Example 36 with CertStore
use of java.security.cert.CertStore in project nhin-d by DirectProject.
the class CryptographerTest method testvalidateSignature.
public void testvalidateSignature() throws Exception {
final String str = FileUtils.readFileToString(new File("./src/test/resources/org/nhindirect/stagent/msgSig.txt"));
byte[] byteData = Base64.decode(str);
CMSSignedData signed = new CMSSignedData(byteData);
CertStore certs = signed.getCertificatesAndCRLs("Collection", CryptoExtensions.getJCEProviderName());
Collection<? extends Certificate> certCollection = certs.getCertificates(null);
for (Certificate cert : certCollection) {
FileUtils.writeByteArrayToFile(new File("./testCert.der"), cert.getEncoded());
}
}
Also used :
File(java.io.File)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
CertStore(java.security.cert.CertStore)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 37 with CertStore
use of java.security.cert.CertStore in project nhin-d by DirectProject.
the class SplitProviderDirectSignedDataGenerator_generateTest method setupSigningInfo.
protected void setupSigningInfo(DirectSignedDataGenerator gen) throws Exception {
final ASN1EncodableVector signedAttrs = new ASN1EncodableVector();
final SMIMECapabilityVector caps = new SMIMECapabilityVector();
caps.addCapability(SMIMECapability.dES_EDE3_CBC);
caps.addCapability(SMIMECapability.rC2_CBC, 128);
caps.addCapability(SMIMECapability.dES_CBC);
caps.addCapability(new DERObjectIdentifier("1.2.840.113549.1.7.1"));
caps.addCapability(SMIMECryptographerImpl.x509CertificateObjectsIdent);
signedAttrs.add(new SMIMECapabilitiesAttribute(caps));
// setup the certificates
if (signerCert == null)
signerCert = TestUtils.getInternalCert("user1");
final List<X509Certificate> certList = new ArrayList<X509Certificate>();
// add certificate
gen.addSigner(((X509CertificateEx) signerCert).getPrivateKey(), signerCert, DigestAlgorithm.SHA256.getOID(), SMIMECryptographerImpl.createAttributeTable(signedAttrs), null);
certList.add(signerCert);
final CertStore certsAndcrls = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), CryptoExtensions.getJCEProviderNameForTypeAndAlgorithm("CertStore", "Collection"));
gen.addCertificatesAndCRLs(certsAndcrls);
}
Also used :
CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters)
SMIMECapabilityVector(org.bouncycastle.asn1.smime.SMIMECapabilityVector)
ArrayList(java.util.ArrayList)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
SMIMECapabilitiesAttribute(org.bouncycastle.asn1.smime.SMIMECapabilitiesAttribute)
CertStore(java.security.cert.CertStore)
X509Certificate(java.security.cert.X509Certificate)
Example 38 with CertStore
use of java.security.cert.CertStore in project sic by belluccifranco.
the class AfipWebServiceSOAPClient method crearCMS.
public byte[] crearCMS(byte[] p12file, String p12pass, String signer, String service, long ticketTime) {
PrivateKey pKey = null;
X509Certificate pCertificate = null;
byte[] asn1_cms = null;
CertStore cstore = null;
try {
KeyStore ks = KeyStore.getInstance("pkcs12");
InputStream is;
is = Utilidades.convertirByteArrayToInputStream(p12file);
ks.load(is, p12pass.toCharArray());
is.close();
pKey = (PrivateKey) ks.getKey(signer, p12pass.toCharArray());
pCertificate = (X509Certificate) ks.getCertificate(signer);
ArrayList<X509Certificate> certList = new ArrayList<>();
certList.add(pCertificate);
if (Security.getProvider("BC") == null) {
Security.addProvider(new BouncyCastleProvider());
}
cstore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), "BC");
} catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException | UnrecoverableKeyException | InvalidAlgorithmParameterException | NoSuchProviderException ex) {
LOGGER.error(ex.getMessage());
throw new BusinessServiceException(ResourceBundle.getBundle("Mensajes").getString("mensaje_certificado_error"));
}
String loginTicketRequest_xml = this.crearTicketRequerimientoAcceso(service, ticketTime);
try {
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
generator.addSigner(pKey, pCertificate, CMSSignedDataGenerator.DIGEST_SHA1);
generator.addCertificatesAndCRLs(cstore);
CMSProcessable data = new CMSProcessableByteArray(loginTicketRequest_xml.getBytes());
CMSSignedData signed = generator.generate(data, true, "BC");
asn1_cms = signed.getEncoded();
} catch (IllegalArgumentException | CertStoreException | CMSException | NoSuchAlgorithmException | NoSuchProviderException | IOException ex) {
LOGGER.error(ex.getMessage());
throw new BusinessServiceException(ResourceBundle.getBundle("Mensajes").getString("mensaje_firmando_certificado_error"));
}
return asn1_cms;
}
Also used :
CMSSignedDataGenerator(org.bouncycastle.cms.CMSSignedDataGenerator)
PrivateKey(java.security.PrivateKey)
ArrayList(java.util.ArrayList)
CertificateException(java.security.cert.CertificateException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters)
BusinessServiceException(sic.service.BusinessServiceException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)
CMSProcessableByteArray(org.bouncycastle.cms.CMSProcessableByteArray)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
InputStream(java.io.InputStream)
CertStoreException(java.security.cert.CertStoreException)
KeyStoreException(java.security.KeyStoreException)
IOException(java.io.IOException)
KeyStore(java.security.KeyStore)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
X509Certificate(java.security.cert.X509Certificate)
CMSProcessable(org.bouncycastle.cms.CMSProcessable)
NoSuchProviderException(java.security.NoSuchProviderException)
CertStore(java.security.cert.CertStore)
CMSException(org.bouncycastle.cms.CMSException)
Aggregations
CertStore (java.security.cert.CertStore)38
X509Certificate (java.security.cert.X509Certificate)18
CollectionCertStoreParameters (java.security.cert.CollectionCertStoreParameters)13
CertStoreException (java.security.cert.CertStoreException)12
ArrayList (java.util.ArrayList)12
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)9
X509CertSelector (java.security.cert.X509CertSelector)9
NoSuchProviderException (java.security.NoSuchProviderException)8
PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)8
HashSet (java.util.HashSet)7
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)6
Iterator (java.util.Iterator)6
IOException (java.io.IOException)5
CertPathBuilder (java.security.cert.CertPathBuilder)5
CertStoreParameters (java.security.cert.CertStoreParameters)5
TrustAnchor (java.security.cert.TrustAnchor)5
ByteArrayInputStream (java.io.ByteArrayInputStream)4
KeyStoreException (java.security.KeyStoreException)4
Certificate (java.security.cert.Certificate)4
CertificateException (java.security.cert.CertificateException)4
