List of usage examples for org.bouncycastle.jce.provider BouncyCastleProvider PROVIDER_NAME
String PROVIDER_NAME
To view the source code for org.bouncycastle.jce.provider BouncyCastleProvider PROVIDER_NAME.
Click Source Link
From source file:net.markenwerk.utils.mail.smime.SmimeUtil.java
License:Open Source License
private static SignerInformationVerifier getVerifier(X509Certificate certificate) throws OperatorCreationException { JcaSimpleSignerInfoVerifierBuilder builder = new JcaSimpleSignerInfoVerifierBuilder(); builder.setProvider(BouncyCastleProvider.PROVIDER_NAME); return builder.build(certificate); }
From source file:net.nicoulaj.maven.plugins.checksum.digest.DigesterFactory.java
License:Apache License
/** * Get an instance of {@link FileDigester} for the given checksum algorithm. * * @param algorithm the target checksum algorithm. * @return an instance of {@link FileDigester}. * @throws NoSuchAlgorithmException if the checksum algorithm is not supported or invalid. * @see FileDigester//from w ww. java2 s . c o m */ public synchronized FileDigester getFileDigester(String algorithm) throws NoSuchAlgorithmException { FileDigester digester = digesters.get(algorithm); if (digester == null) { // Algorithms with custom digesters if (CRC32FileDigester.ALGORITHM.equals(algorithm)) { digester = new CRC32FileDigester(); } else if (CksumFileDigester.ALGORITHM.equals(algorithm)) { digester = new CksumFileDigester(); } // Default case: try to use Java Security providers. else { // Try with the current providers. try { digester = new MessageDigestFileDigester(algorithm); } catch (NoSuchAlgorithmException e) { // If the algorithm is not supported by default providers, try with Bouncy Castle. if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) { Security.addProvider(new BouncyCastleProvider()); digester = new MessageDigestFileDigester(algorithm); } // If Bouncy Castle was already used, fail. else { throw e; } } } digesters.put(algorithm, digester); } return digester; }
From source file:net.sf.sahi.ssl.SSLHelper.java
License:Apache License
/** * Read certificate and adds it to the keystore. * * @throws IOException//from w w w .j a va 2 s . c o m * @throws CertificateException * @throws KeyStoreException */ private void readRootCA() throws IOException, CertificateException, KeyStoreException { Key _privateKey = readPrivateKey(Configuration.getRootKeyPath()); X509CertificateHolder holder = (X509CertificateHolder) readWithPemParser(Configuration.getRootCaPath()); rootCA = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME) .getCertificate(holder); keystore.setKeyEntry(Configuration.getRootCaName(), _privateKey, KEYSTORE_PASSWORD.toCharArray(), new X509Certificate[] { rootCA }); }
From source file:no.difi.oxalis.as2.util.MimeMessageHelperTest.java
License:EUPL
/** * verify the signature (assuming the cert is contained in the message) *///from w w w . ja v a2 s . c om private boolean verify(String resourceName, boolean debug) { System.out.println("Verifying resource " + resourceName + " (debug=" + debug + ")"); String resourcePath = "real-mdn-examples/" + resourceName; try { // shortcuts lots of steps in the above test (parseLegalMimeMessageWithHeaders) MimeMultipart multipartSigned = (MimeMultipart) MimeMessageHelper .createMimeMessage( MimeMessageHelperTest.class.getClassLoader().getResourceAsStream(resourcePath)) .getContent(); assertNotNull(multipartSigned); // verify signature SMIMESigned signedMessage = new SMIMESigned(multipartSigned); Store certs = signedMessage.getCertificates(); SignerInformationStore signers = signedMessage.getSignerInfos(); for (Object signerInformation : signers.getSigners()) { SignerInformation signer = (SignerInformation) signerInformation; Collection certCollection = certs.getMatches(signer.getSID()); Iterator certIterator = certCollection.iterator(); X509Certificate cert = new JcaX509CertificateConverter() .setProvider(BouncyCastleProvider.PROVIDER_NAME) .getCertificate((X509CertificateHolder) certIterator.next()); if (debug) System.out.println("Signing certificate : " + cert); SignerInformationVerifier signerInformationVerifier = new JcaSimpleSignerInfoVerifierBuilder() .setProvider(BouncyCastleProvider.PROVIDER_NAME).build(cert); if (signer.verify(signerInformationVerifier)) return true; } } catch (Exception ex) { System.out.println("Verification failed with exception " + ex.getMessage()); } return false; }
