Examples with SignerInfo org.bouncycastle.asn1.cms.SignerInfo used on opensource projects

Example 6 with SignerInfo

use of org.bouncycastle.asn1.cms.SignerInfo in project robovm by robovm.

the class SignerInformation method getSingleValuedSignedAttribute.

private ASN1Primitive getSingleValuedSignedAttribute(ASN1ObjectIdentifier attrOID, String printableName) throws CMSException {
    AttributeTable unsignedAttrTable = this.getUnsignedAttributes();
    if (unsignedAttrTable != null && unsignedAttrTable.getAll(attrOID).size() > 0) {
        throw new CMSException("The " + printableName + " attribute MUST NOT be an unsigned attribute");
    }
    AttributeTable signedAttrTable = this.getSignedAttributes();
    if (signedAttrTable == null) {
        return null;
    }
    ASN1EncodableVector v = signedAttrTable.getAll(attrOID);
    switch(v.size()) {
        case 0:
            return null;
        case 1:
            {
                Attribute t = (Attribute) v.get(0);
                ASN1Set attrValues = t.getAttrValues();
                if (attrValues.size() != 1) {
                    throw new CMSException("A " + printableName + " attribute MUST have a single attribute value");
                }
                return attrValues.getObjectAt(0).toASN1Primitive();
            }
        default:
            throw new CMSException("The SignedAttributes in a signerInfo MUST NOT include multiple instances of the " + printableName + " attribute");
    }
}

Example 7 with SignerInfo

use of org.bouncycastle.asn1.cms.SignerInfo in project robovm by robovm.

the class SignerInformation method getCounterSignatures.

/**
     * Return a SignerInformationStore containing the counter signatures attached to this
     * signer. If no counter signatures are present an empty store is returned.
     */
public SignerInformationStore getCounterSignatures() {
    // TODO There are several checks implied by the RFC3852 comments that are missing
    /*
        The countersignature attribute MUST be an unsigned attribute; it MUST
        NOT be a signed attribute, an authenticated attribute, an
        unauthenticated attribute, or an unprotected attribute.
        */
    AttributeTable unsignedAttributeTable = getUnsignedAttributes();
    if (unsignedAttributeTable == null) {
        return new SignerInformationStore(new ArrayList(0));
    }
    List counterSignatures = new ArrayList();
    /*
        The UnsignedAttributes syntax is defined as a SET OF Attributes.  The
        UnsignedAttributes in a signerInfo may include multiple instances of
        the countersignature attribute.
        */
    ASN1EncodableVector allCSAttrs = unsignedAttributeTable.getAll(CMSAttributes.counterSignature);
    for (int i = 0; i < allCSAttrs.size(); ++i) {
        Attribute counterSignatureAttribute = (Attribute) allCSAttrs.get(i);
        /*
            A countersignature attribute can have multiple attribute values.  The
            syntax is defined as a SET OF AttributeValue, and there MUST be one
            or more instances of AttributeValue present.
            */
        ASN1Set values = counterSignatureAttribute.getAttrValues();
        if (values.size() < 1) {
        // TODO Throw an appropriate exception?
        }
        for (Enumeration en = values.getObjects(); en.hasMoreElements(); ) {
            /*
                Countersignature values have the same meaning as SignerInfo values
                for ordinary signatures, except that:

                   1. The signedAttributes field MUST NOT contain a content-type
                      attribute; there is no content type for countersignatures.

                   2. The signedAttributes field MUST contain a message-digest
                      attribute if it contains any other attributes.

                   3. The input to the message-digesting process is the contents
                      octets of the DER encoding of the signatureValue field of the
                      SignerInfo value with which the attribute is associated.
                */
            SignerInfo si = SignerInfo.getInstance(en.nextElement());
            counterSignatures.add(new SignerInformation(si, null, new CMSProcessableByteArray(getSignature()), null));
        }
    }
    return new SignerInformationStore(counterSignatures);
}

Example 8 with SignerInfo

use of org.bouncycastle.asn1.cms.SignerInfo in project robovm by robovm.

the class SignerInformation method replaceUnsignedAttributes.

