Example 76 with DERSet
use of com.github.zhenwei.core.asn1.DERSet in project LinLong-Java by zhenwei1108.
the class CMSEnvelopedDataStreamGenerator method open.
protected OutputStream open(OutputStream out, ASN1EncodableVector recipientInfos, OutputEncryptor encryptor) throws CMSException {
try {
//
// ContentInfo
//
BERSequenceGenerator cGen = new BERSequenceGenerator(out);
cGen.addObject(CMSObjectIdentifiers.envelopedData);
//
// Encrypted Data
//
BERSequenceGenerator envGen = new BERSequenceGenerator(cGen.getRawOutputStream(), 0, true);
ASN1Set recipients;
if (_berEncodeRecipientSet) {
recipients = new BERSet(recipientInfos);
} else {
recipients = new DERSet(recipientInfos);
}
envGen.addObject(getVersion(recipientInfos));
if (originatorInfo != null) {
envGen.addObject(new DERTaggedObject(false, 0, originatorInfo));
}
envGen.getRawOutputStream().write(recipients.getEncoded());
BERSequenceGenerator eiGen = new BERSequenceGenerator(envGen.getRawOutputStream());
eiGen.addObject(CMSObjectIdentifiers.data);
AlgorithmIdentifier encAlgId = encryptor.getAlgorithmIdentifier();
eiGen.getRawOutputStream().write(encAlgId.getEncoded());
OutputStream octetStream = CMSUtils.createBEROctetOutputStream(eiGen.getRawOutputStream(), 0, false, _bufferSize);
return new CmsEnvelopedDataOutputStream(encryptor, octetStream, cGen, envGen, eiGen);
} catch (IOException e) {
throw new CMSException("exception decoding algorithm parameters.", e);
}
}
Also used :
BERSet(com.github.zhenwei.core.asn1.BERSet)
ASN1Set(com.github.zhenwei.core.asn1.ASN1Set)
DERTaggedObject(com.github.zhenwei.core.asn1.DERTaggedObject)
BERSequenceGenerator(com.github.zhenwei.core.asn1.BERSequenceGenerator)
OutputStream(java.io.OutputStream)
IOException(java.io.IOException)
DERSet(com.github.zhenwei.core.asn1.DERSet)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
Example 77 with DERSet
use of com.github.zhenwei.core.asn1.DERSet in project gdmatrix by gdmatrix.
the class P7MUtils method addTimeStamp.
public static CMSSignedData addTimeStamp(String serviceURI, CMSSignedData signedData) throws Exception {
CMSSignedData newSignedData;
SignerInformationStore sigStore = signedData.getSignerInfos();
ArrayList siList = new ArrayList();
for (Object o : sigStore.getSigners()) {
// CertStore certStore =
// signedData.getCertificatesAndCRLs("Collection", "BC");
Store store = signedData.getCertificates();
SignerInformation si = (SignerInformation) o;
SignerId sigId = si.getSID();
JcaX509CertSelectorConverter converter = new JcaX509CertSelectorConverter();
CertSelector certSelector = converter.getCertSelector(sigId);
Collection certCollection = store.getMatches((Selector) certSelector);
// Collection certCollection = certStore.getCertificates(sigId);
X509Certificate certificate = (X509Certificate) certCollection.iterator().next();
System.out.println(certificate.getSubjectDN().getName());
// get signature
byte[] signature = si.getSignature();
// signed attributes
System.out.println("SignedAttributes:");
AttributeTable signedAttributes = si.getSignedAttributes();
printAttributeTable(signedAttributes);
// unsigned attributes
System.out.println("UnsignedAttributes:");
AttributeTable unsignedAttributes = si.getUnsignedAttributes();
printAttributeTable(unsignedAttributes);
ASN1ObjectIdentifier tsId = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2.14");
Attribute att = unsignedAttributes == null ? null : unsignedAttributes.get(tsId);
if (att == null) {
System.out.println("creating timeStamp...");
ASN1EncodableVector tsVector = new ASN1EncodableVector();
ContentInfo timeStampToken = createTimeStamp(serviceURI, signature);
tsVector.add(timeStampToken);
DERSet attributeValues = new DERSet(tsVector);
att = new Attribute(tsId, attributeValues);
Hashtable attrMap = new Hashtable();
attrMap.put(tsId, att);
AttributeTable table = new AttributeTable(attrMap);
SignerInformation newSi = SignerInformation.replaceUnsignedAttributes(si, table);
siList.add(newSi);
} else {
System.out.println("timeStamp present");
}
}
if (// replace signers
!siList.isEmpty()) {
newSignedData = CMSSignedData.replaceSigners(signedData, new SignerInformationStore(siList));
newSignedData = new CMSSignedData(newSignedData.getEncoded());
} else
newSignedData = signedData;
return newSignedData;
}
Also used :
JcaX509CertSelectorConverter(org.bouncycastle.cms.jcajce.JcaX509CertSelectorConverter)
Attribute(org.bouncycastle.asn1.cms.Attribute)
Hashtable(java.util.Hashtable)
ArrayList(java.util.ArrayList)
AttributeTable(org.bouncycastle.asn1.cms.AttributeTable)
SignerInformationStore(org.bouncycastle.cms.SignerInformationStore)
Store(org.bouncycastle.util.Store)
SignerInformation(org.bouncycastle.cms.SignerInformation)
CertSelector(java.security.cert.CertSelector)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
DERSet(org.bouncycastle.asn1.DERSet)
X509Certificate(java.security.cert.X509Certificate)
SignerInformationStore(org.bouncycastle.cms.SignerInformationStore)
SignerId(org.bouncycastle.cms.SignerId)
ContentInfo(org.bouncycastle.asn1.cms.ContentInfo)
Collection(java.util.Collection)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 78 with DERSet
use of com.github.zhenwei.core.asn1.DERSet in project gdmatrix by gdmatrix.
