Examples of CertificateID

Examples of org.bouncycastle.cert.ocsp.CertificateID

            OperatorException, CertificateEncodingException {
        //Add provider BC
        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());


        // Generate the id for the certificate we are looking for
        CertificateID id = new CertificateID(
                new JcaDigestCalculatorProviderBuilder().build().get(CertificateID.HASH_SHA1),
                new JcaX509CertificateHolder(issuerCert), serialNumber);


        // basic request generation with nonce
        OCSPReqBuilder gen = new OCSPReqBuilder();

View Full Code Here

Examples of org.bouncycastle.cert.ocsp.CertificateID

        if (signCerts.size() < 2)
            return false;
        try {
            X509Certificate[] cs = (X509Certificate[])getSignCertificateChain();
            SingleResp sr = basicResp.getResponses()[0];
            CertificateID cid = sr.getCertID();
            X509Certificate sigcer = getSigningCertificate();
            X509Certificate isscer = cs[1];
            CertificateID tis = new CertificateID(
                new JcaDigestCalculatorProviderBuilder().build().get(CertificateID.HASH_SHA1), new JcaX509CertificateHolder(isscer), sigcer.getSerialNumber());
            return tis.equals(cid);
        }
        catch (Exception ex) {
        }
        return false;
    }

View Full Code Here

Examples of org.bouncycastle.cert.ocsp.CertificateID

        if (signCerts.size() < 2)
            return false;
        try {
            X509Certificate[] cs = (X509Certificate[])getSignCertificateChain();
            SingleResp sr = basicResp.getResponses()[0];
            CertificateID cid = sr.getCertID();
            DigestCalculator digestalg = new JcaDigestCalculatorProviderBuilder().build().get(new AlgorithmIdentifier(cid.getHashAlgOID(), DERNull.INSTANCE));
            X509Certificate sigcer = getSigningCertificate();
            X509Certificate isscer = cs[1];
            CertificateID tis = new CertificateID(
                digestalg, new JcaX509CertificateHolder(isscer), sigcer.getSerialNumber());
            return tis.equals(cid);
        }
        catch (Exception ex) {
        }
        return false;
    }

View Full Code Here

Examples of org.bouncycastle.cert.ocsp.CertificateID

            OperatorException, CertificateEncodingException {
        //Add provider BC
        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());


        // Generate the id for the certificate we are looking for
        CertificateID id = new CertificateID(
                new JcaDigestCalculatorProviderBuilder().build().get(CertificateID.HASH_SHA1),
                new JcaX509CertificateHolder(issuerCert), serialNumber);


        // basic request generation with nonce
        OCSPReqBuilder gen = new OCSPReqBuilder();

View Full Code Here

Examples of org.bouncycastle.cert.ocsp.CertificateID


  protected OCSPReq buildRequest(final X509Certificate certificate, final X509Certificate issuer) throws CertificateEncodingException, IOException, OperatorCreationException, OCSPException {
    OCSPReqBuilder builder = new OCSPReqBuilder();
    DigestCalculatorProvider provider = new BcDigestCalculatorProvider();
    X509CertificateHolder holder = new X509CertificateHolder(issuer.getEncoded());
    CertificateID certificateID = new CertificateID(provider.get(CertificateID.HASH_SHA1), holder, certificate.getSerialNumber());
    BigInteger nonce = BigInteger.valueOf(System.currentTimeMillis());


    builder.addRequest(certificateID);
    ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
    extensionsGenerator.addExtension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, new DEROctetString(nonce.toByteArray()));

View Full Code Here

Examples of org.bouncycastle.ocsp.CertificateID

        GeneralName origName = new GeneralName(new X509Name(origDN));


        //
        // general id value for our test issuer cert and a serial number.
        //
        CertificateID id = new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1));


        //
        // basic request generation
        //
        OCSPReqGenerator gen = new OCSPReqGenerator();
        gen.addRequest(id);


