Examples with SignedData com.github.zhenwei.core.asn1.pkcs.SignedData used on opensource projects

Example 16 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class CMSSignedData method replaceSigners.

/**
 * Replace the SignerInformation store associated with this CMSSignedData object with the new one
 * passed in. You would probably only want to do this if you wanted to change the unsigned
 * attributes associated with a signer, or perhaps delete one.
 *
 * @param signedData             the signed data object to be used as a base.
 * @param signerInformationStore the new signer information store to use.
 * @return a new signed data object.
 */
public static CMSSignedData replaceSigners(CMSSignedData signedData, SignerInformationStore signerInformationStore) {
    // 
    // copy
    // 
    CMSSignedData cms = new CMSSignedData(signedData);
    // 
    // replace the store
    // 
    cms.signerInfoStore = signerInformationStore;
    // 
    // replace the signers in the SignedData object
    // 
    Set<AlgorithmIdentifier> digestAlgs = new HashSet<AlgorithmIdentifier>();
    ASN1EncodableVector vec = new ASN1EncodableVector();
    Iterator it = signerInformationStore.getSigners().iterator();
    while (it.hasNext()) {
        SignerInformation signer = (SignerInformation) it.next();
        CMSUtils.addDigestAlgs(digestAlgs, signer, dgstAlgFinder);
        vec.add(signer.toASN1Structure());
    }
    ASN1Set digests = CMSUtils.convertToBERSet(digestAlgs);
    ASN1Set signers = new DLSet(vec);
    ASN1Sequence sD = (ASN1Sequence) signedData.signedData.toASN1Primitive();
    vec = new ASN1EncodableVector();
    // 
    // signers are the last item in the sequence.
    // 
    // version
    vec.add(sD.getObjectAt(0));
    vec.add(digests);
    for (int i = 2; i != sD.size() - 1; i++) {
        vec.add(sD.getObjectAt(i));
    }
    vec.add(signers);
    cms.signedData = SignedData.getInstance(new BERSequence(vec));
    // 
    // replace the contentInfo with the new one
    // 
    cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
    return cms;
}

Example 17 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class CMSSignedDataParser method replaceCertificatesAndCRLs.

/**
 * Replace the certificate and CRL information associated with this CMSSignedData object with the
 * new one passed in.
 * <p>
 * The output stream is returned unclosed.
 * </p>
 *
 * @param original  the signed data stream to be used as a base.
 * @param certs     new certificates to be used, if any.
 * @param crls      new CRLs to be used, if any.
 * @param attrCerts new attribute certificates to be used, if any.
 * @param out       the stream to write the new signed data object to.
 * @return out.
 * @throws CMSException if there is an error processing the CertStore
 */
public static OutputStream replaceCertificatesAndCRLs(InputStream original, Store certs, Store crls, Store attrCerts, OutputStream out) throws CMSException, IOException {
    ASN1StreamParser in = new ASN1StreamParser(original);
    ContentInfoParser contentInfo = new ContentInfoParser((ASN1SequenceParser) in.readObject());
    SignedDataParser signedData = SignedDataParser.getInstance(contentInfo.getContent(BERTags.SEQUENCE));
    BERSequenceGenerator sGen = new BERSequenceGenerator(out);
    sGen.addObject(CMSObjectIdentifiers.signedData);
    BERSequenceGenerator sigGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true);
    // version number
    sigGen.addObject(signedData.getVersion());
    // digests
    sigGen.getRawOutputStream().write(signedData.getDigestAlgorithms().toASN1Primitive().getEncoded());
    // encap content info
    ContentInfoParser encapContentInfo = signedData.getEncapContentInfo();
    BERSequenceGenerator eiGen = new BERSequenceGenerator(sigGen.getRawOutputStream());
    eiGen.addObject(encapContentInfo.getContentType());
    pipeEncapsulatedOctetString(encapContentInfo, eiGen.getRawOutputStream());
    eiGen.close();
    // 
    // skip existing certs and CRLs
    // 
    getASN1Set(signedData.getCertificates());
    getASN1Set(signedData.getCrls());
    // 
    if (certs != null || attrCerts != null) {
        List certificates = new ArrayList();
        if (certs != null) {
            certificates.addAll(CMSUtils.getCertificatesFromStore(certs));
        }
        if (attrCerts != null) {
            certificates.addAll(CMSUtils.getAttributeCertificatesFromStore(attrCerts));
        }
        ASN1Set asn1Certs = CMSUtils.createBerSetFromList(certificates);
        if (asn1Certs.size() > 0) {
            sigGen.getRawOutputStream().write(new DERTaggedObject(false, 0, asn1Certs).getEncoded());
        }
    }
    if (crls != null) {
        ASN1Set asn1Crls = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(crls));
        if (asn1Crls.size() > 0) {
            sigGen.getRawOutputStream().write(new DERTaggedObject(false, 1, asn1Crls).getEncoded());
        }
    }
    sigGen.getRawOutputStream().write(signedData.getSignerInfos().toASN1Primitive().getEncoded());
    sigGen.close();
    sGen.close();
    return out;
}

Example 18 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class CMSSignedDataParser method replaceSigners.

