List of usage examples for org.bouncycastle.cms CMSSignedData getEncoded
public byte[] getEncoded() throws IOException
From source file:com.android.sdklib.internal.build.SignedJarBuilder.java
License:Apache License
/** Write the certificate file with a digital signature. */ private void writeSignatureBlock(CMSTypedData data, X509Certificate publicKey, PrivateKey privateKey) throws IOException, CertificateEncodingException, OperatorCreationException, CMSException { ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>(); certList.add(publicKey);// w w w . j a va 2 s .c om JcaCertStore certs = new JcaCertStore(certList); CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1with" + privateKey.getAlgorithm()) .build(privateKey); gen.addSignerInfoGenerator( new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()) .setDirectSignature(true).build(sha1Signer, publicKey)); gen.addCertificates(certs); CMSSignedData sigData = gen.generate(data, false); ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded()); DEROutputStream dos = new DEROutputStream(mOutputJar); dos.writeObject(asn1.readObject()); }
From source file:com.android.signapk.SignApk.java
License:Apache License
/** Sign data and write the digital signature to 'out'. */ private static void writeSignatureBlock(CMSTypedData data, X509Certificate publicKey, PrivateKey privateKey, OutputStream out)//from w w w.ja va 2 s . c o m throws IOException, CertificateEncodingException, OperatorCreationException, CMSException { ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>(1); certList.add(publicKey); JcaCertStore certs = new JcaCertStore(certList); CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); ContentSigner signer = new JcaContentSignerBuilder(getSignatureAlgorithm(publicKey)) .setProvider(sBouncyCastleProvider).build(privateKey); gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder( new JcaDigestCalculatorProviderBuilder().setProvider(sBouncyCastleProvider).build()) .setDirectSignature(true).build(signer, publicKey)); gen.addCertificates(certs); CMSSignedData sigData = gen.generate(data, false); ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded()); DEROutputStream dos = new DEROutputStream(out); dos.writeObject(asn1.readObject()); }
From source file:com.cordova.plugin.CertPlugin.java
License:Open Source License
private String signData(String sn, String p7cert, String src) { try {//from www. ja v a 2 s. c om Log.i(TAG, "sn : " + sn); Log.i(TAG, "p7cert : " + p7cert); Log.i(TAG, "src : " + src); PrivateKey privateKey = getPrivateKeyFromSP(); X509Certificate cert = getX509CertificateFromP7cert(p7cert); ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>(); certList.add(cert); CMSSignedData sigData = getCMSSignedData(src, certList, privateKey); return Base64.encodeToString(sigData.getEncoded(), 0); } catch (Exception e) { e.printStackTrace(); } return ""; }
From source file:com.eucalyptus.crypto.Pkcs7.java
License:Open Source License
/** * Create PKCS7 signed data with the given options * * @param data The data to sign// ww w . j av a 2 s. c om * @param key The key to use for signing * @param certificate The certificate to use for signature verification * @param options Signing options * @return The signed data * @throws Exception If an error occurs */ public static byte[] sign(final byte[] data, final PrivateKey key, final X509Certificate certificate, final Set<Option> options) throws Exception { final CMSTypedData msg = new CMSProcessableByteArray(data); final ContentSigner sha1Signer = new JcaContentSignerBuilder( "SHA1with" + certificate.getPublicKey().getAlgorithm()).setProvider(PROVIDER) .setSecureRandom(Crypto.getSecureRandomSupplier().get()).build(key); final CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder( new JcaDigestCalculatorProviderBuilder().setProvider(PROVIDER).build()).build(sha1Signer, certificate)); if (options.contains(Option.IncludeCertificate)) { final Store certs = new JcaCertStore(Collections.singleton(certificate)); gen.addCertificates(certs); } final CMSSignedData sigData = gen.generate(msg, !options.contains(Option.Detached)); return sigData.getEncoded(); }
