Examples with SignedData com.github.zhenwei.core.asn1.pkcs.SignedData used on opensource projects

Example 6 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class CMSSignedDataGenerator method generate.

/**
 * Generate a CMS Signed Data object which can be carrying a detached CMS signature, or have
 * encapsulated data, depending on the value of the encapsulated parameter.
 *
 * @param content     the content to be signed.
 * @param encapsulate true if the content should be encapsulated in the signature, false
 *                    otherwise.
 */
public CMSSignedData generate(// FIXME Avoid accessing more than once to support CMSProcessableInputStream
CMSTypedData content, boolean encapsulate) throws CMSException {
    if (!signerInfs.isEmpty()) {
        throw new IllegalStateException("this method can only be used with SignerInfoGenerator");
    }
    // TODO
    // if (signerInfs.isEmpty())
    // {
    // /* RFC 3852 5.2
    // * "In the degenerate case where there are no signers, the
    // * EncapsulatedContentInfo value being "signed" is irrelevant.  In this
    // * case, the content type within the EncapsulatedContentInfo value being
    // * "signed" MUST be id-data (as defined in section 4), and the content
    // * field of the EncapsulatedContentInfo value MUST be omitted."
    // */
    // if (encapsulate)
    // {
    // throw new IllegalArgumentException("no signers, encapsulate must be false");
    // }
    // if (!DATA.equals(eContentType))
    // {
    // throw new IllegalArgumentException("no signers, eContentType must be id-data");
    // }
    // }
    // 
    // if (!DATA.equals(eContentType))
    // {
    // /* RFC 3852 5.3
    // * [The 'signedAttrs']...
    // * field is optional, but it MUST be present if the content type of
    // * the EncapsulatedContentInfo value being signed is not id-data.
    // */
    // // TODO signedAttrs must be present for all signers
    // }
    Set<AlgorithmIdentifier> digestAlgs = new LinkedHashSet<AlgorithmIdentifier>();
    ASN1EncodableVector signerInfos = new ASN1EncodableVector();
    // clear the current preserved digest state
    digests.clear();
    // 
    for (Iterator it = _signers.iterator(); it.hasNext(); ) {
        SignerInformation signer = (SignerInformation) it.next();
        CMSUtils.addDigestAlgs(digestAlgs, signer, digestAlgIdFinder);
        // TODO Verify the content type and calculated digest match the precalculated SignerInfo
        signerInfos.add(signer.toASN1Structure());
    }
    // 
    // add the SignerInfo objects
    // 
    ASN1ObjectIdentifier contentTypeOID = content.getContentType();
    ASN1OctetString octs = null;
    if (content.getContent() != null) {
        ByteArrayOutputStream bOut = null;
        if (encapsulate) {
            bOut = new ByteArrayOutputStream();
        }
        OutputStream cOut = CMSUtils.attachSignersToOutputStream(signerGens, bOut);
        // Just in case it's unencapsulated and there are no signers!
        cOut = CMSUtils.getSafeOutputStream(cOut);
        try {
            content.write(cOut);
            cOut.close();
        } catch (IOException e) {
            throw new CMSException("data processing exception: " + e.getMessage(), e);
        }
        if (encapsulate) {
            octs = new BEROctetString(bOut.toByteArray());
        }
    }
    for (Iterator it = signerGens.iterator(); it.hasNext(); ) {
        SignerInfoGenerator sGen = (SignerInfoGenerator) it.next();
        SignerInfo inf = sGen.generate(contentTypeOID);
        digestAlgs.add(inf.getDigestAlgorithm());
        signerInfos.add(inf);
        byte[] calcDigest = sGen.getCalculatedDigest();
        if (calcDigest != null) {
            digests.put(inf.getDigestAlgorithm().getAlgorithm().getId(), calcDigest);
        }
    }
    ASN1Set certificates = null;
    if (certs.size() != 0) {
        certificates = CMSUtils.createBerSetFromList(certs);
    }
    ASN1Set certrevlist = null;
    if (crls.size() != 0) {
        certrevlist = CMSUtils.createBerSetFromList(crls);
    }
    ContentInfo encInfo = new ContentInfo(contentTypeOID, octs);
    SignedData sd = new SignedData(CMSUtils.convertToBERSet(digestAlgs), encInfo, certificates, certrevlist, new DERSet(signerInfos));
    ContentInfo contentInfo = new ContentInfo(CMSObjectIdentifiers.signedData, sd);
    return new CMSSignedData(content, contentInfo);
}

Example 7 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class CMSConfig method setSigningEncryptionAlgorithmMapping.

/**
 * Set the mapping for the encryption algorithm used in association with a SignedData generation
 * or interpretation.
 *
 * @param oid           object identifier to map.
 * @param algorithmName algorithm name to use.
 */
public static void setSigningEncryptionAlgorithmMapping(String oid, String algorithmName) {
    ASN1ObjectIdentifier id = new ASN1ObjectIdentifier(oid);
    CMSSignedHelper.INSTANCE.setSigningEncryptionAlgorithmMapping(id, algorithmName);
}

Example 8 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class X509AttrCertParser method readDERCertificate.

private X509AttributeCertificate readDERCertificate(InputStream in) throws IOException {
    ASN1InputStream dIn = new ASN1InputStream(in);
    ASN1Sequence seq = ASN1Sequence.getInstance(dIn.readObject());
    if (seq.size() > 1 && seq.getObjectAt(0) instanceof ASN1ObjectIdentifier) {
        if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData)) {
            sData = new SignedData(ASN1Sequence.getInstance((ASN1TaggedObject) seq.getObjectAt(1), true)).getCertificates();
            return getCertificate();
        }
    }
    return new X509V2AttributeCertificate(seq.getEncoded());
}

Example 9 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class X509CRLParser method readDERCRL.

private CRL readDERCRL(InputStream in) throws IOException, CRLException {
    ASN1InputStream dIn = new ASN1InputStream(in);
    ASN1Sequence seq = (ASN1Sequence) dIn.readObject();
    if (seq.size() > 1 && seq.getObjectAt(0) instanceof ASN1ObjectIdentifier) {
        if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData)) {
            sData = new SignedData(ASN1Sequence.getInstance((ASN1TaggedObject) seq.getObjectAt(1), true)).getCRLs();
            return getCRL();
        }
    }
    return new X509CRLObject(CertificateList.getInstance(seq));
}

Example 10 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class X509CertParser method readDERCertificate.

private Certificate readDERCertificate(InputStream in) throws IOException, CertificateParsingException {
    ASN1InputStream dIn = new ASN1InputStream(in);
    ASN1Sequence seq = (ASN1Sequence) dIn.readObject();
    if (seq.size() > 1 && seq.getObjectAt(0) instanceof ASN1ObjectIdentifier) {
        if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData)) {
            sData = new SignedData(ASN1Sequence.getInstance((ASN1TaggedObject) seq.getObjectAt(1), true)).getCertificates();
            return getCertificate();
        }
    }
    return new X509CertificateObject(com.github.zhenwei.core.asn1.x509.Certificate.getInstance(seq));
}