List of usage examples for org.bouncycastle.cms CMSProcessableByteArray CMSProcessableByteArray
public CMSProcessableByteArray(ASN1ObjectIdentifier type, byte[] bytes)
From source file:net.jsign.asn1.authenticode.AuthenticodeSignedDataGenerator.java
License:Apache License
public CMSSignedData generate(ASN1ObjectIdentifier contentTypeOID, ASN1Encodable content) throws CMSException, IOException { digests.clear();// w ww . ja v a2s .com SignerInfo signerInfo; if (!_signers.isEmpty()) { signerInfo = ((SignerInformation) _signers.get(0)).toASN1Structure(); } else { SignerInfoGenerator signerInfoGenerator = (SignerInfoGenerator) signerGens.get(0); byte[] signedContent = content.toASN1Primitive().getEncoded("DER"); OutputStream out = signerInfoGenerator.getCalculatingOutputStream(); out.write(signedContent, 2, signedContent.length - 2); // skip the first 2 bytes as specified out.flush(); out.close(); signerInfo = signerInfoGenerator.generate(contentTypeOID); byte[] calculatedDigest = signerInfoGenerator.getCalculatedDigest(); digests.put(signerInfoGenerator.getDigestAlgorithm().getAlgorithm().getId(), calculatedDigest); } ContentInfo encInfo = new ContentInfo(contentTypeOID, content); ASN1Set certificates = new DERSet((ASN1Encodable[]) certs.toArray(new ASN1Encodable[0])); ASN1Encodable signedData = new AuthenticodeSignedData(signerInfo.getDigestAlgorithm(), encInfo, certificates, signerInfo); ContentInfo contentInfo = new ContentInfo(CMSObjectIdentifiers.signedData, signedData); return new CMSSignedData( new CMSProcessableByteArray(contentTypeOID, content.toASN1Primitive().getEncoded("DER")), contentInfo); }
From source file:net.ripe.rpki.commons.crypto.cms.RpkiSignedObjectBuilder.java
License:BSD License
private byte[] doGenerate(X509Certificate signingCertificate, PrivateKey privateKey, String signatureProvider, ASN1ObjectIdentifier contentTypeOid, ASN1Encodable encodableContent) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, CertStoreException, CMSException, NoSuchProviderException, IOException, CertificateEncodingException, OperatorCreationException { byte[] subjectKeyIdentifier = X509CertificateUtil.getSubjectKeyIdentifier(signingCertificate); Validate.notNull(subjectKeyIdentifier, "certificate must contain SubjectKeyIdentifier extension"); CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); addSignerInfo(generator, privateKey, signatureProvider, signingCertificate); generator.addCertificates(new JcaCertStore(Collections.singleton(signingCertificate))); byte[] content = Asn1Util.encode(encodableContent); CMSSignedData data = generator.generate(new CMSProcessableByteArray(contentTypeOid, content), true); return data.getEncoded(); }
From source file:net.ripe.rpki.commons.provisioning.cms.ProvisioningCmsObjectBuilder.java
License:BSD License
private byte[] doGenerate(PrivateKey privateKey) throws CMSException, IOException, CertificateEncodingException, CRLException, OperatorCreationException { CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); addCertificateAndCrl(generator);/*w w w . j a va2s . com*/ addSignerInfo(generator, privateKey); CMSSignedData data = generator.generate( new CMSProcessableByteArray(CONTENT_TYPE, payloadContent.getBytes(Charset.forName("UTF-8"))), true); return data.getEncoded(); }
From source file:org.apache.kerby.pkix.SignedDataEngine.java
License:Apache License
static byte[] getSignedData(PrivateKey privateKey, X509Certificate certificate, byte[] dataToSign, String eContentType)//from ww w .j av a 2 s.c o m throws IOException, OperatorCreationException, CertificateEncodingException, CMSException { if (Security.getProvider("BC") == null) { Security.addProvider(new BouncyCastleProvider()); } List certList = new ArrayList(); certList.add(certificate); Store certs = new JcaCertStore(certList); CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC").build("SHA1withRSA", privateKey, certificate)); gen.addCertificates(certs); ASN1ObjectIdentifier asn1ObjectIdentifier = new ASN1ObjectIdentifier(eContentType); CMSTypedData msg = new CMSProcessableByteArray(asn1ObjectIdentifier, dataToSign); CMSSignedData s = gen.generate(msg, true); return s.getEncoded(); }
