Examples with DERSet com.github.zhenwei.core.asn1.DERSet used on opensource projects

Example 71 with DERSet

use of com.github.zhenwei.core.asn1.DERSet in project LinLong-Java by zhenwei1108.

the class CMSAuthEnvelopedDataGenerator method doGenerate.

private CMSAuthEnvelopedData doGenerate(CMSTypedData content, OutputAEADEncryptor contentEncryptor) throws CMSException {
    ASN1EncodableVector recipientInfos = new ASN1EncodableVector();
    AlgorithmIdentifier encAlgId;
    ASN1OctetString encContent;
    ByteArrayOutputStream bOut = new ByteArrayOutputStream();
    ASN1Set authenticatedAttrSet = null;
    try {
        OutputStream cOut = contentEncryptor.getOutputStream(bOut);
        content.write(cOut);
        if (authAttrsGenerator != null) {
            AttributeTable attrTable = authAttrsGenerator.getAttributes(Collections.EMPTY_MAP);
            authenticatedAttrSet = new DERSet(attrTable.toASN1EncodableVector());
            contentEncryptor.getAADStream().write(authenticatedAttrSet.getEncoded(ASN1Encoding.DER));
        }
        cOut.close();
    } catch (IOException e) {
        throw new CMSException("unable to process authenticated content: " + e.getMessage(), e);
    }
    byte[] encryptedContent = bOut.toByteArray();
    byte[] mac = contentEncryptor.getMAC();
    encAlgId = contentEncryptor.getAlgorithmIdentifier();
    encContent = new BEROctetString(encryptedContent);
    GenericKey encKey = contentEncryptor.getKey();
    for (Iterator it = recipientInfoGenerators.iterator(); it.hasNext(); ) {
        RecipientInfoGenerator recipient = (RecipientInfoGenerator) it.next();
        recipientInfos.add(recipient.generate(encKey));
    }
    EncryptedContentInfo eci = new EncryptedContentInfo(content.getContentType(), encAlgId, encContent);
    ASN1Set unprotectedAttrSet = null;
    if (unauthAttrsGenerator != null) {
        AttributeTable attrTable = unauthAttrsGenerator.getAttributes(Collections.EMPTY_MAP);
        unprotectedAttrSet = new DLSet(attrTable.toASN1EncodableVector());
    }
    ContentInfo contentInfo = new ContentInfo(CMSObjectIdentifiers.authEnvelopedData, new AuthEnvelopedData(originatorInfo, new DERSet(recipientInfos), eci, authenticatedAttrSet, new DEROctetString(mac), unprotectedAttrSet));
    return new CMSAuthEnvelopedData(contentInfo);
}

Example 72 with DERSet

use of com.github.zhenwei.core.asn1.DERSet in project LinLong-Java by zhenwei1108.

the class PKCS10CertificationRequestBuilder method build.

/**
 * Generate an PKCS#10 request based on the past in signer.
 *
 * @param signer the content signer to be used to generate the signature validating the
 *               certificate.
 * @return a holder containing the resulting PKCS#10 certification request.
 */
public PKCS10CertificationRequest build(ContentSigner signer) {
    CertificationRequestInfo info;
    if (attributes.isEmpty()) {
        if (leaveOffEmpty) {
            info = new CertificationRequestInfo(subject, publicKeyInfo, null);
        } else {
            info = new CertificationRequestInfo(subject, publicKeyInfo, new DERSet());
        }
    } else {
        ASN1EncodableVector v = new ASN1EncodableVector();
        for (Iterator it = attributes.iterator(); it.hasNext(); ) {
            v.add(Attribute.getInstance(it.next()));
        }
        info = new CertificationRequestInfo(subject, publicKeyInfo, new DERSet(v));
    }
    try {
        OutputStream sOut = signer.getOutputStream();
        sOut.write(info.getEncoded(ASN1Encoding.DER));
        sOut.close();
        return new PKCS10CertificationRequest(new CertificationRequest(info, signer.getAlgorithmIdentifier(), new DERBitString(signer.getSignature())));
    } catch (IOException e) {
        throw new IllegalStateException("cannot produce certification request signature");
    }
}

Example 73 with DERSet

use of com.github.zhenwei.core.asn1.DERSet in project LinLong-Java by zhenwei1108.

the class CMSSignedDataParser method replaceSigners.

