/*
* Copyright 2017 The Netty Project
*
* The Netty Project licenses this file to you under the Apache License, version
* 2.0 (the "License"); you may not use this file except in compliance with the
* License. You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
package io.netty.example.ocsp;
import java.io.OutputStream;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cert.ocsp.OCSPReqBuilder;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.io.DigestOutputStream;
import org.bouncycastle.operator.DigestCalculator;
BC's OCSPReqBuilder
needs a DigestCalculator
but BC doesn't provide any public implementations of that interface. That's why we need to write our own. There's a default SHA-1 implementation and one for SHA-256. Which one to use will depend on the Certificate Authority (CA). /**
* BC's {@link OCSPReqBuilder} needs a {@link DigestCalculator} but BC doesn't
* provide any public implementations of that interface. That's why we need to
* write our own. There's a default SHA-1 implementation and one for SHA-256.
* Which one to use will depend on the Certificate Authority (CA).
*/
public final class Digester implements DigestCalculator {
public static DigestCalculator sha1() {
Digest digest = new SHA1Digest();
AlgorithmIdentifier algId = new AlgorithmIdentifier(
OIWObjectIdentifiers.idSHA1);
return new Digester(digest, algId);
}
public static DigestCalculator sha256() {
Digest digest = new SHA256Digest();
// The OID for SHA-256: http://www.oid-info.com/get/2.16.840.1.101.3.4.2.1
ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier(
"2.16.840.1.101.3.4.2.1").intern();
AlgorithmIdentifier algId = new AlgorithmIdentifier(oid);
return new Digester(digest, algId);
}
private final DigestOutputStream dos;
private final AlgorithmIdentifier algId;
private Digester(Digest digest, AlgorithmIdentifier algId) {
this.dos = new DigestOutputStream(digest);
this.algId = algId;
}
@Override
public AlgorithmIdentifier getAlgorithmIdentifier() {
return algId;
}
@Override
public OutputStream getOutputStream() {
return dos;
}
@Override
public byte[] getDigest() {
return dos.getDigest();
}
}