Example 31 with ContentInfo
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project LinLong-Java by zhenwei1108.
the class CMSCompressedDataGenerator method generate.
/**
* generate an object that contains an CMS Compressed Data
*/
public CMSCompressedData generate(CMSTypedData content, OutputCompressor compressor) throws CMSException {
AlgorithmIdentifier comAlgId;
ASN1OctetString comOcts;
try {
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
OutputStream zOut = compressor.getOutputStream(bOut);
content.write(zOut);
zOut.close();
comAlgId = compressor.getAlgorithmIdentifier();
comOcts = new BEROctetString(bOut.toByteArray());
} catch (IOException e) {
throw new CMSException("exception encoding data.", e);
}
ContentInfo comContent = new ContentInfo(content.getContentType(), comOcts);
ContentInfo contentInfo = new ContentInfo(CMSObjectIdentifiers.compressedData, new CompressedData(comAlgId, comContent));
return new CMSCompressedData(contentInfo);
}
Also used :
ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString)
BEROctetString(com.github.zhenwei.core.asn1.BEROctetString)
ContentInfo(com.github.zhenwei.pkix.util.asn1.cms.ContentInfo)
OutputStream(java.io.OutputStream)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
CompressedData(com.github.zhenwei.pkix.util.asn1.cms.CompressedData)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
Example 32 with ContentInfo
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project LinLong-Java by zhenwei1108.
the class MiscPEMGenerator method createPemObject.
private PemObject createPemObject(Object o) throws IOException {
String type;
byte[] encoding;
if (o instanceof PemObject) {
return (PemObject) o;
}
if (o instanceof PemObjectGenerator) {
return ((PemObjectGenerator) o).generate();
}
if (o instanceof X509CertificateHolder) {
type = "CERTIFICATE";
encoding = ((X509CertificateHolder) o).getEncoded();
} else if (o instanceof X509CRLHolder) {
type = "X509 CRL";
encoding = ((X509CRLHolder) o).getEncoded();
} else if (o instanceof X509TrustedCertificateBlock) {
type = "TRUSTED CERTIFICATE";
encoding = ((X509TrustedCertificateBlock) o).getEncoded();
} else if (o instanceof PrivateKeyInfo) {
PrivateKeyInfo info = (PrivateKeyInfo) o;
ASN1ObjectIdentifier algOID = info.getPrivateKeyAlgorithm().getAlgorithm();
if (algOID.equals(PKCSObjectIdentifiers.rsaEncryption)) {
type = "RSA PRIVATE KEY";
encoding = info.parsePrivateKey().toASN1Primitive().getEncoded();
} else if (algOID.equals(dsaOids[0]) || algOID.equals(dsaOids[1])) {
type = "DSA PRIVATE KEY";
DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters());
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new ASN1Integer(0));
v.add(new ASN1Integer(p.getP()));
v.add(new ASN1Integer(p.getQ()));
v.add(new ASN1Integer(p.getG()));
BigInteger x = ASN1Integer.getInstance(info.parsePrivateKey()).getValue();
BigInteger y = p.getG().modPow(x, p.getP());
v.add(new ASN1Integer(y));
v.add(new ASN1Integer(x));
encoding = new DERSequence(v).getEncoded();
} else if (algOID.equals(X9ObjectIdentifiers.id_ecPublicKey)) {
type = "EC PRIVATE KEY";
encoding = info.parsePrivateKey().toASN1Primitive().getEncoded();
} else {
type = "PRIVATE KEY";
encoding = info.getEncoded();
}
} else if (o instanceof SubjectPublicKeyInfo) {
type = "PUBLIC KEY";
encoding = ((SubjectPublicKeyInfo) o).getEncoded();
} else if (o instanceof X509AttributeCertificateHolder) {
type = "ATTRIBUTE CERTIFICATE";
encoding = ((X509AttributeCertificateHolder) o).getEncoded();
} else if (o instanceof com.github.zhenwei.pkix.pkcs.PKCS10CertificationRequest) {
type = "CERTIFICATE REQUEST";
encoding = ((PKCS10CertificationRequest) o).getEncoded();
} else if (o instanceof PKCS8EncryptedPrivateKeyInfo) {
type = "ENCRYPTED PRIVATE KEY";
encoding = ((PKCS8EncryptedPrivateKeyInfo) o).getEncoded();
} else if (o instanceof ContentInfo) {
type = "PKCS7";
encoding = ((ContentInfo) o).getEncoded();
} else {
throw new PemGenerationException("unknown object passed - can't encode.");
}
if (encryptor != null) {
String dekAlgName = Strings.toUpperCase(encryptor.getAlgorithm());
// Note: For backward compatibility
if (dekAlgName.equals("DESEDE")) {
dekAlgName = "DES-EDE3-CBC";
}
byte[] iv = encryptor.getIV();
byte[] encData = encryptor.encrypt(encoding);
List headers = new ArrayList(2);
headers.add(new PemHeader("Proc-Type", "4,ENCRYPTED"));
headers.add(new PemHeader("DEK-Info", dekAlgName + "," + getHexEncoded(iv)));
return new PemObject(type, headers, encData);
}
return new PemObject(type, encoding);
}
Also used :
ArrayList(java.util.ArrayList)
SubjectPublicKeyInfo(com.github.zhenwei.core.asn1.x509.SubjectPublicKeyInfo)
