本文整理汇总了Java中org.bouncycastle.asn1.ess.ESSCertIDv2类的典型用法代码示例。如果您正苦于以下问题:Java ESSCertIDv2类的具体用法?Java ESSCertIDv2怎么用?Java ESSCertIDv2使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
ESSCertIDv2类属于org.bouncycastle.asn1.ess包,在下文中一共展示了ESSCertIDv2类的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getValue
import org.bouncycastle.asn1.ess.ESSCertIDv2; //导入依赖的package包/类
@Override
public Attribute getValue() throws SignerException {
try {
X509Certificate cert = (X509Certificate) certificates[0];
X509Certificate issuerCert = (X509Certificate) certificates[1];
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
byte[] certHash = digest.digest(cert.getEncoded());
X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
GeneralName name = new GeneralName(dirName);
GeneralNames issuer = new GeneralNames(name);
ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);// SHA-256
ESSCertIDv2 essCertIDv2 = new ESSCertIDv2(algId, certHash, issuerSerial);
// return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(essCertIDv2)));
return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(
new ASN1Encodable[] { new DERSequence(essCertIDv2) })));
} catch (CertificateEncodingException ex) {
throw new SignerException(ex.getMessage());
}
}
示例2: performTest
import org.bouncycastle.asn1.ess.ESSCertIDv2; //导入依赖的package包/类
public void performTest()
throws Exception
{
// check getInstance on default algorithm.
byte[] digest = new byte [256];
ESSCertIDv2 essCertIdv2 = new ESSCertIDv2(new AlgorithmIdentifier(
NISTObjectIdentifiers.id_sha256), digest);
ASN1Primitive asn1Object = essCertIdv2.toASN1Primitive();
ESSCertIDv2.getInstance(asn1Object);
}
示例3: TimeStampToken
import org.bouncycastle.asn1.ess.ESSCertIDv2; //导入依赖的package包/类
public TimeStampToken(CMSSignedData signedData)
throws TSPException, IOException
{
this.tsToken = signedData;
if (!this.tsToken.getSignedContentTypeOID().equals(PKCSObjectIdentifiers.id_ct_TSTInfo.getId()))
{
throw new TSPValidationException("ContentInfo object not for a time stamp.");
}
Collection signers = tsToken.getSignerInfos().getSigners();
if (signers.size() != 1)
{
throw new IllegalArgumentException("Time-stamp token signed by "
+ signers.size()
+ " signers, but it must contain just the TSA signature.");
}
tsaSignerInfo = (SignerInformation)signers.iterator().next();
try
{
CMSProcessable content = tsToken.getSignedContent();
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
content.write(bOut);
ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(bOut.toByteArray()));
this.tstInfo = new TimeStampTokenInfo(TSTInfo.getInstance(aIn.readObject()));
Attribute attr = tsaSignerInfo.getSignedAttributes().get(PKCSObjectIdentifiers.id_aa_signingCertificate);
if (attr != null)
{
SigningCertificate signCert = SigningCertificate.getInstance(attr.getAttrValues().getObjectAt(0));
this.certID = new CertID(ESSCertID.getInstance(signCert.getCerts()[0]));
}
else
{
attr = tsaSignerInfo.getSignedAttributes().get(PKCSObjectIdentifiers.id_aa_signingCertificateV2);
if (attr == null)
{
throw new TSPValidationException("no signing certificate attribute found, time stamp invalid.");
}
SigningCertificateV2 signCertV2 = SigningCertificateV2.getInstance(attr.getAttrValues().getObjectAt(0));
this.certID = new CertID(ESSCertIDv2.getInstance(signCertV2.getCerts()[0]));
}
}
catch (CMSException e)
{
throw new TSPException(e.getMessage(), e.getUnderlyingException());
}
}
示例4: CertID
import org.bouncycastle.asn1.ess.ESSCertIDv2; //导入依赖的package包/类
CertID(ESSCertIDv2 certID)
{
this.certIDv2 = certID;
this.certID = null;
}
示例5: verifySigningCertificateV2
import org.bouncycastle.asn1.ess.ESSCertIDv2; //导入依赖的package包/类
private void verifySigningCertificateV2(final BigInteger signingTokenSerialNumber, final GeneralNames signingTokenIssuerName,
final Attribute signingCertificateAttributeV2) {
final ASN1Set attrValues = signingCertificateAttributeV2.getAttrValues();
DigestAlgorithm lastDigestAlgorithm = null;
byte[] signingTokenCertHash = null;
for (int ii = 0; ii < attrValues.size(); ii++) {
final ASN1Encodable asn1Encodable = attrValues.getObjectAt(ii);
final SigningCertificateV2 signingCertificateAttribute = SigningCertificateV2.getInstance(asn1Encodable);
if (signingCertificateAttribute == null) {
LOG.warn("SigningCertificateV2 attribute is not well defined!");
continue;
}
final ESSCertIDv2[] essCertIDv2s = signingCertificateAttribute.getCerts();
for (final ESSCertIDv2 essCertIDv2 : essCertIDv2s) {
final String algorithmId = essCertIDv2.getHashAlgorithm().getAlgorithm().getId();
final DigestAlgorithm digestAlgorithm = DigestAlgorithm.forOID(algorithmId);
signingCertificateValidity.setDigestAlgorithm(digestAlgorithm);
if (digestAlgorithm != lastDigestAlgorithm) {
signingTokenCertHash = signingCertificateValidity.getCertificateToken().getDigest(digestAlgorithm);
if (LOG.isDebugEnabled()) {
LOG.debug("Candidate Certificate Hash {} with algorithm {}", Utils.toHex(signingTokenCertHash), digestAlgorithm.getName());
}
lastDigestAlgorithm = digestAlgorithm;
}
final byte[] certHash = essCertIDv2.getCertHash();
signingCertificateValidity.setDigestPresent(true);
if (LOG.isDebugEnabled()) {
LOG.debug("Found Certificate Hash in SigningCertificateV2 {} with algorithm {}", Utils.toHex(certHash), digestAlgorithm.getName());
}
final IssuerSerial issuerSerial = essCertIDv2.getIssuerSerial();
final boolean match = verifySigningCertificateReferences(signingTokenSerialNumber, signingTokenIssuerName, signingTokenCertHash, certHash,
issuerSerial);
if (match) {
return;
}
LOG.warn(
"RFC 5035: The first certificate identified in the sequence of certificate identifiers MUST be the certificate used to verify the signature.");
}
}
}