List of usage examples for org.bouncycastle.cms CMSSignedDataParser CMSSignedDataParser
public CMSSignedDataParser(DigestCalculatorProvider digestCalculatorProvider, InputStream sigData) throws CMSException
From source file:com.gc.iotools.fmt.decoders.Pkcs7Decoder.java
License:BSD License
/** * {@inheritDoc}/*from w w w. j a va 2 s . co m*/ */ @Override public InputStream decode(final InputStream istream) throws IOException { CMSSignedDataParser sdp; try { sdp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(), istream); } catch (final CMSException e) { final IOException e1 = new IOException("Error parsing PKCS7 content"); e1.initCause(e); throw e1; } catch (OperatorCreationException e) { final IOException e1 = new IOException("Error initializing PKCS7 decoder."); e1.initCause(e); throw e1; } final CMSTypedStream ts = sdp.getSignedContent(); return ts.getContentStream(); }
From source file:com.wewebu.ow.server.util.jar.OwJarVerifier.java
License:Open Source License
/** * Get Signature Certificates// w ww . j a v a 2 s . c om * @return {@link X509Certificate}[] * @throws IOException * @throws CMSException */ @SuppressWarnings("rawtypes") public X509CertificateHolder[] getSignatureCertificates() throws IOException, CMSException { JarEntry signatureBlockEntry = getSignatureBlockEntry(); if (null != signatureBlockEntry) { InputStream inputStream = null; try { inputStream = jarFile.getInputStream(signatureBlockEntry); CMSSignedDataParser sp = new CMSSignedDataParser(new BcDigestCalculatorProvider(), new BufferedInputStream(inputStream, 1024)); Store certStore = sp.getCertificates(); SignerInformationStore signers = sp.getSignerInfos(); Collection c = signers.getSigners(); Iterator it = c.iterator(); List<X509CertificateHolder> certificates = new ArrayList<X509CertificateHolder>(); while (it.hasNext()) { SignerInformation signer = (SignerInformation) it.next(); Collection certCollection = certStore.getMatches(signer.getSID()); Iterator certIt = certCollection.iterator(); X509CertificateHolder cert = (X509CertificateHolder) certIt.next(); certificates.add(cert); } return certificates.toArray(new X509CertificateHolder[certificates.size()]); } finally { if (inputStream != null) { try { inputStream.close(); } catch (IOException ex) { } } inputStream = null; } } return new X509CertificateHolder[] {}; }
From source file:de.mendelson.util.security.BCCryptoHelper.java
/** * Returns the digest OID algorithm from a signature. The return value * for sha1 is e.g. "1.3.14.3.2.26"./*from ww w . j a va 2 s . c om*/ */ public String getDigestAlgOIDFromSignature(InputStream signed, Certificate cert) throws Exception { CMSSignedDataParser parser = new CMSSignedDataParser( new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(), signed); parser.getSignedContent().drain(); SignerInformationStore signers = parser.getSignerInfos(); Collection signerCollection = signers.getSigners(); Iterator it = signerCollection.iterator(); boolean verified = false; X509CertificateHolder certHolder = new X509CertificateHolder(cert.getEncoded()); SignerInformationVerifier verifier = new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC") .build(certHolder); while (it.hasNext()) { SignerInformation signerInformation = (SignerInformation) it.next(); if (!verified) { verified = signerInformation.verify(verifier); if (verified) { return (signerInformation.getDigestAlgOID()); } } } throw new GeneralSecurityException("getDigestAlgOIDFromSignature: Unable to identify signature algorithm."); }
From source file:de.mendelson.util.security.BCCryptoHelper.java
public boolean verifySignatureCMS(InputStream signed, Certificate cert) throws Exception { CMSSignedDataParser parser = new CMSSignedDataParser( new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(), signed); parser.getSignedContent().drain();/*ww w .jav a 2s . c o m*/ SignerInformationStore signers = parser.getSignerInfos(); Collection signerCollection = signers.getSigners(); Iterator it = signerCollection.iterator(); boolean verified = false; X509CertificateHolder certHolder = new X509CertificateHolder(cert.getEncoded()); SignerInformationVerifier verifier = new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC") .build(certHolder); while (it.hasNext()) { SignerInformation signerInformation = (SignerInformation) it.next(); if (!verified) { verified = signerInformation.verify(verifier); } if (verified) { break; } } return (verified); }
