diff options
Diffstat (limited to 'pkix/src/main/java/org/bouncycastle/cert/cmp')
11 files changed, 0 insertions, 929 deletions
diff --git a/pkix/src/main/java/org/bouncycastle/cert/cmp/CMPException.java b/pkix/src/main/java/org/bouncycastle/cert/cmp/CMPException.java deleted file mode 100644 index 2a1cc865..00000000 --- a/pkix/src/main/java/org/bouncycastle/cert/cmp/CMPException.java +++ /dev/null @@ -1,24 +0,0 @@ -package org.bouncycastle.cert.cmp; - -public class CMPException - extends Exception -{ - private Throwable cause; - - public CMPException(String msg, Throwable cause) - { - super(msg); - - this.cause = cause; - } - - public CMPException(String msg) - { - super(msg); - } - - public Throwable getCause() - { - return cause; - } -}
\ No newline at end of file diff --git a/pkix/src/main/java/org/bouncycastle/cert/cmp/CMPRuntimeException.java b/pkix/src/main/java/org/bouncycastle/cert/cmp/CMPRuntimeException.java deleted file mode 100644 index 35b2d3fa..00000000 --- a/pkix/src/main/java/org/bouncycastle/cert/cmp/CMPRuntimeException.java +++ /dev/null @@ -1,19 +0,0 @@ -package org.bouncycastle.cert.cmp; - -public class CMPRuntimeException - extends RuntimeException -{ - private Throwable cause; - - public CMPRuntimeException(String msg, Throwable cause) - { - super(msg); - - this.cause = cause; - } - - public Throwable getCause() - { - return cause; - } -}
\ No newline at end of file diff --git a/pkix/src/main/java/org/bouncycastle/cert/cmp/CMPUtil.java b/pkix/src/main/java/org/bouncycastle/cert/cmp/CMPUtil.java deleted file mode 100644 index cc2ef04a..00000000 --- a/pkix/src/main/java/org/bouncycastle/cert/cmp/CMPUtil.java +++ /dev/null @@ -1,26 +0,0 @@ -package org.bouncycastle.cert.cmp; - -import java.io.IOException; -import java.io.OutputStream; - -import org.bouncycastle.asn1.ASN1Encodable; -import org.bouncycastle.asn1.DEROutputStream; - -class CMPUtil -{ - static void derEncodeToStream(ASN1Encodable obj, OutputStream stream) - { - DEROutputStream dOut = new DEROutputStream(stream); - - try - { - dOut.writeObject(obj); - - dOut.close(); - } - catch (IOException e) - { - throw new CMPRuntimeException("unable to DER encode object: " + e.getMessage(), e); - } - } -} diff --git a/pkix/src/main/java/org/bouncycastle/cert/cmp/CertificateConfirmationContent.java b/pkix/src/main/java/org/bouncycastle/cert/cmp/CertificateConfirmationContent.java deleted file mode 100644 index d1a2e643..00000000 --- a/pkix/src/main/java/org/bouncycastle/cert/cmp/CertificateConfirmationContent.java +++ /dev/null @@ -1,41 +0,0 @@ -package org.bouncycastle.cert.cmp; - -import org.bouncycastle.asn1.cmp.CertConfirmContent; -import org.bouncycastle.asn1.cmp.CertStatus; -import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder; -import org.bouncycastle.operator.DigestAlgorithmIdentifierFinder; - -public class CertificateConfirmationContent -{ - private DigestAlgorithmIdentifierFinder digestAlgFinder; - private CertConfirmContent content; - - public CertificateConfirmationContent(CertConfirmContent content) - { - this(content, new DefaultDigestAlgorithmIdentifierFinder()); - } - - public CertificateConfirmationContent(CertConfirmContent content, DigestAlgorithmIdentifierFinder digestAlgFinder) - { - this.digestAlgFinder = digestAlgFinder; - this.content = content; - } - - public CertConfirmContent toASN1Structure() - { - return content; - } - - public CertificateStatus[] getStatusMessages() - { - CertStatus[] statusArray = content.toCertStatusArray(); - CertificateStatus[] ret = new CertificateStatus[statusArray.length]; - - for (int i = 0; i != ret.length; i++) - { - ret[i] = new CertificateStatus(digestAlgFinder, statusArray[i]); - } - - return ret; - } -} diff --git a/pkix/src/main/java/org/bouncycastle/cert/cmp/CertificateConfirmationContentBuilder.java b/pkix/src/main/java/org/bouncycastle/cert/cmp/CertificateConfirmationContentBuilder.java deleted file mode 100644 