List of usage examples for org.bouncycastle.cms CMSProcessableByteArray getContent
public Object getContent()
From source file:chapter9.CompressedDataExample.java
/** * * @param args//ww w .j av a2 s .c o m * @throws Exception */ public static void main(String[] args) throws Exception { //1.- Set up the generator CMSCompressedDataGenerator gen = new CMSCompressedDataGenerator(); //2.- Compress the data CMSProcessableByteArray data = new CMSProcessableByteArray("Hello World!!".getBytes()); CMSCompressedData compressed = gen.generate(data, CMSCompressedDataGenerator.ZLIB); System.out.println(Utils.base64Encode(compressed.getEncoded())); //3.- Re-create and uncompress the data compressed = new CMSCompressedData(compressed.getEncoded()); byte[] recData = compressed.getContent(); //4.- Compare uncompressed data to the original if (Arrays.equals((byte[]) data.getContent(), recData) == true) System.out.println("\t data recovery succeeded!!"); else System.out.println("\t Could not find a matching recipient!!"); }
From source file:com.indivica.olis.Driver.java
License:Open Source License
public static String unsignData(String data) { byte[] dataBytes = Base64.decode(data); try {//from w w w. java 2 s . c o m CMSSignedData s = new CMSSignedData(dataBytes); CertStore certs = s.getCertificatesAndCRLs("Collection", "BC"); SignerInformationStore signers = s.getSignerInfos(); @SuppressWarnings("unchecked") Collection<SignerInformation> c = signers.getSigners(); Iterator<SignerInformation> it = c.iterator(); while (it.hasNext()) { X509Certificate cert = null; SignerInformation signer = it.next(); Collection certCollection = certs.getCertificates(signer.getSID()); @SuppressWarnings("unchecked") Iterator<X509Certificate> certIt = certCollection.iterator(); cert = certIt.next(); if (!signer.verify(cert.getPublicKey(), "BC")) throw new Exception("Doesn't verify"); } CMSProcessableByteArray cpb = (CMSProcessableByteArray) s.getSignedContent(); byte[] signedContent = (byte[]) cpb.getContent(); String content = new String(signedContent); return content; } catch (Exception e) { MiscUtils.getLogger().error("error", e); } return null; }
From source file:com.infinities.keystone4j.utils.Cms.java
License:Apache License
@SuppressWarnings("rawtypes") public String verifySignature(byte[] sigbytes, String signingCertFileName, String caFileName) throws CMSException, CertificateException, OperatorCreationException, NoSuchAlgorithmException, NoSuchProviderException, CertPathBuilderException, InvalidAlgorithmParameterException, IOException, CertificateVerificationException { logger.debug("signingCertFile: {}, caFile:{}", new Object[] { signingCertFileName, caFileName }); Security.addProvider(new BouncyCastleProvider()); X509Certificate signercert = generateCertificate(signingCertFileName); X509Certificate cacert = generateCertificate(caFileName); Set<X509Certificate> additionalCerts = new HashSet<X509Certificate>(); additionalCerts.add(cacert);//from w ww . j av a 2 s . c o m CertificateVerifier.verifyCertificate(signercert, additionalCerts, true); // .validateKeyChain(signercert, // certs); if (Base64Verifier.isBase64(sigbytes)) { try { sigbytes = Base64.decode(sigbytes); logger.debug("Signature file is BASE64 encoded"); } catch (Exception ioe) { logger.warn("Problem decoding from b64", ioe); } } // sigbytes = Base64.decode(sigbytes); // --- Use Bouncy Castle provider to verify included-content CSM/PKCS#7 // signature --- ASN1InputStream in = null; try { logger.debug("sigbytes size: {}", sigbytes.length); in = new ASN1InputStream(new ByteArrayInputStream(sigbytes), Integer.MAX_VALUE); CMSSignedData s = new CMSSignedData(ContentInfo.getInstance(in.readObject())); Store store = s.getCertificates(); SignerInformationStore signers = s.getSignerInfos(); Collection c = signers.getSigners(); Iterator it = c.iterator(); int verified = 0; while (it.hasNext()) { X509Certificate cert = null; SignerInformation signer = (SignerInformation) it.next(); Collection certCollection = store.getMatches(signer.getSID()); if (certCollection.isEmpty() && signercert == null) continue; else if (signercert != null) // use a signer cert file for // verification, if it was // provided cert = signercert; else { // use the certificates included in the signature for // verification Iterator certIt = certCollection.iterator(); cert = (X509Certificate) certIt.next(); } // if (signer.verify(new // JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert))) // verified++; } if (verified == 0) { logger.warn(" No signers' signatures could be verified !"); } else if (signercert != null) logger.info("Verified a signature using signer certificate file {}", signingCertFileName); else logger.info("Verified a signature using a certificate in the signature data"); CMSProcessableByteArray cpb = (CMSProcessableByteArray) s.getSignedContent(); byte[] rawcontent = (byte[]) cpb.getContent(); return new String(rawcontent); } catch (Exception ex) { logger.error("Couldn't verify included-content CMS signature", ex); throw new RuntimeException("Couldn't verify included-content CMS signature", ex); } finally { if (in != null) { in.close(); } } }
