Example usage for org.bouncycastle.cms SignerInformation getSID

List of usage examples for org.bouncycastle.cms SignerInformation getSID

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.cms.*
  5. SignerInformation
  6. getSID

Introduction

In this page you can find the example usage for org.bouncycastle.cms SignerInformation getSID.

Prototype

public SignerId getSID()

Source Link

Usage

From source file:test.unit.be.fedict.eid.applet.service.signer.CMSTest.java

License:Open Source License

@Test
public void testRetrieveCMSDigestValue() throws Exception {
    // setup/* w  w w .j  a v a2  s. co  m*/
    KeyPair keyPair = PkiTestUtils.generateKeyPair();
    DateTime notBefore = new DateTime();
    DateTime notAfter = notBefore.plusMonths(1);
    X509Certificate certificate = generateSelfSignedCertificate(keyPair, "CN=Test", notBefore, notAfter);
    byte[] toBeSigned = "hello world".getBytes();

    // operate
    CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
    generator.addSigner(keyPair.getPrivate(), certificate, CMSSignedDataGenerator.DIGEST_SHA1);
    CMSProcessable content = new CMSProcessableByteArray(toBeSigned);

    CMSTestProvider provider = new CMSTestProvider();
    generator.generate(content, false, provider);

    byte[] digestValue = SHA1WithRSASignature.getDigestValue();
    assertNotNull(digestValue);
    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPrivate());
    byte[] digestInfoValue = ArrayUtils.addAll(PkiTestUtils.SHA1_DIGEST_INFO_PREFIX, digestValue);
    byte[] signatureValue = cipher.doFinal(digestInfoValue);
    SHA1WithRSASignature.setSignatureValue(signatureValue);

    generator = new CMSSignedDataGenerator();
    generator.addSigner(keyPair.getPrivate(), certificate, CMSSignedDataGenerator.DIGEST_SHA1);
    content = new CMSProcessableByteArray(toBeSigned);
    provider = new CMSTestProvider();

    CMSSignedData signedData = generator.generate(content, false, provider);

    byte[] cmsSignature = signedData.getEncoded();
    LOG.debug("CMS signature: " + ASN1Dump.dumpAsString(new ASN1StreamParser(cmsSignature).readObject()));

    // verify
    content = new CMSProcessableByteArray(toBeSigned);
    signedData = new CMSSignedData(content, cmsSignature);
    SignerInformationStore signers = signedData.getSignerInfos();
    Iterator<SignerInformation> iter = signers.getSigners().iterator();
    while (iter.hasNext()) {
        SignerInformation signer = iter.next();
        SignerId signerId = signer.getSID();
        LOG.debug("signer: " + signerId);
        assertTrue(signerId.match(certificate));
        assertTrue(signer.verify(keyPair.getPublic(), BouncyCastleProvider.PROVIDER_NAME));
    }
    LOG.debug("content type: " + signedData.getSignedContentTypeOID());
}