diff options
| author | David Hook <dgh@cryptoworkshop.com> | 2014-06-27 09:57:14 +0400 |
|---|---|---|
| committer | David Hook <dgh@cryptoworkshop.com> | 2014-06-27 09:57:14 +0400 |
| commit | 5ed9d01aced2484a28d373a79c4560531f909d7d (patch) | |
| tree | bb77986649efe60b8814e759cd4fc3ec264f705c | |
| parent | 5977d6614a567672559785a8544bfde0fe1e04d6 (diff) | |
removed excess classes.
6 files changed, 0 insertions, 1549 deletions
diff --git a/prov/src/main/jdk1.1/org/bouncycastle/ocsp/OCSPUtil.java b/prov/src/main/jdk1.1/org/bouncycastle/ocsp/OCSPUtil.java deleted file mode 100644 index f6d4bace..00000000 --- a/prov/src/main/jdk1.1/org/bouncycastle/ocsp/OCSPUtil.java +++ /dev/null @@ -1,198 +0,0 @@ -package org.bouncycastle.ocsp; - -import org.bouncycastle.asn1.DERNull; -import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; -import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -import org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; -import org.bouncycastle.util.Strings; - -import java.security.InvalidAlgorithmParameterException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; -import java.security.Signature; -import java.security.cert.CertStore; -import java.security.cert.CertStoreParameters; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.HashSet; -import java.util.Hashtable; -import java.util.Iterator; -import java.util.List; -import java.util.Set; - -class OCSPUtil -{ - private static Hashtable algorithms = new Hashtable(); - private static Hashtable oids = new Hashtable(); - private static Set noParams = new HashSet(); - - static - { - algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); - algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); - algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); - algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); - algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); - algorithms.put("SHA1WITHRSA", PKCSObjectIdentifiers.sha1WithRSAEncryption); - algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); - algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); - algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption); - algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption); - algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption); - algorithms.put("SHA384WITHRSA", PKCSObjectIdentifiers.sha384WithRSAEncryption); - algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption); - algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption); - algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); - algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); - algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); - algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); - algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); - algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); - algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); - algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); - algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); - algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256); - algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1); - algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); - algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); - algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); - algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); - algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); - algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); - algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); - - oids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2WITHRSA"); - oids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5WITHRSA"); - oids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1WITHRSA"); - oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); - oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); - oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); - oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); - oids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, "RIPEMD160WITHRSA"); - oids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, "RIPEMD128WITHRSA"); - oids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, "RIPEMD256WITHRSA"); - oids.put(X9ObjectIdentifiers.id_dsa_with_sha1, "SHA1WITHDSA"); - oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); - oids.put(NISTObjectIdentifiers.dsa_with_sha256, "SHA256WITHDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512WITHECDSA"); - oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); - - // - // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. - // The parameters field SHALL be NULL for RSA based signature algorithms. - // - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512); - noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1); - noParams.add(NISTObjectIdentifiers.dsa_with_sha224); - noParams.add(NISTObjectIdentifiers.dsa_with_sha256); - } - - static ASN1ObjectIdentifier getAlgorithmOID( - String