index 578ae148..00000000 --- a/pkix/src/main/java/org/bouncycastle/cert/cmp/CertificateConfirmationContentBuilder.java +++ /dev/null @@ -1,78 +0,0 @@ -package org.bouncycastle.cert.cmp; - -import java.math.BigInteger; -import java.util.ArrayList; -import java.util.List; - -import org.bouncycastle.asn1.ASN1EncodableVector; -import org.bouncycastle.asn1.DERSequence; -import org.bouncycastle.asn1.cmp.CertConfirmContent; -import org.bouncycastle.asn1.cmp.CertStatus; -import org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import org.bouncycastle.cert.X509CertificateHolder; -import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder; -import org.bouncycastle.operator.DigestAlgorithmIdentifierFinder; -import org.bouncycastle.operator.DigestCalculator; -import org.bouncycastle.operator.DigestCalculatorProvider; -import org.bouncycastle.operator.OperatorCreationException; - -public class CertificateConfirmationContentBuilder -{ - private DigestAlgorithmIdentifierFinder digestAlgFinder; - private List acceptedCerts = new ArrayList(); - private List acceptedReqIds = new ArrayList(); - - public CertificateConfirmationContentBuilder() - { - this(new DefaultDigestAlgorithmIdentifierFinder()); - } - - public CertificateConfirmationContentBuilder(DigestAlgorithmIdentifierFinder digestAlgFinder) - { - this.digestAlgFinder = digestAlgFinder; - } - - public CertificateConfirmationContentBuilder addAcceptedCertificate(X509CertificateHolder certHolder, BigInteger certReqID) - { - acceptedCerts.add(certHolder); - acceptedReqIds.add(certReqID); - - return this; - } - - public CertificateConfirmationContent build(DigestCalculatorProvider digesterProvider) - throws CMPException - { - ASN1EncodableVector v = new ASN1EncodableVector(); - - for (int i = 0; i != acceptedCerts.size(); i++) - { - X509CertificateHolder certHolder = (X509CertificateHolder)acceptedCerts.get(i); - BigInteger reqID = (BigInteger)acceptedReqIds.get(i); - - AlgorithmIdentifier digAlg = digestAlgFinder.find(certHolder.toASN1Structure().getSignatureAlgorithm()); - if (digAlg == null) - { - throw new CMPException("cannot find algorithm for digest from signature"); - } - - DigestCalculator digester; - - try - { - digester = digesterProvider.get(digAlg); - } - catch (OperatorCreationException e) - { - throw new CMPException("unable to create digest: " + e.getMessage(), e); - } - - CMPUtil.derEncodeToStream(certHolder.toASN1Structure(), digester.getOutputStream()); - - v.add(new CertStatus(digester.getDigest(), reqID)); - } - - return new CertificateConfirmationContent(CertConfirmContent.getInstance(new DERSequence(v)), digestAlgFinder); - } - -} diff --git a/pkix/src/main/java/org/bouncycastle/cert/cmp/CertificateStatus.java b/pkix/src/main/java/org/bouncycastle/cert/cmp/CertificateStatus.java deleted file mode 100644 index 50df835f..00000000 --- a/pkix/src/main/java/org/bouncycastle/cert/cmp/CertificateStatus.java +++ /dev/null @@ -1,60 +0,0 @@ -package org.bouncycastle.cert.cmp; - -import java.math.BigInteger; - -import org.bouncycastle.asn1.cmp.CertStatus; -import org.bouncycastle.asn1.cmp.PKIStatusInfo; -import org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import org.bouncycastle.cert.X509CertificateHolder; -import org.bouncycastle.operator.DigestAlgorithmIdentifierFinder; -import org.bouncycastle.operator.DigestCalculator; -import org.bouncycastle.operator.DigestCalculatorProvider; -import org.bouncycastle.operator.OperatorCreationException; -import org.bouncycastle.util.Arrays; - -public class CertificateStatus -{ - private DigestAlgorithmIdentifierFinder digestAlgFinder; - private CertStatus certStatus; - - CertificateStatus(DigestAlgorithmIdentifierFinder digestAlgFinder, CertStatus certStatus) - { - this.digestAlgFinder = digestAlgFinder; - this.certStatus = certStatus; - } - - public PKIStatusInfo getStatusInfo() - { - return certStatus.getStatusInfo(); - } - - public