Examples with ContentInfo com.github.zhenwei.core.asn1.pkcs.ContentInfo used on opensource projects

Example 41 with ContentInfo

use of com.github.zhenwei.core.asn1.pkcs.ContentInfo in project LinLong-Java by zhenwei1108.

the class CMSSignedData method replaceSigners.

/**
 * Replace the SignerInformation store associated with this CMSSignedData object with the new one
 * passed in. You would probably only want to do this if you wanted to change the unsigned
 * attributes associated with a signer, or perhaps delete one.
 *
 * @param signedData             the signed data object to be used as a base.
 * @param signerInformationStore the new signer information store to use.
 * @return a new signed data object.
 */
public static CMSSignedData replaceSigners(CMSSignedData signedData, SignerInformationStore signerInformationStore) {
    // 
    // copy
    // 
    CMSSignedData cms = new CMSSignedData(signedData);
    // 
    // replace the store
    // 
    cms.signerInfoStore = signerInformationStore;
    // 
    // replace the signers in the SignedData object
    // 
    Set<AlgorithmIdentifier> digestAlgs = new HashSet<AlgorithmIdentifier>();
    ASN1EncodableVector vec = new ASN1EncodableVector();
    Iterator it = signerInformationStore.getSigners().iterator();
    while (it.hasNext()) {
        SignerInformation signer = (SignerInformation) it.next();
        CMSUtils.addDigestAlgs(digestAlgs, signer, dgstAlgFinder);
        vec.add(signer.toASN1Structure());
    }
    ASN1Set digests = CMSUtils.convertToBERSet(digestAlgs);
    ASN1Set signers = new DLSet(vec);
    ASN1Sequence sD = (ASN1Sequence) signedData.signedData.toASN1Primitive();
    vec = new ASN1EncodableVector();
    // 
    // signers are the last item in the sequence.
    // 
    // version
    vec.add(sD.getObjectAt(0));
    vec.add(digests);
    for (int i = 2; i != sD.size() - 1; i++) {
        vec.add(sD.getObjectAt(i));
    }
    vec.add(signers);
    cms.signedData = SignedData.getInstance(new BERSequence(vec));
    // 
    // replace the contentInfo with the new one
    // 
    cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
    return cms;
}

Example 42 with ContentInfo

use of com.github.zhenwei.core.asn1.pkcs.ContentInfo in project LinLong-Java by zhenwei1108.

the class CMSAuthEnvelopedDataGenerator method doGenerate.

private CMSAuthEnvelopedData doGenerate(CMSTypedData content, OutputAEADEncryptor contentEncryptor) throws CMSException {
    ASN1EncodableVector recipientInfos = new ASN1EncodableVector();
    AlgorithmIdentifier encAlgId;
    ASN1OctetString encContent;
    ByteArrayOutputStream bOut = new ByteArrayOutputStream();
    ASN1Set authenticatedAttrSet = null;
    try {
        OutputStream cOut = contentEncryptor.getOutputStream(bOut);
        content.write(cOut);
        if (authAttrsGenerator != null) {
            AttributeTable attrTable = authAttrsGenerator.getAttributes(Collections.EMPTY_MAP);
            authenticatedAttrSet = new DERSet(attrTable.toASN1EncodableVector());
            contentEncryptor.getAADStream().write(authenticatedAttrSet.getEncoded(ASN1Encoding.DER));
        }
        cOut.close();
    } catch (IOException e) {
        throw new CMSException("unable to process authenticated content: " + e.getMessage(), e);
    }
    byte[] encryptedContent = bOut.toByteArray();
    byte[] mac = contentEncryptor.getMAC();
    encAlgId = contentEncryptor.getAlgorithmIdentifier();
    encContent = new BEROctetString(encryptedContent);
    GenericKey encKey = contentEncryptor.getKey();
    for (Iterator it = recipientInfoGenerators.iterator(); it.hasNext(); ) {
        RecipientInfoGenerator recipient = (RecipientInfoGenerator) it.next();
        recipientInfos.add(recipient.generate(encKey));
    }
    EncryptedContentInfo eci = new EncryptedContentInfo(content.getContentType(), encAlgId, encContent);
    ASN1Set unprotectedAttrSet = null;
    if (unauthAttrsGenerator != null) {
        AttributeTable attrTable = unauthAttrsGenerator.getAttributes(Collections.EMPTY_MAP);
        unprotectedAttrSet = new DLSet(attrTable.toASN1EncodableVector());
    }
    ContentInfo contentInfo = new ContentInfo(CMSObjectIdentifiers.authEnvelopedData, new AuthEnvelopedData(originatorInfo, new DERSet(recipientInfos), eci, authenticatedAttrSet, new DEROctetString(mac), unprotectedAttrSet));
    return new CMSAuthEnvelopedData(contentInfo);
}

Example 43 with ContentInfo

use of com.github.zhenwei.core.asn1.pkcs.ContentInfo in project LinLong-Java by zhenwei1108.

the class CMSSignedDataStreamGenerator method open.