algorithmName) - { - algorithmName = Strings.toUpperCase(algorithmName); - - if (algorithms.containsKey(algorithmName)) - { - return (ASN1ObjectIdentifier)algorithms.get(algorithmName); - } - - return new ASN1ObjectIdentifier(algorithmName); - } - - static String getAlgorithmName( - ASN1ObjectIdentifier oid) - { - if (oids.containsKey(oid)) - { - return (String)oids.get(oid); - } - - return oid.getId(); - } - - static AlgorithmIdentifier getSigAlgID( - ASN1ObjectIdentifier sigOid) - { - if (noParams.contains(sigOid)) - { - return new AlgorithmIdentifier(sigOid); - } - else - { - return new AlgorithmIdentifier(sigOid, new DERNull()); - } - } - - static Iterator getAlgNames() - { - Enumeration e = algorithms.keys(); - List l = new ArrayList(); - - while (e.hasMoreElements()) - { - l.add(e.nextElement()); - } - - return l.iterator(); - } - - static CertStore createCertStoreInstance(String type, CertStoreParameters params, String provider) - throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException - { - if (provider == null) - { - return CertStore.getInstance(type, params); - } - - return CertStore.getInstance(type, params, provider); - } - - static MessageDigest createDigestInstance(String digestName, String provider) - throws NoSuchAlgorithmException, NoSuchProviderException - { - if (provider == null) - { - return MessageDigest.getInstance(digestName); - } - - return MessageDigest.getInstance(digestName, provider); - } - - static Signature createSignatureInstance(String sigName, String provider) - throws NoSuchAlgorithmException, NoSuchProviderException - { - if (provider == null) - { - return Signature.getInstance(sigName); - } - - return Signature.getInstance(sigName, provider); - } - - static CertificateFactory createX509CertificateFactory(String provider) - throws CertificateException, NoSuchProviderException - { - if (provider == null) - { - return CertificateFactory.getInstance("X.509"); - } - - return CertificateFactory.getInstance("X.509", provider); - } -} diff --git a/prov/src/main/jdk1.3/org/bouncycastle/ocsp/BasicOCSPResp.java b/prov/src/main/jdk1.3/org/bouncycastle/ocsp/BasicOCSPResp.java deleted file mode 100644 index ebccccba..00000000 --- a/prov/src/main/jdk1.3/org/bouncycastle/ocsp/BasicOCSPResp.java +++ /dev/null @@ -1,366 +0,0 @@ -package org.bouncycastle.ocsp; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; -import java.security.PublicKey; -import java.security.Signature; -import org.bouncycastle.jce.cert.CertStore; -import org.bouncycastle.jce.cert.CertStoreParameters; -import java.security.cert.CertificateException; -import org.bouncycastle.jce.cert.CertificateFactory; -import org.bouncycastle.jce.cert.CollectionCertStoreParameters; -import java.security.cert.X509Certificate; -import java.text.ParseException; -import java.util.ArrayList; -import java.util.Date; -import java.util.Enumeration; -import java.util.HashSet; -import java.util.List; -import java.util.Set; - -import org.bouncycastle.asn1.ASN1Encodable; -import org.bouncycastle.asn1.ASN1Encoding; -import org.bouncycastle.asn1.ASN1OutputStream; -import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.asn1.ocsp.BasicOCSPResponse; -import org.bouncycastle.asn1.ocsp.ResponseData; -import org.bouncycastle.asn1.ocsp.SingleResponse; -import org.bouncycastle.asn1.x509.X509Extension; -import org.bouncycastle.asn1.x509.X509Extensions; - -/** - * <pre> - * BasicOCSPResponse ::= SEQUENCE { - * tbsResponseData ResponseData, - * signatureAlgorithm AlgorithmIdentifier, - * signature BIT STRING, - * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } - * </pre> - * - * @deprecated use classes in org.bouncycastle.cert.ocsp. - */ -public class BasicOCSPResp - implements java.security.cert.X509Extension -{ - BasicOCSPResponse resp; - ResponseData data; - X509Certificate[] chain = null; - - public BasicOCSPResp( - BasicOCSPResponse resp) - { - this.resp = resp; - this.data = resp.getTbsResponseData(); - } - - /** - * Return the DER encoding of the tbsResponseData field. - * @return DER encoding of tbsResponseData - * @throws OCSPException in the event of an encoding error. - */ - public byte[] getTBSResponseData() - throws OCSPException - { - try - { - return resp.getTbsResponseData().getEncoded(); - } - catch (IOException e) - { - throw new OCSPException("problem encoding tbsResponseData", e); - } - } - - public int getVersion() - { - return data.getVersion().getValue().intValue() + 1; - } - - public RespID getResponderId() - { - return new RespID(data.getResponderID()); - } - - public Date getProducedAt() - { - try - { - return data.getProducedAt().getDate(); - } - catch (ParseException e) - { - throw new IllegalStateException("ParseException:" + e.getMessage()); - } - } - - public SingleResp[] getResponses() - { - ASN1Sequence s = data.getResponses(); - SingleResp[] rs = new SingleResp[s.size()]; - - for (int i = 0; i != rs.length; i++) - { - rs[i] = new SingleResp(SingleResponse.getInstance(s.getObjectAt(i))); - } - - return rs; - } - - public X509Extensions