From source file:de.mendelson.util.security.BCCryptoHelper.java
public void removeSignatureCMS(InputStream signed, OutputStream unsigned, Certificate cert) throws Exception { CMSSignedDataParser parser = new CMSSignedDataParser( new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(), signed); InputStream signedContent = parser.getSignedContent().getContentStream(); this.copyStreams(signedContent, unsigned); unsigned.flush();/*from w ww.ja v a2 s .c o m*/ }
From source file:edu.vt.alerts.android.library.tasks.RegistrationTask.java
License:Apache License
private Collection<?> extractCerts(byte[] contents) throws Exception { JcaDigestCalculatorProviderBuilder builder = new JcaDigestCalculatorProviderBuilder(); builder.setProvider(CSR_SIGNER_PROVIDER); DigestCalculatorProvider provider = builder.build(); CMSSignedDataParser parser = new CMSSignedDataParser(provider, contents); Store store = parser.getCertificates(); return store.getMatches(certSelector); }
From source file:eu.europa.ec.markt.dss.validation.cades.CAdESSignature.java
License:Open Source License
@Override public boolean checkIntegrity(Document detachedDocument) { JcaSimpleSignerInfoVerifierBuilder verifier = new JcaSimpleSignerInfoVerifierBuilder(); try {//from w ww . j a va2s. co m boolean ret = false; SignerInformation si = null; if (detachedDocument != null) { // Recreate a SignerInformation with the content using a CMSSignedDataParser CMSSignedDataParser sp = new CMSSignedDataParser(new CMSTypedStream(detachedDocument.openStream()), cmsSignedData.getEncoded()); sp.getSignedContent().drain(); si = sp.getSignerInfos().get(signerInformation.getSID()); } else { si = this.signerInformation; } ret = si.verify(verifier.build(getSigningCertificate())); return ret; } catch (OperatorCreationException e) { return false; } catch (CMSException e) { return false; } catch (IOException e) { return false; } }
From source file:net.ripe.rpki.commons.crypto.cms.RpkiSignedObjectParser.java
License:BSD License
private void parseCms() { CMSSignedDataParser sp;//from w w w . j a va2 s .com try { sp = new CMSSignedDataParser(BouncyCastleUtil.DIGEST_CALCULATOR_PROVIDER, encoded); } catch (CMSException e) { validationResult.rejectIfFalse(false, CMS_DATA_PARSING); return; } validationResult.rejectIfFalse(true, CMS_DATA_PARSING); if (!validationResult.hasFailures()) { parseContent(sp); } if (!validationResult.hasFailures()) { parseCmsCertificate(sp); } if (!validationResult.hasFailures()) { verifyCmsSigning(sp, certificate.getCertificate()); } }
From source file:net.ripe.rpki.commons.provisioning.cms.ProvisioningCmsObjectBuilderTest.java
License:BSD License
@Before public void setUp() throws Exception { ResourceClassListQueryPayloadBuilder payloadBuilder = new ResourceClassListQueryPayloadBuilder(); ResourceClassListQueryPayload payload = payloadBuilder.build(); subject = new ProvisioningCmsObjectBuilder(); subject.withCmsCertificate(ProvisioningCmsCertificateBuilderTest.TEST_CMS_CERT.getCertificate()); subject.withCrl(CRL);/*www.j ava2s . c o m*/ subject.withSignatureProvider(DEFAULT_SIGNATURE_PROVIDER); subject.withPayloadContent(payload); signingTime = new DateTime().getMillis() / 1000 * 1000; // truncate milliseconds DateTimeUtils.setCurrentMillisFixed(signingTime); cmsObject = subject.build(ProvisioningCmsCertificateBuilderTest.EE_KEYPAIR.getPrivate()); DateTimeUtils.setCurrentMillisSystem(); signedDataParser = new CMSSignedDataParser(new BcDigestCalculatorProvider(), cmsObject.getEncoded()); signedDataParser.getSignedContent().drain(); }
From source file:net.ripe.rpki.commons.provisioning.cms.ProvisioningCmsObjectParser.java
License:BSD License
public void parseCms(String location, byte[] encoded) { //NOPMD - ArrayIsStoredDirectly this.location = location; this.encoded = encoded; validationResult.setLocation(new ValidationLocation(location)); try {//from w w w .j av a2 s. com sp = new CMSSignedDataParser(DIGEST_CALCULATOR_PROVIDER, encoded); } catch (CMSException e) { validationResult.rejectIfFalse(false, CMS_DATA_PARSING, extractMessages(e)); return; } validationResult.rejectIfFalse(true, CMS_DATA_PARSING); verifyVersionNumber(); verifyDigestAlgorithm(encoded); verifyContentType(); parseContent(); parseCertificates(); parseCmsCrl(); verifySignerInfos(); }