Example 66 with ContentInfo
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project LinLong-Java by zhenwei1108.
the class CMSSignedData method replaceCertificatesAndCRLs.
/**
* Replace the certificate and CRL information associated with this CMSSignedData object with the
* new one passed in.
*
* @param signedData the signed data object to be used as a base.
* @param certificates the new certificates to be used.
* @param attrCerts the new attribute certificates to be used.
* @param revocations the new CRLs to be used - a collection of X509CRLHolder objects,
* OtherRevocationInfoFormat, or both.
* @return a new signed data object.
* @throws CMSException if there is an error processing the CertStore
*/
public static CMSSignedData replaceCertificatesAndCRLs(CMSSignedData signedData, Store certificates, Store attrCerts, Store revocations) throws CMSException {
//
// copy
//
CMSSignedData cms = new CMSSignedData(signedData);
//
// replace the certs and revocations in the SignedData object
//
ASN1Set certSet = null;
ASN1Set crlSet = null;
if (certificates != null || attrCerts != null) {
List certs = new ArrayList();
if (certificates != null) {
certs.addAll(CMSUtils.getCertificatesFromStore(certificates));
}
if (attrCerts != null) {
certs.addAll(CMSUtils.getAttributeCertificatesFromStore(attrCerts));
}
ASN1Set set = CMSUtils.createBerSetFromList(certs);
if (set.size() != 0) {
certSet = set;
}
}
if (revocations != null) {
ASN1Set set = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(revocations));
if (set.size() != 0) {
crlSet = set;
}
}
//
// replace the CMS structure.
//
cms.signedData = new SignedData(signedData.signedData.getDigestAlgorithms(), signedData.signedData.getEncapContentInfo(), certSet, crlSet, signedData.signedData.getSignerInfos());
//
// replace the contentInfo with the new one
//
cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
return cms;
}
Also used :
ASN1Set(com.github.zhenwei.core.asn1.ASN1Set)
SignedData(com.github.zhenwei.pkix.util.asn1.cms.SignedData)
ContentInfo(com.github.zhenwei.pkix.util.asn1.cms.ContentInfo)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 67 with ContentInfo
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project LinLong-Java by zhenwei1108.
the class CMSSignedData method replaceSigners.
/**
* Replace the SignerInformation store associated with this CMSSignedData object with the new one
* passed in. You would probably only want to do this if you wanted to change the unsigned
* attributes associated with a signer, or perhaps delete one.
*
* @param signedData the signed data object to be used as a base.
* @param signerInformationStore the new signer information store to use.
* @return a new signed data object.
*/
public static CMSSignedData replaceSigners(CMSSignedData signedData, SignerInformationStore signerInformationStore) {
//
// copy
//
CMSSignedData cms = new CMSSignedData(signedData);
//
// replace the store
//
cms.signerInfoStore = signerInformationStore;
//
// replace the signers in the SignedData object
//
Set<AlgorithmIdentifier> digestAlgs = new HashSet<AlgorithmIdentifier>();
ASN1EncodableVector vec = new ASN1EncodableVector();
Iterator it = signerInformationStore.getSigners().iterator();
while (it.hasNext()) {
SignerInformation signer = (SignerInformation) it.next();
CMSUtils.addDigestAlgs(digestAlgs, signer, dgstAlgFinder);
vec.add(signer.toASN1Structure());
}
ASN1Set digests = CMSUtils.convertToBERSet(digestAlgs);
ASN1Set signers = new DLSet(vec);
ASN1Sequence sD = (ASN1Sequence) signedData.signedData.toASN1Primitive();
vec = new ASN1EncodableVector();
//
// signers are the last item in the sequence.
//
// version
vec.add(sD.getObjectAt(0));
vec.add(digests);
for (int i = 2; i != sD.size() - 1; i++) {
vec.add(sD.getObjectAt(i));
}
vec.add(signers);
cms.signedData = SignedData.getInstance(new BERSequence(vec));
//
// replace the contentInfo with the new one
//
cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
return cms;
}
Also used :
BERSequence(com.github.zhenwei.core.asn1.BERSequence)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
ASN1Sequence(com.github.zhenwei.core.asn1.ASN1Sequence)
ASN1Set(com.github.zhenwei.core.asn1.ASN1Set)
ContentInfo(com.github.zhenwei.pkix.util.asn1.cms.ContentInfo)
Iterator(java.util.Iterator)
DLSet(com.github.zhenwei.core.asn1.DLSet)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
HashSet(java.util.HashSet)
Example 68 with ContentInfo
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project LinLong-Java by zhenwei1108.
the class CMSSignedDataParser method replaceCertificatesAndCRLs.
