List of usage examples for org.bouncycastle.jce.provider BouncyCastleProvider PROVIDER_NAME
String PROVIDER_NAME
To view the source code for org.bouncycastle.jce.provider BouncyCastleProvider PROVIDER_NAME.
Click Source Link
From source file:jetbrains.buildServer.clouds.azure.asm.connector.AzureApiConnector.java
License:Apache License
private static KeyStore createKeyStorePKCS12(String base64Certificate, OutputStream keyStoreOutputStream, String keystorePwd) throws Exception { Security.addProvider(new BouncyCastleProvider()); KeyStore store = KeyStore.getInstance("PKCS12", BouncyCastleProvider.PROVIDER_NAME); store.load(null, null);//from w w w .java 2 s . c om // read in the value of the base 64 cert without a password (PBE can be applied afterwards if this is needed final byte[] decode = Base64.decode(base64Certificate); InputStream sslInputStream = new ByteArrayInputStream(decode); store.load(sslInputStream, "".toCharArray()); // we need to a create a physical keystore as well here store.store(keyStoreOutputStream, keystorePwd.toCharArray()); keyStoreOutputStream.close(); return store; }
From source file:jetbrains.buildServer.clouds.azure.util.KeyStoreUtil.java
License:Apache License
public KeyStore createKeyStorePKCS12(String base64Certificate, OutputStream keyStoreOutputStream, String keystorePwd) throws Exception { Security.addProvider(new BouncyCastleProvider()); KeyStore store = KeyStore.getInstance("PKCS12", BouncyCastleProvider.PROVIDER_NAME); store.load(null, null);// w ww .j av a 2 s . co m // read in the value of the base 64 cert without a password (PBE can be applied afterwards if this is needed InputStream sslInputStream = new ByteArrayInputStream(Base64.decode(base64Certificate)); store.load(sslInputStream, "".toCharArray()); // we need to a create a physical keystore as well here store.store(keyStoreOutputStream, keystorePwd.toCharArray()); keyStoreOutputStream.close(); return store; }
From source file:known.issues.DSS642.CAdESCounterSignatureTest.java
License:Open Source License
@Test public void test() throws Exception { CertificateService certificateService = new CertificateService(); final MockPrivateKeyEntry entryUserA = certificateService .generateCertificateChain(SignatureAlgorithm.RSA_SHA256); final MockPrivateKeyEntry entryUserB = certificateService .generateCertificateChain(SignatureAlgorithm.RSA_SHA256); DSSDocument document = new FileDocument(new File("src/test/resources/sample.xml")); // Sign//from www . j av a 2 s. co m CAdESSignatureParameters signatureParameters = new CAdESSignatureParameters(); signatureParameters.setSigningCertificate(entryUserA.getCertificate()); signatureParameters.setCertificateChain(entryUserA.getCertificateChain()); signatureParameters.setSignatureLevel(SignatureLevel.CAdES_BASELINE_B); signatureParameters.setSignaturePackaging(SignaturePackaging.ENVELOPING); CertificateVerifier certificateVerifier = new CommonCertificateVerifier(); CAdESService service = new CAdESService(certificateVerifier); ToBeSigned dataToSign = service.getDataToSign(document, signatureParameters); SignatureValue signatureValue = sign(signatureParameters.getSignatureAlgorithm(), entryUserA, dataToSign); DSSDocument signedDocument = service.signDocument(document, signatureParameters, signatureValue); // Countersign final InputStream inputStream = signedDocument.openStream(); final CMSSignedData cmsSignedData = new CMSSignedData(inputStream); IOUtils.closeQuietly(inputStream); SignerInformationStore signerInfosStore = cmsSignedData.getSignerInfos(); Collection<SignerInformation> signerInfos = signerInfosStore.getSigners(); assertEquals(1, signerInfos.size()); SignerInformation signerInfo = signerInfos.iterator().next(); Thread.sleep(1000); CAdESSignatureParameters countersigningParameters = new CAdESSignatureParameters(); countersigningParameters.setSignatureLevel(SignatureLevel.CAdES_BASELINE_B); countersigningParameters.setSignaturePackaging(SignaturePackaging.ENVELOPING); countersigningParameters.setSigningCertificate(entryUserB.getCertificate()); countersigningParameters.setCertificateChain(entryUserB.getCertificateChain()); DSSDocument counterSignDocument = service.counterSignDocument(signedDocument, countersigningParameters, signerInfo.getSID(), new MockSignatureTokenConnection(), entryUserB); assertNotNull(counterSignDocument); counterSignDocument.save("target/countersign.p7m"); CMSSignedData data = new CMSSignedData(counterSignDocument.openStream()); SignerInformationStore informationStore = data.getSignerInfos(); Collection<SignerInformation> signers = informationStore.getSigners(); for (SignerInformation signerInformation : signers) { AttributeTable signedAttributes = signerInformation.getSignedAttributes(); Attribute attribute = signedAttributes.get(PKCSObjectIdentifiers.pkcs_9_at_contentType); assertNotNull(attribute); SignerInformationStore counterSignatures = signerInformation.getCounterSignatures(); assertNotNull(counterSignatures); Collection<SignerInformation> signersCounter = counterSignatures.getSigners(); for (SignerInformation signerCounter : signersCounter) { AttributeTable