View Javadoc
1   /*
2    * Copyright 2017 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License, version
5    * 2.0 (the "License"); you may not use this file except in compliance with the
6    * License. You may obtain a copy of the License at:
7    *
8    * https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations under
14   * the License.
15   */
16  
17  package io.netty5.example.ocsp;
18  
19  import org.bouncycastle.asn1.ASN1ObjectIdentifier;
20  import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
21  import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
22  import org.bouncycastle.cert.ocsp.OCSPReqBuilder;
23  import org.bouncycastle.crypto.Digest;
24  import org.bouncycastle.crypto.digests.SHA1Digest;
25  import org.bouncycastle.crypto.digests.SHA256Digest;
26  import org.bouncycastle.crypto.io.DigestOutputStream;
27  import org.bouncycastle.operator.DigestCalculator;
28  
29  import java.io.OutputStream;
30  
31  /**
32   * BC's {@link OCSPReqBuilder} needs a {@link DigestCalculator} but BC doesn't
33   * provide any public implementations of that interface. That's why we need to
34   * write our own. There's a default SHA-1 implementation and one for SHA-256.
35   * Which one to use will depend on the Certificate Authority (CA).
36   */
37  public final class Digester implements DigestCalculator {
38  
39      public static DigestCalculator sha1() {
40          Digest digest = new SHA1Digest();
41          AlgorithmIdentifier algId = new AlgorithmIdentifier(
42                  OIWObjectIdentifiers.idSHA1);
43  
44          return new Digester(digest, algId);
45      }
46  
47      public static DigestCalculator sha256() {
48          Digest digest = new SHA256Digest();
49  
50          // The OID for SHA-256: http://www.oid-info.com/get/2.16.840.1.101.3.4.2.1
51          ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier(
52                  "2.16.840.1.101.3.4.2.1").intern();
53          AlgorithmIdentifier algId = new AlgorithmIdentifier(oid);
54  
55          return new Digester(digest, algId);
56      }
57  
58      private final DigestOutputStream dos;
59  
60      private final AlgorithmIdentifier algId;
61  
62      private Digester(Digest digest, AlgorithmIdentifier algId) {
63          this.dos = new DigestOutputStream(digest);
64          this.algId = algId;
65      }
66  
67      @Override
68      public AlgorithmIdentifier getAlgorithmIdentifier() {
69          return algId;
70      }
71  
72      @Override
73      public OutputStream getOutputStream() {
74          return dos;
75      }
76  
77      @Override
78      public byte[] getDigest() {
79          return dos.getDigest();
80      }
81  }