Examples with SignedData com.github.zhenwei.core.asn1.pkcs.SignedData used on opensource projects

Example 11 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class PKIXCertPath method getEncoded.

/**
 * Returns the encoded form of this certification path, using the specified encoding.
 *
 * @param encoding the name of the encoding to use
 * @return the encoded bytes
 * @throws CertificateEncodingException if an encoding error occurs or the encoding requested is
 *                                      not supported
 */
public byte[] getEncoded(String encoding) throws CertificateEncodingException {
    if (encoding.equalsIgnoreCase("PkiPath")) {
        ASN1EncodableVector v = new ASN1EncodableVector();
        ListIterator iter = certificates.listIterator(certificates.size());
        while (iter.hasPrevious()) {
            v.add(toASN1Object((X509Certificate) iter.previous()));
        }
        return toDEREncoded(new DERSequence(v));
    } else if (encoding.equalsIgnoreCase("PKCS7")) {
        ContentInfo encInfo = new ContentInfo(PKCSObjectIdentifiers.data, null);
        ASN1EncodableVector v = new ASN1EncodableVector();
        for (int i = 0; i != certificates.size(); i++) {
            v.add(toASN1Object((X509Certificate) certificates.get(i)));
        }
        SignedData sd = new SignedData(new ASN1Integer(1), new DERSet(), encInfo, new DERSet(v), null, new DERSet());
        return toDEREncoded(new ContentInfo(PKCSObjectIdentifiers.signedData, sd));
    } else if (encoding.equalsIgnoreCase("PEM")) {
        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
        PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut));
        try {
            for (int i = 0; i != certificates.size(); i++) {
                pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate) certificates.get(i)).getEncoded()));
            }
            pWrt.close();
        } catch (Exception e) {
            throw new CertificateEncodingException("can't encode certificate for PEM encoded path");
        }
        return bOut.toByteArray();
    } else {
        throw new CertificateEncodingException("unsupported encoding: " + encoding);
    }
}

Example 12 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project robovm by robovm.

the class PKIXCertPath method getEncoded.

/**
     * Returns the encoded form of this certification path, using
     * the specified encoding.
     *
     * @param encoding the name of the encoding to use
     * @return the encoded bytes
     * @exception java.security.cert.CertificateEncodingException if an encoding error
     * occurs or the encoding requested is not supported
     *
     **/
public byte[] getEncoded(String encoding) throws CertificateEncodingException {
    if (encoding.equalsIgnoreCase("PkiPath")) {
        ASN1EncodableVector v = new ASN1EncodableVector();
        ListIterator iter = certificates.listIterator(certificates.size());
        while (iter.hasPrevious()) {
            v.add(toASN1Object((X509Certificate) iter.previous()));
        }
        return toDEREncoded(new DERSequence(v));
    } else if (encoding.equalsIgnoreCase("PKCS7")) {
        ContentInfo encInfo = new ContentInfo(PKCSObjectIdentifiers.data, null);
        ASN1EncodableVector v = new ASN1EncodableVector();
        for (int i = 0; i != certificates.size(); i++) {
            v.add(toASN1Object((X509Certificate) certificates.get(i)));
        }
        SignedData sd = new SignedData(new ASN1Integer(1), new DERSet(), encInfo, new DERSet(v), null, new DERSet());
        return toDEREncoded(new ContentInfo(PKCSObjectIdentifiers.signedData, sd));
    } else // BEGIN android-removed
    // else if (encoding.equalsIgnoreCase("PEM"))
    // {
    //     ByteArrayOutputStream bOut = new ByteArrayOutputStream();
    //     PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut));
    //
    //     try
    //     {
    //         for (int i = 0; i != certificates.size(); i++)
    //         {
    //             pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded()));
    //         }
    //
    //         pWrt.close();
    //     }
    //     catch (Exception e)
    //     {
    //         throw new CertificateEncodingException("can't encode certificate for PEM encoded path");
    //     }
    //
    //     return bOut.toByteArray();
    // }
    // END android-removed
    {
        throw new CertificateEncodingException("unsupported encoding: " + encoding);
    }
}

Example 13 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class TimeStampTokenGenerator method generate.