PemObjectGenerator(com.github.zhenwei.core.util.io.pem.PemObjectGenerator)
DERSequence(com.github.zhenwei.core.asn1.DERSequence)
ContentInfo(com.github.zhenwei.pkix.util.asn1.cms.ContentInfo)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
ArrayList(java.util.ArrayList)
List(java.util.List)
DSAParameter(com.github.zhenwei.core.asn1.x509.DSAParameter)
PKCS10CertificationRequest(com.github.zhenwei.pkix.pkcs.PKCS10CertificationRequest)
PemGenerationException(com.github.zhenwei.core.util.io.pem.PemGenerationException)
X509AttributeCertificateHolder(com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder)
ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer)
PKCS8EncryptedPrivateKeyInfo(com.github.zhenwei.pkix.pkcs.PKCS8EncryptedPrivateKeyInfo)
PemObject(com.github.zhenwei.core.util.io.pem.PemObject)
X509CertificateHolder(com.github.zhenwei.pkix.cert.X509CertificateHolder)
X509CRLHolder(com.github.zhenwei.pkix.cert.X509CRLHolder)
BigInteger(java.math.BigInteger)
PKCS8EncryptedPrivateKeyInfo(com.github.zhenwei.pkix.pkcs.PKCS8EncryptedPrivateKeyInfo)
PrivateKeyInfo(com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo)
ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)
PemHeader(com.github.zhenwei.core.util.io.pem.PemHeader)
Example 33 with ContentInfo
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project LinLong-Java by zhenwei1108.
the class TSPUtil method getSignatureTimestamps.
/**
* Fetches the signature time-stamp attributes from a SignerInformation object. Checks that the
* MessageImprint for each time-stamp matches the signature field. (see RFC 3161 Appendix A).
*
* @param signerInfo a SignerInformation to search for time-stamps
* @param digCalcProvider provider for digest calculators
* @return a collection of TimeStampToken objects
* @throws TSPValidationException
*/
public static Collection getSignatureTimestamps(SignerInformation signerInfo, DigestCalculatorProvider digCalcProvider) throws TSPValidationException {
List timestamps = new ArrayList();
AttributeTable unsignedAttrs = signerInfo.getUnsignedAttributes();
if (unsignedAttrs != null) {
ASN1EncodableVector allTSAttrs = unsignedAttrs.getAll(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken);
for (int i = 0; i < allTSAttrs.size(); ++i) {
Attribute tsAttr = (Attribute) allTSAttrs.get(i);
ASN1Set tsAttrValues = tsAttr.getAttrValues();
for (int j = 0; j < tsAttrValues.size(); ++j) {
try {
ContentInfo contentInfo = ContentInfo.getInstance(tsAttrValues.getObjectAt(j));
TimeStampToken timeStampToken = new TimeStampToken(contentInfo);
TimeStampTokenInfo tstInfo = timeStampToken.getTimeStampInfo();
DigestCalculator digCalc = digCalcProvider.get(tstInfo.getHashAlgorithm());
OutputStream dOut = digCalc.getOutputStream();
dOut.write(signerInfo.getSignature());
dOut.close();
byte[] expectedDigest = digCalc.getDigest();
if (!Arrays.constantTimeAreEqual(expectedDigest, tstInfo.getMessageImprintDigest())) {
throw new TSPValidationException("Incorrect digest in message imprint");
}
timestamps.add(timeStampToken);
} catch (OperatorCreationException e) {
throw new TSPValidationException("Unknown hash algorithm specified in timestamp");
} catch (Exception e) {
throw new TSPValidationException("Timestamp could not be parsed");
}
}
}
}
return timestamps;
}
Also used :
Attribute(com.github.zhenwei.pkix.util.asn1.cms.Attribute)
OutputStream(java.io.OutputStream)
ArrayList(java.util.ArrayList)
AttributeTable(com.github.zhenwei.pkix.util.asn1.cms.AttributeTable)
DigestCalculator(com.github.zhenwei.pkix.operator.DigestCalculator)
OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException)
IOException(java.io.IOException)
ASN1Set(com.github.zhenwei.core.asn1.ASN1Set)
ContentInfo(com.github.zhenwei.pkix.util.asn1.cms.ContentInfo)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
ArrayList(java.util.ArrayList)
List(java.util.List)
OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException)
Example 34 with ContentInfo
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project LinLong-Java by zhenwei1108.
the class TimeStampResponseGenerator method generateGrantedResponse.
/**
* Return a granted response, if the passed in request passes validation with the passed in status
* string and extra extensions.
* <p>
* If genTime is null a timeNotAvailable or a validation exception occurs a TSPValidationException
* will be thrown. The parent TSPException will only occur on some sort of system failure.
* </p>
*
* @param request the request this response is for.
* @param serialNumber serial number for the response token.
* @param genTime generation time for the response token.
* @param additionalExtensions extra extensions to be added to the response token.