signedAttributes2 = signerCounter.getSignedAttributes(); Attribute attribute2 = signedAttributes2.get(PKCSObjectIdentifiers.pkcs_9_at_contentType); // Counter-signatures don't allow content-type assertNull(attribute2); } } SignerInformationVerifierProvider vProv = new SignerInformationVerifierProvider() { @Override public SignerInformationVerifier get(SignerId signerId) throws OperatorCreationException { if (entryUserA.getCertificate().getSerialNumber().equals(signerId.getSerialNumber())) { return new JcaSimpleSignerInfoVerifierBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME) .build(entryUserA.getCertificate().getCertificate()); } else if (entryUserB.getCertificate().getSerialNumber().equals(signerId.getSerialNumber())) { return new JcaSimpleSignerInfoVerifierBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME) .build(entryUserB.getCertificate().getCertificate()); } else { throw new IllegalStateException("no signerID matched"); } } }; // Validate both signatures by BC assertTrue(data.verifySignatures(vProv, false)); // Validate SignedDocumentValidator validator = SignedDocumentValidator.fromDocument(counterSignDocument); validator.setCertificateVerifier(new CommonCertificateVerifier()); Reports reports = validator.validateDocument(); reports.print(); DiagnosticData diagnosticData = reports.getDiagnosticData(); List<XmlDom> signatures = diagnosticData.getElements("/DiagnosticData/Signature"); assertEquals(2, signatures.size()); boolean foundCounterSignature = false; for (XmlDom xmlDom : signatures) { String type = xmlDom.getAttribute("Type"); if (AttributeValue.COUNTERSIGNATURE.equals(type)) { foundCounterSignature = true; } assertTrue(diagnosticData.isBLevelTechnicallyValid(xmlDom.getAttribute("Id"))); } assertTrue(foundCounterSignature); }
From source file:mitm.common.security.crl.GenerateTestCRLs.java
License:Open Source License
private X509CRLBuilder createX509CRLBuilder() { return new X509CRLBuilderImpl(BouncyCastleProvider.PROVIDER_NAME, BouncyCastleProvider.PROVIDER_NAME); }
From source file:mitm.common.security.DefaultSecurityFactory.java
License:Open Source License
@Override public X509CRLBuilder createX509CRLBuilder() { /*/*from w w w. j a v a 2s. co m*/ * Use the optimized X509CRL from the MITMProvider for the creation of the CRL */ return new X509CRLBuilderImpl(BouncyCastleProvider.PROVIDER_NAME /* siging provider */, MITMProvider.PROVIDER /* CRL provider */); }
From source file:net.bluewizardhat.crypto.factory.bouncy.CamelliaFactory.java
License:Apache License
/** * Returns an {@link SymmetricEncryptionEngine} that implements Camellia in CTR mode with PKCS5 padding. * The {@link SymmetricEncryptionEngine} returned by this method is thread-safe. *///from w w w . j a va 2s . co m public static SymmetricEncryptionEngine usingCamelliaCtr() { return FluentEncryptionEngineImpl.getSymmetricEncryptionEngine("Camellia", "Camellia/CTR/PKCS5Padding", 16, BouncyCastleProvider.PROVIDER_NAME); }
From source file:net.bluewizardhat.crypto.factory.bouncy.CamelliaFactory.java
License:Apache License
/** * Returns an {@link SymmetricEncryptionEngine} that implements Camellia in CFB mode with PKCS5 padding. * The {@link SymmetricEncryptionEngine} returned by this method is thread-safe. *//*from ww w. ja va 2s.com*/ public static SymmetricEncryptionEngine usingCamelliaCfb() { return FluentEncryptionEngineImpl.getSymmetricEncryptionEngine("Camellia", "Camellia/CFB/PKCS5Padding", 16, BouncyCastleProvider.PROVIDER_NAME); }
From source file:net.bluewizardhat.crypto.factory.bouncy.CamelliaFactory.java
License:Apache License
/** * Returns an {@link SymmetricEncryptionEngine} that implements Camellia in CBC mode with PKCS5 padding. * The {@link SymmetricEncryptionEngine} returned by this method is thread-safe. *///from w ww. j a v a 2 s. c o m public static SymmetricEncryptionEngine usingCamelliaCbc() { return FluentEncryptionEngineImpl.getSymmetricEncryptionEngine("Camellia", "Camellia/CBC/PKCS5Padding", 16, BouncyCastleProvider.PROVIDER_NAME); }
From source file:net.bluewizardhat.crypto.factory.bouncy.CamelliaFactory.java
License:Apache License
/** * Returns an {@link SymmetricEncryptionEngine} that implements Camellia in ECB mode with PKCS5 padding. * ECB is the least safe mode for Camellia. * The {@link SymmetricEncryptionEngine} returned by this method is thread-safe. */// w w w .j ava2 s .c om public static SymmetricEncryptionEngine usingCamelliaEcb() { return FluentEncryptionEngineImpl.getSymmetricEncryptionEngine("Camellia", "Camellia/ECB/PKCS5Padding", 0, BouncyCastleProvider.PROVIDER_NAME); }
From source file:net.bluewizardhat.crypto.factory.bouncy.TwofishFactory.java
License:Apache License
/** * Returns an {@link SymmetricEncryptionEngine} that implements Twofish in CTR mode with PKCS5 padding. * The {@link SymmetricEncryptionEngine} returned by this method is thread-safe. */// w ww . j a v a 2 s .c om public static SymmetricEncryptionEngine usingTwofishCtr() { return FluentEncryptionEngineImpl.getSymmetricEncryptionEngine("Twofish", "Twofish/CTR/PKCS5Padding", 16, BouncyCastleProvider.PROVIDER_NAME); }