package org.bouncycastle.cert.dane;
import java.io.IOException;
import java.io.OutputStream;
import org.bouncycastle.operator.DigestCalculator;
import org.bouncycastle.util.Strings;
import org.bouncycastle.util.encoders.Hex;
Factory for creating selector objects to use with the DANECertificateStore.
/**
* Factory for creating selector objects to use with the DANECertificateStore.
*/
public class DANEEntrySelectorFactory
{
private final DigestCalculator digestCalculator;
Base constructor.
At the moment you would call this as:
new DANEEntrySelectorFactory(new TruncatingDigestCalculator(new SHA256DigestCalculator()));
or some equivalent.
Params: - digestCalculator – a calculator for the message digest to filter email addresses currently truncated SHA-256 (originally SHA-224).
/**
* Base constructor.
* <p>
* At the moment you would call this as:
* <pre>
* new DANEEntrySelectorFactory(new TruncatingDigestCalculator(new SHA256DigestCalculator()));
* </pre>
* or some equivalent.
*
* @param digestCalculator a calculator for the message digest to filter email addresses currently truncated SHA-256 (originally SHA-224).
*/
public DANEEntrySelectorFactory(DigestCalculator digestCalculator)
{
this.digestCalculator = digestCalculator;
}
Create a selector for the passed in email address.
Params: - emailAddress – the emails address of interest.
Throws: - DANEException – in case of issue generating a matching name.
/**
* Create a selector for the passed in email address.
* @param emailAddress the emails address of interest.
* @throws DANEException in case of issue generating a matching name.
*/
public DANEEntrySelector createSelector(String emailAddress)
throws DANEException
{
final byte[] enc = Strings.toUTF8ByteArray(emailAddress.substring(0, emailAddress.indexOf('@')));
try
{
OutputStream cOut = digestCalculator.getOutputStream();
cOut.write(enc);
cOut.close();
}
catch (IOException e)
{
throw new DANEException("Unable to calculate digest string: " + e.getMessage(), e);
}
byte[] hash = digestCalculator.getDigest();
final String domainName = Strings.fromByteArray(Hex.encode(hash)) + "._smimecert." + emailAddress.substring(emailAddress.indexOf('@') + 1);
return new DANEEntrySelector(domainName);
}
}