/**
 * generate a signed object that for a CMS Signed Data object using the given provider - if
 * encapsulate is true a copy of the message will be included in the signature. The content type
 * is set according to the OID represented by the string signedContentType.
 *
 * @param eContentType     OID for data to be signed.
 * @param out              stream the CMS object is to be written to.
 * @param encapsulate      true if data should be encapsulated.
 * @param dataOutputStream output stream to copy the data being signed to.
 */
public OutputStream open(ASN1ObjectIdentifier eContentType, OutputStream out, boolean encapsulate, OutputStream dataOutputStream) throws IOException {
    // TODO
    // if (_signerInfs.isEmpty())
    // {
    // /* RFC 3852 5.2
    // * "In the degenerate case where there are no signers, the
    // * EncapsulatedContentInfo value being "signed" is irrelevant.  In this
    // * case, the content type within the EncapsulatedContentInfo value being
    // * "signed" MUST be id-data (as defined in section 4), and the content
    // * field of the EncapsulatedContentInfo value MUST be omitted."
    // */
    // if (encapsulate)
    // {
    // throw new IllegalArgumentException("no signers, encapsulate must be false");
    // }
    // if (!DATA.equals(eContentType))
    // {
    // throw new IllegalArgumentException("no signers, eContentType must be id-data");
    // }
    // }
    // 
    // if (!DATA.equals(eContentType))
    // {
    // /* RFC 3852 5.3
    // * [The 'signedAttrs']...
    // * field is optional, but it MUST be present if the content type of
    // * the EncapsulatedContentInfo value being signed is not id-data.
    // */
    // // TODO signedAttrs must be present for all signers
    // }
    // 
    // ContentInfo
    // 
    BERSequenceGenerator sGen = new BERSequenceGenerator(out);
    sGen.addObject(CMSObjectIdentifiers.signedData);
    // 
    // Signed Data
    // 
    BERSequenceGenerator sigGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true);
    sigGen.addObject(calculateVersion(eContentType));
    Set<AlgorithmIdentifier> digestAlgs = new HashSet<AlgorithmIdentifier>();
    // 
    for (Iterator it = _signers.iterator(); it.hasNext(); ) {
        SignerInformation signer = (SignerInformation) it.next();
        CMSUtils.addDigestAlgs(digestAlgs, signer, digestAlgIdFinder);
    }
    for (Iterator it = signerGens.iterator(); it.hasNext(); ) {
        SignerInfoGenerator signerGen = (SignerInfoGenerator) it.next();
        digestAlgs.add(signerGen.getDigestAlgorithm());
    }
    sigGen.getRawOutputStream().write(CMSUtils.convertToBERSet(digestAlgs).getEncoded());
    BERSequenceGenerator eiGen = new BERSequenceGenerator(sigGen.getRawOutputStream());
    eiGen.addObject(eContentType);
    // If encapsulating, add the data as an octet string in the sequence
    OutputStream encapStream = encapsulate ? CMSUtils.createBEROctetOutputStream(eiGen.getRawOutputStream(), 0, true, _bufferSize) : null;
    // Also send the data to 'dataOutputStream' if necessary
    OutputStream contentStream = CMSUtils.getSafeTeeOutputStream(dataOutputStream, encapStream);
    // Let all the signers see the data as it is written
    OutputStream sigStream = CMSUtils.attachSignersToOutputStream(signerGens, contentStream);
    return new CmsSignedDataOutputStream(sigStream, eContentType, sGen, sigGen, eiGen);
}

Example 44 with ContentInfo

use of com.github.zhenwei.core.asn1.pkcs.ContentInfo in project laverca by laverca.

the class CmsSignature method bytesToPkcs7SignedData.

/**
 * Convert a byte array to a PKCS7 SignedData object
 * @param bytes byte array
 * @return PKCS7 SignedData object
 */
public static SignedData bytesToPkcs7SignedData(byte[] bytes) {
    if (bytes == null) {
        throw new IllegalArgumentException("null bytes");
    }
    ASN1InputStream ais = new ASN1InputStream(bytes);
    ASN1Object asn1 = null;
    try {
        asn1 = ais.readObject();
    } catch (IOException ioe) {
        throw new IllegalArgumentException("not a pkcs7 signature");
    } finally {
        try {
            ais.close();
        } catch (IOException e) {
        // Ignore
        }
    }
    ContentInfo ci = ContentInfo.getInstance(asn1);
    ASN1ObjectIdentifier typeId = ci.getContentType();
    if (!typeId.equals(PKCSObjectIdentifiers.signedData)) {
        throw new IllegalArgumentException("not a pkcs7 signature");
    }
    return SignedData.getInstance(ci.getContent());
}