diff options
-rw-r--r-- | crypto/src/ocsp/BasicOCSPRespGenerator.cs | 73 |
1 files changed, 34 insertions, 39 deletions
diff --git a/crypto/src/ocsp/BasicOCSPRespGenerator.cs b/crypto/src/ocsp/BasicOCSPRespGenerator.cs index 5ff4bd9cc..a7d5f3da5 100644 --- a/crypto/src/ocsp/BasicOCSPRespGenerator.cs +++ b/crypto/src/ocsp/BasicOCSPRespGenerator.cs @@ -6,11 +6,11 @@ using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Ocsp; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Security; using Org.BouncyCastle.Security.Certificates; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.X509; +using Org.BouncyCastle.Crypto.Operators; namespace Org.BouncyCastle.Ocsp { @@ -185,21 +185,12 @@ namespace Org.BouncyCastle.Ocsp } private BasicOcspResp GenerateResponse( - string signatureName, - AsymmetricKeyParameter privateKey, + ISignatureCalculator signatureCalculator, X509Certificate[] chain, - DateTime producedAt, - SecureRandom random) + DateTime producedAt) { - DerObjectIdentifier signingAlgorithm; - try - { - signingAlgorithm = OcspUtilities.GetAlgorithmOid(signatureName); - } - catch (Exception e) - { - throw new ArgumentException("unknown signing algorithm specified", e); - } + AlgorithmIdentifier signingAlgID = (AlgorithmIdentifier)signatureCalculator.AlgorithmDetails; + DerObjectIdentifier signingAlgorithm = signingAlgID.Algorithm; Asn1EncodableVector responses = new Asn1EncodableVector(); @@ -216,35 +207,19 @@ namespace Org.BouncyCastle.Ocsp } ResponseData tbsResp = new ResponseData(responderID.ToAsn1Object(), new DerGeneralizedTime(producedAt), new DerSequence(responses), responseExtensions); - - ISigner sig = null; + DerBitString bitSig = null; try { - sig = SignerUtilities.GetSigner(signatureName); + IStreamCalculator streamCalculator = signatureCalculator.CreateCalculator(); - if (random != null) - { - sig.Init(true, new ParametersWithRandom(privateKey, random)); - } - else - { - sig.Init(true, privateKey); - } - } - catch (Exception e) - { - throw new OcspException("exception creating signature: " + e, e); - } + byte[] encoded = tbsResp.GetDerEncoded(); - DerBitString bitSig = null; + streamCalculator.Stream.Write(encoded, 0, encoded.Length); - try - { - byte[] encoded = tbsResp.GetDerEncoded(); - sig.BlockUpdate(encoded, 0, encoded.Length); + streamCalculator.Stream.Close(); - bitSig = new DerBitString(sig.GenerateSignature()); + bitSig = new DerBitString(((IBlockResult)streamCalculator.GetResult()).DoFinal()); } catch (Exception e) { @@ -302,15 +277,35 @@ namespace Org.BouncyCastle.Ocsp throw new ArgumentException("no signing algorithm specified"); } - return GenerateResponse(signingAlgorithm, privateKey, chain, producedAt, random); + return GenerateResponse(new Asn1SignatureCalculator(signingAlgorithm, privateKey, random), chain, producedAt); } - /** + /// <summary> + /// Generate the signed response using the passed in signature calculator. + /// </summary> + /// <param name="signatureCalculator">Implementation of signing calculator.</param> + /// <param name="chain">The certificate chain associated with the response signer.</param> + /// <param name="producedAt">"produced at" date.</param> + /// <returns></returns> + public BasicOcspResp Generate( + ISignatureCalculator signatureCalculator, + X509Certificate[] chain, + DateTime producedAt) + { + if (signatureCalculator == null) + { + throw new ArgumentException("no signature calculator specified"); + } + + return GenerateResponse(signatureCalculator, chain, producedAt); + } + + /** * Return an IEnumerable of the signature names supported by the generator. * * @return an IEnumerable containing recognised names. */ - public IEnumerable SignatureAlgNames + public IEnumerable SignatureAlgNames { get { return OcspUtilities.AlgNames; } } |