BigInteger getCertRequestID() - { - return certStatus.getCertReqId().getValue(); - } - - public boolean isVerified(X509CertificateHolder certHolder, DigestCalculatorProvider digesterProvider) - throws CMPException - { - AlgorithmIdentifier digAlg = digestAlgFinder.find(certHolder.toASN1Structure().getSignatureAlgorithm()); - if (digAlg == null) - { - throw new CMPException("cannot find algorithm for digest from signature"); - } - - DigestCalculator digester; - - try - { - digester = digesterProvider.get(digAlg); - } - catch (OperatorCreationException e) - { - throw new CMPException("unable to create digester: " + e.getMessage(), e); - } - - CMPUtil.derEncodeToStream(certHolder.toASN1Structure(), digester.getOutputStream()); - - return Arrays.areEqual(certStatus.getCertHash().getOctets(), digester.getDigest()); - } -} diff --git a/pkix/src/main/java/org/bouncycastle/cert/cmp/GeneralPKIMessage.java b/pkix/src/main/java/org/bouncycastle/cert/cmp/GeneralPKIMessage.java deleted file mode 100644 index a928623f..00000000 --- a/pkix/src/main/java/org/bouncycastle/cert/cmp/GeneralPKIMessage.java +++ /dev/null @@ -1,82 +0,0 @@ -package org.bouncycastle.cert.cmp; - -import java.io.IOException; - -import org.bouncycastle.asn1.ASN1Primitive; -import org.bouncycastle.asn1.cmp.PKIBody; -import org.bouncycastle.asn1.cmp.PKIHeader; -import org.bouncycastle.asn1.cmp.PKIMessage; -import org.bouncycastle.cert.CertIOException; - -/** - * General wrapper for a generic PKIMessage - */ -public class GeneralPKIMessage -{ - private final PKIMessage pkiMessage; - - private static PKIMessage parseBytes(byte[] encoding) - throws IOException - { - try - { - return PKIMessage.getInstance(ASN1Primitive.fromByteArray(encoding)); - } - catch (ClassCastException e) - { - throw new CertIOException("malformed data: " + e.getMessage(), e); - } - catch (IllegalArgumentException e) - { - throw new CertIOException("malformed data: " + e.getMessage(), e); - } - } - - /** - * Create a PKIMessage from the passed in bytes. - * - * @param encoding BER/DER encoding of the PKIMessage - * @throws IOException in the event of corrupted data, or an incorrect structure. - */ - public GeneralPKIMessage(byte[] encoding) - throws IOException - { - this(parseBytes(encoding)); - } - - /** - * Wrap a PKIMessage ASN.1 structure. - * - * @param pkiMessage base PKI message. - */ - public GeneralPKIMessage(PKIMessage pkiMessage) - { - this.pkiMessage = pkiMessage; - } - - public PKIHeader getHeader() - { - return pkiMessage.getHeader(); - } - - public PKIBody getBody() - { - return pkiMessage.getBody(); - } - - /** - * Return true if this message has protection bits on it. A return value of true - * indicates the message can be used to construct a ProtectedPKIMessage. - * - * @return true if message has protection, false otherwise. - */ - public boolean hasProtection() - { - return pkiMessage.getHeader().getProtectionAlg() != null; - } - - public PKIMessage toASN1Structure() - { - return pkiMessage; - } -} diff --git a/pkix/src/main/java/org/bouncycastle/cert/cmp/ProtectedPKIMessage.java b/pkix/src/main/java/org/bouncycastle/cert/cmp/ProtectedPKIMessage.java deleted file mode 100644 index 2749d908..00000000 --- a/pkix/src/main/java/org/bouncycastle/cert/cmp/ProtectedPKIMessage.java +++ /dev/null @@ -1,198 +0,0 @@ -package org.bouncycastle.cert.cmp; - -import java.io.IOException; -import java.io.OutputStream; - -import org.bouncycastle.asn1.ASN1EncodableVector; -import org.bouncycastle.asn1.ASN1Encoding; -import org.bouncycastle.asn1.DERSequence; -import org.bouncycastle.asn1.cmp.CMPCertificate; -import org.bouncycastle.asn1.cmp.CMPObjectIdentifiers; -import org.bouncycastle.asn1.cmp.PBMParameter; -import org.bouncycastle.asn1.cmp.PKIBody; -import org.bouncycastle.asn1.cmp.PKIHeader; -import org.bouncycastle.asn1.cmp.PKIMessage; -import org.bouncycastle.cert.X509CertificateHolder; -import org.bouncycastle.cert.crmf.PKMACBuilder; -import