Example usage for org.bouncycastle.util CollectionStore iterator

List of usage examples for org.bouncycastle.util CollectionStore iterator

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.util.*
  5. CollectionStore
  6. iterator

Introduction

In this page you can find the example usage for org.bouncycastle.util CollectionStore iterator.

Prototype

public Iterator iterator()

Source Link

Document

Support method for Iterable where available.

Usage

From source file:se.tillvaxtverket.ttsigvalws.ttwssigvalidation.pdf.PdfSignatureVerifier.java

License:Open Source License

private static void verifyCMSSignature(CMSSignedDataParser sp, CMSSigVerifyResult sigResult)
        throws CMSException, IOException, CertificateException, OperatorCreationException {
    CollectionStore certStore = (CollectionStore) sp.getCertificates();
    Iterator ci = certStore.iterator();
    List<X509Certificate> certList = new ArrayList<>();
    while (ci.hasNext()) {
        X509CertificateHolder ch = (X509CertificateHolder) ci.next();
        certList.add(getCert(ch));//from w  w  w. j a  v  a2  s . c o  m
    }
    sigResult.setCertList(certList);

    SignerInformationStore signers = sp.getSignerInfos();
    Collection c = signers.getSigners();
    Iterator it = c.iterator();
    while (it.hasNext()) {
        SignerInformation signer = (SignerInformation) it.next();
        Date claimedSigningTime = getClaimedSigningTime(signer);
        sigResult.setClaimedSigningTime(claimedSigningTime);
        Collection certCollection = certStore.getMatches(signer.getSID());
        X509CertificateHolder certHolder = (X509CertificateHolder) certCollection.iterator().next();
        sigResult.setCert(getCert(certHolder));

        //Check signature
        sigResult.setValid(
                signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(certHolder)));

        sigResult.setStatus(sigResult.isValid() ? "Valid" : "Signature verification failed");
        if (!sigResult.isValid()) {
            return;
        }

        // Collect sig algo data
        getPkParams(sigResult.getCert().getPublicKey(), sigResult);
        DigestAlgorithm signerInfoHashAlgo = DigestAlgorithm.getDigestAlgoFromOid(signer.getDigestAlgOID());
        sigResult.setDigestAlgo(signerInfoHashAlgo);
        String encryptionAlgOID = signer.getEncryptionAlgOID();
        SupportedSigAlgoritm sigAlgoFromSignerInfoAndCert = SupportedSigAlgoritm
                .getAlgoFromOidAndHash(new ASN1ObjectIdentifier(encryptionAlgOID), signerInfoHashAlgo);
        sigResult.setSigAlgo(sigAlgoFromSignerInfoAndCert);
        Attribute cmsAlgoProtAttr = signer.getSignedAttributes()
                .get(new ASN1ObjectIdentifier(PdfObjectIds.ID_AA_CMS_ALGORITHM_PROTECTION));
        getCMSAlgoritmProtectionData(cmsAlgoProtAttr, sigResult);
        if (!checkAlgoritmConsistency(sigResult)) {
            sigResult.setValid(false);
            sigResult.setStatus(
                    "Signature was verified but with inconsistent Algoritm declarations or unsupported algoritms");
        }
        if (sigResult.isValid()) {
            verifyPadesProperties(signer, sigResult);
        }
    }
}