From source file:com.formkiq.core.service.generator.pdfbox.PdfEditorServiceImpl.java
License:Apache License
@Override public byte[] sign(final InputStream content) throws IOException { try {//from w ww . j av a 2 s . com KeyPair key = this.propertyStore.getKeyPair(); PrivateKey privKey = key.getPrivate(); Certificate certificate = this.propertyStore.getCertificate(key); CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); org.bouncycastle.asn1.x509.Certificate cert = org.bouncycastle.asn1.x509.Certificate .getInstance(certificate.getEncoded()); ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA256WithRSA").build(privKey); gen.addSignerInfoGenerator( new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()) .build(sha1Signer, new X509CertificateHolder(cert))); CMSProcessableByteArray msg = new CMSProcessableByteArray(IOUtils.toByteArray(content)); CMSSignedData signedData = gen.generate(msg, false); return signedData.getEncoded(); } catch (GeneralSecurityException | CMSException | OperatorCreationException e) { throw new IOException(e); } }
From source file:com.indivica.olis.Driver.java
License:Open Source License
public static String signData(String data) { X509Certificate cert = null;// ww w .j ava 2s. com PrivateKey priv = null; KeyStore keystore = null; String pwd = "Olis2011"; String result = null; try { Security.addProvider(new BouncyCastleProvider()); keystore = KeyStore.getInstance("PKCS12", "SunJSSE"); // Load the keystore keystore.load(new FileInputStream(OscarProperties.getInstance().getProperty("olis_keystore")), pwd.toCharArray()); Enumeration e = keystore.aliases(); String name = ""; if (e != null) { while (e.hasMoreElements()) { String n = (String) e.nextElement(); if (keystore.isKeyEntry(n)) { name = n; } } } // Get the private key and the certificate priv = (PrivateKey) keystore.getKey(name, pwd.toCharArray()); cert = (X509Certificate) keystore.getCertificate(name); // I'm not sure if this is necessary Certificate[] certChain = keystore.getCertificateChain(name); ArrayList<Certificate> certList = new ArrayList<Certificate>(); certList.add(cert); CertStore certs = null; certs = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), "BC"); // Encrypt data CMSSignedDataGenerator sgen = new CMSSignedDataGenerator(); // What digest algorithm i must use? SHA1? MD5? RSA?... DefaultSignedAttributeTableGenerator attributeGenerator = new DefaultSignedAttributeTableGenerator(); sgen.addSigner(priv, cert, CMSSignedDataGenerator.DIGEST_SHA1, attributeGenerator, null); // I'm not sure this is necessary sgen.addCertificatesAndCRLs(certs); // I think that the 2nd parameter need to be false (detached form) CMSSignedData csd = sgen.generate(new CMSProcessableByteArray(data.getBytes()), true, "BC"); byte[] signedData = csd.getEncoded(); byte[] signedDataB64 = Base64.encode(signedData); result = new String(signedDataB64); } catch (Exception e) { MiscUtils.getLogger().error("Can't sign HL7 message for OLIS", e); } return result; }
From source file:com.jadyounan.PKCS7Signer.java
public byte[] sign(String storeLocation, String storePasswd, byte[] dataToSign) throws Exception { KeyStore clientStore = getKeystore(storeLocation, storePasswd); if (clientStore == null) { return null; }/* w w w . ja va 2 s. c o m*/ Enumeration aliases = clientStore.aliases(); String alias = ""; while (aliases.hasMoreElements()) { alias = (String) aliases.nextElement(); if (clientStore.isKeyEntry(alias)) { break; } } CMSTypedData msg = new CMSProcessableByteArray(dataToSign); // Data to sign X509CertificateHolder x509Certificate = getCert(clientStore, alias); List certList = new ArrayList(); certList.add(x509Certificate); // Adding the X509 Certificate Store certs = new JcaCertStore(certList); CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); // Initializing the the BC's Signer ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC") .build(getPrivateKey(clientStore, alias, storePasswd)); gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder( new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(sha1Signer, x509Certificate)); // adding the certificate gen.addCertificates(certs); // Getting the signed data CMSSignedData sigData = gen.generate(msg, false); return sigData.getEncoded(); }