org.bouncycastle.operator.ContentVerifier; -import org.bouncycastle.operator.ContentVerifierProvider; -import org.bouncycastle.operator.MacCalculator; -import org.bouncycastle.util.Arrays; - -/** - * Wrapper for a PKIMessage with protection attached to it. - */ -public class ProtectedPKIMessage -{ - private PKIMessage pkiMessage; - - /** - * Base constructor. - * - * @param pkiMessage a GeneralPKIMessage with - */ - public ProtectedPKIMessage(GeneralPKIMessage pkiMessage) - { - if (!pkiMessage.hasProtection()) - { - throw new IllegalArgumentException("PKIMessage not protected"); - } - - this.pkiMessage = pkiMessage.toASN1Structure(); - } - - ProtectedPKIMessage(PKIMessage pkiMessage) - { - if (pkiMessage.getHeader().getProtectionAlg() == null) - { - throw new IllegalArgumentException("PKIMessage not protected"); - } - - this.pkiMessage = pkiMessage; - } - - /** - * Return the message header. - * - * @return the message's PKIHeader structure. - */ - public PKIHeader getHeader() - { - return pkiMessage.getHeader(); - } - - /** - * Return the message body. - * - * @return the message's PKIBody structure. - */ - public PKIBody getBody() - { - return pkiMessage.getBody(); - } - - /** - * Return the underlying ASN.1 structure contained in this object. - * - * @return a PKIMessage structure. - */ - public PKIMessage toASN1Structure() - { - return pkiMessage; - } - - /** - * Determine whether the message is protected by a password based MAC. Use verify(PKMACBuilder, char[]) - * to verify the message if this method returns true. - * - * @return true if protection MAC PBE based, false otherwise. - */ - public boolean hasPasswordBasedMacProtection() - { - return pkiMessage.getHeader().getProtectionAlg().getAlgorithm().equals(CMPObjectIdentifiers.passwordBasedMac); - } - - /** - * Return the extra certificates associated with this message. - * - * @return an array of extra certificates, zero length if none present. - */ - public X509CertificateHolder[] getCertificates() - { - CMPCertificate[] certs = pkiMessage.getExtraCerts(); - - if (certs == null) - { - return new X509CertificateHolder[0]; - } - - X509CertificateHolder[] res = new X509CertificateHolder[certs.length]; - for (int i = 0; i != certs.length; i++) - { - res[i] = new X509CertificateHolder(certs[i].getX509v3PKCert()); - } - - return res; - } - - /** - * Verify a message with a public key based signature attached. - * - * @param verifierProvider a provider of signature verifiers. - * @return true if the provider is able to create a verifier that validates - * the signature, false otherwise. - * @throws CMPException if an exception is thrown trying to verify the signature. - */ - public boolean verify(ContentVerifierProvider verifierProvider) - throws CMPException - { - ContentVerifier verifier; - try - { - verifier = verifierProvider.get(pkiMessage.getHeader().getProtectionAlg()); - - return verifySignature(pkiMessage.getProtection().getBytes(), verifier); - } - catch (Exception e) - { - throw new CMPException("unable to verify signature: " + e.getMessage(), e); - } - } - - /** - * Verify a message with password based MAC protection. - * - * @param pkMacBuilder MAC builder that can be used to construct the appropriate MacCalculator - * @param password the MAC password - * @return true if the passed in password and MAC builder verify the message, false otherwise. - * @throws CMPException if algorithm not MAC based, or an exception is thrown verifying the MAC. - */ - public boolean verify(PKMACBuilder pkMacBuilder, char[] password) - throws CMPException - { - if (!CMPObjectIdentifiers.passwordBasedMac.equals(pkiMessage.getHeader().getProtectionAlg().getAlgorithm())) - { - throw new CMPException("protection algorithm not mac based"); - } - - try - { - pkMacBuilder.setParameters(PBMParameter.getInstance(pkiMessage.getHeader().getProtectionAlg().getParameters())); - MacCalculator