamp(DISPATCHER0, req); assertEquals("token granted", PKIStatus.GRANTED, res.getStatus()); assertEquals("right profile", WORKER3_PROFILE, res.getTimeStampToken().getTimeStampInfo().getPolicy().getId()); assertValid(req, res); // Test that an unknown profile is not accepted (USEDEFAULTIFMISMATCH=false) gen.setReqPolicy(UNSUPPORTED_PROFILE); req = gen.generate(TSPAlgorithms.SHA256, new byte[32], createNounce()); res = requestTimeStamp(DISPATCHER0, req); assertEquals("token rejection", PKIStatus.REJECTION, res.getStatus()); assertEquals(new PKIFailureInfo(PKIFailureInfo.unacceptedPolicy), res.getFailInfo()); // Test that an unknown profile is not accepted (USEDEFAULTIFMISMATCH=true but profile not known by the default worker) gen.setReqPolicy(UNSUPPORTED_PROFILE); req = gen.generate(TSPAlgorithms.SHA256, new byte[32], createNounce()); res = requestTimeStamp(DISPATCHER9, req); assertEquals("token rejection", PKIStatus.REJECTION, res.getStatus()); assertEquals(new PKIFailureInfo(PKIFailureInfo.unacceptedPolicy), res.getFailInfo()); } finally { resetDispatchedAuthorizerForAllWorkers(); } }
From source file:org.signserver.module.tsa.RequestedPolicyDispatcherTest.java
License:Open Source License
/** * Tests that requests which does not request a certain profile gets dispatched * to the default worker.//w w w .j a va 2s . c o m */ @Test public void test04DefaultWorker() throws Exception { try { TimeStampRequestGenerator gen = new TimeStampRequestGenerator(); TimeStampRequest req; TimeStampResponse res; setDispatchedAuthorizerForAllWorkers(); // Test that a request with no reqPolicy goes to WORKER1_PROFILE req = gen.generate(TSPAlgorithms.SHA256, new byte[32], createNounce()); res = requestTimeStamp(DISPATCHER0, req); assertEquals("token granted", PKIStatus.GRANTED, res.getStatus()); assertEquals("right profile", WORKER1_PROFILE, res.getTimeStampToken().getTimeStampInfo().getPolicy().getId()); assertValid(req, res); } finally { resetDispatchedAuthorizerForAllWorkers(); } }
From source file:org.signserver.module.tsa.RequestedPolicyDispatcherTest.java
License:Open Source License
/** * Tests the USEDEFAULTIFMISMATCH option which dispatches requests to the * default worker if no mapping matched. *//*from w ww. ja va 2s . co m*/ @Test public void test05UseDefaultIfMisMatch() throws Exception { try { TimeStampRequestGenerator gen = new TimeStampRequestGenerator(); TimeStampRequest req; TimeStampResponse res; setDispatchedAuthorizerForAllWorkers(); // Test that an profile not known by DISPATCHER0 but by a TSUnit1 is not accepted (USEDEFAULTIFMISMATCH=false) gen.setReqPolicy(WORKER1_ALTERNATIVE_PROFILE); req = gen.generate(TSPAlgorithms.SHA256, new byte[32], createNounce()); res = requestTimeStamp(DISPATCHER0, req); assertEquals("token rejection", PKIStatus.REJECTION, res.getStatus()); assertEquals(new PKIFailureInfo(PKIFailureInfo.unacceptedPolicy), res.getFailInfo()); // Test that an profile not known by DISPATCHER9 but by a TSUnit1 is accepted (USEDEFAULTIFMISMATCH=true) gen.setReqPolicy(WORKER1_ALTERNATIVE_PROFILE); req = gen.generate(TSPAlgorithms.SHA256, new byte[32], createNounce()); res = requestTimeStamp(DISPATCHER9, req); assertEquals("token granted", PKIStatus.GRANTED, res.getStatus()); assertEquals("right profile", WORKER1_ALTERNATIVE_PROFILE, res.getTimeStampToken().getTimeStampInfo().getPolicy().getId()); // Test