Example 21 with SignedData
use of com.github.zhenwei.pkix.util.asn1.cms.SignedData in project gdmatrix by gdmatrix.
the class CMSData method getSignatures.
public List<CMSSignature> getSignatures() throws Exception {
ArrayList<CMSSignature> signatures = new ArrayList();
Store certStore = cms.getCertificates();
SignerInformationStore siStore = cms.getSignerInfos();
Collection signers = siStore.getSigners();
for (Object elem : signers) {
SignerInformation signer = (SignerInformation) elem;
CMSSignature signature = new CMSSignature();
signatures.add(signature);
org.bouncycastle.cms.SignerId sid = signer.getSID();
Collection certCollection = certStore.getMatches(sid);
X509CertificateHolder certificateHolder = (X509CertificateHolder) certCollection.iterator().next();
X509Certificate certificate = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
signature.setCertificate(certificate);
String signerName = certificate.getSubjectDN().getName();
signature.loadProperties(signerName);
signature.setSignature(Base64.getMimeEncoder().encodeToString(signer.getSignature()).toUpperCase());
// **** signed attributes ****
AttributeTable table = signer.getSignedAttributes();
Hashtable attributes = table.toHashtable();
// signingTime
Attribute attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.5"));
if (attrib != null) {
ASN1UTCTime time = (ASN1UTCTime) attrib.getAttrValues().getObjectAt(0);
String timeString = time.getAdjustedTime();
SimpleDateFormat df = new SimpleDateFormat("yyyyMMddHHmmss'GMT+'00:00");
signature.setSigningDate(df.parse(timeString));
}
// filename
DEROctetString octet;
attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.3.6.1.4.1.311.88.2.1"));
if (attrib != null) {
octet = (DEROctetString) attrib.getAttrValues().getObjectAt(0);
if (octet != null) {
signature.setFilename(new String(octet.getOctets(), "UTF-16LE"));
}
}
// decretNumber
attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.3.6.1.4.1.311.88.2.2"));
if (attrib != null) {
octet = (DEROctetString) attrib.getAttrValues().getObjectAt(0);
if (octet != null) {
signature.setDecretNumber(new String(octet.getOctets(), "UTF-16LE"));
}
}
// **** unsigned attributes ****
table = signer.getUnsignedAttributes();
if (table != null) {
attributes = table.toHashtable();
// timeStampToken
attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2.14"));
if (attrib != null) {
DERSequence seq = (DERSequence) attrib.getAttrValues().getObjectAt(0);
ContentInfo timeStampToken = ContentInfo.getInstance(seq);
SignedData sd = SignedData.getInstance(timeStampToken.getContent());
ASN1Encodable content = sd.getEncapContentInfo().getContent();
// TSTInfo tstInfo = new TSTInfo((ASN1Sequence)
// new ASN1InputStream(((DEROctetString)content).getOctets()).readObject());
TSTInfo tstInfo = TSTInfo.getInstance(((ASN1OctetString) content).getOctets());
signature.setTimeStampDate(tstInfo.getGenTime().getDate());
}
}
// signature validation
// signature.setValid(signer.verify(signature.getCertificate(), "BC"));
signature.setValid(signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(signature.getCertificate())));
}
Collections.sort(signatures);
return signatures;
}
Also used :
Attribute(org.bouncycastle.asn1.cms.Attribute)
ArrayList(java.util.ArrayList)
AttributeTable(org.bouncycastle.asn1.cms.AttributeTable)
Store(org.bouncycastle.util.Store)
SignerInformationStore(org.bouncycastle.cms.SignerInformationStore)
ASN1UTCTime(org.bouncycastle.asn1.ASN1UTCTime)
SignerInformation(org.bouncycastle.cms.SignerInformation)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERSequence(org.bouncycastle.asn1.DERSequence)
SignerInformationStore(org.bouncycastle.cms.SignerInformationStore)
ContentInfo(org.bouncycastle.asn1.cms.ContentInfo)
JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
SignedData(org.bouncycastle.asn1.cms.SignedData)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
Hashtable(java.util.Hashtable)
JcaSimpleSignerInfoVerifierBuilder(org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder)
X509Certificate(java.security.cert.X509Certificate)
TSTInfo(org.bouncycastle.asn1.tsp.TSTInfo)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
Collection(java.util.Collection)
SimpleDateFormat(java.text.SimpleDateFormat)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Aggregations
SignedData (org.bouncycastle.asn1.cms.SignedData)14
ContentInfo (org.bouncycastle.asn1.cms.ContentInfo)12
CMSSignedData (org.bouncycastle.cms.CMSSignedData)8
ASN1Set (org.bouncycastle.asn1.ASN1Set)7
IOException (java.io.IOException)6
Iterator (java.util.Iterator)6
ASN1Set (com.github.zhenwei.core.asn1.ASN1Set)5
X509Certificate (java.security.cert.X509Certificate)5
ArrayList (java.util.ArrayList)5
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)5
ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)4
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)4
ContentInfo (com.github.zhenwei.pkix.util.asn1.cms.ContentInfo)4
List (java.util.List)4
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)4
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)4
TSTInfo (org.bouncycastle.asn1.tsp.TSTInfo)4
X500Name (org.bouncycastle.asn1.x500.X500Name)4
OutputStream (java.io.OutputStream)3
Collection (java.util.Collection)3