From source file:com.leon.utils.sign.v2.SignApk.java
License:Apache License
/** Sign data and write the digital signature to 'out'. */ private static void writeSignatureBlock(CMSTypedData data, X509Certificate publicKey, PrivateKey privateKey, int minSdkVersion, OutputStream out) throws IOException, CertificateEncodingException, OperatorCreationException, CMSException { ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>(1); certList.add(publicKey);/*from ww w . ja va 2 s . com*/ JcaCertStore certs = new JcaCertStore(certList); CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); ContentSigner signer = new JcaContentSignerBuilder(getSignatureAlgorithm(publicKey, minSdkVersion)) .build(privateKey); gen.addSignerInfoGenerator( new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()) .setDirectSignature(true).build(signer, publicKey)); gen.addCertificates(certs); CMSSignedData sigData = gen.generate(data, false); try (ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded())) { DEROutputStream dos = new DEROutputStream(out); dos.writeObject(asn1.readObject()); } }
From source file:com.miguelpazo.signature.test.SignDataTest.java
public String signDataWithPfx(String data, File certPfx, String pass, File dataSignedFile) throws Exception { KeyStore ks = KeyStore.getInstance("pkcs12"); ks.load(new FileInputStream(certPfx), pass.toCharArray()); String alias = (String) ks.aliases().nextElement(); PrivateKey key = (PrivateKey) ks.getKey(alias, pass.toCharArray()); Certificate[] chain = ks.getCertificateChain(alias); Signature signature = Signature.getInstance("SHA1WithRSA", "BC"); signature.initSign(key);/*from www . j a v a 2 s .c o m*/ // signature.update(Base64.encode(data.getBytes())); signature.update(data.getBytes()); //Build CMS X509Certificate cert = (X509Certificate) ks.getCertificate(alias); List certList = new ArrayList(); CMSTypedData msg = new CMSProcessableByteArray(signature.sign()); certList.add(cert); Store certs = new JcaCertStore(certList); CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1WithRSA").setProvider("BC").build(key); gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder( new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(sha1Signer, cert)); gen.addCertificates(certs); CMSSignedData sigData = gen.generate(msg, false); byte[] dataSigned = Base64.encode(sigData.getEncoded()); String envelopedData = new String(dataSigned); certUtil.exportToFile(envelopedData, dataSignedFile); byte[] b = (byte[]) sigData.getSignedContent().getContent(); String dataEncrypt = new String(Base64.encode(b)); System.out.println("content => " + dataEncrypt); PublicKey pubKey = cert.getPublicKey(); String dataFinal = certUtil.decryptData(pubKey, dataEncrypt); System.out.println(dataEncrypt); // System.out.println(dataFinal); return envelopedData; }
From source file:com.orange.atk.sign.apk.SignedJarBuilder.java
License:Apache License
/** Write the certificate file with a digital signature. */ private void writeSignatureBlock(CMSTypedData data, X509Certificate publicKey, PrivateKey privateKey) throws IOException, CertificateEncodingException, OperatorCreationException, CMSException { ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>(); certList.add(publicKey);/* w w w . j a va2 s . co m*/ JcaCertStore certs = new JcaCertStore(certList); CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1with" + privateKey.getAlgorithm()) .build(privateKey); gen.addSignerInfoGenerator( new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()) .setDirectSignature(true).build(sha1Signer, publicKey)); gen.addCertificates(certs); CMSSignedData sigData = gen.generate(data, false); ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded()); DEROutputStream dos = new DEROutputStream(mOutputJar); dos.writeObject(asn1.readObject()); dos.flush(); dos.close(); asn1.close(); }