* @return the TimeStampResponse with a status of PKIStatus.GRANTED
* @throws TSPException on validation exception or internal error.
*/
public TimeStampResponse generateGrantedResponse(TimeStampRequest request, BigInteger serialNumber, Date genTime, String statusString, Extensions additionalExtensions) throws TSPException {
if (genTime == null) {
throw new TSPValidationException("The time source is not available.", PKIFailureInfo.timeNotAvailable);
}
request.validate(acceptedAlgorithms, acceptedPolicies, acceptedExtensions);
status = PKIStatus.GRANTED;
statusStrings = new ASN1EncodableVector();
if (statusString != null) {
this.addStatusString(statusString);
}
PKIStatusInfo pkiStatusInfo = getPKIStatusInfo();
ContentInfo tstTokenContentInfo;
try {
tstTokenContentInfo = tokenGenerator.generate(request, serialNumber, genTime, additionalExtensions).toCMSSignedData().toASN1Structure();
} catch (TSPException e) {
throw e;
} catch (Exception e) {
throw new TSPException("Timestamp token received cannot be converted to ContentInfo", e);
}
try {
return new TimeStampResponse(new DLSequence(new ASN1Encodable[] { pkiStatusInfo.toASN1Primitive(), tstTokenContentInfo.toASN1Primitive() }));
} catch (IOException e) {
throw new TSPException("created badly formatted response!");
}
}
Also used :
DLSequence(com.github.zhenwei.core.asn1.DLSequence)
ContentInfo(com.github.zhenwei.pkix.util.asn1.cms.ContentInfo)
PKIStatusInfo(com.github.zhenwei.pkix.util.asn1.cmp.PKIStatusInfo)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
ASN1Encodable(com.github.zhenwei.core.asn1.ASN1Encodable)
IOException(java.io.IOException)
IOException(java.io.IOException)
Example 35 with ContentInfo
use of com.github.zhenwei.pkix.util.asn1.cms.ContentInfo in project LinLong-Java by zhenwei1108.
the class CMSTimeStampedDataGenerator method generate.
public CMSTimeStampedData generate(TimeStampToken timeStamp, InputStream content) throws CMSException {
ByteArrayOutputStream contentOut = new ByteArrayOutputStream();
if (content != null) {
try {
Streams.pipeAll(content, contentOut);
} catch (IOException e) {
throw new CMSException("exception encapsulating content: " + e.getMessage(), e);
}
}
ASN1OctetString encContent = null;
if (contentOut.size() != 0) {
encContent = new BEROctetString(contentOut.toByteArray());
}
TimeStampAndCRL stamp = new TimeStampAndCRL(timeStamp.toCMSSignedData().toASN1Structure());
ASN1IA5String asn1DataUri = null;
if (dataUri != null) {
asn1DataUri = new DERIA5String(dataUri.toString());
}
return new CMSTimeStampedData(new ContentInfo(CMSObjectIdentifiers.timestampedData, new TimeStampedData(asn1DataUri, metaData, encContent, new Evidence(new TimeStampTokenEvidence(stamp)))));
}
Also used :
ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
TimeStampAndCRL(com.github.zhenwei.pkix.util.asn1.cms.TimeStampAndCRL)
TimeStampTokenEvidence(com.github.zhenwei.pkix.util.asn1.cms.TimeStampTokenEvidence)
DERIA5String(com.github.zhenwei.core.asn1.DERIA5String)
BEROctetString(com.github.zhenwei.core.asn1.BEROctetString)
ContentInfo(com.github.zhenwei.pkix.util.asn1.cms.ContentInfo)
ASN1IA5String(com.github.zhenwei.core.asn1.ASN1IA5String)
TimeStampedData(com.github.zhenwei.pkix.util.asn1.cms.TimeStampedData)
TimeStampTokenEvidence(com.github.zhenwei.pkix.util.asn1.cms.TimeStampTokenEvidence)
Evidence(com.github.zhenwei.pkix.util.asn1.cms.Evidence)
CMSException(com.github.zhenwei.pkix.cms.CMSException)
Aggregations
ContentInfo (org.bouncycastle.asn1.cms.ContentInfo)60
IOException (java.io.IOException)28
CMSSignedData (org.bouncycastle.cms.CMSSignedData)22
ContentInfo (com.github.zhenwei.pkix.util.asn1.cms.ContentInfo)18
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)15
OutputStream (java.io.OutputStream)12
X509Certificate (java.security.cert.X509Certificate)12
ArrayList (java.util.ArrayList)12
SignedData (org.bouncycastle.asn1.cms.SignedData)12
Iterator (java.util.Iterator)11
ASN1Set (org.bouncycastle.asn1.ASN1Set)11
ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)10
ASN1Set (com.github.zhenwei.core.asn1.ASN1Set)10
ASN1OctetString (com.github.zhenwei.core.asn1.ASN1OctetString)9
ByteArrayInputStream (java.io.ByteArrayInputStream)9
ByteArrayOutputStream (java.io.ByteArrayOutputStream)9
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)9
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)9
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)9
DERSet (org.bouncycastle.asn1.DERSet)9