calculator = pkMacBuilder.build(password); - - OutputStream macOut = calculator.getOutputStream(); - - ASN1EncodableVector v = new ASN1EncodableVector(); - - v.add(pkiMessage.getHeader()); - v.add(pkiMessage.getBody()); - - macOut.write(new DERSequence(v).getEncoded(ASN1Encoding.DER)); - - macOut.close(); - - return Arrays.areEqual(calculator.getMac(), pkiMessage.getProtection().getBytes()); - } - catch (Exception e) - { - throw new CMPException("unable to verify MAC: " + e.getMessage(), e); - } - } - - private boolean verifySignature(byte[] signature, ContentVerifier verifier) - throws IOException - { - ASN1EncodableVector v = new ASN1EncodableVector(); - - v.add(pkiMessage.getHeader()); - v.add(pkiMessage.getBody()); - - OutputStream sOut = verifier.getOutputStream(); - - sOut.write(new DERSequence(v).getEncoded(ASN1Encoding.DER)); - - sOut.close(); - - return verifier.verify(signature); - } -} diff --git a/pkix/src/main/java/org/bouncycastle/cert/cmp/ProtectedPKIMessageBuilder.java b/pkix/src/main/java/org/bouncycastle/cert/cmp/ProtectedPKIMessageBuilder.java deleted file mode 100644 index 29191567..00000000 --- a/pkix/src/main/java/org/bouncycastle/cert/cmp/ProtectedPKIMessageBuilder.java +++ /dev/null @@ -1,306 +0,0 @@ -package org.bouncycastle.cert.cmp; - -import java.io.IOException; -import java.io.OutputStream; -import java.util.ArrayList; -import java.util.Date; -import java.util.List; - -import org.bouncycastle.asn1.ASN1EncodableVector; -import org.bouncycastle.asn1.ASN1Encoding; -import org.bouncycastle.asn1.ASN1GeneralizedTime; -import org.bouncycastle.asn1.DERBitString; -import org.bouncycastle.asn1.DERSequence; -import org.bouncycastle.asn1.cmp.CMPCertificate; -import org.bouncycastle.asn1.cmp.InfoTypeAndValue; -import org.bouncycastle.asn1.cmp.PKIBody; -import org.bouncycastle.asn1.cmp.PKIFreeText; -import org.bouncycastle.asn1.cmp.PKIHeader; -import org.bouncycastle.asn1.cmp.PKIHeaderBuilder; -import org.bouncycastle.asn1.cmp.PKIMessage; -import org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import org.bouncycastle.asn1.x509.GeneralName; -import org.bouncycastle.cert.X509CertificateHolder; -import org.bouncycastle.operator.ContentSigner; -import org.bouncycastle.operator.MacCalculator; - -/** - * Builder for creating a protected PKI message. - */ -public class ProtectedPKIMessageBuilder -{ - private PKIHeaderBuilder hdrBuilder; - private PKIBody body; - private List generalInfos = new ArrayList(); - private List extraCerts = new ArrayList(); - - /** - * Commence a message with the header version CMP_2000. - * - * @param sender message sender. - * @param recipient intended recipient. - */ - public ProtectedPKIMessageBuilder(GeneralName sender, GeneralName recipient) - { - this(PKIHeader.CMP_2000, sender, recipient); - } - - /** - * Commence a message with a specific header type. - * - * @param pvno the version CMP_1999 or CMP_2000. - * @param sender message sender. - * @param recipient intended recipient. - */ - public ProtectedPKIMessageBuilder(int pvno, GeneralName sender, GeneralName recipient) - { - hdrBuilder = new PKIHeaderBuilder(pvno, sender, recipient); - } - - /** - * Set the identifier for the transaction the new message will belong to. - * - * @param tid the transaction ID. - * @return the current builder instance. - */ - public ProtectedPKIMessageBuilder setTransactionID(byte[] tid) - { - hdrBuilder.setTransactionID(tid); - - return this; - } - - /** - * Include a human-readable message in the new message. - * - * @param freeText the contents of the human readable message, - * @return the current builder instance. - */ - public ProtectedPKIMessageBuilder setFreeText(PKIFreeText freeText) - { - hdrBuilder.setFreeText(freeText); - - return this; - } - - /** - * Add a generalInfo data record to the header of the new message. - * - * @param genInfo the generalInfo data to be added. - * @return the current builder instance. - */ - public ProtectedPKIMessageBuilder addGeneralInfo(InfoTypeAndValue genInfo) - { - generalInfos.add(genInfo); - - return this; - } - - /** - * Set the creation time for the new message. - * - * @param time the message creation time. - * @return the current builder instance. - */ - public ProtectedPKIMessageBuilder setMessageTime(Date time) - { - hdrBuilder.setMessageTime(new ASN1GeneralizedTime(time)); - - return this; - } - - /** - * Set the recipient key identifier for the key to be used to verify the new message. - * - * @param kid a key identifier. - * @return the current builder instance. - */ - public ProtectedPKIMessageBuilder setRecipKID(byte[] kid) - { - hdrBuilder.setRecipKID(kid); - - return this; - } - - /** - * Set the recipient nonce field on the new message. - * - * @param nonce a NONCE, typically copied from the sender nonce of the previous message. - * @return the current builder instance. - */ - public ProtectedPKIMessageBuilder setRecipNonce(byte[] nonce) - { - hdrBuilder.setRecipNonce(nonce); - - return this; - } - - /** - * Set the sender key identifier for the key used to protect the new message. - * - * @param kid a key identifier. - * @return the current builder instance. - */ - public ProtectedPKIMessageBuilder setSenderKID(byte[] kid) - { - hdrBuilder.setSenderKID(kid); - - return this; - } - - /** - * Set the sender nonce field on the new message. - * - * @param nonce a NONCE, typically 128 bits of random data. - * @return the current builder instance. - */ - public ProtectedPKIMessageBuilder setSenderNonce(byte[] nonce) - { - hdrBuilder.setSenderNonce(nonce); - - return this; - } - - /** - * Set the body for the new message - * - * @param body the message body. - * @return the current builder instance. - */ - public ProtectedPKIMessageBuilder setBody(PKIBody body) - { - this.body = body; - - return this; - } - - /** - * Add an "extra certificate" to the message. - * - * @param extraCert the extra certificate to add. - * @return the current builder instance. - */ - public ProtectedPKIMessageBuilder addCMPCertificate(X509CertificateHolder extraCert) - { - extraCerts.add(extraCert); - - return this; - } - - /** - * Build a protected PKI message which has MAC based integrity protection. - * - * @param macCalculator MAC calculator. - * @return the resulting protected PKI message. - * @throws CMPException if the protection MAC cannot be calculated. - */ - public ProtectedPKIMessage build(MacCalculator macCalculator) - throws CMPException - { - finaliseHeader(macCalculator.getAlgorithmIdentifier()); - - PKIHeader header = hdrBuilder.build(); - - try - { - DERBitString protection = new DERBitString(calculateMac(macCalculator, header, body)); - - return finaliseMessage(header, protection); - } - catch (IOException e) - { - throw new CMPException("unable to encode MAC input: " + e.getMessage(), e); - } - } - - /** - * Build a protected PKI message which has MAC based integrity protection. - * - * @param signer the ContentSigner to be used to calculate the signature. - * @return the resulting protected PKI message. - * @throws CMPException if the protection signature cannot be calculated. - */ - public ProtectedPKIMessage build(ContentSigner signer) - throws CMPException - { - finaliseHeader(signer.getAlgorithmIdentifier()); - - PKIHeader header = hdrBuilder.build(); - - try - { - DERBitString protection = new DERBitString(calculateSignature(signer, header, body)); - - return finaliseMessage(header, protection); - } - catch (IOException e) - { - throw new CMPException("unable to encode signature input: " + e.getMessage(), e); - } - } - - private void finaliseHeader(AlgorithmIdentifier algorithmIdentifier) - { - hdrBuilder.setProtectionAlg(algorithmIdentifier); - - if (!generalInfos.isEmpty()) - { - InfoTypeAndValue[] genInfos = new InfoTypeAndValue[generalInfos.size()]; - - hdrBuilder.setGeneralInfo((InfoTypeAndValue[])generalInfos.toArray(genInfos)); - } - } - - private