From source file:io.aos.crypto.spl09.CompressedDataExample.java
License:Apache License
public static void main(String... args) throws Exception { // set up the generator CMSCompressedDataGenerator gen = new CMSCompressedDataGenerator(); //compress the data CMSProcessableByteArray data = new CMSProcessableByteArray("Hello world!".getBytes()); CMSCompressedData compressed = gen.generate(data, CMSCompressedDataGenerator.ZLIB); // recreate and uncompress the data compressed = new CMSCompressedData(compressed.getEncoded()); byte[] recData = compressed.getContent(); // compare uncompressed data to the original data if (Arrays.equals((byte[]) data.getContent(), recData)) { System.out.println("data recovery succeeded"); } else {//from ww w.ja v a 2 s.c o m System.out.println("data recovery failed"); } }
From source file:org.signserver.module.cmssigner.CMSSignerUnitTest.java
License:Open Source License
/** * Tests that not specifying the DETACHEDSIGNATURE property and not * saying anything in the request about detached signatures gives a * signature with the content encapsulated. * @throws java.lang.Exception//ww w. j ava 2s .com */ @Test public void testDetachedSignatureDefaultValue() throws Exception { LOG.info("testDetachedSignatureDefaultValue"); WorkerConfig config = new WorkerConfig(); CMSSigner instance = new MockedCMSSigner(tokenRSA); instance.init(1, config, new SignServerContext(), null); final byte[] data = "my-data".getBytes("ASCII"); RequestContext requestContext = new RequestContext(); requestContext.put(RequestContext.TRANSACTION_ID, "0000-100-1"); GenericSignRequest request = new GenericSignRequest(100, data); GenericSignResponse response = (GenericSignResponse) instance.processData(request, requestContext); byte[] cms = response.getProcessedData(); CMSSignedData signedData = new CMSSignedData(cms); CMSProcessableByteArray signedContent = (CMSProcessableByteArray) signedData.getSignedContent(); byte[] actualData = (byte[]) signedContent.getContent(); assertEquals(Hex.toHexString(data), Hex.toHexString(actualData)); }
From source file:org.signserver.module.cmssigner.CMSSignerUnitTest.java
License:Open Source License
/** * Tests that requesting no detached is okey if no detached is configured * even if allow override is false./*from ww w .j ava 2s . c o m*/ * @throws java.lang.Exception */ @Test public void testDetachedSignatureFalseRequestFalse() throws Exception { LOG.info("testDetachedSignatureFalseRequestFalse"); WorkerConfig config = new WorkerConfig(); config.setProperty("DETACHEDSIGNATURE", "FALSE"); config.setProperty("ALLOW_DETACHEDSIGNATURE_OVERRIDE", "FALSE"); CMSSigner instance = new MockedCMSSigner(tokenRSA); instance.init(1, config, new SignServerContext(), null); final byte[] data = "my-data".getBytes("ASCII"); RequestContext requestContext = new RequestContext(); requestContext.put(RequestContext.TRANSACTION_ID, "0000-100-1"); GenericSignRequest request = new GenericSignRequest(100, data); RequestMetadata metadata = RequestMetadata.getInstance(requestContext); metadata.put("DETACHEDSIGNATURE", "false"); GenericSignResponse response = (GenericSignResponse) instance.processData(request, requestContext); byte[] cms = response.getProcessedData(); CMSSignedData signedData = new CMSSignedData(cms); CMSProcessableByteArray signedContent = (CMSProcessableByteArray) signedData.getSignedContent(); byte[] actualData = (byte[]) signedContent.getContent(); assertEquals(Hex.toHexString(data), Hex.toHexString(actualData)); }
From source file:org.signserver.module.cmssigner.CMSSignerUnitTest.java
License:Open Source License
/** * Tests that requesting no detached is okey if allow override is true. * @throws java.lang.Exception/*from w w w .ja va2s. co m*/ */ @Test public void testDetachedSignatureTrueRequestFalse() throws Exception { LOG.info("testDetachedSignatureTrueRequestFalse"); WorkerConfig config = new WorkerConfig(); config.setProperty("DETACHEDSIGNATURE", "TRUE"); config.setProperty("ALLOW_DETACHEDSIGNATURE_OVERRIDE", "TRUE"); CMSSigner instance = new MockedCMSSigner(tokenRSA); instance.init(1, config, new SignServerContext(), null); final byte[] data = "my-data".getBytes("ASCII"); RequestContext requestContext = new RequestContext(); requestContext.put(RequestContext.TRANSACTION_ID, "0000-100-1"); GenericSignRequest request = new GenericSignRequest(100, data); RequestMetadata metadata = RequestMetadata.getInstance(requestContext); metadata.put("DETACHEDSIGNATURE", "false"); GenericSignResponse response = (GenericSignResponse) instance.processData(request, requestContext); byte[] cms = response.getProcessedData(); CMSSignedData signedData = new CMSSignedData(cms); CMSProcessableByteArray signedContent = (CMSProcessableByteArray) signedData.getSignedContent(); byte[] actualData = (byte[]) signedContent.getContent(); assertEquals(Hex.toHexString(data), Hex.toHexString(actualData)); }