List of usage examples for org.bouncycastle.cms CMSSignedData toASN1Structure
public ContentInfo toASN1Structure()
From source file:com.mycompany.mavenproject1.Signer.java
private byte[] ConvertToDER(CMSSignedData cmsSignedData) throws IOException { ByteArrayOutputStream bOut = new ByteArrayOutputStream(); DEROutputStream dOut = new DEROutputStream(bOut); dOut.writeObject(cmsSignedData.toASN1Structure().toASN1Primitive()); dOut.close();/* w w w .j a va 2s. c o m*/ return bOut.toByteArray(); }
From source file:eu.europa.ec.markt.dss.signature.cades.CadesLevelBaselineLTATimestampExtractor.java
License:Open Source License
/** * 1) The SignedData.encapContentInfo.eContentType. * * @param cmsSignedData/*from www . ja va 2 s .c o m*/ * @return */ private byte[] getEncodedContentType(CMSSignedData cmsSignedData) { ContentInfo contentInfo = cmsSignedData.toASN1Structure(); SignedData signedData = SignedData.getInstance(contentInfo.getContent()); try { return signedData.getEncapContentInfo().getContentType().getEncoded(ASN1Encoding.DER); } catch (IOException e) { throw new DSSException(e); } }
From source file:eu.europa.esig.dss.cades.signature.CadesLevelBaselineLTATimestampExtractor.java
License:Open Source License
/** * 1) The SignedData.encapContentInfo.eContentType. * * @param cmsSignedData/*w w w . ja va2 s . co m*/ * @return cmsSignedData.getSignedContentTypeOID() as DER encoded */ private byte[] getEncodedContentType(final CMSSignedData cmsSignedData) { final ContentInfo contentInfo = cmsSignedData.toASN1Structure(); final SignedData signedData = SignedData.getInstance(contentInfo.getContent()); return DSSASN1Utils.getDEREncoded(signedData.getEncapContentInfo().getContentType()); }
From source file:net.jsign.pe.CertificateTableEntry.java
License:Apache License
public void setSignature(CMSSignedData signature) throws IOException { this.signature = signature; byte[] content = signature.toASN1Structure().getEncoded("DER"); this.content = pad(content, 8); // todo not required if the entries are 8 bytes aligned, may cause an ASN1 parsing error (with BC 1.54) this.size = this.content.length + 8; this.type = CertificateType.PKCS_SIGNED_DATA.getValue(); }
From source file:net.jsign.timestamp.RFC3161Timestamper.java
License:Apache License
@Override protected AttributeTable getUnsignedAttributes(CMSSignedData token) { Attribute rfc3161CounterSignature = new Attribute(AuthenticodeObjectIdentifiers.SPC_RFC3161_OBJID, new DERSet(token.toASN1Structure())); return new AttributeTable(rfc3161CounterSignature); }
From source file:org.ejbca.batchenrollmentgui.BatchEnrollmentGUIView.java
License:Open Source License
@SuppressWarnings("unchecked") private static CMSValidationResult validateCMS(final CMSSignedData signedData, final Collection<Certificate> trustedCerts) { final CMSValidationResult result = new CMSValidationResult(); try {//from w w w . j av a 2 s. c o m final ContentInfo ci = signedData.toASN1Structure(); if (LOG.isDebugEnabled()) { LOG.debug("ci.content: " + ci.getContent() + "\n" + "signedContent: " + signedData.getSignedContent()); } final Object content = signedData.getSignedContent().getContent(); if (content instanceof byte[]) { result.setContent((byte[]) content); } Store certs = signedData.getCertificates(); SignerInformationStore signers = signedData.getSignerInfos(); for (Object o : signers.getSigners()) { if (o instanceof SignerInformation) { SignerInformation si = (SignerInformation) o; if (LOG.isDebugEnabled()) { LOG.debug("*** SIGNATURE: " + "\n" + si.getSID()); } final