Search in sources :

Example 6 with CertHash

use of org.bouncycastle.asn1.isismtt.ocsp.CertHash in project signer by demoiselle.

the class SigningCertificateV2 method getValue.

@Override
public Attribute getValue() throws SignerException {
    try {
        X509Certificate cert = (X509Certificate) certificates[0];
        X509Certificate issuerCert = (X509Certificate) certificates[1];
        Digest digest = DigestFactory.getInstance().factoryDefault();
        digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
        byte[] certHash = digest.digest(cert.getEncoded());
        X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
        GeneralName name = new GeneralName(dirName);
        GeneralNames issuer = new GeneralNames(name);
        ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
        IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
        // SHA-256
        AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
        ESSCertIDv2 essCertIDv2 = new ESSCertIDv2(algId, certHash, issuerSerial);
        // return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(essCertIDv2)));
        return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(new ASN1Encodable[] { new DERSequence(essCertIDv2) })));
    } catch (CertificateEncodingException ex) {
        throw new SignerException(ex.getMessage());
    }
}
Also used : IssuerSerial(org.bouncycastle.asn1.x509.IssuerSerial) Digest(org.demoiselle.signer.cryptography.Digest) SignedAttribute(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.SignedAttribute) Attribute(org.bouncycastle.asn1.cms.Attribute) CertificateEncodingException(java.security.cert.CertificateEncodingException) X500Name(org.bouncycastle.asn1.x500.X500Name) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) DERSet(org.bouncycastle.asn1.DERSet) X509Certificate(java.security.cert.X509Certificate) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DERSequence(org.bouncycastle.asn1.DERSequence) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) ESSCertIDv2(org.bouncycastle.asn1.ess.ESSCertIDv2) GeneralName(org.bouncycastle.asn1.x509.GeneralName) SignerException(org.demoiselle.signer.policy.impl.cades.SignerException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Aggregations

ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)4 X509Certificate (java.security.cert.X509Certificate)3 Date (java.util.Date)3 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)3 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)3 X500Name (org.bouncycastle.asn1.x500.X500Name)3 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)3 BigInteger (java.math.BigInteger)2 MessageDigest (java.security.MessageDigest)2 CertificateEncodingException (java.security.cert.CertificateEncodingException)2 DERSequence (org.bouncycastle.asn1.DERSequence)2 DERSet (org.bouncycastle.asn1.DERSet)2 Attribute (org.bouncycastle.asn1.cms.Attribute)2 CertHash (org.bouncycastle.asn1.isismtt.ocsp.CertHash)2 Extension (org.bouncycastle.asn1.x509.Extension)2 CertificateID (org.bouncycastle.cert.ocsp.CertificateID)2 CertificateStatus (org.bouncycastle.cert.ocsp.CertificateStatus)2 RevokedStatus (org.bouncycastle.cert.ocsp.RevokedStatus)2 UnknownStatus (org.bouncycastle.cert.ocsp.UnknownStatus)2 HashAlgo (org.xipki.security.HashAlgo)2