use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project gdmatrix by gdmatrix.
the class P7MUtils method createBase64TimeStamp.
public static String createBase64TimeStamp(String serviceURI, byte[] message) throws Exception {
ContentInfo ts = createTimeStamp(serviceURI, message);
byte[] tsBytes = ts.getEncoded();
return Base64.getMimeEncoder().encodeToString(tsBytes);
}
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project gdmatrix by gdmatrix.
the class CMSData method getSignatures.
public List<CMSSignature> getSignatures() throws Exception {
ArrayList<CMSSignature> signatures = new ArrayList();
Store certStore = cms.getCertificates();
SignerInformationStore siStore = cms.getSignerInfos();
Collection signers = siStore.getSigners();
for (Object elem : signers) {
SignerInformation signer = (SignerInformation) elem;
CMSSignature signature = new CMSSignature();
signatures.add(signature);
org.bouncycastle.cms.SignerId sid = signer.getSID();
Collection certCollection = certStore.getMatches(sid);
X509CertificateHolder certificateHolder = (X509CertificateHolder) certCollection.iterator().next();
X509Certificate certificate = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
signature.setCertificate(certificate);
String signerName = certificate.getSubjectDN().getName();
signature.loadProperties(signerName);
signature.setSignature(Base64.getMimeEncoder().encodeToString(signer.getSignature()).toUpperCase());
// **** signed attributes ****
AttributeTable table = signer.getSignedAttributes();
Hashtable attributes = table.toHashtable();
// signingTime
Attribute attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.5"));
if (attrib != null) {
ASN1UTCTime time = (ASN1UTCTime) attrib.getAttrValues().getObjectAt(0);
String timeString = time.getAdjustedTime();
SimpleDateFormat df = new SimpleDateFormat("yyyyMMddHHmmss'GMT+'00:00");
signature.setSigningDate(df.parse(timeString));
}
// filename
DEROctetString octet;
attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.3.6.1.4.1.311.88.2.1"));
if (attrib != null) {
octet = (DEROctetString) attrib.getAttrValues().getObjectAt(0);
if (octet != null) {
signature.setFilename(new String(octet.getOctets(), "UTF-16LE"));
}
}
// decretNumber
attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.3.6.1.4.1.311.88.2.2"));
if (attrib != null) {
octet = (DEROctetString) attrib.getAttrValues().getObjectAt(0);
if (octet != null) {
signature.setDecretNumber(new String(octet.getOctets(), "UTF-16LE"));
}
}
// **** unsigned attributes ****
table = signer.getUnsignedAttributes();
if (table != null) {
attributes = table.toHashtable();
// timeStampToken
attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2.14"));
if (attrib != null) {
DERSequence seq = (DERSequence) attrib.getAttrValues().getObjectAt(0);
ContentInfo timeStampToken = ContentInfo.getInstance(seq);
SignedData sd = SignedData.getInstance(timeStampToken.getContent());
ASN1Encodable content = sd.getEncapContentInfo().getContent();
// TSTInfo tstInfo = new TSTInfo((ASN1Sequence)
// new ASN1InputStream(((DEROctetString)content).getOctets()).readObject());
TSTInfo tstInfo = TSTInfo.getInstance(((ASN1OctetString) content).getOctets());
signature.setTimeStampDate(tstInfo.getGenTime().getDate());
}
}
// signature validation
// signature.setValid(signer.verify(signature.getCertificate(), "BC"));
signature.setValid(signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(signature.getCertificate())));
}
Collections.sort(signatures);
return signatures;
}
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project gdmatrix by gdmatrix.
the class CMSUtils method addTimeStamp.