the class CMSUtils method addTimeStamp.
public static CMSSignedData addTimeStamp(String serviceURI, CMSSignedData signedData) throws Exception {
CMSSignedData newSignedData;
SignerInformationStore sigStore = signedData.getSignerInfos();
ArrayList siList = new ArrayList();
for (Object o : sigStore.getSigners()) {
Store certStore = signedData.getCertificates();
SignerInformation si = (SignerInformation) o;
SignerId sigId = si.getSID();
Collection certCollection = certStore.getMatches(sigId);
X509CertificateHolder certificateHolder = (X509CertificateHolder) certCollection.iterator().next();
X509Certificate certificate = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
System.out.println(certificate.getSubjectDN().getName());
// get signature
byte[] signature = si.getSignature();
// signed attributes
System.out.println("SignedAttributes:");
AttributeTable signedAttributes = si.getSignedAttributes();
printAttributeTable(signedAttributes);
// unsigned attributes
System.out.println("UnsignedAttributes:");
AttributeTable unsignedAttributes = si.getUnsignedAttributes();
printAttributeTable(unsignedAttributes);
ASN1ObjectIdentifier tsId = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2.14");
Attribute att = unsignedAttributes == null ? null : unsignedAttributes.get(tsId);
if (att == null) {
System.out.println("creating timeStamp...");
ContentInfo timeStampToken = createTimeStamp(serviceURI, signature);
ASN1EncodableVector vector = new ASN1EncodableVector();
vector.add(timeStampToken);
DERSet attributeValues = new DERSet(vector);
Attribute attribute = new Attribute(tsId, attributeValues);
Hashtable attrMap = new Hashtable();
attrMap.put(tsId, attribute);
AttributeTable table = new AttributeTable(attrMap);
SignerInformation newSi = SignerInformation.replaceUnsignedAttributes(si, table);
siList.add(newSi);
} else
System.out.println("Timestamp present");
}
if (// replace signers
!siList.isEmpty()) {
newSignedData = CMSSignedData.replaceSigners(signedData, new SignerInformationStore(siList));
newSignedData = new CMSSignedData(newSignedData.getEncoded());
} else
newSignedData = signedData;
return newSignedData;
}
Also used :
Attribute(org.bouncycastle.asn1.cms.Attribute)
Hashtable(java.util.Hashtable)
ArrayList(java.util.ArrayList)
AttributeTable(org.bouncycastle.asn1.cms.AttributeTable)
SignerInformationStore(org.bouncycastle.cms.SignerInformationStore)
Store(org.bouncycastle.util.Store)
SignerInformation(org.bouncycastle.cms.SignerInformation)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
DERSet(org.bouncycastle.asn1.DERSet)
X509Certificate(java.security.cert.X509Certificate)
SignerInformationStore(org.bouncycastle.cms.SignerInformationStore)
SignerId(org.bouncycastle.cms.SignerId)
ContentInfo(org.bouncycastle.asn1.cms.ContentInfo)
JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
Collection(java.util.Collection)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 79 with DERSet
use of com.github.zhenwei.core.asn1.DERSet in project itext2 by albfernandez.
the class PdfPublicKeySecurityHandler method createDERForRecipient.
