use of com.github.zhenwei.core.asn1.DERSet in project LinLong-Java by zhenwei1108.
the class CMSEnvelopedDataStreamGenerator method open.
protected OutputStream open(OutputStream out, ASN1EncodableVector recipientInfos, OutputEncryptor encryptor) throws CMSException {
try {
//
// ContentInfo
//
BERSequenceGenerator cGen = new BERSequenceGenerator(out);
cGen.addObject(CMSObjectIdentifiers.envelopedData);
//
// Encrypted Data
//
BERSequenceGenerator envGen = new BERSequenceGenerator(cGen.getRawOutputStream(), 0, true);
ASN1Set recipients;
if (_berEncodeRecipientSet) {
recipients = new BERSet(recipientInfos);
} else {
recipients = new DERSet(recipientInfos);
}
envGen.addObject(getVersion(recipientInfos));
if (originatorInfo != null) {
envGen.addObject(new DERTaggedObject(false, 0, originatorInfo));
}
envGen.getRawOutputStream().write(recipients.getEncoded());
BERSequenceGenerator eiGen = new BERSequenceGenerator(envGen.getRawOutputStream());
eiGen.addObject(CMSObjectIdentifiers.data);
AlgorithmIdentifier encAlgId = encryptor.getAlgorithmIdentifier();
eiGen.getRawOutputStream().write(encAlgId.getEncoded());
OutputStream octetStream = CMSUtils.createBEROctetOutputStream(eiGen.getRawOutputStream(), 0, false, _bufferSize);
return new CmsEnvelopedDataOutputStream(encryptor, octetStream, cGen, envGen, eiGen);
} catch (IOException e) {
throw new CMSException("exception decoding algorithm parameters.", e);
}
}
use of com.github.zhenwei.core.asn1.DERSet in project gdmatrix by gdmatrix.
the class P7MUtils method addTimeStamp.
public static CMSSignedData addTimeStamp(String serviceURI, CMSSignedData signedData) throws Exception {
CMSSignedData newSignedData;
SignerInformationStore sigStore = signedData.getSignerInfos();
ArrayList siList = new ArrayList();
for (Object o : sigStore.getSigners()) {
// CertStore certStore =
// signedData.getCertificatesAndCRLs("Collection", "BC");
Store store = signedData.getCertificates();
SignerInformation si = (SignerInformation) o;
SignerId sigId = si.getSID();
JcaX509CertSelectorConverter converter = new JcaX509CertSelectorConverter();
CertSelector certSelector = converter.getCertSelector(sigId);
Collection certCollection = store.getMatches((Selector) certSelector);
// Collection certCollection = certStore.getCertificates(sigId);
X509Certificate certificate = (X509Certificate) certCollection.iterator().next();
System.out.println(certificate.getSubjectDN().getName());
// get signature
byte[] signature = si.getSignature();
// signed attributes
System.out.println("SignedAttributes:");
AttributeTable signedAttributes = si.getSignedAttributes();
printAttributeTable(signedAttributes);
// unsigned attributes
System.out.println("UnsignedAttributes:");
AttributeTable unsignedAttributes = si.getUnsignedAttributes();
printAttributeTable(unsignedAttributes);
ASN1ObjectIdentifier tsId = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2.14");
Attribute att = unsignedAttributes == null ? null : unsignedAttributes.get(tsId);
if (att == null) {
System.out.println("creating timeStamp...");
ASN1EncodableVector tsVector = new ASN1EncodableVector();
ContentInfo timeStampToken = createTimeStamp(serviceURI, signature);
tsVector.add(timeStampToken);
DERSet attributeValues = new DERSet(tsVector);
att = new Attribute(tsId, attributeValues);
Hashtable attrMap = new Hashtable();
attrMap.put(tsId, att);
AttributeTable table = new AttributeTable(attrMap);
SignerInformation newSi = SignerInformation.replaceUnsignedAttributes(si, table);
siList.add(newSi);
} else {
System.out.println("timeStamp present");
}
}
if (// replace signers
!siList.isEmpty()) {
newSignedData = CMSSignedData.replaceSigners(signedData, new SignerInformationStore(siList));
newSignedData = new CMSSignedData(newSignedData.getEncoded());
} else
newSignedData = signedData;
return newSignedData;
}
use of com.github.zhenwei.core.asn1.DERSet in project gdmatrix by gdmatrix.
the class CMSUtils method addTimeStamp.