public static CMSSignedData addTimeStamp(String serviceURI, CMSSignedData signedData) throws Exception {
CMSSignedData newSignedData;
SignerInformationStore sigStore = signedData.getSignerInfos();
ArrayList siList = new ArrayList();
for (Object o : sigStore.getSigners()) {
Store certStore = signedData.getCertificates();
SignerInformation si = (SignerInformation) o;
SignerId sigId = si.getSID();
Collection certCollection = certStore.getMatches(sigId);
X509CertificateHolder certificateHolder = (X509CertificateHolder) certCollection.iterator().next();
X509Certificate certificate = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
System.out.println(certificate.getSubjectDN().getName());
// get signature
byte[] signature = si.getSignature();
// signed attributes
System.out.println("SignedAttributes:");
AttributeTable signedAttributes = si.getSignedAttributes();
printAttributeTable(signedAttributes);
// unsigned attributes
System.out.println("UnsignedAttributes:");
AttributeTable unsignedAttributes = si.getUnsignedAttributes();
printAttributeTable(unsignedAttributes);
ASN1ObjectIdentifier tsId = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2.14");
Attribute att = unsignedAttributes == null ? null : unsignedAttributes.get(tsId);
if (att == null) {
System.out.println("creating timeStamp...");
ContentInfo timeStampToken = createTimeStamp(serviceURI, signature);
ASN1EncodableVector vector = new ASN1EncodableVector();
vector.add(timeStampToken);
DERSet attributeValues = new DERSet(vector);
Attribute attribute = new Attribute(tsId, attributeValues);
Hashtable attrMap = new Hashtable();
attrMap.put(tsId, attribute);
AttributeTable table = new AttributeTable(attrMap);
SignerInformation newSi = SignerInformation.replaceUnsignedAttributes(si, table);
siList.add(newSi);
} else
System.out.println("Timestamp present");
}
if (// replace signers
!siList.isEmpty()) {
newSignedData = CMSSignedData.replaceSigners(signedData, new SignerInformationStore(siList));
newSignedData = new CMSSignedData(newSignedData.getEncoded());
} else
newSignedData = signedData;
return newSignedData;
}
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project gdmatrix by gdmatrix.
the class CMSUtils method createTimeStamp.
public static ContentInfo createTimeStamp(String serviceURI, byte[] message) throws Exception {
String nonce = String.valueOf((int) (Math.random() * 1000000));
// es crea la peticio a la TSA
TimeStampReq timeStampRequest = createTimeStampRequest(// message
message, // nonce
nonce, // requireCert
true, // extensions
null, // digestAlgorithm identifier
"1.3.14.3.2.26", // timestampPolicy
"0.4.0.2023.1.1");
// s'envia la peticio creada
TimeStampResp timeStampResponse = sendTimestampRequest(timeStampRequest, serviceURI);
ContentInfo contentInfo = timeStampResponse.getTimeStampToken();
return contentInfo;
}
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project itext2 by albfernandez.
the class PdfPublicKeySecurityHandler method createDERForRecipient.
private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert) throws IOException, GeneralSecurityException {
String s = "1.2.840.113549.3.2";
AlgorithmParameterGenerator algorithmparametergenerator = AlgorithmParameterGenerator.getInstance(s);
AlgorithmParameters algorithmparameters = algorithmparametergenerator.generateParameters();
ByteArrayInputStream bytearrayinputstream = new ByteArrayInputStream(algorithmparameters.getEncoded("ASN.1"));
ASN1InputStream asn1inputstream = new ASN1InputStream(bytearrayinputstream);
ASN1Primitive derobject = asn1inputstream.readObject();
KeyGenerator keygenerator = KeyGenerator.getInstance(s);
keygenerator.init(128);
SecretKey secretkey = keygenerator.generateKey();
Cipher cipher = Cipher.getInstance(s);
cipher.init(1, secretkey, algorithmparameters);
byte[] abyte1 = cipher.doFinal(in);
DEROctetString deroctetstring = new DEROctetString(abyte1);
KeyTransRecipientInfo keytransrecipientinfo = computeRecipientInfo(cert, secretkey.getEncoded());
DERSet derset = new DERSet(new RecipientInfo(keytransrecipientinfo));
AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier(s), derobject);
EncryptedContentInfo encryptedcontentinfo = new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmidentifier, deroctetstring);
EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, (org.bouncycastle.asn1.ASN1Set) null);
ContentInfo contentinfo = new ContentInfo(PKCSObjectIdentifiers.envelopedData, env);
return contentinfo.toASN1Primitive();
}
Aggregations