Examples with SignedData org.bouncycastle.asn1.cms.SignedData used on opensource projects

Example 11 with SignedData

use of org.bouncycastle.asn1.cms.SignedData in project robovm by robovm.

the class CMSSignedGenerator method addAttributeCertificates.

// BEGIN android-removed
// /**
//  * Add a single instance of otherRevocationData to the CRL set to be included with the generated SignedData message.
//  *
//  * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
//  * @param otherRevocationInfo the otherRevocationInfo ASN.1 structure.
//  */
// public void addOtherRevocationInfo(
//     ASN1ObjectIdentifier   otherRevocationInfoFormat,
//     ASN1Encodable          otherRevocationInfo)
// {
//     crls.add(new DERTaggedObject(false, 1, new OtherRevocationInfoFormat(otherRevocationInfoFormat, otherRevocationInfo)));
// }
//
// /**
//  * Add a Store of otherRevocationData to the CRL set to be included with the generated SignedData message.
//  *
//  * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
//  * @param otherRevocationInfos a Store of otherRevocationInfo data to add.
//  */
// public void addOtherRevocationInfo(
//     ASN1ObjectIdentifier   otherRevocationInfoFormat,
//     Store                  otherRevocationInfos)
// {
//     crls.addAll(CMSUtils.getOthersFromStore(otherRevocationInfoFormat, otherRevocationInfos));
// }
// END android-removed
/**
     * Add the attribute certificates contained in the passed in store to the
     * generator.
     *
     * @param store a store of Version 2 attribute certificates
     * @throws CMSException if an error occurse processing the store.
     * @deprecated use basic Store method
     */
public void addAttributeCertificates(X509Store store) throws CMSException {
    try {
        for (Iterator it = store.getMatches(null).iterator(); it.hasNext(); ) {
            X509AttributeCertificate attrCert = (X509AttributeCertificate) it.next();
            certs.add(new DERTaggedObject(false, 2, AttributeCertificate.getInstance(ASN1Primitive.fromByteArray(attrCert.getEncoded()))));
        }
    } catch (IllegalArgumentException e) {
        throw new CMSException("error processing attribute certs", e);
    } catch (IOException e) {
        throw new CMSException("error processing attribute certs", e);
    }
}

Example 12 with SignedData

use of org.bouncycastle.asn1.cms.SignedData in project robovm by robovm.

the class PKIXCertPath method getEncoded.

/**
     * Returns the encoded form of this certification path, using
     * the specified encoding.
     *
     * @param encoding the name of the encoding to use
     * @return the encoded bytes
     * @exception java.security.cert.CertificateEncodingException if an encoding error
     * occurs or the encoding requested is not supported
     *
     **/
public byte[] getEncoded(String encoding) throws CertificateEncodingException {
    if (encoding.equalsIgnoreCase("PkiPath")) {
        ASN1EncodableVector v = new ASN1EncodableVector();
        ListIterator iter = certificates.listIterator(certificates.size());
        while (iter.hasPrevious()) {
            v.add(toASN1Object((X509Certificate) iter.previous()));
        }
        return toDEREncoded(new DERSequence(v));
    } else if (encoding.equalsIgnoreCase("PKCS7")) {
        ContentInfo encInfo = new ContentInfo(PKCSObjectIdentifiers.data, null);
        ASN1EncodableVector v = new ASN1EncodableVector();
        for (int i = 0; i != certificates.size(); i++) {
            v.add(toASN1Object((X509Certificate) certificates.get(i)));
        }
        SignedData sd = new SignedData(new ASN1Integer(1), new DERSet(), encInfo, new DERSet(v), null, new DERSet());
        return toDEREncoded(new ContentInfo(PKCSObjectIdentifiers.signedData, sd));
    } else // BEGIN android-removed
    // else if (encoding.equalsIgnoreCase("PEM"))
    // {
    //     ByteArrayOutputStream bOut = new ByteArrayOutputStream();
    //     PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut));
    //
    //     try
    //     {
    //         for (int i = 0; i != certificates.size(); i++)
    //         {
    //             pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded()));
    //         }
    //
    //         pWrt.close();
    //     }
    //     catch (Exception e)
    //     {
    //         throw new CertificateEncodingException("can't encode certificate for PEM encoded path");
    //     }
    //
    //     return bOut.toByteArray();
    // }
    // END android-removed
    {
        throw new CertificateEncodingException("unsupported encoding: " + encoding);
    }
}

Example 13 with SignedData

use of org.bouncycastle.asn1.cms.SignedData in project XobotOS by xamarin.

the class SignedData method toASN1Object.