getResponseExtensions() - { - return X509Extensions.getInstance(data.getResponseExtensions()); - } - - /** - * RFC 2650 doesn't specify any critical extensions so we return true - * if any are encountered. - * - * @return true if any critical extensions are present. - */ - public boolean hasUnsupportedCriticalExtension() - { - Set extns = getCriticalExtensionOIDs(); - if (extns != null && !extns.isEmpty()) - { - return true; - } - - return false; - } - - private Set getExtensionOIDs(boolean critical) - { - Set set = new HashSet(); - X509Extensions extensions = this.getResponseExtensions(); - - if (extensions != null) - { - Enumeration e = extensions.oids(); - - while (e.hasMoreElements()) - { - ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement(); - X509Extension ext = extensions.getExtension(oid); - - if (critical == ext.isCritical()) - { - set.add(oid.getId()); - } - } - } - - return set; - } - - public Set getCriticalExtensionOIDs() - { - return getExtensionOIDs(true); - } - - public Set getNonCriticalExtensionOIDs() - { - return getExtensionOIDs(false); - } - - public byte[] getExtensionValue(String oid) - { - X509Extensions exts = this.getResponseExtensions(); - - if (exts != null) - { - X509Extension ext = exts.getExtension(new ASN1ObjectIdentifier(oid)); - - if (ext != null) - { - try - { - return ext.getValue().getEncoded(ASN1Encoding.DER); - } - catch (Exception e) - { - throw new RuntimeException("error encoding " + e.toString()); - } - } - } - - return null; - } - - public String getSignatureAlgName() - { - return OCSPUtil.getAlgorithmName(resp.getSignatureAlgorithm().getObjectId()); - } - - public String getSignatureAlgOID() - { - return resp.getSignatureAlgorithm().getObjectId().getId(); - } - - /** - * @deprecated RespData class is no longer required as all functionality is - * available on this class. - * @return the RespData object - */ - public RespData getResponseData() - { - return new RespData(resp.getTbsResponseData()); - } - - public byte[] getSignature() - { - return resp.getSignature().getBytes(); - } - - private List getCertList( - String provider) - throws OCSPException, NoSuchProviderException - { - List certs = new ArrayList(); - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - ASN1OutputStream aOut = new ASN1OutputStream(bOut); - CertificateFactory cf; - - try - { - cf = OCSPUtil.createX509CertificateFactory(provider); - } - catch (CertificateException ex) - { - throw new OCSPException("can't get certificate factory.", ex); - } - - // - // load the certificates and revocation lists if we have any - // - ASN1Sequence s = resp.getCerts(); - - if (s != null) - { - Enumeration e = s.getObjects(); - - while (e.hasMoreElements()) - { - try - { - aOut.writeObject((ASN1Encodable)e.nextElement()); - - certs.add(cf.generateCertificate( - new ByteArrayInputStream(bOut.toByteArray()))); - } - catch (IOException ex) - { - throw new OCSPException( - "can't re-encode certificate!", ex); - } - catch (CertificateException ex) - { - throw new OCSPException( - "can't re-encode certificate!", ex); - } - - bOut.reset(); - } - } - - return certs; - } - - public X509Certificate[] getCerts( - String provider) - throws OCSPException, NoSuchProviderException - { - List certs = getCertList(provider); - - return (X509Certificate[])certs.toArray(new X509Certificate[certs.size()]); - } - - /** - * Return the certificates, if any associated with the response. - * @param type type of CertStore to create - * @param provider provider to use - * @return a CertStore, possibly empty - * @throws NoSuchAlgorithmException - * @throws NoSuchProviderException - * @throws OCSPException - */ - public CertStore getCertificates( - String type, - String provider) - throws NoSuchAlgorithmException, NoSuchProviderException, OCSPException - { - try - { - CertStoreParameters params = new CollectionCertStoreParameters(this.getCertList(provider)); - return OCSPUtil.createCertStoreInstance(type, params, provider); - } - catch (InvalidAlgorithmParameterException e) - { - throw new OCSPException("can't setup the CertStore", e); - } - } - - /** - * verify the signature against the tbsResponseData object we contain. - */ - public boolean verify( - PublicKey key, - String sigProvider) - throws OCSPException, NoSuchProviderException - { - try - { - Signature signature = OCSPUtil.createSignatureInstance(this.getSignatureAlgName(), sigProvider); - - signature.initVerify(key); - - signature.update(resp.getTbsResponseData().getEncoded(ASN1Encoding.DER)); - - return signature.verify(this.getSignature()); - } - catch (NoSuchProviderException e) - { - // TODO Why this special case? - throw e; - } - catch (Exception e) - { - throw new OCSPException("exception processing sig: " + e, e); - } - } - - /** - * return the ASN.1 encoded representation of this object. - */ - public byte[] getEncoded() - throws IOException - { - return resp.getEncoded(); - } - - public boolean equals(Object o) - { - if (o == this) - { - return true; - } - - if (!