Search in sources :

Example 56 with ContentInfo

use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project BiglyBT by BiglySoftware.

the class PEMWriter method writeObject.

public void writeObject(Object o) throws IOException {
    String type;
    byte[] encoding;
    if (o instanceof X509Certificate) {
        type = "CERTIFICATE";
        try {
            encoding = ((X509Certificate) o).getEncoded();
        } catch (CertificateEncodingException e) {
            throw new IOException("Cannot encode object: " + e.toString());
        }
    } else if (o instanceof X509CRL) {
        type = "X509 CRL";
        try {
            encoding = ((X509CRL) o).getEncoded();
        } catch (CRLException e) {
            throw new IOException("Cannot encode object: " + e.toString());
        }
    } else if (o instanceof KeyPair) {
        writeObject(((KeyPair) o).getPrivate());
        return;
    } else if (o instanceof PrivateKey) {
        PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) ASN1Object.fromByteArray(((Key) o).getEncoded()));
        if (o instanceof RSAPrivateKey) {
            type = "RSA PRIVATE KEY";
            encoding = info.getPrivateKey().getEncoded();
        } else if (o instanceof DSAPrivateKey) {
            type = "DSA PRIVATE KEY";
            DSAParameter p = DSAParameter.getInstance(info.getAlgorithmId().getParameters());
            ASN1EncodableVector v = new ASN1EncodableVector();
            v.add(new DERInteger(0));
            v.add(new DERInteger(p.getP()));
            v.add(new DERInteger(p.getQ()));
            v.add(new DERInteger(p.getG()));
            BigInteger x = ((DSAPrivateKey) o).getX();
            BigInteger y = p.getG().modPow(x, p.getP());
            v.add(new DERInteger(y));
            v.add(new DERInteger(x));
            encoding = new DERSequence(v).getEncoded();
        } else {
            throw new IOException("Cannot identify private key");
        }
    } else if (o instanceof PublicKey) {
        type = "PUBLIC KEY";
        encoding = ((PublicKey) o).getEncoded();
    } else if (o instanceof X509AttributeCertificate) {
        type = "ATTRIBUTE CERTIFICATE";
        encoding = ((X509V2AttributeCertificate) o).getEncoded();
    } else if (o instanceof PKCS10CertificationRequest) {
        type = "CERTIFICATE REQUEST";
        encoding = ((PKCS10CertificationRequest) o).getEncoded();
    } else if (o instanceof ContentInfo) {
        type = "PKCS7";
        encoding = ((ContentInfo) o).getEncoded();
    } else {
        throw new IOException("unknown object passed - can't encode.");
    }
    writeHeader(type);
    writeEncoded(encoding);
    writeFooter(type);
}
Also used : PKCS10CertificationRequest(org.gudy.bouncycastle.jce.PKCS10CertificationRequest) X509CRL(java.security.cert.X509CRL) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) X509AttributeCertificate(org.gudy.bouncycastle.x509.X509AttributeCertificate) CertificateEncodingException(java.security.cert.CertificateEncodingException) IOException(java.io.IOException) X509V2AttributeCertificate(org.gudy.bouncycastle.x509.X509V2AttributeCertificate) X509Certificate(java.security.cert.X509Certificate) ContentInfo(org.gudy.bouncycastle.asn1.cms.ContentInfo) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) BigInteger(java.math.BigInteger) DSAParameter(org.gudy.bouncycastle.asn1.x509.DSAParameter) CRLException(java.security.cert.CRLException) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) PrivateKeyInfo(org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) RSAPrivateCrtKey(java.security.interfaces.RSAPrivateCrtKey)

Example 57 with ContentInfo

use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project jmulticard by ctt-gob-es.

the class CMSSignedData method replaceCertificatesAndCRLs.

/**
 * Replace the certificate and CRL information associated with this
 * CMSSignedData object with the new one passed in.
 *
 * @param signedData the signed data object to be used as a base.
 * @param certificates the new certificates to be used.
 * @param attrCerts the new attribute certificates to be used.
 * @param revocations the new CRLs to be used - a collection of X509CRLHolder objects, OtherRevocationInfoFormat, or both.
 * @return a new signed data object.
 * @exception CMSException if there is an error processing the CertStore
 */
public static CMSSignedData replaceCertificatesAndCRLs(CMSSignedData signedData, Store certificates, Store attrCerts, Store revocations) throws CMSException {
    // 
    // copy
    // 
    CMSSignedData cms = new CMSSignedData(signedData);
    // 
    // replace the certs and revocations in the SignedData object
    // 
    ASN1Set certSet = null;
    ASN1Set crlSet = null;
    if (certificates != null || attrCerts != null) {
        List certs = new ArrayList();
        if (certificates != null) {
            certs.addAll(CMSUtils.getCertificatesFromStore(certificates));
        }
        if (attrCerts != null) {
            certs.addAll(CMSUtils.getAttributeCertificatesFromStore(attrCerts));
        }
        ASN1Set set = CMSUtils.createBerSetFromList(certs);
        if (set.size() != 0) {
            certSet = set;
        }
    }
    if (revocations != null) {
        ASN1Set set = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(revocations));
        if (set.size() != 0) {
            crlSet = set;
        }
    }
    // 
    // replace the CMS structure.
    // 
    cms.signedData = new SignedData(signedData.signedData.getDigestAlgorithms(), signedData.signedData.getEncapContentInfo(), certSet, crlSet, signedData.signedData.getSignerInfos());
    // 
    // replace the contentInfo with the new one
    // 
    cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
    return cms;
}
Also used : ASN1Set(org.bouncycastle.asn1.ASN1Set) SignedData(org.bouncycastle.asn1.cms.SignedData) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List)