public static CMSSignedData addTimeStamp(String serviceURI, CMSSignedData signedData) throws Exception {
CMSSignedData newSignedData;
SignerInformationStore sigStore = signedData.getSignerInfos();
ArrayList siList = new ArrayList();
for (Object o : sigStore.getSigners()) {
Store certStore = signedData.getCertificates();
SignerInformation si = (SignerInformation) o;
SignerId sigId = si.getSID();
Collection certCollection = certStore.getMatches(sigId);
X509CertificateHolder certificateHolder = (X509CertificateHolder) certCollection.iterator().next();
X509Certificate certificate = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
System.out.println(certificate.getSubjectDN().getName());
// get signature
byte[] signature = si.getSignature();
// signed attributes
System.out.println("SignedAttributes:");
AttributeTable signedAttributes = si.getSignedAttributes();
printAttributeTable(signedAttributes);
// unsigned attributes
System.out.println("UnsignedAttributes:");
AttributeTable unsignedAttributes = si.getUnsignedAttributes();
printAttributeTable(unsignedAttributes);
ASN1ObjectIdentifier tsId = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2.14");
Attribute att = unsignedAttributes == null ? null : unsignedAttributes.get(tsId);
if (att == null) {
System.out.println("creating timeStamp...");
ContentInfo timeStampToken = createTimeStamp(serviceURI, signature);
ASN1EncodableVector vector = new ASN1EncodableVector();
vector.add(timeStampToken);
DERSet attributeValues = new DERSet(vector);
Attribute attribute = new Attribute(tsId, attributeValues);
Hashtable attrMap = new Hashtable();
attrMap.put(tsId, attribute);
AttributeTable table = new AttributeTable(attrMap);
SignerInformation newSi = SignerInformation.replaceUnsignedAttributes(si, table);
siList.add(newSi);
} else
System.out.println("Timestamp present");
}
if (// replace signers
!siList.isEmpty()) {
newSignedData = CMSSignedData.replaceSigners(signedData, new SignerInformationStore(siList));
newSignedData = new CMSSignedData(newSignedData.getEncoded());
} else
newSignedData = signedData;
return newSignedData;
}
use of com.github.zhenwei.core.asn1.DERSet in project itext2 by albfernandez.
the class PdfPublicKeySecurityHandler method createDERForRecipient.
private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert) throws IOException, GeneralSecurityException {
String s = "1.2.840.113549.3.2";
AlgorithmParameterGenerator algorithmparametergenerator = AlgorithmParameterGenerator.getInstance(s);
AlgorithmParameters algorithmparameters = algorithmparametergenerator.generateParameters();
ByteArrayInputStream bytearrayinputstream = new ByteArrayInputStream(algorithmparameters.getEncoded("ASN.1"));
ASN1InputStream asn1inputstream = new ASN1InputStream(bytearrayinputstream);
ASN1Primitive derobject = asn1inputstream.readObject();
KeyGenerator keygenerator = KeyGenerator.getInstance(s);
keygenerator.init(128);
SecretKey secretkey = keygenerator.generateKey();
Cipher cipher = Cipher.getInstance(s);
cipher.init(1, secretkey, algorithmparameters);
byte[] abyte1 = cipher.doFinal(in);
DEROctetString deroctetstring = new DEROctetString(abyte1);
KeyTransRecipientInfo keytransrecipientinfo = computeRecipientInfo(cert, secretkey.getEncoded());
DERSet derset = new DERSet(new RecipientInfo(keytransrecipientinfo));
AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier(s), derobject);
EncryptedContentInfo encryptedcontentinfo = new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmidentifier, deroctetstring);
EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, (org.bouncycastle.asn1.ASN1Set) null);
ContentInfo contentinfo = new ContentInfo(PKCSObjectIdentifiers.envelopedData, env);
return contentinfo.toASN1Primitive();
}
use of com.github.zhenwei.core.asn1.DERSet in project itext2 by albfernandez.
the class PdfPKCS7 method buildUnauthenticatedAttributes.
/**
* Added by Aiken Sam, 2006-11-15, modifed by Martin Brunecky 07/12/2007
* to start with the timeStampToken (signedData 1.2.840.113549.1.7.2).
* Token is the TSA response without response status, which is usually
* handled by the (vendor supplied) TSA request/response interface).
* @param timeStampToken byte[] - time stamp token, DER encoded signedData
* @return ASN1EncodableVector
* @throws IOException
*/
private ASN1EncodableVector buildUnauthenticatedAttributes(byte[] timeStampToken) throws IOException {
if (timeStampToken == null)
return null;
// @todo: move this together with the rest of the defintions
// RFC 3161 id-aa-timeStampToken
String ID_TIME_STAMP_TOKEN = "1.2.840.113549.1.9.16.2.14";
ASN1InputStream tempstream = new ASN1InputStream(new ByteArrayInputStream(timeStampToken));
ASN1EncodableVector unauthAttributes = new ASN1EncodableVector();
ASN1EncodableVector v = new ASN1EncodableVector();
// id-aa-timeStampToken
v.add(new ASN1ObjectIdentifier(ID_TIME_STAMP_TOKEN));
ASN1Sequence seq = (ASN1Sequence) tempstream.readObject();
v.add(new DERSet(seq));
unauthAttributes.add(new DERSequence(v));
return unauthAttributes;
}
Aggregations