/**
 * Replace the signerinformation store associated with the passed in message contained in the
 * stream original with the new one passed in. You would probably only want to do this if you
 * wanted to change the unsigned attributes associated with a signer, or perhaps delete one.
 * <p>
 * The output stream is returned unclosed.
 * </p>
 *
 * @param original               the signed data stream to be used as a base.
 * @param signerInformationStore the new signer information store to use.
 * @param out                    the stream to write the new signed data object to.
 * @return out.
 */
public static OutputStream replaceSigners(InputStream original, SignerInformationStore signerInformationStore, OutputStream out) throws CMSException, IOException {
    ASN1StreamParser in = new ASN1StreamParser(original);
    ContentInfoParser contentInfo = new ContentInfoParser((ASN1SequenceParser) in.readObject());
    SignedDataParser signedData = SignedDataParser.getInstance(contentInfo.getContent(BERTags.SEQUENCE));
    BERSequenceGenerator sGen = new BERSequenceGenerator(out);
    sGen.addObject(CMSObjectIdentifiers.signedData);
    BERSequenceGenerator sigGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true);
    // version number
    sigGen.addObject(signedData.getVersion());
    // digests
    // skip old ones
    signedData.getDigestAlgorithms().toASN1Primitive();
    ASN1EncodableVector digestAlgs = new ASN1EncodableVector();
    for (Iterator it = signerInformationStore.getSigners().iterator(); it.hasNext(); ) {
        SignerInformation signer = (SignerInformation) it.next();
        digestAlgs.add(CMSSignedHelper.INSTANCE.fixDigestAlgID(signer.getDigestAlgorithmID(), dgstAlgFinder));
    }
    sigGen.getRawOutputStream().write(new DERSet(digestAlgs).getEncoded());
    // encap content info
    ContentInfoParser encapContentInfo = signedData.getEncapContentInfo();
    BERSequenceGenerator eiGen = new BERSequenceGenerator(sigGen.getRawOutputStream());
    eiGen.addObject(encapContentInfo.getContentType());
    pipeEncapsulatedOctetString(encapContentInfo, eiGen.getRawOutputStream());
    eiGen.close();
    writeSetToGeneratorTagged(sigGen, signedData.getCertificates(), 0);
    writeSetToGeneratorTagged(sigGen, signedData.getCrls(), 1);
    ASN1EncodableVector signerInfos = new ASN1EncodableVector();
    for (Iterator it = signerInformationStore.getSigners().iterator(); it.hasNext(); ) {
        SignerInformation signer = (SignerInformation) it.next();
        signerInfos.add(signer.toASN1Structure());
    }
    sigGen.getRawOutputStream().write(new DERSet(signerInfos).getEncoded());
    sigGen.close();
    sGen.close();
    return out;
}

Example 74 with DERSet

use of com.github.zhenwei.core.asn1.DERSet in project LinLong-Java by zhenwei1108.

the class CMSEnvelopedDataGenerator method doGenerate.

private CMSEnvelopedData doGenerate(CMSTypedData content, OutputEncryptor contentEncryptor) throws CMSException {
    ASN1EncodableVector recipientInfos = new ASN1EncodableVector();
    AlgorithmIdentifier encAlgId;
    ASN1OctetString encContent;
    ByteArrayOutputStream bOut = new ByteArrayOutputStream();
    try {
        OutputStream cOut = contentEncryptor.getOutputStream(bOut);
        content.write(cOut);
        cOut.close();
        if (contentEncryptor instanceof OutputAEADEncryptor) {
            byte[] mac = ((OutputAEADEncryptor) contentEncryptor).getMAC();
            bOut.write(mac, 0, mac.length);
        }
    } catch (IOException e) {
        throw new CMSException("");
    }
    byte[] encryptedContent = bOut.toByteArray();
    encAlgId = contentEncryptor.getAlgorithmIdentifier();
    encContent = new BEROctetString(encryptedContent);
    GenericKey encKey = contentEncryptor.getKey();
    for (Iterator it = recipientInfoGenerators.iterator(); it.hasNext(); ) {
        RecipientInfoGenerator recipient = (RecipientInfoGenerator) it.next();
        recipientInfos.add(recipient.generate(encKey));
    }
    EncryptedContentInfo eci = new EncryptedContentInfo(content.getContentType(), encAlgId, encContent);
    ASN1Set unprotectedAttrSet = null;
    if (unprotectedAttributeGenerator != null) {
        AttributeTable attrTable = unprotectedAttributeGenerator.getAttributes(Collections.EMPTY_MAP);
        unprotectedAttrSet = new BERSet(attrTable.toASN1EncodableVector());
    }
    ContentInfo contentInfo = new ContentInfo(CMSObjectIdentifiers.envelopedData, new EnvelopedData(originatorInfo, new DERSet(recipientInfos), eci, unprotectedAttrSet));
    return new CMSEnvelopedData(contentInfo);
}

Example 75 with DERSet

use of com.github.zhenwei.core.asn1.DERSet in project LinLong-Java by zhenwei1108.

the class CMSEnvelopedDataParser method getUnprotectedAttributes.

/**
 * return a table of the unprotected attributes indexed by the OID of the attribute.
 *
 * @throws IOException
 */
public AttributeTable getUnprotectedAttributes() throws IOException {
    if (unprotectedAttributes == null && attrNotRead) {
        ASN1SetParser set = envelopedData.getUnprotectedAttrs();
        attrNotRead = false;
        if (set != null) {
            ASN1EncodableVector v = new ASN1EncodableVector();
            ASN1Encodable o;
            while ((o = set.readObject()) != null) {
                ASN1SequenceParser seq = (ASN1SequenceParser) o;
                v.add(seq.toASN1Primitive());
            }
            unprotectedAttributes = new AttributeTable(new DERSet(v));
        }
    }
    return unprotectedAttributes;
}