Example 58 with ContentInfo

use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project jmulticard by ctt-gob-es.

the class CMSSignedData method addDigestAlgorithm.

/**
 * Return a new CMSSignedData which guarantees to have the passed in digestAlgorithm
 * in it.
 *
 * @param signedData the signed data object to be used as a base.
 * @param digestAlgorithm the digest algorithm to be added to the signed data.
 * @return a new signed data object.
 */
public static CMSSignedData addDigestAlgorithm(CMSSignedData signedData, AlgorithmIdentifier digestAlgorithm) {
    Set<AlgorithmIdentifier> digestAlgorithms = signedData.getDigestAlgorithmIDs();
    AlgorithmIdentifier digestAlg = CMSSignedHelper.INSTANCE.fixDigestAlgID(digestAlgorithm, dgstAlgFinder);
    // 
    if (digestAlgorithms.contains(digestAlg)) {
        return signedData;
    }
    // 
    // copy
    // 
    CMSSignedData cms = new CMSSignedData(signedData);
    // 
    // build up the new set
    // 
    Set<AlgorithmIdentifier> digestAlgs = new HashSet<AlgorithmIdentifier>();
    Iterator it = digestAlgorithms.iterator();
    while (it.hasNext()) {
        digestAlgs.add(CMSSignedHelper.INSTANCE.fixDigestAlgID((AlgorithmIdentifier) it.next(), dgstAlgFinder));
    }
    digestAlgs.add(digestAlg);
    ASN1Set digests = CMSUtils.convertToDlSet(digestAlgs);
    ASN1Sequence sD = (ASN1Sequence) signedData.signedData.toASN1Primitive();
    ASN1EncodableVector vec = new ASN1EncodableVector();
    // 
    // signers are the last item in the sequence.
    // 
    // version
    vec.add(sD.getObjectAt(0));
    vec.add(digests);
    for (int i = 2; i != sD.size(); i++) {
        vec.add(sD.getObjectAt(i));
    }
    cms.signedData = SignedData.getInstance(new BERSequence(vec));
    // 
    // replace the contentInfo with the new one
    // 
    cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
    return cms;
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ASN1Set(org.bouncycastle.asn1.ASN1Set) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) BERSequence(org.bouncycastle.asn1.BERSequence) Iterator(java.util.Iterator) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) HashSet(java.util.HashSet)

Example 59 with ContentInfo

use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project jmulticard by ctt-gob-es.

the class CMSSignedData method replaceSigners.

/**
 * Replace the SignerInformation store associated with this
 * CMSSignedData object with the new one passed in. You would
 * probably only want to do this if you wanted to change the unsigned
 * attributes associated with a signer, or perhaps delete one.
 *
 * @param signedData the signed data object to be used as a base.
 * @param signerInformationStore the new signer information store to use.
 * @return a new signed data object.
 */
public static CMSSignedData replaceSigners(CMSSignedData signedData, SignerInformationStore signerInformationStore) {
    // 
    // copy
    // 
    CMSSignedData cms = new CMSSignedData(signedData);
    // 
    // replace the store
    // 
    cms.signerInfoStore = signerInformationStore;
    // 
    // replace the signers in the SignedData object
    // 
    Set<AlgorithmIdentifier> digestAlgs = new HashSet<AlgorithmIdentifier>();
    ASN1EncodableVector vec = new ASN1EncodableVector();
    Iterator it = signerInformationStore.getSigners().iterator();
    while (it.hasNext()) {
        SignerInformation signer = (SignerInformation) it.next();
        CMSUtils.addDigestAlgs(digestAlgs, signer, dgstAlgFinder);
        vec.add(signer.toASN1Structure());
    }
    ASN1Set digests = CMSUtils.convertToDlSet(digestAlgs);
    ASN1Set signers = new DLSet(vec);
    ASN1Sequence sD = (ASN1Sequence) signedData.signedData.toASN1Primitive();
    vec = new ASN1EncodableVector();
    // 
    // signers are the last item in the sequence.
    // 
    // version
    vec.add(sD.getObjectAt(0));
    vec.add(digests);
    for (int i = 2; i != sD.size() - 1; i++) {
        vec.add(sD.getObjectAt(i));
    }
    vec.add(signers);
    cms.signedData = SignedData.getInstance(new BERSequence(vec));
    // 
    // replace the contentInfo with the new one
    // 
    cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
    return cms;
}
Also used : BERSequence(org.bouncycastle.asn1.BERSequence) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ASN1Set(org.bouncycastle.asn1.ASN1Set) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) Iterator(java.util.Iterator) DLSet(org.bouncycastle.asn1.DLSet) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) HashSet(java.util.HashSet)