        OCSPReq req = gen.generate();


        if (req.isSigned())
        {
            fail("signed but shouldn't be");
        }


        X509Certificate[] certs = req.getCerts("BC");


        if (certs != null)
        {
            fail("null certs expected, but not found");
        }


        Req[] requests = req.getRequestList();


        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }


        //
        // request generation with signing
        //
        X509Certificate[] chain = new X509Certificate[1];


        gen = new OCSPReqGenerator();


        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));


        gen.addRequest(
            new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        chain[0] = testCert;


        req = gen.generate("SHA1withECDSA", signKP.getPrivate(), chain, "BC");


        if (!req.isSigned())
        {
            fail("not signed but should be");
        }


        if (!req.verify(signKP.getPublic(), "BC"))
        {
            fail("signature failed to verify");
        }


        requests = req.getRequestList();


        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }


        certs = req.getCerts("BC");


        if (certs == null)
        {
            fail("null certs found");
        }


        if (certs.length != 1 || !certs[0].equals(testCert))
        {
            fail("incorrect certs found in request");
        }


        //
        // encoding test
        //
        byte[] reqEnc = req.getEncoded();


        OCSPReq newReq = new OCSPReq(reqEnc);


        if (!newReq.verify(signKP.getPublic(), "BC"))
        {
            fail("newReq signature failed to verify");
        }


        //
        // request generation with signing and nonce
        //
        chain = new X509Certificate[1];


        gen = new OCSPReqGenerator();


        Vector oids = new Vector();
        Vector values = new Vector();
        byte[] sampleNonce = new byte[16];
        Random rand = new Random();


        rand.nextBytes(sampleNonce);


        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));


        oids.addElement(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
        values.addElement(new X509Extension(false, new DEROctetString(new DEROctetString(sampleNonce))));


        gen.setRequestExtensions(new X509Extensions(oids, values));


        gen.addRequest(
            new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        chain[0] = testCert;


        req = gen.generate("SHA1withECDSA", signKP.getPrivate(), chain, "BC");

View Full Code Here

Examples of org.bouncycastle.ocsp.CertificateID

        GeneralName origName = new GeneralName(new X509Name(origDN));


        //
        // general id value for our test issuer cert and a serial number.
        //
        CertificateID id = new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1));


        //
        // basic request generation
        //
        OCSPReqGenerator gen = new OCSPReqGenerator();


        gen.addRequest(
            new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        OCSPReq req = gen.generate();


        if (req.isSigned())
        {
            fail("signed but shouldn't be");
        }


        X509Certificate[] certs = req.getCerts("BC");


        if (certs != null)
        {
            fail("null certs expected, but not found");
        }


        Req[] requests = req.getRequestList();


        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }


        //
        // request generation with signing
        //
        X509Certificate[] chain = new X509Certificate[1];


        gen = new OCSPReqGenerator();


        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));


        gen.addRequest(
            new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        chain[0] = testCert;


        req = gen.generate("SHA1withRSA", signKP.getPrivate(), chain, "BC");


        if (!req.isSigned())
        {
            fail("not signed but should be");
        }


        if (!req.verify(signKP.getPublic(), "BC"))
        {
            fail("signature failed to verify");
        }


        requests = req.getRequestList();


        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }


        certs = req.getCerts("BC");


        if (certs == null)
        {
            fail("null certs found");
        }


        if (certs.length != 1 || !certs[0].equals(testCert))
        {
            fail("incorrect certs found in request");
        }


        //
        // encoding test
        //
        byte[] reqEnc = req.getEncoded();


        OCSPReq newReq = new OCSPReq(reqEnc);


        if (!newReq.verify(signKP.getPublic(), "BC"))
        {
            fail("newReq signature failed to verify");
        }


        //
        // request generation with signing and nonce
        //
        chain = new X509Certificate[1];


        gen = new OCSPReqGenerator();