From source file:no.difi.oxalis.as2.util.SignedMimeMessage.java
License:EUPL
void parseSignedMessage() { SMIMESignedParser smimeSignedParser; try {// w w w .j a v a 2s .c o m // MimeMessageHelper.dumpMimePartToFile("/tmp/parseSignedMessage.txt", mimeMessage); smimeSignedParser = new SMIMESignedParser(new JcaDigestCalculatorProviderBuilder().build(), (MimeMultipart) mimeMessage.getContent()); } catch (MessagingException | CMSException | IOException | OperatorCreationException e) { throw new IllegalStateException("Unable to create SMIMESignedParser: " + e.getMessage(), e); } Store certs; try { certs = smimeSignedParser.getCertificates(); } catch (CMSException e) { throw new IllegalStateException("Unable to retrieve the certificates from signed message."); } // // SignerInfo blocks which contain the signatures // SignerInformationStore signerInfos; try { signerInfos = smimeSignedParser.getSignerInfos(); } catch (CMSException e) { throw new IllegalStateException("Unable to get the Signer information from message. " + e.getMessage(), e); } Collection signers = signerInfos.getSigners(); Iterator signersIterator = signers.iterator(); // // Only a single signer, get the first and only certificate // if (signersIterator.hasNext()) { // Retrieves information on first and only signer SignerInformation signer = (SignerInformation) signersIterator.next(); // Retrieves the collection of certificates for first and only signer @SuppressWarnings("unchecked") Collection certCollection = certs.getMatches(signer.getSID()); // Retrieve the first certificate Iterator certIt = certCollection.iterator(); if (certIt.hasNext()) { try { signersX509Certificate = new JcaX509CertificateConverter() .setProvider(BouncyCastleProvider.PROVIDER_NAME) .getCertificate((X509CertificateHolder) certIt.next()); } catch (CertificateException e) { throw new IllegalStateException("Unable to fetch certificate for signer. " + e.getMessage(), e); } } else { throw new IllegalStateException( "Signers certificate was not found, unable to verify the signature"); } // Verify that the signature is correct and that signersIterator was generated when the certificate was current /* try { if (!signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build(signersX509Certificate))) { throw new IllegalStateException("Verification of signer failed"); } } catch (CMSException | OperatorCreationException e) { throw new IllegalStateException("Unable to verify the signer. " + e.getMessage(), e); } */ String issuerDN = signersX509Certificate.getIssuerDN().toString(); log.debug("Certificate issued by: " + issuerDN); } else { throw new IllegalStateException("There is no signer information available"); } }
From source file:no.difi.oxalis.as2.util.SMimeBC.java
License:EUPL
public static byte[] createSignature(byte[] digest, SMimeDigestMethod digestMethod, PrivateKey privateKey, X509Certificate certificate) throws OxalisSecurityException { try {//ww w.j a v a 2 s. com ASN1EncodableVector signedAttributes = new ASN1EncodableVector(); signedAttributes.add(new Attribute(CMSAttributes.contentType, new DERSet(digestMethod.getOid()))); signedAttributes .add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(digest)))); signedAttributes.add(new Attribute(CMSAttributes.signingTime, new DERSet(new DERUTCTime(new Date())))); AttributeTable signedAttributesTable = new AttributeTable(signedAttributes); signedAttributesTable.toASN1EncodableVector(); DefaultSignedAttributeTableGenerator signedAttributeGenerator = new DefaultSignedAttributeTableGenerator( signedAttributesTable); /* Build the SignerInfo generator builder, that will build the generator... that will generate the SignerInformation... */ SignerInfoGeneratorBuilder signerInfoBuilder = new SignerInfoGeneratorBuilder( new JcaDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME) .build()); signerInfoBuilder.setSignedAttributeGenerator(signedAttributeGenerator); CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); JcaContentSignerBuilder contentSigner = new JcaContentSignerBuilder(digestMethod.getMethod()) .setProvider(BouncyCastleProvider.PROVIDER_NAME); generator.addSignerInfoGenerator(signerInfoBuilder.build(contentSigner.build(privateKey), new X509CertificateHolder(certificate.getEncoded()))); generator.addCertificates(new JcaCertStore(Collections.singletonList(certificate))); return generator.generate(new CMSAbsentContent()).getEncoded(); } catch (CMSException | IOException | CertificateEncodingException | OperatorCreationException e) { throw new OxalisSecurityException(e.getMessage(), e); } }