Example 60 with ContentInfo

use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project OpenPDF by LibrePDF.

the class PdfPublicKeySecurityHandler method createDERForRecipient.

private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert) throws IOException, GeneralSecurityException {
    String s = "1.2.840.113549.3.2";
    AlgorithmParameterGenerator algorithmparametergenerator = AlgorithmParameterGenerator.getInstance(s);
    AlgorithmParameters algorithmparameters = algorithmparametergenerator.generateParameters();
    ByteArrayInputStream bytearrayinputstream = new ByteArrayInputStream(algorithmparameters.getEncoded("ASN.1"));
    ASN1InputStream asn1inputstream = new ASN1InputStream(bytearrayinputstream);
    ASN1Primitive derobject = asn1inputstream.readObject();
    KeyGenerator keygenerator = KeyGenerator.getInstance(s);
    keygenerator.init(128);
    SecretKey secretkey = keygenerator.generateKey();
    Cipher cipher = Cipher.getInstance(s);
    cipher.init(1, secretkey, algorithmparameters);
    byte[] abyte1 = cipher.doFinal(in);
    DEROctetString deroctetstring = new DEROctetString(abyte1);
    KeyTransRecipientInfo keytransrecipientinfo = computeRecipientInfo(cert, secretkey.getEncoded());
    DERSet derset = new DERSet(new RecipientInfo(keytransrecipientinfo));
    AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier(s), derobject);
    EncryptedContentInfo encryptedcontentinfo = new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmidentifier, deroctetstring);
    ASN1Set set = null;
    EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, set);
    ContentInfo contentinfo = new ContentInfo(PKCSObjectIdentifiers.envelopedData, env);
    // return contentinfo.getDERObject();
    return contentinfo.toASN1Primitive();
// ******************************************************************************
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) KeyTransRecipientInfo(org.bouncycastle.asn1.cms.KeyTransRecipientInfo) AlgorithmParameterGenerator(java.security.AlgorithmParameterGenerator) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERSet(org.bouncycastle.asn1.DERSet) DEROctetString(org.bouncycastle.asn1.DEROctetString) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) SecretKey(javax.crypto.SecretKey) ASN1Set(org.bouncycastle.asn1.ASN1Set) ByteArrayInputStream(java.io.ByteArrayInputStream) EncryptedContentInfo(org.bouncycastle.asn1.cms.EncryptedContentInfo) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) Cipher(javax.crypto.Cipher) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) KeyGenerator(javax.crypto.KeyGenerator) KeyTransRecipientInfo(org.bouncycastle.asn1.cms.KeyTransRecipientInfo) RecipientInfo(org.bouncycastle.asn1.cms.RecipientInfo) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) EnvelopedData(org.bouncycastle.asn1.cms.EnvelopedData) AlgorithmParameters(java.security.AlgorithmParameters) EncryptedContentInfo(org.bouncycastle.asn1.cms.EncryptedContentInfo)

Aggregations

ContentInfo (org.bouncycastle.asn1.cms.ContentInfo)60 IOException (java.io.IOException)28 CMSSignedData (org.bouncycastle.cms.CMSSignedData)22 ContentInfo (com.github.zhenwei.pkix.util.asn1.cms.ContentInfo)18 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)15 OutputStream (java.io.OutputStream)12 X509Certificate (java.security.cert.X509Certificate)12 ArrayList (java.util.ArrayList)12 SignedData (org.bouncycastle.asn1.cms.SignedData)12 Iterator (java.util.Iterator)11 ASN1Set (org.bouncycastle.asn1.ASN1Set)11 ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)10 ASN1Set (com.github.zhenwei.core.asn1.ASN1Set)10 ASN1OctetString (com.github.zhenwei.core.asn1.ASN1OctetString)9 ByteArrayInputStream (java.io.ByteArrayInputStream)9 ByteArrayOutputStream (java.io.ByteArrayOutputStream)9 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)9 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)9 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)9 DERSet (org.bouncycastle.asn1.DERSet)9