        Vector oids = new Vector();
        Vector values = new Vector();
        byte[] sampleNonce = new byte[16];
        Random rand = new Random();


        rand.nextBytes(sampleNonce);


        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));


        oids.addElement(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
        values.addElement(new X509Extension(false, new DEROctetString(new DEROctetString(sampleNonce))));


        gen.setRequestExtensions(new X509Extensions(oids, values));


        gen.addRequest(
            new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        chain[0] = testCert;


        req = gen.generate("SHA1withRSA", signKP.getPrivate(), chain, "BC");

View Full Code Here

Examples of org.bouncycastle.ocsp.CertificateID

        GeneralName origName = new GeneralName(new X509Name(origDN));


        //
        // general id value for our test issuer cert and a serial number.
        //
        CertificateID id = new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1));


        //
        // general id value for our test issuer cert and a serial number and the default provider
        //
        id = new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1), null);


        //
        // basic request generation
        //
        OCSPReqGenerator gen = new OCSPReqGenerator();


        gen.addRequest(
            new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        OCSPReq req = gen.generate();


        if (req.isSigned())
        {
            fail("signed but shouldn't be");
        }


        X509Certificate[] certs = req.getCerts("BC");


        if (certs != null)
        {
            fail("null certs expected, but not found");
        }


        Req[] requests = req.getRequestList();


        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }


        //
        // request generation with signing
        //
        X509Certificate[] chain = new X509Certificate[1];


        gen = new OCSPReqGenerator();


        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));


        gen.addRequest(
            new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        chain[0] = testCert;


        req = gen.generate("SHA1withRSA", signKP.getPrivate(), chain, "BC");


        if (!req.isSigned())
        {
            fail("not signed but should be");
        }


        if (!req.verify(signKP.getPublic(), "BC"))
        {
            fail("signature failed to verify");
        }


        requests = req.getRequestList();


        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }


        certs = req.getCerts("BC");


        if (certs == null)
        {
            fail("null certs found");
        }


        if (certs.length != 1 || !certs[0].equals(testCert))
        {
            fail("incorrect certs found in request");
        }


        //
        // encoding test
        //
        byte[] reqEnc = req.getEncoded();


        OCSPReq newReq = new OCSPReq(reqEnc);


        if (!newReq.verify(signKP.getPublic(), "BC"))
        {
            fail("newReq signature failed to verify");
        }


        //
        // request generation with signing and nonce
        //
        chain = new X509Certificate[1];


        gen = new OCSPReqGenerator();


        Vector oids = new Vector();
        Vector values = new Vector();
        byte[] sampleNonce = new byte[16];
        Random rand = new Random();


        rand.nextBytes(sampleNonce);


        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));


        oids.addElement(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
        values.addElement(new X509Extension(false, new DEROctetString(new DEROctetString(sampleNonce))));


        gen.setRequestExtensions(new X509Extensions(oids, values));


        gen.addRequest(
            new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        chain[0] = testCert;


        req = gen.generate("SHA1withRSA", signKP.getPrivate(), chain, "BC");

View Full Code Here

Examples of org.bouncycastle.ocsp.CertificateID

        GeneralName     origName = new GeneralName(new X509Name(origDN));


        //
        // general id value for our test issuer cert and a serial number.
        //
        CertificateID   id = new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1));


        //
        // basic request generation
        //
        OCSPReqGenerator    gen = new OCSPReqGenerator();


        gen.addRequest(
                new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        OCSPReq         req = gen.generate();


        if (req.isSigned())
        {
            fail("signed but shouldn't be");
        }


        X509Certificate[] certs = req.getCerts("BC");


        if (certs != null)
        {
            fail("null certs expected, but not found");
        }


        Req[]           requests = req.getRequestList();


        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }


        //
        // request generation with signing
        //
        X509Certificate[]   chain = new X509Certificate[1];


        gen = new OCSPReqGenerator();