/**
* Replace the certificate and CRL information associated with this CMSSignedData object with the
* new one passed in.
* <p>
* The output stream is returned unclosed.
* </p>
*
* @param original the signed data stream to be used as a base.
* @param certs new certificates to be used, if any.
* @param crls new CRLs to be used, if any.
* @param attrCerts new attribute certificates to be used, if any.
* @param out the stream to write the new signed data object to.
* @return out.
* @throws CMSException if there is an error processing the CertStore
*/
public static OutputStream replaceCertificatesAndCRLs(InputStream original, Store certs, Store crls, Store attrCerts, OutputStream out) throws CMSException, IOException {
ASN1StreamParser in = new ASN1StreamParser(original);
ContentInfoParser contentInfo = new ContentInfoParser((ASN1SequenceParser) in.readObject());
SignedDataParser signedData = SignedDataParser.getInstance(contentInfo.getContent(BERTags.SEQUENCE));
BERSequenceGenerator sGen = new BERSequenceGenerator(out);
sGen.addObject(CMSObjectIdentifiers.signedData);
BERSequenceGenerator sigGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true);
// version number
sigGen.addObject(signedData.getVersion());
// digests
sigGen.getRawOutputStream().write(signedData.getDigestAlgorithms().toASN1Primitive().getEncoded());
// encap content info
ContentInfoParser encapContentInfo = signedData.getEncapContentInfo();
BERSequenceGenerator eiGen = new BERSequenceGenerator(sigGen.getRawOutputStream());
eiGen.addObject(encapContentInfo.getContentType());
pipeEncapsulatedOctetString(encapContentInfo, eiGen.getRawOutputStream());
eiGen.close();
//
// skip existing certs and CRLs
//
getASN1Set(signedData.getCertificates());
getASN1Set(signedData.getCrls());
//
if (certs != null || attrCerts != null) {
List certificates = new ArrayList();
if (certs != null) {
certificates.addAll(CMSUtils.getCertificatesFromStore(certs));
}
if (attrCerts != null) {
certificates.addAll(CMSUtils.getAttributeCertificatesFromStore(attrCerts));
}
ASN1Set asn1Certs = CMSUtils.createBerSetFromList(certificates);
if (asn1Certs.size() > 0) {
sigGen.getRawOutputStream().write(new DERTaggedObject(false, 0, asn1Certs).getEncoded());
}
}
if (crls != null) {
ASN1Set asn1Crls = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(crls));
if (asn1Crls.size() > 0) {
sigGen.getRawOutputStream().write(new DERTaggedObject(false, 1, asn1Crls).getEncoded());
}
}
sigGen.getRawOutputStream().write(signedData.getSignerInfos().toASN1Primitive().getEncoded());
sigGen.close();
sGen.close();
return out;
}
Also used :
ContentInfoParser(com.github.zhenwei.pkix.util.asn1.cms.ContentInfoParser)
ASN1Set(com.github.zhenwei.core.asn1.ASN1Set)
SignedDataParser(com.github.zhenwei.pkix.util.asn1.cms.SignedDataParser)
DERTaggedObject(com.github.zhenwei.core.asn1.DERTaggedObject)
BERSequenceGenerator(com.github.zhenwei.core.asn1.BERSequenceGenerator)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
ASN1StreamParser(com.github.zhenwei.core.asn1.ASN1StreamParser)
Example 69 with ContentInfo
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project LinLong-Java by zhenwei1108.
the class CMSSignedDataParser method replaceSigners.
/**
* Replace the signerinformation store associated with the passed in message contained in the
* stream original with the new one passed in. You would probably only want to do this if you
* wanted to change the unsigned attributes associated with a signer, or perhaps delete one.
* <p>
* The output stream is returned unclosed.
* </p>
*
* @param original the signed data stream to be used as a base.
* @param signerInformationStore the new signer information store to use.
* @param out the stream to write the new signed data object to.
* @return out.
