private byte[] wrapInOctetString(byte[] extensionValue) throws IOException { return new DEROctetString(extensionValue).getEncoded(ASN1Encoding.DER); }
protected byte[] engineSign() throws SignatureException { byte[] hash = new byte[digest.getDigestSize()]; digest.doFinal(hash, 0); try { BigInteger[] sig = signer.generateSignature(hash); byte[] r = sig[0].toByteArray(); byte[] s = sig[1].toByteArray(); byte[] sigBytes = new byte[(r.length > s.length ? r.length * 2 : s.length * 2)]; System.arraycopy(s, 0, sigBytes, (sigBytes.length / 2) - s.length, s.length); System.arraycopy(r, 0, sigBytes, sigBytes.length - r.length, r.length); return new DEROctetString(sigBytes).getEncoded(); } catch (Exception e) { throw new SignatureException(e.toString()); } }
protected byte[] engineGetEncoded( String format) throws IOException { if (isASN1FormatString(format)) { return new DEROctetString(engineGetEncoded("RAW")).getEncoded(); } if (format.equals("RAW")) { return Arrays.clone(iv); } return null; }
encodedEcPoint = new DEROctetString(ecPoint).getEncoded(); } catch (IOException ex) { throw new P11TokenException("could not ASN.1 encode the ECPoint");
encodedEcPoint = new DEROctetString(ecPoint).getEncoded(); } catch (IOException ex) { throw new P11TokenException("could not ASN.1 encode the ECPoint");
protected byte[] engineSign() throws SignatureException { byte[] signature = ASN1OctetString.getInstance(super.engineSign()).getOctets(); reverseBytes(signature); try { return (new DEROctetString(signature)).getEncoded(); } catch (Exception e) { throw new SignatureException(e.toString()); } }
values.add(new X509Extension(false, new DEROctetString(new DEROctetString(PdfEncryption.createDocumentId()).getEncoded())));
values.add(new X509Extension(false, new DEROctetString(new DEROctetString(PdfEncryption.createDocumentId()).getEncoded())));
SecureRandom secureRandom = new SecureRandom(); secureRandom.nextBytes(nonce); DEROctetString encodedNonceValue = new DEROctetString(new DEROctetString(nonce).getEncoded()); Extension extension = new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, encodedNonceValue); Extensions extensions = new Extensions(extension);
return super.engineVerify((new DEROctetString(bytes)).getEncoded());
if (authorityKeyIdentifier != null) selector.setSubjectKeyIdentifier(new DEROctetString(authorityKeyIdentifier).getEncoded());
if (authorityKeyIdentifier != null) selector.setSubjectKeyIdentifier(new DEROctetString(authorityKeyIdentifier).getEncoded());
private byte[] buildOCSPRequest(final CertificateID certId, BigInteger nonce) throws DSSException { try { final OCSPReqBuilder ocspReqBuilder = new OCSPReqBuilder(); ocspReqBuilder.addRequest(certId); /* * The nonce extension is used to bind a request to a response to prevent replay attacks. * RFC 6960 (OCSP) section 4.1.2 such extensions SHOULD NOT be flagged as critical */ if (nonce != null) { DEROctetString encodedNonceValue = new DEROctetString(new DEROctetString(nonce.toByteArray()).getEncoded()); Extension extension = new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, encodedNonceValue); Extensions extensions = new Extensions(extension); ocspReqBuilder.setRequestExtensions(extensions); } final OCSPReq ocspReq = ocspReqBuilder.build(); final byte[] ocspReqData = ocspReq.getEncoded(); return ocspReqData; } catch (OCSPException | IOException e) { throw new DSSException("Cannot build OCSP Request", e); } }
if (keyID != null) certSelectX509.setSubjectKeyIdentifier(new DEROctetString(keyID).getEncoded());
static OCSPReq generateOcspRequestWithNonce(CertificateID id) throws IOException, OCSPException { OCSPReqBuilder gen = new OCSPReqBuilder(); gen.addRequest(id); Extension ext = new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, new DEROctetString(new DEROctetString(PdfEncryption.generateNewDocumentId()).getEncoded())); gen.setRequestExtensions(new Extensions(new Extension[]{ext})); return gen.build(); }
static OCSPReq generateOcspRequestWithNonce(CertificateID id) throws IOException, OCSPException { OCSPReqBuilder gen = new OCSPReqBuilder(); gen.addRequest(id); Extension ext = new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, new DEROctetString(new DEROctetString(PdfEncryption.generateNewDocumentId()).getEncoded())); gen.setRequestExtensions(new Extensions(new Extension[]{ext})); return gen.build(); }
/** * Generates an OCSP request using BouncyCastle. * * @param issuerCert certificate of the issues * @param serialNumber serial number * @return an OCSP request * @throws OCSPException * @throws IOException */ private static OCSPReq generateOCSPRequest(X509Certificate issuerCert, BigInteger serialNumber) throws OCSPException, IOException, OperatorException, CertificateEncodingException { //Add provider BC Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); // Generate the id for the certificate we are looking for CertificateID id = new CertificateID( new JcaDigestCalculatorProviderBuilder().build().get(CertificateID.HASH_SHA1), new JcaX509CertificateHolder(issuerCert), serialNumber); // basic request generation with nonce OCSPReqBuilder gen = new OCSPReqBuilder(); gen.addRequest(id); Extension ext = new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, new DEROctetString(new DEROctetString(PdfEncryption.createDocumentId()).getEncoded())); gen.setRequestExtensions(new Extensions(new Extension[]{ext})); return gen.build(); }
byte[] newExtensionValueOctet = new DEROctetString(newExtensionValue).getEncoded(ASN1Encoding.DER);
extensionValueOctet = new DEROctetString(extensionValue).getEncoded(ASN1Encoding.DER); } catch (IOException e) { return;