Collection<X509CertificateHolder> signerCerts = (Collection<X509CertificateHolder>) certs .getMatches(si.getSID()); if (LOG.isDebugEnabled()) { LOG.debug("signerCerts: " + signerCerts); } JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter(); for (X509CertificateHolder signerCert : signerCerts) { final X509Certificate signerX509Cert = jcaX509CertificateConverter .getCertificate(signerCert); // Verify the signature JcaDigestCalculatorProviderBuilder calculatorProviderBuilder = new JcaDigestCalculatorProviderBuilder() .setProvider(BouncyCastleProvider.PROVIDER_NAME); JcaSignerInfoVerifierBuilder jcaSignerInfoVerifierBuilder = new JcaSignerInfoVerifierBuilder( calculatorProviderBuilder.build()).setProvider(BouncyCastleProvider.PROVIDER_NAME); boolean consistent = si .verify(jcaSignerInfoVerifierBuilder.build(signerX509Cert.getPublicKey())); if (consistent) { if (LOG.isDebugEnabled()) { LOG.debug((consistent ? "Consistent" : "Inconsistent") + " signature from " + signerX509Cert.getSubjectDN() + " issued by " + signerX509Cert.getIssuerDN()); } result.setValidSignature(consistent); try { final List<X509Certificate> signerChain = validateChain(signerX509Cert, certs, trustedCerts); result.setValidChain(true); result.setSignerChain(signerChain); JOptionPane.showMessageDialog(null, "Found valid signature from \"" + signerX509Cert.getSubjectDN() + "\"", "Signature check", JOptionPane.INFORMATION_MESSAGE); } catch (CertPathBuilderException ex) { result.setError(ex.getMessage()); JOptionPane.showMessageDialog(null, "Error: Certificate path:\n" + ex.getMessage(), "Signature check", JOptionPane.ERROR_MESSAGE); } catch (CertPathValidatorException ex) { result.setError(ex.getMessage()); JOptionPane.showMessageDialog(null, "Error: Certificate validation:\n" + ex.getMessage(), "Signature check", JOptionPane.ERROR_MESSAGE); } catch (InvalidAlgorithmParameterException ex) { result.setError(ex.getMessage()); JOptionPane.showMessageDialog(null, ex.getMessage(), "Signature check", JOptionPane.ERROR_MESSAGE); } catch (NoSuchAlgorithmException ex) { result.setError(ex.getMessage()); JOptionPane.showMessageDialog(null, ex.getMessage(), "Signature check", JOptionPane.ERROR_MESSAGE); } catch (GeneralSecurityException e) { //Crappy catch-all, but not much to do due to underlying BC-code result.setError(e.getMessage()); JOptionPane.showMessageDialog(null, e.getMessage(), "Error: Certificate validation:\n", JOptionPane.ERROR_MESSAGE); } } else { result.setError("Inconsistent signature!"); JOptionPane.showMessageDialog(null, "Error: Inconsisten signature!", "Signature check", JOptionPane.ERROR_MESSAGE); } } } } } catch (CMSException ex) { result.setError(ex.getMessage()); LOG.error("Parsing and validating CMS", ex); } catch (OperatorCreationException ex) { result.setError(ex.getMessage()); LOG.error("Parsing and validating CMS", ex); } catch (CertificateException ex) { result.setError(ex.getMessage()); LOG.error("Parsing and validating CMS", ex); } return result; }
From source file:org.xipki.pki.ca.server.impl.scep.Scep.java
License:Open Source License
private SignedData buildSignedData(final X509Certificate cert) throws OperationException { CMSSignedDataGenerator cmsSignedDataGen = new CMSSignedDataGenerator(); try {// ww w .ja va 2 s . com X509CertificateHolder certHolder = new X509CertificateHolder(cert.getEncoded()); cmsSignedDataGen.addCertificate(certHolder); if (control.isIncludeCaCert()) { cmsSignedDataGen.addCertificate(caCert); } CMSSignedData signedData = cmsSignedDataGen.generate(new CMSAbsentContent()); return SignedData.getInstance(signedData.toASN1Structure().getContent()); } catch (CMSException | IOException | CertificateEncodingException ex) { LogUtil.error(LOG, ex); throw new OperationException(ErrorCode.SYSTEM_FAILURE, ex); } }