/**
     * Produce an object suitable for an ASN1OutputStream.
     * <pre>
     *  SignedData ::= SEQUENCE {
     *      version Version,
     *      digestAlgorithms DigestAlgorithmIdentifiers,
     *      contentInfo ContentInfo,
     *      certificates
     *          [0] IMPLICIT ExtendedCertificatesAndCertificates
     *                   OPTIONAL,
     *      crls
     *          [1] IMPLICIT CertificateRevocationLists OPTIONAL,
     *      signerInfos SignerInfos }
     * </pre>
     */
public DERObject toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(version);
    v.add(digestAlgorithms);
    v.add(contentInfo);
    if (certificates != null) {
        v.add(new DERTaggedObject(false, 0, certificates));
    }
    if (crls != null) {
        v.add(new DERTaggedObject(false, 1, crls));
    }
    v.add(signerInfos);
    return new BERSequence(v);
}

Example 14 with SignedData

use of org.bouncycastle.asn1.cms.SignedData in project XobotOS by xamarin.

the class JDKX509CertificateFactory method engineGenerateCRLs.

/**
     * Returns a (possibly empty) collection view of the CRLs read from
     * the given input stream inStream.
     *
     * The inStream may contain a sequence of DER-encoded CRLs, or
     * a PKCS#7 CRL set.  This is a PKCS#7 SignedData object, with the
     * only signficant field being crls.  In particular the signature
     * and the contents are ignored.
     */
public Collection engineGenerateCRLs(InputStream inStream) throws CRLException {
    CRL crl;
    List crls = new ArrayList();
    while ((crl = engineGenerateCRL(inStream)) != null) {
        crls.add(crl);
    }
    return crls;
}

Example 15 with SignedData

use of org.bouncycastle.asn1.cms.SignedData in project nhin-d by DirectProject.

the class SMIMECryptographerImpl method createSignatureEntity.

protected MimeMultipart createSignatureEntity(byte[] entity, Collection<X509Certificate> signingCertificates) {
    MimeMultipart retVal = null;
    try {
        final MimeBodyPart signedContent = new MimeBodyPart(new ByteArrayInputStream(entity));
        final ASN1EncodableVector signedAttrs = new ASN1EncodableVector();
        final SMIMECapabilityVector caps = new SMIMECapabilityVector();
        caps.addCapability(SMIMECapability.dES_EDE3_CBC);
        caps.addCapability(SMIMECapability.rC2_CBC, 128);
        caps.addCapability(SMIMECapability.dES_CBC);
        caps.addCapability(new DERObjectIdentifier("1.2.840.113549.1.7.1"));
        caps.addCapability(x509CertificateObjectsIdent);
        signedAttrs.add(new SMIMECapabilitiesAttribute(caps));
        final List<X509Certificate> certList = new ArrayList<X509Certificate>();
        final DirectSignedDataGenerator generator = sigFactory.createInstance();
        for (X509Certificate signer : signingCertificates) {
            if (signer instanceof X509CertificateEx) {
                generator.addSigner(((X509CertificateEx) signer).getPrivateKey(), signer, this.m_digestAlgorithm.getOID(), createAttributeTable(signedAttrs), null);
                certList.add(signer);
            }
        }
        final CertStore certsAndcrls = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), CryptoExtensions.getJCEProviderNameForTypeAndAlgorithm("CertStore", "Collection"));
        generator.addCertificatesAndCRLs(certsAndcrls);
        final CMSProcessableBodyPart content = new CMSProcessableBodyPart(signedContent);
        final CMSSignedData signedData = generator.generate(content);
        final String header = "signed; protocol=\"application/pkcs7-signature\"; micalg=" + CryptoAlgorithmsHelper.toDigestAlgorithmMicalg(this.m_digestAlgorithm);
        //String encodedSig = Base64.encodeBase64String(signedData.getEncoded());
        final String encodedSig = StringUtils.newStringUtf8(Base64.encodeBase64(signedData.getEncoded(), true));
        retVal = new MimeMultipart(header.toString());
        final MimeBodyPart sig = new MimeBodyPart(new InternetHeaders(), encodedSig.getBytes("ASCII"));
        sig.addHeader("Content-Type", "application/pkcs7-signature; name=smime.p7s; smime-type=signed-data");
        sig.addHeader("Content-Disposition", "attachment; filename=\"smime.p7s\"");
        sig.addHeader("Content-Description", "S/MIME Cryptographic Signature");
        sig.addHeader("Content-Transfer-Encoding", "base64");
        retVal.addBodyPart(signedContent);
        retVal.addBodyPart(sig);
    } catch (MessagingException e) {
        throw new MimeException(MimeError.InvalidMimeEntity, e);
    } catch (IOException e) {
        throw new SignatureException(SignatureError.InvalidMultipartSigned, e);
    } catch (Exception e) {
        throw new NHINDException(MimeError.Unexpected, e);
    }
    return retVal;
}