Java Code Examples for org.bouncycastle.asn1.nist.NISTObjectIdentifiers#id_sha256()
The following examples show how to use
org.bouncycastle.asn1.nist.NISTObjectIdentifiers#id_sha256() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SigningCertificateV2.java From signer with GNU Lesser General Public License v3.0 | 6 votes |
|
@Override
public Attribute getValue() throws SignerException {
try {
X509Certificate cert = (X509Certificate) certificates[0];
X509Certificate issuerCert = (X509Certificate) certificates[1];
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
byte[] certHash = digest.digest(cert.getEncoded());
X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
GeneralName name = new GeneralName(dirName);
GeneralNames issuer = new GeneralNames(name);
ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);// SHA-256
ESSCertIDv2 essCertIDv2 = new ESSCertIDv2(algId, certHash, issuerSerial);
// return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(essCertIDv2)));
return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(
new ASN1Encodable[] { new DERSequence(essCertIDv2) })));
} catch (CertificateEncodingException ex) {
throw new SignerException(ex.getMessage());
}
}
Example 2
| Source File: SignInSteps.java From testarea-itext5 with GNU Affero General Public License v3.0 | 5 votes |
|
/**
* <a href="http://stackoverflow.com/questions/33305800/difference-between-sha256withrsa-and-sha256-then-rsa">
* Difference between SHA256withRSA and SHA256 then RSA
* </a>
* <p>
* This method is the updated code provided by the OP. As expected it shows two equal signatures.
* The OP's observations seem to differ, though.
* </p>
*/
public void testAsGreenhandUpdated(PrivateKey privateKey) throws GeneralSecurityException, IOException
{
System.out.println("\nGreenhandUpdated:");
String s = "1234";
MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
messageDigest.update(s.getBytes());
byte[] outputDigest = messageDigest.digest();
AlgorithmIdentifier sha256Aid = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE);
DigestInfo di = new DigestInfo(sha256Aid, outputDigest);
//sign SHA256 with RSA
Signature rsaSignature = Signature.getInstance("RSA");
rsaSignature.initSign(privateKey);
byte[] encodedDigestInfo = di.toASN1Primitive().getEncoded();
rsaSignature.update(encodedDigestInfo);
byte[] signed = rsaSignature.sign();
System.out.println("method 1: "+bytesToHex(signed));
System.out.println(" hash: " + bytesToHex(outputDigest));
System.out.println(" algo: " + sha256Aid.getAlgorithm());
System.out.println(" info: " + bytesToHex(encodedDigestInfo));
//compute SHA256withRSA as a single step
Signature rsaSha256Signature = Signature.getInstance("SHA256withRSA");
rsaSha256Signature.initSign(privateKey);
rsaSha256Signature.update(s.getBytes());
byte[] signed2 = rsaSha256Signature.sign();
System.out.println("method 2: "+bytesToHex(signed2));
}
Example 3
| Source File: RevocationRefs.java From signer with GNU Lesser General Public License v3.0 | 5 votes |
|
/**
*
*
* @param extract
* CrlValidatedID from X509CRL
* @return a CrlValidatedID
* @throws NoSuchAlgorithmException
* @throws CRLException
*/
private CrlValidatedID makeCrlValidatedID(X509CRL crl)
throws NoSuchAlgorithmException, CRLException {
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
OtherHashAlgAndValue otherHashAlgAndValue = new OtherHashAlgAndValue(
new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256), new DEROctetString(digest.digest(crl.getEncoded())));
OtherHash hash = new OtherHash(otherHashAlgAndValue);
BigInteger crlnumber;
CrlIdentifier crlid;
if (crl.getExtensionValue("2.5.29.20") != null) {
ASN1Integer varASN1Integer = new ASN1Integer(crl.getExtensionValue("2.5.29.20"));