From source file:org.xipki.pki.ca.server.impl.scep.Scep.java
License:Open Source License
private SignedData getCrl(final X509Ca ca, final BigInteger serialNumber) throws FailInfoException, OperationException { CertificateList crl = ca.getBcCurrentCrl(); if (crl == null) { throw FailInfoException.BAD_REQUEST; }/* w ww. ja va 2 s .c om*/ CMSSignedDataGenerator cmsSignedDataGen = new CMSSignedDataGenerator(); cmsSignedDataGen.addCRL(new X509CRLHolder(crl)); CMSSignedData signedData; try { signedData = cmsSignedDataGen.generate(new CMSAbsentContent()); } catch (CMSException ex) { LogUtil.error(LOG, ex, "could not generate CMSSignedData"); throw new OperationException(ErrorCode.SYSTEM_FAILURE, ex); } return SignedData.getInstance(signedData.toASN1Structure().getContent()); }
From source file:org.xipki.pki.scep.message.PkiMessage.java
License:Open Source License
public ContentInfo encode(final ContentSigner signer, final X509Certificate signerCert, final X509Certificate[] cmsCertSet, final X509Certificate recipientCert, final ASN1ObjectIdentifier encAlgId) throws MessageEncodingException { ParamUtil.requireNonNull("signer", signer); ParamUtil.requireNonNull("signerCert", signerCert); ParamUtil.requireNonNull("recipientCert", recipientCert); ParamUtil.requireNonNull("encAlgId", encAlgId); CMSTypedData content;/* w ww .ja v a 2 s . c o m*/ if (messageData == null) { content = new CMSAbsentContent(); } else { CMSEnvelopedData envelopedData = encrypt(recipientCert, encAlgId); byte[] encoded; try { encoded = envelopedData.getEncoded(); } catch (IOException ex) { throw new MessageEncodingException(ex); } content = new CMSProcessableByteArray(CMSObjectIdentifiers.envelopedData, encoded); } try { CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); // signerInfo JcaSignerInfoGeneratorBuilder signerInfoBuilder = new JcaSignerInfoGeneratorBuilder( new BcDigestCalculatorProvider()); signerInfoBuilder .setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(getSignedAttributes())); AttributeTable attrTable = getUnsignedAttributes(); if (attrTable != null) { signerInfoBuilder.setUnsignedAttributeGenerator(new SimpleAttributeTableGenerator(attrTable)); } // certificateSet ScepUtil.addCmsCertSet(generator, cmsCertSet); SignerInfoGenerator signerInfo; try { signerInfo = signerInfoBuilder.build(signer, signerCert); } catch (Exception ex) { throw new MessageEncodingException(ex); } generator.addSignerInfoGenerator(signerInfo); CMSSignedData signedData = generator.generate(content, true); return signedData.toASN1Structure(); } catch (CMSException ex) { throw new MessageEncodingException(ex); } catch (Exception ex) { throw new MessageEncodingException(ex); } }
From source file:org.xipki.pki.scep.serveremulator.ScepResponder.java
License:Open Source License
private ContentInfo createSignedData(final CertificateList crl) throws CaException { CMSSignedDataGenerator cmsSignedDataGen = new CMSSignedDataGenerator(); cmsSignedDataGen.addCRL(new X509CRLHolder(crl)); CMSSignedData cmsSigneddata; try {/*from w ww .j a v a 2s . c o m*/ cmsSigneddata = cmsSignedDataGen.generate(new CMSAbsentContent()); } catch (CMSException ex) { throw new CaException(ex.getMessage(), ex); } return cmsSigneddata.toASN1Structure(); }