From source file:org.xipki.pki.scep.message.NextCaMessage.java
License:Open Source License
public ContentInfo encode(final PrivateKey signingKey, final X509Certificate signerCert, final X509Certificate[] cmsCertSet) throws MessageEncodingException { ParamUtil.requireNonNull("signingKey", signingKey); ParamUtil.requireNonNull("signerCert", signerCert); try {// w ww . j a va 2 s. c o m byte[] degenratedSignedDataBytes; try { CMSSignedDataGenerator degenerateSignedData = new CMSSignedDataGenerator(); degenerateSignedData.addCertificate(new X509CertificateHolder(caCert.getEncoded())); if (raCerts != null && !raCerts.isEmpty()) { for (X509Certificate m : raCerts) { degenerateSignedData.addCertificate(new X509CertificateHolder(m.getEncoded())); } } degenratedSignedDataBytes = degenerateSignedData.generate(new CMSAbsentContent()).getEncoded(); } catch (CertificateEncodingException ex) { throw new MessageEncodingException(ex.getMessage(), ex); } CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); // I don't known which hash algorithm is supported by the client, use SHA-1 String signatureAlgo = getSignatureAlgorithm(signingKey, ScepHashAlgoType.SHA1); ContentSigner signer = new JcaContentSignerBuilder(signatureAlgo).build(signingKey); // signerInfo JcaSignerInfoGeneratorBuilder signerInfoBuilder = new JcaSignerInfoGeneratorBuilder( new BcDigestCalculatorProvider()); signerInfoBuilder.setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator()); SignerInfoGenerator signerInfo = signerInfoBuilder.build(signer, signerCert); generator.addSignerInfoGenerator(signerInfo); CMSTypedData cmsContent = new CMSProcessableByteArray(CMSObjectIdentifiers.signedData, degenratedSignedDataBytes); // certificateSet ScepUtil.addCmsCertSet(generator, cmsCertSet); return generator.generate(cmsContent, true).toASN1Structure(); } catch (CMSException ex) { throw new MessageEncodingException(ex); } catch (CertificateEncodingException ex) { throw new MessageEncodingException(ex); } catch (IOException ex) { throw new MessageEncodingException(ex); } catch (OperatorCreationException ex) { throw new MessageEncodingException(ex); } }
From source file:org.xipki.pki.scep.message.PkiMessage.java
License:Open Source License
public ContentInfo encode(final ContentSigner signer, final X509Certificate signerCert, final X509Certificate[] cmsCertSet, final X509Certificate recipientCert, final ASN1ObjectIdentifier encAlgId) throws MessageEncodingException { ParamUtil.requireNonNull("signer", signer); ParamUtil.requireNonNull("signerCert", signerCert); ParamUtil.requireNonNull("recipientCert", recipientCert); ParamUtil.requireNonNull("encAlgId", encAlgId); CMSTypedData content;//from www. ja va2 s . c om if (messageData == null) { content = new CMSAbsentContent(); } else { CMSEnvelopedData envelopedData = encrypt(recipientCert, encAlgId); byte[] encoded; try { encoded = envelopedData.getEncoded(); } catch (IOException ex) { throw new MessageEncodingException(ex); } content = new CMSProcessableByteArray(CMSObjectIdentifiers.envelopedData, encoded); } try { CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); // signerInfo JcaSignerInfoGeneratorBuilder signerInfoBuilder = new JcaSignerInfoGeneratorBuilder( new BcDigestCalculatorProvider()); signerInfoBuilder .setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(getSignedAttributes())); AttributeTable attrTable = getUnsignedAttributes(); if (attrTable != null) { signerInfoBuilder.setUnsignedAttributeGenerator(new SimpleAttributeTableGenerator(attrTable)); } // certificateSet ScepUtil.addCmsCertSet(generator, cmsCertSet); SignerInfoGenerator signerInfo; try { signerInfo = signerInfoBuilder.build(signer, signerCert); } catch (Exception ex) { throw new MessageEncodingException(ex); } generator.addSignerInfoGenerator(signerInfo); CMSSignedData signedData = generator.generate(content, true); return signedData.toASN1Structure(); } catch (CMSException ex) { throw new MessageEncodingException(ex); } catch (Exception ex) { throw new MessageEncodingException(ex); } }