public static Extension getInstance(Object obj) { if (obj instanceof Extension) { return (Extension)obj; } else if (obj != null) { return new Extension(ASN1Sequence.getInstance(obj)); } return null; }
/** * Add an extension with the given oid and the passed in byte array to be wrapped in the * OCTET STRING associated with the extension. * * @param oid OID for the extension. * @param critical true if critical, false otherwise. * @param value the byte array to be wrapped. */ public void addExtension( ASN1ObjectIdentifier oid, boolean critical, byte[] value) { if (extensions.containsKey(oid)) { throw new IllegalArgumentException("extension " + oid + " already added"); } extOrdering.addElement(oid); extensions.put(oid, new Extension(oid, critical, new DEROctetString(value))); }
/** * Add an extension with the given oid and the passed in byte array to be wrapped in the * OCTET STRING associated with the extension. * * @param oid OID for the extension. * @param critical true if critical, false otherwise. * @param value the byte array to be wrapped. */ public void addExtension( ASN1ObjectIdentifier oid, boolean critical, byte[] value) { if (extensions.containsKey(oid)) { throw new IllegalArgumentException("extension " + oid + " already added"); } extOrdering.addElement(oid); extensions.put(oid, new Extension(oid, critical, new DEROctetString(value))); }
/** * Constructor from ASN1Sequence. * * the extensions are a list of constructed sequences, either with (OID, OctetString) or (OID, Boolean, OctetString) */ private Extensions( ASN1Sequence seq) { Enumeration e = seq.getObjects(); while (e.hasMoreElements()) { ASN1Sequence s = ASN1Sequence.getInstance(e.nextElement()); if (s.size() == 3) { extensions.put(s.getObjectAt(0), new Extension(ASN1ObjectIdentifier.getInstance(s.getObjectAt(0)), ASN1Boolean.getInstance(s.getObjectAt(1)), ASN1OctetString.getInstance(s.getObjectAt(2)))); } else if (s.size() == 2) { extensions.put(s.getObjectAt(0), new Extension(ASN1ObjectIdentifier.getInstance(s.getObjectAt(0)), false, ASN1OctetString.getInstance(s.getObjectAt(1)))); } else { throw new IllegalArgumentException("Bad sequence size: " + s.size()); } ordering.addElement(s.getObjectAt(0)); } }
/** * Generates an OCSP request using BouncyCastle. * * @param issuerCert certificate of the issues * @param serialNumber serial number * @return an OCSP request * @throws OCSPException * @throws IOException */ private static OCSPReq generateOCSPRequest(X509Certificate issuerCert, BigInteger serialNumber) throws OCSPException, IOException, OperatorException, CertificateEncodingException { //Add provider BC Security.addProvider(new org.spongycastle.jce.provider.BouncyCastleProvider()); // Generate the id for the certificate we are looking for CertificateID id = new CertificateID( new JcaDigestCalculatorProviderBuilder().build().get(CertificateID.HASH_SHA1), new JcaX509CertificateHolder(issuerCert), serialNumber); // basic request generation with nonce OCSPReqBuilder gen = new OCSPReqBuilder(); gen.addRequest(id); Extension ext = new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, new DEROctetString(new DEROctetString(PdfEncryption.createDocumentId()).getEncoded())); gen.setRequestExtensions(new Extensions(new Extension[]{ext})); return gen.build(); }