pdfbox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From til...@apache.org
Subject svn commit: r1847956 - /pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java
Date Sun, 02 Dec 2018 10:56:46 GMT
Author: tilman
Date: Sun Dec  2 10:56:46 2018
New Revision: 1847956

URL: http://svn.apache.org/viewvc?rev=1847956&view=rev
Log:
PDFBOX-3017: simplify code + move comment to correct position

Modified:
    pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java

Modified: pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java?rev=1847956&r1=1847955&r2=1847956&view=diff
==============================================================================
--- pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java
(original)
+++ pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java
Sun Dec  2 10:56:46 2018
@@ -234,17 +234,6 @@ public class OcspHelper
 
     private byte[] getKeyHashFromCertHolder(X509CertificateHolder certHolder) throws IOException
     {
-        SHA1DigestCalculator digCalc = new SHA1DigestCalculator();
-        SubjectPublicKeyInfo info = certHolder.getSubjectPublicKeyInfo();
-        OutputStream dgOut = digCalc.getOutputStream();
-        dgOut.write(info.getPublicKeyData().getBytes());
-        dgOut.close();
-        return digCalc.getDigest();
-    }
-
-    private void findResponderCertificateByKeyHash(BasicOCSPResp basicResponse, byte[] keyHash)
-            throws IOException
-    {
         // https://tools.ietf.org/html/rfc2560#section-4.2.1
         // KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key
         //         -- (i.e., the SHA-1 hash of the value of the
@@ -254,6 +243,21 @@ public class OcspHelper
 
         // code below inspired by org.bouncycastle.cert.ocsp.CertificateID.createCertID()
         // tested with SO52757037-Signed3-OCSP-with-KeyHash.pdf
+        SubjectPublicKeyInfo info = certHolder.getSubjectPublicKeyInfo();
+        try
+        {
+            return MessageDigest.getInstance("SHA-1").digest(info.getPublicKeyData().getBytes());
+        }
+        catch (NoSuchAlgorithmException ex)
+        {
+            // should not happen
+            return null;
+        }
+    }
+
+    private void findResponderCertificateByKeyHash(BasicOCSPResp basicResponse, byte[] keyHash)
+            throws IOException
+    {
         X509CertificateHolder[] certHolders = basicResponse.getCerts();
         for (X509CertificateHolder certHolder : certHolders)
         {
@@ -262,7 +266,7 @@ public class OcspHelper
             {
                 try
                 {
-                    ocspResponderCertificate = certificateConverter.getCertificate(certHolder);
           
+                    ocspResponderCertificate = certificateConverter.getCertificate(certHolder);
                 }
                 catch (CertificateException ex)
                 {



Mime
View raw message