(o instanceof BasicOCSPResp)) - { - return false; - } - - BasicOCSPResp r = (BasicOCSPResp)o; - - return resp.equals(r.resp); - } - - public int hashCode() - { - return resp.hashCode(); - } -} diff --git a/prov/src/main/jdk1.3/org/bouncycastle/ocsp/OCSPReq.java b/prov/src/main/jdk1.3/org/bouncycastle/ocsp/OCSPReq.java deleted file mode 100644 index 405c11a3..00000000 --- a/prov/src/main/jdk1.3/org/bouncycastle/ocsp/OCSPReq.java +++ /dev/null @@ -1,415 +0,0 @@ -package org.bouncycastle.ocsp; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; -import java.security.PublicKey; -import java.security.Signature; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.HashSet; -import java.util.List; -import java.util.Set; - -import org.bouncycastle.asn1.ASN1Encodable; -import org.bouncycastle.asn1.ASN1Encoding; -import org.bouncycastle.asn1.ASN1InputStream; -import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.asn1.ASN1OutputStream; -import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.ocsp.OCSPRequest; -import org.bouncycastle.asn1.ocsp.Request; -import org.bouncycastle.asn1.x509.GeneralName; -import org.bouncycastle.asn1.x509.X509Extension; -import org.bouncycastle.asn1.x509.X509Extensions; -import org.bouncycastle.jce.cert.CertStore; -import org.bouncycastle.jce.cert.CertStoreParameters; -import org.bouncycastle.jce.cert.CertificateFactory; -import org.bouncycastle.jce.cert.CollectionCertStoreParameters; - -/** - * <pre> - * OCSPRequest ::= SEQUENCE { - * tbsRequest TBSRequest, - * optionalSignature [0] EXPLICIT Signature OPTIONAL } - * - * TBSRequest ::= SEQUENCE { - * version [0] EXPLICIT Version DEFAULT v1, - * requestorName [1] EXPLICIT GeneralName OPTIONAL, - * requestList SEQUENCE OF Request, - * requestExtensions [2] EXPLICIT Extensions OPTIONAL } - * - * Signature ::= SEQUENCE { - * signatureAlgorithm AlgorithmIdentifier, - * signature BIT STRING, - * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL} - * - * Version ::= INTEGER { v1(0) } - * - * Request ::= SEQUENCE { - * reqCert CertID, - * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } - * - * CertID ::= SEQUENCE { - * hashAlgorithm AlgorithmIdentifier, - * issuerNameHash OCTET STRING, -- Hash of Issuer's DN - * issuerKeyHash OCTET STRING, -- Hash of Issuers public key - * serialNumber CertificateSerialNumber } - * </pre> - */ -public class OCSPReq - implements java.security.cert.X509Extension -{ - private OCSPRequest req; - - public OCSPReq( - OCSPRequest req) - { - this.req = req; - } - - public OCSPReq( - byte[] req) - throws IOException - { - this(new ASN1InputStream(req)); - } - - public OCSPReq( - InputStream in) - throws IOException - { - this(new ASN1InputStream(in)); - } - - private OCSPReq( - ASN1InputStream aIn) - throws IOException - { - try - { - this.req = OCSPRequest.getInstance(aIn.readObject()); - } - catch (IllegalArgumentException e) - { - throw new IOException("malformed request: " + e.getMessage()); - } - catch (ClassCastException e) - { - throw new IOException("malformed request: " + e.getMessage()); - } - } - - /** - * Return the DER encoding of the tbsRequest field. - * @return DER encoding of tbsRequest - * @throws OCSPException in the event of an encoding error. - */ - public byte[] getTBSRequest() - throws OCSPException - { - try - { - return req.getTbsRequest().getEncoded(); - } - catch (IOException e) - { - throw new OCSPException("problem encoding tbsRequest", e); - } - } - - public int getVersion() - { - return req.getTbsRequest().getVersion().getValue().intValue() + 1; - } - - public GeneralName getRequestorName() - { - return GeneralName.getInstance(req.getTbsRequest().getRequestorName()); - } - - public Req[] getRequestList() - { - ASN1Sequence seq = req.getTbsRequest().getRequestList(); - Req[] requests = new Req[seq.size()]; - - for (int i = 0; i != requests.length; i++) - { - requests[i] = new Req(Request.getInstance(seq.getObjectAt(i))); - } - - return requests; - } - - public X509Extensions getRequestExtensions() - { - return X509Extensions.getInstance(req.getTbsRequest().getRequestExtensions()); - } - - /** - * return the object identifier representing the signature algorithm - */ - public String getSignatureAlgOID() - { - if (!this.isSigned()) - { - return null; - } - - return req.getOptionalSignature().getSignatureAlgorithm().getObjectId().getId(); - } - - public byte[] getSignature() - { - if (!this.isSigned()) - { - return null; - } - - return req.getOptionalSignature().getSignature().getBytes(); - } - - private List getCertList( - String provider) - throws OCSPException, NoSuchProviderException - { - List certs = new ArrayList(); - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - ASN1OutputStream aOut = new ASN1OutputStream(bOut); - CertificateFactory cf; - - try - { - cf = OCSPUtil.createX509CertificateFactory(provider); - } - catch (CertificateException ex) - { - throw new OCSPException("can't get certificate factory.", ex); - } - - // - // load the certificates if we have any - // - ASN1Sequence s = req.getOptionalSignature().getCerts(); - - if (s != null) - { - Enumeration e = s.getObjects(); - - while (e.hasMoreElements()) - { - try - { - aOut.writeObject((ASN1Encodable)e.nextElement()); - - certs.add(cf.generateCertificate( - new ByteArrayInputStream(bOut.toByteArray()))); - } - catch (IOException ex) - { - throw new OCSPException( - "can't re-encode certificate!", ex); - } - catch (CertificateException ex) - { - throw new OCSPException( - "can't re-encode certificate!", ex); - } - - bOut.reset(); - } - } - - return certs; - } - - public X509Certificate[] getCerts( - String provider) - throws OCSPException, NoSuchProviderException - { - if (!this.isSigned()) - { - return null; - } - - List certs = this.getCertList(provider); - - return (X509Certificate[])certs.toArray(new X509Certificate[certs.size()]); - } - - /** - * If the request is signed return a possibly empty CertStore containing the certificates in the - * request. If the request is not signed the method returns null. - * - * @param type type of CertStore to return - * @param provider provider to use - * @return null if not signed, a CertStore otherwise - * @throws NoSuchAlgorithmException - * @throws NoSuchProviderException - * @throws OCSPException - */ - public CertStore getCertificates( - String type, - String provider) - throws NoSuchAlgorithmException, NoSuchProviderException, OCSPException - { - if (!this.isSigned()) - { - return null; - } - - try - { - CertStoreParameters params = new CollectionCertStoreParameters(this.getCertList(provider)); - return OCSPUtil.createCertStoreInstance(type, params, provider); - } - catch (InvalidAlgorithmParameterException e) - { - throw new OCSPException("can't setup the CertStore", e); - } - } - - /** - * Return whether or not this request is signed. - * - * @return true if signed false otherwise. - */ - public boolean isSigned() - { - return req.getOptionalSignature() != null; - } - - /** - * verify the signature against the TBSRequest object we contain. - */ - public boolean verify( - PublicKey key, - String sigProvider) - throws OCSPException, NoSuchProviderException - { - if (!this.isSigned()) - { - throw new OCSPException("attempt to verify signature on unsigned object"); - } - - try - { - Signature signature = OCSPUtil.createSignatureInstance(this.getSignatureAlgOID(), sigProvider); - - signature.initVerify(key); - - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - ASN1OutputStream aOut = new ASN1OutputStream(bOut); - - aOut.writeObject(req.getTbsRequest()); - - signature.update(bOut.toByteArray()); - - return signature.verify(this.getSignature()); - } - catch (NoSuchProviderException e) - { - // TODO Why this special case? - throw e; - } - catch (Exception e) - { - throw new OCSPException("exception processing sig: " + e, e); - } - } - - /** - * return the ASN.1 encoded representation of this object. - */ - public byte[] getEncoded() - throws IOException - { - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - ASN1OutputStream aOut = new ASN1OutputStream(bOut); - - aOut.writeObject(req); - - return bOut.toByteArray(); - } - - /** - * RFC 2650 doesn't specify any critical extensions so we return true - * if any are encountered. - * - * @return true if any critical extensions are present. - */ - public boolean hasUnsupportedCriticalExtension() - { - Set extns = getCriticalExtensionOIDs(); - if (extns != null && !extns.isEmpty()) - { - return true; - } - - return false; - } - - private Set getExtensionOIDs(boolean critical) - { - Set set = new HashSet(); - X509Extensions extensions = this.getRequestExtensions(); - - if (extensions != null) - { - Enumeration e = extensions.oids(); - - while (e.hasMoreElements()) - { - ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement(); - X509Extension ext = extensions.getExtension(oid); - - if (critical == ext.isCritical()) - { - set.add(oid.getId()); - } - } - } - - return set; - } - - public Set getCriticalExtensionOIDs() - { - return getExtensionOIDs(true); - } - - public Set getNonCriticalExtensionOIDs() - { - return getExtensionOIDs(false); - } - - public byte[] getExtensionValue(String oid) - { - X509Extensions exts = this.getRequestExtensions(); - - if (exts != null) - { - X509Extension ext = exts.getExtension(new ASN1ObjectIdentifier(oid)); - - if (ext != null) - { - try - { - return ext.getValue().getEncoded(ASN1Encoding.DER); - } - catch (Exception e) - { - throw new RuntimeException("error encoding " + e.toString()); - } - } - } - - return null; - } -} diff --git a/prov/src/main/jdk1.3/org/bouncycastle/ocsp/OCSPReqGenerator.java b/prov/src/main/jdk1.3/org/bouncycastle/ocsp/OCSPReqGenerator.java deleted file mode 100644 index f4d01dc9..00000000 --- a/prov/src/main/jdk1.3/org/bouncycastle/ocsp/OCSPReqGenerator.java +++ /dev/null @@ -1,292 +0,0 @@ -package org.bouncycastle.ocsp; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.security.GeneralSecurityException; -import java.security.NoSuchProviderException; -import java.security.PrivateKey; -import java.security.SecureRandom; -import java.security.cert.CertificateEncodingException; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; - -import