/**
     * Return a signer information object with the passed in unsigned
     * attributes replacing the ones that are current associated with
     * the object passed in.
     * 
     * @param signerInformation the signerInfo to be used as the basis.
     * @param unsignedAttributes the unsigned attributes to add.
     * @return a copy of the original SignerInformationObject with the changed attributes.
     */
public static SignerInformation replaceUnsignedAttributes(SignerInformation signerInformation, AttributeTable unsignedAttributes) {
    SignerInfo sInfo = signerInformation.info;
    ASN1Set unsignedAttr = null;
    if (unsignedAttributes != null) {
        unsignedAttr = new DERSet(unsignedAttributes.toASN1EncodableVector());
    }
    return new SignerInformation(new SignerInfo(sInfo.getSID(), sInfo.getDigestAlgorithm(), sInfo.getAuthenticatedAttributes(), sInfo.getDigestEncryptionAlgorithm(), sInfo.getEncryptedDigest(), unsignedAttr), signerInformation.contentType, signerInformation.content, null);
}

Example 9 with SignerInfo

use of org.bouncycastle.asn1.cms.SignerInfo in project robovm by robovm.

the class SignerInfoGenerator method generate.

public SignerInfo generate(ASN1ObjectIdentifier contentType) throws CMSException {
    try {
        /* RFC 3852 5.4
             * The result of the message digest calculation process depends on
             * whether the signedAttrs field is present.  When the field is absent,
             * the result is just the message digest of the content as described
             *
             * above.  When the field is present, however, the result is the message
             * digest of the complete DER encoding of the SignedAttrs value
             * contained in the signedAttrs field.
             */
        ASN1Set signedAttr = null;
        AlgorithmIdentifier digestAlg = null;
        if (sAttrGen != null) {
            digestAlg = digester.getAlgorithmIdentifier();
            calculatedDigest = digester.getDigest();
            Map parameters = getBaseParameters(contentType, digester.getAlgorithmIdentifier(), calculatedDigest);
            AttributeTable signed = sAttrGen.getAttributes(Collections.unmodifiableMap(parameters));
            signedAttr = getAttributeSet(signed);
            // sig must be composed from the DER encoding.
            OutputStream sOut = signer.getOutputStream();
            sOut.write(signedAttr.getEncoded(ASN1Encoding.DER));
            sOut.close();
        } else {
            if (digester != null) {
                digestAlg = digester.getAlgorithmIdentifier();
                calculatedDigest = digester.getDigest();
            } else {
                digestAlg = digAlgFinder.find(signer.getAlgorithmIdentifier());
                calculatedDigest = null;
            }
        }
        byte[] sigBytes = signer.getSignature();
        ASN1Set unsignedAttr = null;
        if (unsAttrGen != null) {
            Map parameters = getBaseParameters(contentType, digestAlg, calculatedDigest);
            parameters.put(CMSAttributeTableGenerator.SIGNATURE, sigBytes.clone());
            AttributeTable unsigned = unsAttrGen.getAttributes(Collections.unmodifiableMap(parameters));
            unsignedAttr = getAttributeSet(unsigned);
        }
        AlgorithmIdentifier digestEncryptionAlgorithm = sigEncAlgFinder.findEncryptionAlgorithm(signer.getAlgorithmIdentifier());
        return new SignerInfo(signerIdentifier, digestAlg, signedAttr, digestEncryptionAlgorithm, new DEROctetString(sigBytes), unsignedAttr);
    } catch (IOException e) {
        throw new CMSException("encoding error.", e);
    }
}

Example 10 with SignerInfo

use of org.bouncycastle.asn1.cms.SignerInfo in project robovm by robovm.

the class CMSSignedData method getSignerInfos.

/**
     * return the collection of signers that are associated with the
     * signatures for the message.
     */
public SignerInformationStore getSignerInfos() {
    if (signerInfoStore == null) {
        ASN1Set s = signedData.getSignerInfos();
        List signerInfos = new ArrayList();
        SignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
        for (int i = 0; i != s.size(); i++) {
            SignerInfo info = SignerInfo.getInstance(s.getObjectAt(i));
            ASN1ObjectIdentifier contentType = signedData.getEncapContentInfo().getContentType();
            if (hashes == null) {
                signerInfos.add(new SignerInformation(info, contentType, signedContent, null));
            } else {
                Object obj = hashes.keySet().iterator().next();
                byte[] hash = (obj instanceof String) ? (byte[]) hashes.get(info.getDigestAlgorithm().getAlgorithm().getId()) : (byte[]) hashes.get(info.getDigestAlgorithm().getAlgorithm());
                signerInfos.add(new SignerInformation(info, contentType, null, hash));
            }
        }
        signerInfoStore = new SignerInformationStore(signerInfos);
    }
    return signerInfoStore;
}