Example usage for org.bouncycastle.asn1 ASN1StreamParser ASN1StreamParser

List of usage examples for org.bouncycastle.asn1 ASN1StreamParser ASN1StreamParser

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.*
  5. ASN1StreamParser
  6. ASN1StreamParser

Introduction

In this page you can find the example usage for org.bouncycastle.asn1 ASN1StreamParser ASN1StreamParser.

Prototype

public ASN1StreamParser(byte[] encoding)

Source Link

Usage

From source file:test.unit.be.fedict.eid.applet.service.signer.CMSTest.java

License:Open Source License

/**
 * CMS signature with embedded data and external certificate. The CMS only
 * contains the original content, signature and some certificate selector.
 * /* w  w  w.  ja va  2 s. c om*/
 * @throws Exception
 */
@Test
public void testCmsSignatureWithContent() throws Exception {
    // setup
    KeyPair keyPair = PkiTestUtils.generateKeyPair();
    DateTime notBefore = new DateTime();
    DateTime notAfter = notBefore.plusMonths(1);
    X509Certificate certificate = generateSelfSignedCertificate(keyPair, "CN=Test", notBefore, notAfter);
    byte[] toBeSigned = "hello world".getBytes();

    // operate
    CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
    generator.addSigner(keyPair.getPrivate(), certificate, CMSSignedDataGenerator.DIGEST_SHA1);
    CMSProcessable content = new CMSProcessableByteArray(toBeSigned);
    CMSSignedData signedData = generator.generate(content, true, (String) null);

    byte[] cmsSignature = signedData.getEncoded();
    LOG.debug("CMS signature: " + ASN1Dump.dumpAsString(new ASN1StreamParser(cmsSignature).readObject()));

    // verify
    signedData = new CMSSignedData(cmsSignature);
    SignerInformationStore signers = signedData.getSignerInfos();
    Iterator<SignerInformation> iter = signers.getSigners().iterator();
    while (iter.hasNext()) {
        SignerInformation signer = iter.next();
        SignerId signerId = signer.getSID();
        LOG.debug("signer: " + signerId);
        assertTrue(signerId.match(certificate));
        assertTrue(signer.verify(keyPair.getPublic(), BouncyCastleProvider.PROVIDER_NAME));
    }
    byte[] data = (byte[]) signedData.getSignedContent().getContent();
    assertArrayEquals(toBeSigned, data);
    LOG.debug("content type: " + signedData.getSignedContentTypeOID());
}

From source file:test.unit.be.fedict.eid.applet.service.signer.CMSTest.java

License:Open Source License

/**
 * CMS signature with external data and embedded certificate. The CMS only
 * contains the signature, signing certificate and some certificate
 * selector./*from   w w  w.  j  a v a2s.  co m*/
 * 
 * @throws Exception
 */
@Test
public void testCmsSignatureWithCertificate() throws Exception {
    // setup
    KeyPair keyPair = PkiTestUtils.generateKeyPair();
    DateTime notBefore = new DateTime();
    DateTime notAfter = notBefore.plusMonths(1);
    X509Certificate certificate = generateSelfSignedCertificate(keyPair, "CN=Test", notBefore, notAfter);
    byte[] toBeSigned = "hello world".getBytes();

    // operate
    CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
    /*
     * addSigner requires the certificate to be able to calculate the key
     * selector.
     */
    generator.addSigner(keyPair.getPrivate(), certificate, CMSSignedDataGenerator.DIGEST_SHA1);
    List<X509Certificate> certList = new LinkedList<X509Certificate>();
    certList.add(certificate);
    CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList));
    generator.addCertificatesAndCRLs(certStore);
    CMSProcessable content = new CMSProcessableByteArray(toBeSigned);
    CMSSignedData signedData = generator.generate(content, false, (String) null);

    byte[] cmsSignature = signedData.getEncoded();
    LOG.debug("CMS signature: " + ASN1Dump.dumpAsString(new ASN1StreamParser(cmsSignature).readObject()));

    // verify
    signedData = new CMSSignedData(content, cmsSignature);
    certStore = signedData.getCertificatesAndCRLs("Collection", BouncyCastleProvider.PROVIDER_NAME);
    SignerInformationStore signers = signedData.getSignerInfos();
    Iterator<SignerInformation> iter = signers.getSigners().iterator();
    while (iter.hasNext()) {
        SignerInformation signer = iter.next();
        SignerId signerId = signer.getSID();
        LOG.debug("signer: " + signerId);
        assertTrue(signerId.match(certificate));
        assertTrue(signer.verify(keyPair.getPublic(), BouncyCastleProvider.PROVIDER_NAME));
        X509Certificate storedCert = (X509Certificate) certStore.getCertificates(signerId).iterator().next();
        assertEquals(certificate, storedCert);
    }
    LOG.debug("content type: " + signedData.getSignedContentTypeOID());
}

From source file:test.unit.be.fedict.eid.applet.service.signer.CMSTest.java

License:Open Source License

@Test
public void testRetrieveCMSDigestValue() throws Exception {
    // setup/*from   w ww  .  j  a  v  a  2  s  .  co m*/
    KeyPair keyPair = PkiTestUtils.generateKeyPair();
    DateTime notBefore = new DateTime();
    DateTime notAfter = notBefore.plusMonths(1);
    X509Certificate certificate = generateSelfSignedCertificate(keyPair, "CN=Test", notBefore, notAfter);
    byte[] toBeSigned = "hello world".getBytes();

    // operate
    CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
    generator.addSigner(keyPair.getPrivate(), certificate, CMSSignedDataGenerator.DIGEST_SHA1);
    CMSProcessable content = new CMSProcessableByteArray(toBeSigned);

    CMSTestProvider provider = new CMSTestProvider();
    generator.generate(content, false, provider);

    byte[] digestValue = SHA1WithRSASignature.getDigestValue();
    assertNotNull(digestValue);
    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPrivate());
    byte[] digestInfoValue = ArrayUtils.addAll(PkiTestUtils.SHA1_DIGEST_INFO_PREFIX, digestValue);
    byte[] signatureValue = cipher.doFinal(digestInfoValue);
    SHA1WithRSASignature.setSignatureValue(signatureValue);

    generator = new CMSSignedDataGenerator();
    generator.addSigner(keyPair.getPrivate(), certificate, CMSSignedDataGenerator.DIGEST_SHA1);
    content = new CMSProcessableByteArray(toBeSigned);
    provider = new CMSTestProvider();

    CMSSignedData signedData = generator.generate(content, false, provider);

    byte[] cmsSignature = signedData.getEncoded();
    LOG.debug("CMS signature: " + ASN1Dump.dumpAsString(new ASN1StreamParser(cmsSignature).readObject()));

    // verify
    content = new CMSProcessableByteArray(toBeSigned);
    signedData = new CMSSignedData(content, cmsSignature);
    SignerInformationStore signers = signedData.getSignerInfos();
    Iterator<SignerInformation> iter = signers.getSigners().iterator();
    while (iter.hasNext()) {
        SignerInformation signer = iter.next();
        SignerId signerId = signer.getSID();
        LOG.debug("signer: " + signerId);
        assertTrue(signerId.match(certificate));
        assertTrue(signer.verify(keyPair.getPublic(), BouncyCastleProvider.PROVIDER_NAME));
    }
    LOG.debug("content type: " + signedData.getSignedContentTypeOID());
}