List of usage examples for org.bouncycastle.cms CMSAttributeTableGenerator getAttributes
AttributeTable getAttributes(Map parameters) throws CMSAttributeTableGenerationException;
From source file:net.sf.keystore_explorer.crypto.signing.JarSigner.java
License:Open Source License
private static byte[] createSignatureBlock(byte[] toSign, PrivateKey privateKey, X509Certificate[] certificateChain, SignatureType signatureType, String tsaUrl, Provider provider) throws CryptoException { try {/*from www . ja va 2 s . c om*/ List<X509Certificate> certList = new ArrayList<X509Certificate>(); Collections.addAll(certList, certificateChain); DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().setProvider("BC") .build(); JcaContentSignerBuilder csb = new JcaContentSignerBuilder(signatureType.jce()) .setSecureRandom(SecureRandom.getInstance("SHA1PRNG")); if (provider != null) { csb.setProvider(provider); } JcaSignerInfoGeneratorBuilder siGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(digCalcProv); // remove cmsAlgorithmProtect for compatibility reasons SignerInfoGenerator sigGen = siGeneratorBuilder.build(csb.build(privateKey), certificateChain[0]); final CMSAttributeTableGenerator sAttrGen = sigGen.getSignedAttributeTableGenerator(); sigGen = new SignerInfoGenerator(sigGen, new DefaultSignedAttributeTableGenerator() { @Override public AttributeTable getAttributes(@SuppressWarnings("rawtypes") Map parameters) { AttributeTable ret = sAttrGen.getAttributes(parameters); return ret.remove(CMSAttributes.cmsAlgorithmProtect); } }, sigGen.getUnsignedAttributeTableGenerator()); CMSSignedDataGenerator dataGen = new CMSSignedDataGenerator(); dataGen.addSignerInfoGenerator(sigGen); dataGen.addCertificates(new JcaCertStore(certList)); CMSSignedData signedData = dataGen.generate(new CMSProcessableByteArray(toSign), true); // now let TSA time-stamp the signature if (tsaUrl != null && !tsaUrl.isEmpty()) { signedData = addTimestamp(tsaUrl, signedData); } return signedData.getEncoded(); } catch (Exception ex) { throw new CryptoException(res.getString("SignatureBlockCreationFailed.exception.message"), ex); } }
From source file:org.votingsystem.signature.util.PDFContentSigner.java
License:Open Source License
public CMSSignedData genSignedData(byte[] signatureHash, CMSAttributeTableGenerator unsAttr) throws Exception { CMSProcessable content = new CMSProcessableByteArray(signatureHash); ByteArrayOutputStream out = null; if (content != null) { out = new ByteArrayOutputStream(); content.write(out);// ww w . j a v a 2 s. c om out.close(); } ByteArrayInputStream bais = new ByteArrayInputStream(out.toByteArray()); MessageDigest softwareDigestEngine = MessageDigest.getInstance(signatureDigestAlg); int bytesRead; byte[] dataBuffer = new byte[4096]; while ((bytesRead = bais.read(dataBuffer)) >= 0) { softwareDigestEngine.update(dataBuffer, 0, bytesRead); } byte[] hash = softwareDigestEngine.digest(); CertStore certsAndCRLs = CertStore.getInstance(CERT_STORE_TYPE, new CollectionCertStoreParameters(Arrays.asList(signerCertChain)), ContextVS.PROVIDER); addCertificatesAndCRLs(certsAndCRLs); CMSAttributeTableGenerator sAttr = new DefaultSignedAttributeTableGenerator(); ASN1ObjectIdentifier contentTypeOID = new ASN1ObjectIdentifier(CMSSignedGenerator.DATA); Map parameters = getBaseParameters(contentTypeOID, new AlgorithmIdentifier(new DERObjectIdentifier(pdfDigestObjectIdentifier), new DERNull()), hash); AttributeTable attributeTable = sAttr.getAttributes(Collections.unmodifiableMap(parameters)); //String signatureHashStr = new String(Base64.encode(signatureHash)); JcaSimpleSignerInfoGeneratorBuilder jcaSignerInfoGeneratorBuilder = new JcaSimpleSignerInfoGeneratorBuilder(); jcaSignerInfoGeneratorBuilder = jcaSignerInfoGeneratorBuilder.setProvider(ContextVS.PROVIDER); jcaSignerInfoGeneratorBuilder.setSignedAttributeGenerator(attributeTable); jcaSignerInfoGeneratorBuilder.setUnsignedAttributeGenerator(unsAttr); SignerInfoGenerator signerInfoGenerator = jcaSignerInfoGeneratorBuilder.build(signatureMechanism, privateKey, userCert); SignerInfo signerInfo = signerInfoGenerator.generate(contentTypeOID); List<SignerInfo> signerInfoList = new ArrayList<SignerInfo>(); signerInfoList.add(signerInfo); log.info(" -- userCert: " + userCert.getSubjectDN().getName()); CMSSignedData signedData = getCMSSignedData(CMSSignedGenerator.DATA, content, true, CMSUtils.getProvider("BC"), true, signerInfoList); return signedData; }