that an profile not known by DISPATCHER9 and not by a TSUnit1 is rejected even though USEDEFAULTIFMISMATCH=true gen.setReqPolicy(UNSUPPORTED_PROFILE); req = gen.generate(TSPAlgorithms.SHA256, new byte[32], createNounce()); res = requestTimeStamp(DISPATCHER9, req); assertEquals("token rejection", PKIStatus.REJECTION, res.getStatus()); assertEquals(new PKIFailureInfo(PKIFailureInfo.unacceptedPolicy), res.getFailInfo()); } finally { resetDispatchedAuthorizerForAllWorkers(); } }
From source file:org.signserver.module.tsa.RequestedPolicyDispatcherTest.java
License:Open Source License
/** * Test that the status string is included by default when mismatched policy * and no default worker is configured for mismatched policy. * @throws Exception//from w w w . jav a 2 s . c o m */ @Test public void test06IncludeStatusStringFailure() throws Exception { try { TimeStampRequestGenerator gen = new TimeStampRequestGenerator(); TimeStampRequest req; TimeStampResponse res; setDispatchedAuthorizerForAllWorkers(); workerSession.setWorkerProperty(DISPATCHER0, TimeStampSigner.INCLUDESTATUSSTRING, "TRUE"); // Test that an profile not known by DISPATCHER0 but by a TSUnit1 is not accepted (USEDEFAULTIFMISMATCH=false) gen.setReqPolicy(WORKER1_ALTERNATIVE_PROFILE); req = gen.generate(TSPAlgorithms.SHA256, new byte[32], createNounce()); res = requestTimeStamp(DISPATCHER0, req); assertEquals("request contains unknown policy.", res.getStatusString()); } finally { resetDispatchedAuthorizerForAllWorkers(); } }
From source file:org.signserver.module.tsa.RequestedPolicyDispatcherTest.java
License:Open Source License
/** * Test that the status string is not included when setting the INCLUDESTATUSSTRING to "FALSE" * on the dispatcher and no default worker is configured for mismatched policy. * @throws Exception/*www . ja v a2 s . c o m*/ */ @Test public void test07ExcludeStatusStringFailure() throws Exception { try { TimeStampRequestGenerator gen = new TimeStampRequestGenerator(); TimeStampRequest req; TimeStampResponse res; setDispatchedAuthorizerForAllWorkers(); workerSession.setWorkerProperty(DISPATCHER0, TimeStampSigner.INCLUDESTATUSSTRING, "FALSE"); workerSession.reloadConfiguration(DISPATCHER0); // Test that an profile not known by DISPATCHER0 but by a TSUnit1 is not accepted (USEDEFAULTIFMISMATCH=false) gen.setReqPolicy(WORKER1_ALTERNATIVE_PROFILE); req = gen.generate(TSPAlgorithms.SHA256, new byte[32], createNounce()); res = requestTimeStamp(DISPATCHER0, req); assertNull(res.getStatusString()); } finally { resetDispatchedAuthorizerForAllWorkers(); } }
From source file:org.signserver.module.tsa.TimeStampSignerTest.java
License:Open Source License
/** * Utility method to return the hash length for the hash types we're testing against * // w ww . j av a2s. c o m * @param hashType * @return */ private int getHashLength(ASN1ObjectIdentifier hashType) { if (TSPAlgorithms.SHA1.equals(hashType)) { return 20; } else if (TSPAlgorithms.SHA256.equals(hashType)) { return 32; } else if (TSPAlgorithms.SHA512.equals(hashType)) { return 64; } else if (TSPAlgorithms.RIPEMD160.equals(hashType)) { return 20; } else { LOG.info("Trying to use an unknow hash algorithm, using dummy length"); // return the length of a SHA1 hash as a dummy value to allow passing // invalid hash algo names for testing return 20; } }