/**
 * Generate a TimeStampToken for the passed in request and serialNumber marking it with the passed
 * in genTime.
 *
 * @param request              the originating request.
 * @param serialNumber         serial number for the TimeStampToken
 * @param genTime              token generation time.
 * @param additionalExtensions extra extensions to be added to the response token.
 * @return a TimeStampToken
 * @throws TSPException
 */
public TimeStampToken generate(TimeStampRequest request, BigInteger serialNumber, Date genTime, Extensions additionalExtensions) throws TSPException {
    AlgorithmIdentifier algID = request.getMessageImprintAlgID();
    MessageImprint messageImprint = new MessageImprint(algID, request.getMessageImprintDigest());
    Accuracy accuracy = null;
    if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0) {
        ASN1Integer seconds = null;
        if (accuracySeconds > 0) {
            seconds = new ASN1Integer(accuracySeconds);
        }
        ASN1Integer millis = null;
        if (accuracyMillis > 0) {
            millis = new ASN1Integer(accuracyMillis);
        }
        ASN1Integer micros = null;
        if (accuracyMicros > 0) {
            micros = new ASN1Integer(accuracyMicros);
        }
        accuracy = new Accuracy(seconds, millis, micros);
    }
    ASN1Boolean derOrdering = null;
    if (ordering) {
        derOrdering = ASN1Boolean.getInstance(ordering);
    }
    ASN1Integer nonce = null;
    if (request.getNonce() != null) {
        nonce = new ASN1Integer(request.getNonce());
    }
    ASN1ObjectIdentifier tsaPolicy = tsaPolicyOID;
    if (request.getReqPolicy() != null) {
        tsaPolicy = request.getReqPolicy();
    }
    Extensions respExtensions = request.getExtensions();
    if (additionalExtensions != null) {
        ExtensionsGenerator extGen = new ExtensionsGenerator();
        if (respExtensions != null) {
            for (Enumeration en = respExtensions.oids(); en.hasMoreElements(); ) {
                extGen.addExtension(respExtensions.getExtension(ASN1ObjectIdentifier.getInstance(en.nextElement())));
            }
        }
        for (Enumeration en = additionalExtensions.oids(); en.hasMoreElements(); ) {
            extGen.addExtension(additionalExtensions.getExtension(ASN1ObjectIdentifier.getInstance(en.nextElement())));
        }
        respExtensions = extGen.generate();
    }
    ASN1GeneralizedTime timeStampTime;
    if (resolution == R_SECONDS) {
        timeStampTime = (locale == null) ? new ASN1GeneralizedTime(genTime) : new ASN1GeneralizedTime(genTime, locale);
    } else {
        timeStampTime = createGeneralizedTime(genTime);
    }
    TSTInfo tstInfo = new TSTInfo(tsaPolicy, messageImprint, new ASN1Integer(serialNumber), timeStampTime, accuracy, derOrdering, nonce, tsa, respExtensions);
    try {
        CMSSignedDataGenerator signedDataGenerator = new CMSSignedDataGenerator();
        if (request.getCertReq()) {
            // TODO: do we need to check certs non-empty?
            signedDataGenerator.addCertificates(new CollectionStore(certs));
            signedDataGenerator.addAttributeCertificates(new CollectionStore(attrCerts));
        }
        signedDataGenerator.addCRLs(new CollectionStore(crls));
        if (!otherRevoc.isEmpty()) {
            for (Iterator it = otherRevoc.keySet().iterator(); it.hasNext(); ) {
                ASN1ObjectIdentifier format = (ASN1ObjectIdentifier) it.next();
                signedDataGenerator.addOtherRevocationInfo(format, new CollectionStore((Collection) otherRevoc.get(format)));
            }
        }
        signedDataGenerator.addSignerInfoGenerator(signerInfoGen);
        byte[] derEncodedTSTInfo = tstInfo.getEncoded(ASN1Encoding.DER);
        CMSSignedData signedData = signedDataGenerator.generate(new CMSProcessableByteArray(PKCSObjectIdentifiers.id_ct_TSTInfo, derEncodedTSTInfo), true);
        return new TimeStampToken(signedData);
    } catch (CMSException cmsEx) {
        throw new TSPException("Error generating time-stamp token", cmsEx);
    } catch (IOException e) {
        throw new TSPException("Exception encoding info", e);
    }
}

Example 14 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class P7bBuilder method buildP7b.

public static ArrayList<X509Certificate> buildP7b(byte[] data) throws WeGooCryptoException {
    ContentInfo contentInfo = ContentInfo.getInstance(data);
    // P7B 的 contentType应该是这个
    // ASN1ObjectIdentifier signedData = PKCSObjectIdentifiers.signedData;
    SignedData signedData = SignedData.getInstance(contentInfo.getContent());
    if (signedData == null)
        throw new WeGooCryptoException(CryptoExceptionMassageEnum.build_err);
    ASN1Set certs = signedData.getCertificates();
    ArrayList<X509Certificate> list = new ArrayList<>();
    for (ASN1Encodable cert : certs) {
        list.add(CertBuilder.getInstance(cert).getCert());
    }
    return list;
}

Example 15 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class CMSSignedData method replaceCertificatesAndCRLs.

/**
 * Replace the certificate and CRL information associated with this CMSSignedData object with the
 * new one passed in.
 *
 * @param signedData   the signed data object to be used as a base.
 * @param certificates the new certificates to be used.
 * @param attrCerts    the new attribute certificates to be used.
 * @param revocations  the new CRLs to be used - a collection of X509CRLHolder objects,
 *                     OtherRevocationInfoFormat, or both.
 * @return a new signed data object.
 * @throws CMSException if there is an error processing the CertStore
 */
public static CMSSignedData replaceCertificatesAndCRLs(CMSSignedData signedData, Store certificates, Store attrCerts, Store revocations) throws CMSException {
    // 
    // copy
    // 
    CMSSignedData cms = new CMSSignedData(signedData);
    // 
    // replace the certs and revocations in the SignedData object
    // 
    ASN1Set certSet = null;
    ASN1Set crlSet = null;
    if (certificates != null || attrCerts != null) {
        List certs = new ArrayList();
        if (certificates != null) {
            certs.addAll(CMSUtils.getCertificatesFromStore(certificates));
        }
        if (attrCerts != null) {
            certs.addAll(CMSUtils.getAttributeCertificatesFromStore(attrCerts));
        }
        ASN1Set set = CMSUtils.createBerSetFromList(certs);
        if (set.size() != 0) {
            certSet = set;
        }
    }
    if (revocations != null) {
        ASN1Set set = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(revocations));
        if (set.size() != 0) {
            crlSet = set;
        }
    }
    // 
    // replace the CMS structure.
    // 
    cms.signedData = new SignedData(signedData.signedData.getDigestAlgorithms(), signedData.signedData.getEncapContentInfo(), certSet, crlSet, signedData.signedData.getSignerInfos());
    // 
    // replace the contentInfo with the new one
    // 
    cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
    return cms;
}