org.bouncycastle.asn1.ASN1EncodableVector; -import org.bouncycastle.asn1.ASN1OutputStream; -import org.bouncycastle.asn1.ASN1Primitive; -import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.DERBitString; -import org.bouncycastle.asn1.DERNull; -import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.asn1.DERSequence; -import org.bouncycastle.asn1.ocsp.OCSPRequest; -import org.bouncycastle.asn1.ocsp.Request; -import org.bouncycastle.asn1.ocsp.Signature; -import org.bouncycastle.asn1.ocsp.TBSRequest; -import org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import org.bouncycastle.asn1.x509.Extensions; -import org.bouncycastle.asn1.x509.GeneralName; -import org.bouncycastle.asn1.x509.X509CertificateStructure; -import org.bouncycastle.asn1.x509.X509Extensions; -import org.bouncycastle.jce.X509Principal; - -/** - * @deprecated use classes in org.bouncycastle.cert.ocsp. - */ -public class OCSPReqGenerator -{ - private List list = new ArrayList(); - private GeneralName requestorName = null; - private X509Extensions requestExtensions = null; - - private class RequestObject - { - CertificateID certId; - X509Extensions extensions; - - public RequestObject( - CertificateID certId, - X509Extensions extensions) - { - this.certId = certId; - this.extensions = extensions; - } - - public Request toRequest() - throws Exception - { - return new Request(certId.toASN1Object(), Extensions.getInstance(extensions)); - } - } - - /** - * Add a request for the given CertificateID. - * - * @param certId certificate ID of interest - */ - public void addRequest( - CertificateID certId) - { - list.add(new RequestObject(certId, null)); - } - - /** - * Add a request with extensions - * - * @param certId certificate ID of interest - * @param singleRequestExtensions the extensions to attach to the request - */ - public void addRequest( - CertificateID certId, - X509Extensions singleRequestExtensions) - { - list.add(new RequestObject(certId, singleRequestExtensions)); - } - - /** - * Set the requestor name to the passed in X500Principal - * - * @param requestorName a X500Principal representing the requestor name. - */ - public void setRequestorName( - X509Principal requestorName) - { - try - { - this.requestorName = new GeneralName(GeneralName.directoryName, new X509Principal(requestorName.getEncoded())); - } - catch (IOException e) - { - throw new IllegalArgumentException("cannot encode principal: " + e); - } - } - - public void setRequestorName( - GeneralName requestorName) - { - this.requestorName = requestorName; - } - - public void setRequestExtensions( - X509Extensions requestExtensions) - { - this.requestExtensions = requestExtensions; - } - - private OCSPReq generateRequest( - ASN1ObjectIdentifier signingAlgorithm, - PrivateKey key, - X509Certificate[] chain, - String provider, - SecureRandom random) - throws OCSPException, NoSuchProviderException - { - Iterator it = list.iterator(); - - ASN1EncodableVector requests = new ASN1EncodableVector(); - - while (it.hasNext()) - { - try - { - requests.add(((RequestObject)it.next()).toRequest()); - } - catch (Exception e) - { - throw new OCSPException("exception creating Request", e); - } - } - - TBSRequest tbsReq = new TBSRequest(requestorName, new DERSequence(requests), requestExtensions); - - java.security.Signature sig = null; - Signature signature = null; - - if (signingAlgorithm != null) - { - if (requestorName == null) - { - throw new OCSPException("requestorName must be specified if request is signed."); - } - - try - { - sig = OCSPUtil.createSignatureInstance(signingAlgorithm.getId(), provider); - if (random != null) - { - sig.initSign(key, random); - } - else - { - sig.initSign(key); - } - } - catch (NoSuchProviderException e) - { - // TODO Why this special case? - throw e; - } - catch (GeneralSecurityException e) - { - throw new OCSPException("exception creating signature: " + e, e); - } - - DERBitString bitSig = null; - - try - { - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - ASN1OutputStream aOut = new ASN1OutputStream(bOut); - - aOut.writeObject(tbsReq); - - sig.update(bOut.toByteArray()); - - bitSig = new DERBitString(sig.sign()); - } - catch (Exception e) - { - throw new OCSPException("exception processing TBSRequest: " + e, e); - } - - AlgorithmIdentifier sigAlgId = new AlgorithmIdentifier(signingAlgorithm, new DERNull()); - - if (chain != null && chain.length > 0) - { - ASN1EncodableVector v = new ASN1EncodableVector(); - try - { - for (int i = 0; i != chain.length; i++) - { - v.add(new X509CertificateStructure( - (ASN1Sequence)ASN1Primitive.fromByteArray(chain[i].getEncoded()))); - } - } - catch (IOException e) - { - throw new OCSPException("error processing certs", e); - } - catch (CertificateEncodingException e) - { - throw new OCSPException("error encoding certs", e); - } - - signature = new Signature(sigAlgId, bitSig, new DERSequence(v)); - } - else - { - signature = new Signature(sigAlgId, bitSig); - } - } - - return new OCSPReq(new OCSPRequest(tbsReq, signature)); - } - - /** - * Generate