crlnumber = varASN1Integer.getPositiveValue();
crlid = new CrlIdentifier(new X500Name(crl.getIssuerX500Principal()
.getName()), new DERUTCTime(crl.getThisUpdate()), crlnumber);
} else {
crlid = new CrlIdentifier(new X500Name(crl.getIssuerX500Principal()
.getName()), new DERUTCTime(crl.getThisUpdate()));
}
CrlValidatedID crlvid = new CrlValidatedID(hash, crlid);
return crlvid;
}
Example 4
| Source File: ScepUtil.java From xipki with Apache License 2.0 | 5 votes |
|
public static ASN1ObjectIdentifier extractDigesetAlgorithmIdentifier(String sigOid,
byte[] sigParams) throws NoSuchAlgorithmException {
Args.notBlank(sigOid, "sigOid");
ASN1ObjectIdentifier algOid = new ASN1ObjectIdentifier(sigOid);
ASN1ObjectIdentifier digestAlgOid;
if (PKCSObjectIdentifiers.md5WithRSAEncryption.equals(algOid)) {
digestAlgOid = PKCSObjectIdentifiers.md5;
} else if (PKCSObjectIdentifiers.sha1WithRSAEncryption.equals(algOid)) {
digestAlgOid = X509ObjectIdentifiers.id_SHA1;
} else if (PKCSObjectIdentifiers.sha224WithRSAEncryption.equals(algOid)) {
digestAlgOid = NISTObjectIdentifiers.id_sha224;
} else if (PKCSObjectIdentifiers.sha256WithRSAEncryption.equals(algOid)) {
digestAlgOid = NISTObjectIdentifiers.id_sha256;
} else if (PKCSObjectIdentifiers.sha384WithRSAEncryption.equals(algOid)) {
digestAlgOid = NISTObjectIdentifiers.id_sha384;
} else if (PKCSObjectIdentifiers.sha512WithRSAEncryption.equals(algOid)) {
digestAlgOid = NISTObjectIdentifiers.id_sha512;
} else if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) {
RSASSAPSSparams param = RSASSAPSSparams.getInstance(sigParams);
digestAlgOid = param.getHashAlgorithm().getAlgorithm();
} else {
throw new NoSuchAlgorithmException("unknown signature algorithm" + algOid.getId());
}
return digestAlgOid;
}
Example 5
| Source File: RequestOptions.java From xipki with Apache License 2.0 | 4 votes |
|
private static AlgorithmIdentifier createAlgId(String algoName) {
algoName = algoName.toUpperCase();
ASN1ObjectIdentifier algOid = null;
if ("SHA1WITHRSA".equals(algoName)) {
algOid = PKCSObjectIdentifiers.sha1WithRSAEncryption;
} else if ("SHA256WITHRSA".equals(algoName)) {
algOid = PKCSObjectIdentifiers.sha256WithRSAEncryption;
} else if ("SHA384WITHRSA".equals(algoName)) {
algOid = PKCSObjectIdentifiers.sha384WithRSAEncryption;
} else if ("SHA512WITHRSA".equals(algoName)) {
algOid = PKCSObjectIdentifiers.sha512WithRSAEncryption;
} else if ("SHA1WITHECDSA".equals(algoName)) {
algOid = X9ObjectIdentifiers.ecdsa_with_SHA1;
} else if ("SHA256WITHECDSA".equals(algoName)) {
algOid = X9ObjectIdentifiers.ecdsa_with_SHA256;
} else if ("SHA384WITHECDSA".equals(algoName)) {
algOid = X9ObjectIdentifiers.ecdsa_with_SHA384;
} else if ("SHA512WITHECDSA".equals(algoName)) {
algOid = X9ObjectIdentifiers.ecdsa_with_SHA512;
} else if ("SHA1WITHRSAANDMGF1".equals(algoName) || "SHA256WITHRSAANDMGF1".equals(algoName)
|| "SHA384WITHRSAANDMGF1".equals(algoName) || "SHA512WITHRSAANDMGF1".equals(algoName)) {
algOid = PKCSObjectIdentifiers.id_RSASSA_PSS;
} else {
throw new IllegalStateException("Unsupported algorithm " + algoName); // should not happen
}
ASN1Encodable params;
if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) {
ASN1ObjectIdentifier digestAlgOid = null;
if ("SHA1WITHRSAANDMGF1".equals(algoName)) {
digestAlgOid = X509ObjectIdentifiers.id_SHA1;
} else if ("SHA256WITHRSAANDMGF1".equals(algoName)) {
digestAlgOid = NISTObjectIdentifiers.id_sha256;
} else if ("SHA384WITHRSAANDMGF1".equals(algoName)) {
digestAlgOid = NISTObjectIdentifiers.id_sha384;
} else { // if ("SHA512WITHRSAANDMGF1".equals(algoName))
digestAlgOid = NISTObjectIdentifiers.id_sha512;
}
params = createPSSRSAParams(digestAlgOid);
} else {
params = DERNull.INSTANCE;
}
return new AlgorithmIdentifier(algOid, params);
}