private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert) throws IOException, GeneralSecurityException {
String s = "1.2.840.113549.3.2";
AlgorithmParameterGenerator algorithmparametergenerator = AlgorithmParameterGenerator.getInstance(s);
AlgorithmParameters algorithmparameters = algorithmparametergenerator.generateParameters();
ByteArrayInputStream bytearrayinputstream = new ByteArrayInputStream(algorithmparameters.getEncoded("ASN.1"));
ASN1InputStream asn1inputstream = new ASN1InputStream(bytearrayinputstream);
ASN1Primitive derobject = asn1inputstream.readObject();
KeyGenerator keygenerator = KeyGenerator.getInstance(s);
keygenerator.init(128);
SecretKey secretkey = keygenerator.generateKey();
Cipher cipher = Cipher.getInstance(s);
cipher.init(1, secretkey, algorithmparameters);
byte[] abyte1 = cipher.doFinal(in);
DEROctetString deroctetstring = new DEROctetString(abyte1);
KeyTransRecipientInfo keytransrecipientinfo = computeRecipientInfo(cert, secretkey.getEncoded());
DERSet derset = new DERSet(new RecipientInfo(keytransrecipientinfo));
AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier(s), derobject);
EncryptedContentInfo encryptedcontentinfo = new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmidentifier, deroctetstring);
EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, (org.bouncycastle.asn1.ASN1Set) null);
ContentInfo contentinfo = new ContentInfo(PKCSObjectIdentifiers.envelopedData, env);
return contentinfo.toASN1Primitive();
}
Also used :
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
KeyTransRecipientInfo(org.bouncycastle.asn1.cms.KeyTransRecipientInfo)
AlgorithmParameterGenerator(java.security.AlgorithmParameterGenerator)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERSet(org.bouncycastle.asn1.DERSet)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
SecretKey(javax.crypto.SecretKey)
ByteArrayInputStream(java.io.ByteArrayInputStream)
EncryptedContentInfo(org.bouncycastle.asn1.cms.EncryptedContentInfo)
ContentInfo(org.bouncycastle.asn1.cms.ContentInfo)
Cipher(javax.crypto.Cipher)
ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)
KeyGenerator(javax.crypto.KeyGenerator)
KeyTransRecipientInfo(org.bouncycastle.asn1.cms.KeyTransRecipientInfo)
RecipientInfo(org.bouncycastle.asn1.cms.RecipientInfo)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
EnvelopedData(org.bouncycastle.asn1.cms.EnvelopedData)
AlgorithmParameters(java.security.AlgorithmParameters)
EncryptedContentInfo(org.bouncycastle.asn1.cms.EncryptedContentInfo)
Example 80 with DERSet
use of com.github.zhenwei.core.asn1.DERSet in project itext2 by albfernandez.
the class PdfPKCS7 method buildUnauthenticatedAttributes.
/**
* Added by Aiken Sam, 2006-11-15, modifed by Martin Brunecky 07/12/2007
* to start with the timeStampToken (signedData 1.2.840.113549.1.7.2).
* Token is the TSA response without response status, which is usually
* handled by the (vendor supplied) TSA request/response interface).
* @param timeStampToken byte[] - time stamp token, DER encoded signedData
* @return ASN1EncodableVector
* @throws IOException
*/
private ASN1EncodableVector buildUnauthenticatedAttributes(byte[] timeStampToken) throws IOException {
if (timeStampToken == null)
return null;
// @todo: move this together with the rest of the defintions
// RFC 3161 id-aa-timeStampToken
String ID_TIME_STAMP_TOKEN = "1.2.840.113549.1.9.16.2.14";
ASN1InputStream tempstream = new ASN1InputStream(new ByteArrayInputStream(timeStampToken));
ASN1EncodableVector unauthAttributes = new ASN1EncodableVector();
ASN1EncodableVector v = new ASN1EncodableVector();
// id-aa-timeStampToken
v.add(new ASN1ObjectIdentifier(ID_TIME_STAMP_TOKEN));
ASN1Sequence seq = (ASN1Sequence) tempstream.readObject();
v.add(new DERSet(seq));
unauthAttributes.add(new DERSequence(v));
return unauthAttributes;
}
Also used :
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
DERSequence(org.bouncycastle.asn1.DERSequence)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
ASN1String(org.bouncycastle.asn1.ASN1String)
DERSet(org.bouncycastle.asn1.DERSet)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Aggregations
DERSet (org.bouncycastle.asn1.DERSet)59
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)34
IOException (java.io.IOException)29
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)27
DERSequence (org.bouncycastle.asn1.DERSequence)27
DEROctetString (org.bouncycastle.asn1.DEROctetString)22
DERSet (com.github.zhenwei.core.asn1.DERSet)21
Attribute (org.bouncycastle.asn1.cms.Attribute)21
X509Certificate (java.security.cert.X509Certificate)19
ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)15
Iterator (java.util.Iterator)15
ByteArrayOutputStream (java.io.ByteArrayOutputStream)13
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)13
ArrayList (java.util.ArrayList)12
ByteArrayInputStream (java.io.ByteArrayInputStream)11
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)11
DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)11
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)11
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)9
OutputStream (java.io.OutputStream)9