*/
public static OutputStream replaceSigners(InputStream original, SignerInformationStore signerInformationStore, OutputStream out) throws CMSException, IOException {
ASN1StreamParser in = new ASN1StreamParser(original);
ContentInfoParser contentInfo = new ContentInfoParser((ASN1SequenceParser) in.readObject());
SignedDataParser signedData = SignedDataParser.getInstance(contentInfo.getContent(BERTags.SEQUENCE));
BERSequenceGenerator sGen = new BERSequenceGenerator(out);
sGen.addObject(CMSObjectIdentifiers.signedData);
BERSequenceGenerator sigGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true);
// version number
sigGen.addObject(signedData.getVersion());
// digests
// skip old ones
signedData.getDigestAlgorithms().toASN1Primitive();
ASN1EncodableVector digestAlgs = new ASN1EncodableVector();
for (Iterator it = signerInformationStore.getSigners().iterator(); it.hasNext(); ) {
SignerInformation signer = (SignerInformation) it.next();
digestAlgs.add(CMSSignedHelper.INSTANCE.fixDigestAlgID(signer.getDigestAlgorithmID(), dgstAlgFinder));
}
sigGen.getRawOutputStream().write(new DERSet(digestAlgs).getEncoded());
// encap content info
ContentInfoParser encapContentInfo = signedData.getEncapContentInfo();
BERSequenceGenerator eiGen = new BERSequenceGenerator(sigGen.getRawOutputStream());
eiGen.addObject(encapContentInfo.getContentType());
pipeEncapsulatedOctetString(encapContentInfo, eiGen.getRawOutputStream());
eiGen.close();
writeSetToGeneratorTagged(sigGen, signedData.getCertificates(), 0);
writeSetToGeneratorTagged(sigGen, signedData.getCrls(), 1);
ASN1EncodableVector signerInfos = new ASN1EncodableVector();
for (Iterator it = signerInformationStore.getSigners().iterator(); it.hasNext(); ) {
SignerInformation signer = (SignerInformation) it.next();
signerInfos.add(signer.toASN1Structure());
}
sigGen.getRawOutputStream().write(new DERSet(signerInfos).getEncoded());
sigGen.close();
sGen.close();
return out;
}
Also used :
ContentInfoParser(com.github.zhenwei.pkix.util.asn1.cms.ContentInfoParser)
SignedDataParser(com.github.zhenwei.pkix.util.asn1.cms.SignedDataParser)
BERSequenceGenerator(com.github.zhenwei.core.asn1.BERSequenceGenerator)
Iterator(java.util.Iterator)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
DERSet(com.github.zhenwei.core.asn1.DERSet)
ASN1StreamParser(com.github.zhenwei.core.asn1.ASN1StreamParser)
Example 70 with ContentInfo
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project LinLong-Java by zhenwei1108.
the class CMSDigestedData method verify.
public boolean verify(DigestCalculatorProvider calculatorProvider) throws CMSException {
try {
ContentInfo content = digestedData.getEncapContentInfo();
DigestCalculator calc = calculatorProvider.get(digestedData.getDigestAlgorithm());
OutputStream dOut = calc.getOutputStream();
dOut.write(((ASN1OctetString) content.getContent()).getOctets());
return Arrays.areEqual(digestedData.getDigest(), calc.getDigest());
} catch (OperatorCreationException e) {
throw new CMSException("unable to create digest calculator: " + e.getMessage(), e);
} catch (IOException e) {
throw new CMSException("unable process content: " + e.getMessage(), e);
}
}
Also used :
ContentInfo(com.github.zhenwei.pkix.util.asn1.cms.ContentInfo)
OutputStream(java.io.OutputStream)
DigestCalculator(com.github.zhenwei.pkix.operator.DigestCalculator)
IOException(java.io.IOException)
OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException)
Aggregations
ContentInfo (org.bouncycastle.asn1.cms.ContentInfo)60
IOException (java.io.IOException)28
CMSSignedData (org.bouncycastle.cms.CMSSignedData)22
ContentInfo (com.github.zhenwei.pkix.util.asn1.cms.ContentInfo)18
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)15
OutputStream (java.io.OutputStream)12
X509Certificate (java.security.cert.X509Certificate)12
ArrayList (java.util.ArrayList)12
SignedData (org.bouncycastle.asn1.cms.SignedData)12
Iterator (java.util.Iterator)11
ASN1Set (org.bouncycastle.asn1.ASN1Set)11
ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)10
ASN1Set (com.github.zhenwei.core.asn1.ASN1Set)10
ASN1OctetString (com.github.zhenwei.core.asn1.ASN1OctetString)9
ByteArrayInputStream (java.io.ByteArrayInputStream)9
ByteArrayOutputStream (java.io.ByteArrayOutputStream)9
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)9
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)9
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)9
DERSet (org.bouncycastle.asn1.DERSet)9