/**
 * Replace the signerinformation store associated with the passed in message contained in the
 * stream original with the new one passed in. You would probably only want to do this if you
 * wanted to change the unsigned attributes associated with a signer, or perhaps delete one.
 * <p>
 * The output stream is returned unclosed.
 * </p>
 *
 * @param original               the signed data stream to be used as a base.
 * @param signerInformationStore the new signer information store to use.
 * @param out                    the stream to write the new signed data object to.
 * @return out.
 */
public static OutputStream replaceSigners(InputStream original, SignerInformationStore signerInformationStore, OutputStream out) throws CMSException, IOException {
    ASN1StreamParser in = new ASN1StreamParser(original);
    ContentInfoParser contentInfo = new ContentInfoParser((ASN1SequenceParser) in.readObject());
    SignedDataParser signedData = SignedDataParser.getInstance(contentInfo.getContent(BERTags.SEQUENCE));
    BERSequenceGenerator sGen = new BERSequenceGenerator(out);
    sGen.addObject(CMSObjectIdentifiers.signedData);
    BERSequenceGenerator sigGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true);
    // version number
    sigGen.addObject(signedData.getVersion());
    // digests
    // skip old ones
    signedData.getDigestAlgorithms().toASN1Primitive();
    ASN1EncodableVector digestAlgs = new ASN1EncodableVector();
    for (Iterator it = signerInformationStore.getSigners().iterator(); it.hasNext(); ) {
        SignerInformation signer = (SignerInformation) it.next();
        digestAlgs.add(CMSSignedHelper.INSTANCE.fixDigestAlgID(signer.getDigestAlgorithmID(), dgstAlgFinder));
    }
    sigGen.getRawOutputStream().write(new DERSet(digestAlgs).getEncoded());
    // encap content info
    ContentInfoParser encapContentInfo = signedData.getEncapContentInfo();
    BERSequenceGenerator eiGen = new BERSequenceGenerator(sigGen.getRawOutputStream());
    eiGen.addObject(encapContentInfo.getContentType());
    pipeEncapsulatedOctetString(encapContentInfo, eiGen.getRawOutputStream());
    eiGen.close();
    writeSetToGeneratorTagged(sigGen, signedData.getCertificates(), 0);
    writeSetToGeneratorTagged(sigGen, signedData.getCrls(), 1);
    ASN1EncodableVector signerInfos = new ASN1EncodableVector();
    for (Iterator it = signerInformationStore.getSigners().iterator(); it.hasNext(); ) {
        SignerInformation signer = (SignerInformation) it.next();
        signerInfos.add(signer.toASN1Structure());
    }
    sigGen.getRawOutputStream().write(new DERSet(signerInfos).getEncoded());
    sigGen.close();
    sGen.close();
    return out;
}

Example 19 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class SMimeParserListener method object.

public void object(MimeParserContext parserContext, Headers headers, InputStream inputStream) throws IOException {
    try {
        if (headers.getContentType().equals("application/pkcs7-signature") || headers.getContentType().equals("application/x-pkcs7-signature")) {
            Map<ASN1ObjectIdentifier, byte[]> hashes = new HashMap<ASN1ObjectIdentifier, byte[]>();
            for (int i = 0; i != digestCalculators.length; i++) {
                digestCalculators[i].getOutputStream().close();
                hashes.put(digestCalculators[i].getAlgorithmIdentifier().getAlgorithm(), digestCalculators[i].getDigest());
            }
            byte[] sigBlock = Streams.readAll(inputStream);
            CMSSignedData signedData = new CMSSignedData(hashes, sigBlock);
            signedData(parserContext, headers, signedData.getCertificates(), signedData.getCRLs(), signedData.getAttributeCertificates(), signedData.getSignerInfos());
        } else if (headers.getContentType().equals("application/pkcs7-mime") || headers.getContentType().equals("application/x-pkcs7-mime")) {
            CMSEnvelopedDataParser envelopedDataParser = new CMSEnvelopedDataParser(inputStream);
            envelopedData(parserContext, headers, envelopedDataParser.getOriginatorInfo(), envelopedDataParser.getRecipientInfos());
            envelopedDataParser.close();
        } else {
            content(parserContext, headers, inputStream);
        }
    } catch (CMSException e) {
        throw new MimeIOException("CMS failure: " + e.getMessage(), e);
    }
}

Example 20 with SignedData

use of com.github.zhenwei.core.asn1.pkcs.SignedData in project LinLong-Java by zhenwei1108.

the class CertificateFactory method engineGenerateCRLs.

/**
 * Returns a (possibly empty) collection view of the CRLs read from the given input stream
 * inStream.
 * <p>
 * The inStream may contain a sequence of DER-encoded CRLs, or a PKCS#7 CRL set.  This is a PKCS#7
 * SignedData object, with the only signficant field being crls.  In particular the signature and
 * the contents are ignored.
 */
public Collection engineGenerateCRLs(InputStream inStream) throws CRLException {
    CRL crl;
    List crls = new ArrayList();
    BufferedInputStream in = new BufferedInputStream(inStream);
    // if we do read some certificates we'll return them even if junk at end of file
    while ((crl = doGenerateCRL(in, crls.isEmpty())) != null) {
        crls.add(crl);
    }
    return crls;
}