summary refs log tree commit diff
path: root/crypto/src/ocsp/BasicOCSPRespGenerator.cs
diff options
context:
space:
mode:
authorDavid Hook <dgh@bouncycastle.org>2015-10-18 18:09:00 +1100
committerDavid Hook <dgh@bouncycastle.org>2015-10-18 18:09:00 +1100
commitfded4c6c754034cc28b012bea9b3f06c7f074133 (patch)
tree32669c207f846e68a50febf9cb83aeacb8adebfb /crypto/src/ocsp/BasicOCSPRespGenerator.cs
parenthttp://www.bouncycastle.org/jira/browse/BMA-113 (diff)
downloadBouncyCastle.NET-ed25519-fded4c6c754034cc28b012bea9b3f06c7f074133.tar.xz
BMA-132 added support for ISignatureCalculator interface
Diffstat (limited to 'crypto/src/ocsp/BasicOCSPRespGenerator.cs')
-rw-r--r--crypto/src/ocsp/BasicOCSPRespGenerator.cs73
1 files changed, 34 insertions, 39 deletions
diff --git a/crypto/src/ocsp/BasicOCSPRespGenerator.cs b/crypto/src/ocsp/BasicOCSPRespGenerator.cs
index 5ff4bd9cc..a7d5f3da5 100644
--- a/crypto/src/ocsp/BasicOCSPRespGenerator.cs
+++ b/crypto/src/ocsp/BasicOCSPRespGenerator.cs
@@ -6,11 +6,11 @@ using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Ocsp;
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Security.Certificates;
 using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.X509;
+using Org.BouncyCastle.Crypto.Operators;
 
 namespace Org.BouncyCastle.Ocsp
 {
@@ -185,21 +185,12 @@ namespace Org.BouncyCastle.Ocsp
 		}
 
 		private BasicOcspResp GenerateResponse(
-			string					signatureName,
-			AsymmetricKeyParameter	privateKey,
+			ISignatureCalculator    signatureCalculator,
 			X509Certificate[]		chain,
-			DateTime				producedAt,
-			SecureRandom			random)
+			DateTime				producedAt)
 		{
-			DerObjectIdentifier signingAlgorithm;
-			try
-			{
-				signingAlgorithm = OcspUtilities.GetAlgorithmOid(signatureName);
-			}
-			catch (Exception e)
-			{
-				throw new ArgumentException("unknown signing algorithm specified", e);
-			}
+            AlgorithmIdentifier signingAlgID = (AlgorithmIdentifier)signatureCalculator.AlgorithmDetails;
+            DerObjectIdentifier signingAlgorithm = signingAlgID.Algorithm;
 
 			Asn1EncodableVector responses = new Asn1EncodableVector();
 
@@ -216,35 +207,19 @@ namespace Org.BouncyCastle.Ocsp
 			}
 
 			ResponseData tbsResp = new ResponseData(responderID.ToAsn1Object(), new DerGeneralizedTime(producedAt), new DerSequence(responses), responseExtensions);
-
-			ISigner sig = null;
+			DerBitString bitSig = null;
 
 			try
 			{
-				sig = SignerUtilities.GetSigner(signatureName);
+                IStreamCalculator streamCalculator = signatureCalculator.CreateCalculator();
 
-				if (random != null)
-				{
-					sig.Init(true, new ParametersWithRandom(privateKey, random));
-				}
-				else
-				{
-					sig.Init(true, privateKey);
-				}
-			}
-			catch (Exception e)
-			{
-				throw new OcspException("exception creating signature: " + e, e);
-			}
+				byte[] encoded = tbsResp.GetDerEncoded();
 
-			DerBitString bitSig = null;
+                streamCalculator.Stream.Write(encoded, 0, encoded.Length);
 
-			try
-			{
-				byte[] encoded = tbsResp.GetDerEncoded();
-				sig.BlockUpdate(encoded, 0, encoded.Length);
+                streamCalculator.Stream.Close();
 
-				bitSig = new DerBitString(sig.GenerateSignature());
+                bitSig = new DerBitString(((IBlockResult)streamCalculator.GetResult()).DoFinal());
 			}
 			catch (Exception e)
 			{
@@ -302,15 +277,35 @@ namespace Org.BouncyCastle.Ocsp
 				throw new ArgumentException("no signing algorithm specified");
 			}
 
-			return GenerateResponse(signingAlgorithm, privateKey, chain, producedAt, random);
+			return GenerateResponse(new Asn1SignatureCalculator(signingAlgorithm, privateKey, random), chain, producedAt);
 		}
 
-		/**
+        /// <summary>
+        /// Generate the signed response using the passed in signature calculator.
+        /// </summary>
+        /// <param name="signatureCalculator">Implementation of signing calculator.</param>
+        /// <param name="chain">The certificate chain associated with the response signer.</param>
+        /// <param name="producedAt">"produced at" date.</param>
+        /// <returns></returns>
+        public BasicOcspResp Generate(
+            ISignatureCalculator signatureCalculator,
+            X509Certificate[] chain,
+            DateTime producedAt)
+        {
+            if (signatureCalculator == null)
+            {
+                throw new ArgumentException("no signature calculator specified");
+            }
+
+            return GenerateResponse(signatureCalculator, chain, producedAt);
+        }
+
+        /**
 		 * Return an IEnumerable of the signature names supported by the generator.
 		 *
 		 * @return an IEnumerable containing recognised names.
 		 */
-		public IEnumerable SignatureAlgNames
+        public IEnumerable SignatureAlgNames
 		{
 			get { return OcspUtilities.AlgNames; }
 		}