an unsigned request - * - * @return the OCSPReq - * @throws OCSPException - */ - public OCSPReq generate() - throws OCSPException - { - try - { - return generateRequest(null, null, null, null, null); - } - catch (NoSuchProviderException e) - { - // - // this shouldn't happen but... - // - throw new OCSPException("no provider! - " + e, e); - } - } - - public OCSPReq generate( - String signingAlgorithm, - PrivateKey key, - X509Certificate[] chain, - String provider) - throws OCSPException, NoSuchProviderException, IllegalArgumentException - { - return generate(signingAlgorithm, key, chain, provider, null); - } - - public OCSPReq generate( - String signingAlgorithm, - PrivateKey key, - X509Certificate[] chain, - String provider, - SecureRandom random) - throws OCSPException, NoSuchProviderException, IllegalArgumentException - { - if (signingAlgorithm == null) - { - throw new IllegalArgumentException("no signing algorithm specified"); - } - - try - { - ASN1ObjectIdentifier oid = OCSPUtil.getAlgorithmOID(signingAlgorithm); - - return generateRequest(oid, key, chain, provider, random); - } - catch (IllegalArgumentException e) - { - throw new IllegalArgumentException("unknown signing algorithm specified: " + signingAlgorithm); - } - } - - /** - * Return an iterator of the signature names supported by the generator. - * - * @return an iterator containing recognised names. - */ - public Iterator getSignatureAlgNames() - { - return OCSPUtil.getAlgNames(); - } -} diff --git a/prov/src/main/jdk1.3/org/bouncycastle/ocsp/OCSPUtil.java b/prov/src/main/jdk1.3/org/bouncycastle/ocsp/OCSPUtil.java deleted file mode 100644 index 69e86437..00000000 --- a/prov/src/main/jdk1.3/org/bouncycastle/ocsp/OCSPUtil.java +++ /dev/null @@ -1,198 +0,0 @@ -package org.bouncycastle.ocsp; - -import org.bouncycastle.asn1.DERNull; -import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; -import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -import org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; -import org.bouncycastle.util.Strings; - -import java.security.InvalidAlgorithmParameterException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; -import java.security.Signature; -import org.bouncycastle.jce.cert.CertStore; -import org.bouncycastle.jce.cert.CertStoreParameters; -import java.security.cert.CertificateException; -import org.bouncycastle.jce.cert.CertificateFactory; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.HashSet; -import java.util.Hashtable; -import java.util.Iterator; -import java.util.List; -import java.util.Set; - -class OCSPUtil -{ - private static Hashtable algorithms = new Hashtable(); - private static Hashtable oids = new Hashtable(); - private static Set noParams = new HashSet(); - - static - { - algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); - algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); - algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); - algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); - algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); - algorithms.put("SHA1WITHRSA", PKCSObjectIdentifiers.sha1WithRSAEncryption); - algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); - algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); - algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption); - algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption); - algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption); - algorithms.put("SHA384WITHRSA", PKCSObjectIdentifiers.sha384WithRSAEncryption); - algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption); - algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption); - algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); - algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); - algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); - algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); - algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); - algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); - algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); - algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); - algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); - algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256); - algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1); - algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); - algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); - algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); - algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); - algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); - algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); - algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); - - oids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2WITHRSA"); - oids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5WITHRSA"); - oids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1WITHRSA"); - oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); - oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); - oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); - oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); - oids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, "RIPEMD160WITHRSA"); - oids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, "RIPEMD128WITHRSA"); - oids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, "RIPEMD256WITHRSA"); - oids.put(X9ObjectIdentifiers.id_dsa_with_sha1, "SHA1WITHDSA"); - oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); - oids.put(NISTObjectIdentifiers.dsa_with_sha256, "SHA256WITHDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512WITHECDSA"); - oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); - - // - // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. - // The parameters field SHALL be NULL for RSA based signature algorithms. - // - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512); - noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1); - noParams.add(NISTObjectIdentifiers.dsa_with_sha224); - noParams.add(NISTObjectIdentifiers.dsa_with_sha256); - } - - static ASN1ObjectIdentifier getAlgorithmOID( - String algorithmName) - { - algorithmName = Strings.toUpperCase(algorithmName); - - if (algorithms.containsKey(algorithmName)) - { - return (ASN1ObjectIdentifier)algorithms.get(algorithmName); - } - - return new ASN1ObjectIdentifier(algorithmName); - } - - static String getAlgorithmName( - ASN1ObjectIdentifier oid) - { - if (oids.containsKey(oid)) - { - return (String)oids.get(oid); - } - - return oid.getId(); - } - - static AlgorithmIdentifier getSigAlgID( - ASN1ObjectIdentifier sigOid) - { - if (noParams.contains(sigOid)) - { - return new AlgorithmIdentifier(sigOid); - } - else - { - return new AlgorithmIdentifier(sigOid, new DERNull()); - } - } - - static Iterator getAlgNames() - { - Enumeration e = algorithms.keys(); - List l = new ArrayList(); - - while (e.hasMoreElements()) - { - l.add(e.nextElement()); - } - - return l.iterator(); - } - - static CertStore createCertStoreInstance(String type, CertStoreParameters params, String provider) - throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException - { - if (provider == null) - { - return CertStore.getInstance(type, params); - } - - return CertStore.getInstance(type, params, provider); - } - - static MessageDigest createDigestInstance(String digestName, String provider) - throws NoSuchAlgorithmException, NoSuchProviderException - { - if (provider == null) - { - return MessageDigest.getInstance(digestName); - } - - return MessageDigest.getInstance(digestName, provider); - } - - static Signature createSignatureInstance(String sigName, String provider) - throws NoSuchAlgorithmException, NoSuchProviderException - { - if (provider == null) - { - return Signature.getInstance(sigName); - } - - return Signature.getInstance(sigName, provider); - } - - static CertificateFactory createX509CertificateFactory(String provider) - throws CertificateException, NoSuchProviderException - { - if (provider == null) - { - return CertificateFactory.getInstance("X.509"); - } - - return CertificateFactory.getInstance("X.509", provider); - } -} diff --git a/prov/src/main/jdk1.3/org/bouncycastle/ocsp/RespID.java b/prov/src/main/jdk1.3/org/bouncycastle/ocsp/RespID.java deleted file mode 100644 index 0cf66c77..00000000 --- a/prov/src/main/jdk1.3/org/bouncycastle/ocsp/RespID.java +++ /dev/null @@ -1,80 +0,0 @@ -package org.bouncycastle.ocsp; - -import java.security.MessageDigest; -import java.security.PublicKey; - -import org.bouncycastle.jce.X509Principal; - -import org.bouncycastle.asn1.ASN1InputStream; -import org.bouncycastle.asn1.ASN1OctetString; -import org.bouncycastle.asn1.DEROctetString; -import org.bouncycastle.asn1.ocsp.ResponderID; -import org.bouncycastle.asn1.x500.X500Name; -import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; - -/** - * Carrier for a ResponderID. - */ -public class RespID -{ - ResponderID id; - - public RespID( - ResponderID id) - { - this.id = id; - } - - public RespID( - X509Principal name) - { - this.id = new ResponderID(X500Name.getInstance(name.getEncoded())); - } - - public RespID( - PublicKey key) - throws OCSPException - { - try - { - // TODO Allow specification of a particular provider - MessageDigest digest = OCSPUtil.createDigestInstance("SHA1", null); - - ASN1InputStream aIn = new ASN1InputStream(key.getEncoded()); - SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(aIn.readObject()); - - digest.update(info.getPublicKeyData().getBytes()); - - ASN1OctetString keyHash = new DEROctetString(digest.digest()); - - this.id = new ResponderID(keyHash); - } - catch (Exception e) - { - throw new OCSPException("problem creating ID: " + e, e); - } - } - - public ResponderID toASN1Object() - { - return id; - } - - public boolean equals( - Object o) - { - if (!(o instanceof RespID)) - { - return false; - } - - RespID obj = (RespID)o; - - return id.equals(obj.id); - } - - public int hashCode() - { - return id.hashCode(); - } -} |