ProtectedPKIMessage finaliseMessage(PKIHeader header, DERBitString protection) - { - if (!extraCerts.isEmpty()) - { - CMPCertificate[] cmpCerts = new CMPCertificate[extraCerts.size()]; - - for (int i = 0; i != cmpCerts.length; i++) - { - cmpCerts[i] = new CMPCertificate(((X509CertificateHolder)extraCerts.get(i)).toASN1Structure()); - } - - return new ProtectedPKIMessage(new PKIMessage(header, body, protection, cmpCerts)); - } - else - { - return new ProtectedPKIMessage(new PKIMessage(header, body, protection)); - } - } - - private byte[] calculateSignature(ContentSigner signer, PKIHeader header, PKIBody body) - throws IOException - { - ASN1EncodableVector v = new ASN1EncodableVector(); - - v.add(header); - v.add(body); - - OutputStream sOut = signer.getOutputStream(); - - sOut.write(new DERSequence(v).getEncoded(ASN1Encoding.DER)); - - sOut.close(); - - return signer.getSignature(); - } - - private byte[] calculateMac(MacCalculator macCalculator, PKIHeader header, PKIBody body) - throws IOException - { - ASN1EncodableVector v = new ASN1EncodableVector(); - - v.add(header); - v.add(body); - - OutputStream sOut = macCalculator.getOutputStream(); - - sOut.write(new DERSequence(v).getEncoded(ASN1Encoding.DER)); - - sOut.close(); - - return macCalculator.getMac(); - } -} diff --git a/pkix/src/main/java/org/bouncycastle/cert/cmp/RevocationDetails.java b/pkix/src/main/java/org/bouncycastle/cert/cmp/RevocationDetails.java deleted file mode 100644 index f382c69c..00000000 --- a/pkix/src/main/java/org/bouncycastle/cert/cmp/RevocationDetails.java +++ /dev/null @@ -1,36 +0,0 @@ -package org.bouncycastle.cert.cmp; - -import java.math.BigInteger; - -import org.bouncycastle.asn1.cmp.RevDetails; -import org.bouncycastle.asn1.x500.X500Name; - -public class RevocationDetails -{ - private RevDetails revDetails; - - public RevocationDetails(RevDetails revDetails) - { - this.revDetails = revDetails; - } - - public X500Name getSubject() - { - return revDetails.getCertDetails().getSubject(); - } - - public X500Name getIssuer() - { - return revDetails.getCertDetails().getIssuer(); - } - - public BigInteger getSerialNumber() - { - return revDetails.getCertDetails().getSerialNumber().getValue(); - } - - public RevDetails toASN1Structure() - { - return revDetails; - } -} diff --git a/pkix/src/main/java/org/bouncycastle/cert/cmp/RevocationDetailsBuilder.java b/pkix/src/main/java/org/bouncycastle/cert/cmp/RevocationDetailsBuilder.java deleted file mode 100644 index e662d28e..00000000 --- a/pkix/src/main/java/org/bouncycastle/cert/cmp/RevocationDetailsBuilder.java +++ /dev/null @@ -1,59 +0,0 @@ -package org.bouncycastle.cert.cmp; - -import java.math.BigInteger; - -import org.bouncycastle.asn1.ASN1Integer; -import org.bouncycastle.asn1.cmp.RevDetails; -import org.bouncycastle.asn1.crmf.CertTemplateBuilder; -import org.bouncycastle.asn1.x500.X500Name; -import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; - -public class RevocationDetailsBuilder -{ - private CertTemplateBuilder templateBuilder = new CertTemplateBuilder(); - - public RevocationDetailsBuilder setPublicKey(SubjectPublicKeyInfo publicKey) - { - if (publicKey != null) - { - templateBuilder.setPublicKey(publicKey); - } - - return this; - } - - public RevocationDetailsBuilder setIssuer(X500Name issuer) - { - if (issuer != null) - { - templateBuilder.setIssuer(issuer); - } - - return this; - } - - public RevocationDetailsBuilder setSerialNumber(BigInteger serialNumber) - { - if (serialNumber != null) - { - templateBuilder.setSerialNumber(new ASN1Integer(serialNumber)); - } - - return this; - } - - public RevocationDetailsBuilder setSubject(X500Name subject) - { - if (subject != null) - { - templateBuilder.setSubject(subject); - } - - return this; - } - - public RevocationDetails build() - { - return new RevocationDetails(new RevDetails(templateBuilder.build())); - } -} |