        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));


        gen.addRequest(
                new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        chain[0] = testCert;


        req = gen.generate("SHA1withECDSA", signKP.getPrivate(), chain, "BC");


        if (!req.isSigned())
        {
            fail("not signed but should be");
        }


        if (!req.verify(signKP.getPublic(), "BC"))
        {
            fail("signature failed to verify");
        }


        requests = req.getRequestList();


        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }


        certs = req.getCerts("BC");


        if (certs == null)
        {
            fail("null certs found");
        }


        if (certs.length != 1 || !certs[0].equals(testCert))
        {
            fail("incorrect certs found in request");
        }


        //
        // encoding test
        //
        byte[] reqEnc = req.getEncoded();


        OCSPReq newReq = new OCSPReq(reqEnc);


        if (!newReq.verify(signKP.getPublic(), "BC"))
        {
            fail("newReq signature failed to verify");
        }


        //
        // request generation with signing and nonce
        //
        chain = new X509Certificate[1];


        gen = new OCSPReqGenerator();


        Vector oids = new Vector();
        Vector values = new Vector();
        byte[] sampleNonce = new byte[16];
        Random rand = new Random();


        rand.nextBytes(sampleNonce);


        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));


        oids.addElement(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
        values.addElement(new X509Extension(false, new DEROctetString(new DEROctetString(sampleNonce))));


        gen.setRequestExtensions(new X509Extensions(oids, values));


        gen.addRequest(
                new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        chain[0] = testCert;


        req = gen.generate("SHA1withECDSA", signKP.getPrivate(), chain, "BC");

View Full Code Here

Examples of org.bouncycastle.ocsp.CertificateID

        GeneralName     origName = new GeneralName(new X509Name(origDN));


        //
        // general id value for our test issuer cert and a serial number.
        //
        CertificateID   id = new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1));


        //
        // basic request generation
        //
        OCSPReqGenerator    gen = new OCSPReqGenerator();


        gen.addRequest(
                new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        OCSPReq         req = gen.generate();


        if (req.isSigned())
        {
            fail("signed but shouldn't be");
        }


        X509Certificate[] certs = req.getCerts("BC");
        
        if (certs != null)
        {
            fail("null certs expected, but not found");
        }
        
        Req[]           requests = req.getRequestList();


        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }


        //
        // request generation with signing
        //
        X509Certificate[]   chain = new X509Certificate[1];


        gen = new OCSPReqGenerator();


        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));
        
        gen.addRequest(
                new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        chain[0] = testCert;


        req = gen.generate("SHA1withRSA", signKP.getPrivate(), chain, "BC");


        if (!req.isSigned())
        {
            fail("not signed but should be");
        }


        if (!req.verify(signKP.getPublic(), "BC"))
        {
            fail("signature failed to verify");
        }


        requests = req.getRequestList();


        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }
        
        certs = req.getCerts("BC");
        
        if (certs == null)
        {
            fail("null certs found");
        }
        
        if (certs.length != 1 || !certs[0].equals(testCert))
        {
            fail("incorrect certs found in request");
        }


        //
        // encoding test
        //
        byte[] reqEnc = req.getEncoded();
        
        OCSPReq newReq = new OCSPReq(reqEnc);
        
        if (!newReq.verify(signKP.getPublic(), "BC"))
        {
            fail("newReq signature failed to verify");
        }
        
        //
        // request generation with signing and nonce
        //
        chain = new X509Certificate[1];


        gen = new OCSPReqGenerator();


        Vector oids = new Vector();
        Vector values = new Vector();
        byte[] sampleNonce = new byte[16];
        Random rand = new Random();
        
        rand.nextBytes(sampleNonce);
        
        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));
        
        oids.addElement(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
        values.addElement(new X509Extension(false, new DEROctetString(new DEROctetString(sampleNonce))));


        gen.setRequestExtensions(new X509Extensions(oids, values));
        
        gen.addRequest(
                new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));


        chain[0] = testCert;


        req = gen.generate("SHA1withRSA", signKP.getPrivate(), chain, "BC");

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.