From source file:no.difi.oxalis.as2.util.SMimeBC.java
License:EUPL
private static JcaSimpleSignerInfoVerifierBuilder getSignerInfoVerifierBuilder() { return new JcaSimpleSignerInfoVerifierBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME); }
From source file:no.difi.oxalis.as2.util.SMimeMessageFactory.java
License:EUPL
/** * Creates an S/MIME message using the supplied MimeBodyPart. The signature is generated using the private key * as supplied in the constructor. Our certificate, which is required to verify the signature is enclosed. *//*from ww w. ja v a 2 s . c om*/ public MimeMessage createSignedMimeMessage(MimeBodyPart mimeBodyPart, SMimeDigestMethod digestMethod) throws OxalisTransmissionException { // // S/MIME capabilities are required, but we simply supply an empty vector // ASN1EncodableVector signedAttrs = new ASN1EncodableVector(); // // create the generator for creating an smime/signed message // SMIMESignedGenerator smimeSignedGenerator = new SMIMESignedGenerator("binary"); //also see CMSSignedGenerator ? // // add a signer to the generator - this specifies we are using SHA1 and // adding the smime attributes above to the signed attributes that // will be generated as part of the signature. The encryption algorithm // used is taken from the key - in this RSA with PKCS1Padding // try { smimeSignedGenerator.addSignerInfoGenerator( new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME) .setSignedAttributeGenerator(new AttributeTable(signedAttrs)) // .build("SHA1withRSA", privateKey, ourCertificate)); .build(digestMethod.getMethod(), privateKey, ourCertificate)); } catch (OperatorCreationException e) { throw new OxalisTransmissionException("Unable to add Signer information. " + e.getMessage(), e); } catch (CertificateEncodingException e) { throw new OxalisTransmissionException(String.format( "Certificate encoding problems while adding signer information. %s", e.getMessage()), e); } // // create a CertStore containing the certificates we want carried // in the signature // Store certs; try { certs = new JcaCertStore(Collections.singleton(ourCertificate)); } catch (CertificateEncodingException e) { throw new OxalisTransmissionException( "Unable to create JcaCertStore with our certificate. " + e.getMessage(), e); } smimeSignedGenerator.addCertificates(certs); // // Signs the supplied MimeBodyPart // MimeMultipart mimeMultipart; try { mimeMultipart = smimeSignedGenerator.generate(mimeBodyPart); } catch (SMIMEException e) { throw new OxalisTransmissionException("Unable to generate signed mime multipart." + e.getMessage(), e); } // // Get a Session object and create the mail message // Properties props = System.getProperties(); Session session = Session.getDefaultInstance(props, null); MimeMessage mimeMessage = new MimeMessage(session); try { mimeMessage.setContent(mimeMultipart, mimeMultipart.getContentType()); } catch (MessagingException e) { throw new OxalisTransmissionException("Unable to set Content type of MimeMessage. " + e.getMessage(), e); } try { mimeMessage.saveChanges(); } catch (MessagingException e) { throw new OxalisTransmissionException("Unable to save changes to Mime message. " + e.getMessage(), e); } return mimeMessage; }
From source file:no.difi.oxalis.commons.bouncycastle.BCHelper.java
License:EUPL
/** * Registers BouncyCastle as provider if not already registered. *//*w ww . ja v a 2s.c o m*/ public static void registerProvider() { if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) Security.addProvider(new BouncyCastleProvider()); }
From source file:no.difi.oxalis.commons.bouncycastle.BCHelper.java
License:EUPL
/** * Creates a MessageDigest object using the BouncyCastle provider. Exception {@link NoSuchProviderException} is * disguised as {@link NoSuchAlgorithmException}. * * @param algorithm Algorithm to be use to create the MessageDigest object. * @return MessageDigest object ready for use. * @throws NoSuchAlgorithmException Thrown in cases when unknown algorithms are requestes. *///from w w w . j ava2 s . com public static MessageDigest getMessageDigest(String algorithm) throws NoSuchAlgorithmException { try { return MessageDigest.getInstance(algorithm, BouncyCastleProvider.PROVIDER_NAME); } catch (NoSuchProviderException e) { throw new NoSuchAlgorithmException(e.getMessage(), e); } }