Example 16 with Attribute
use of org.bouncycastle.asn1.pkcs.Attribute in project robovm by robovm.
the class SignerInformation method addCounterSigners.
/**
* Return a signer information object with passed in SignerInformationStore representing counter
* signatures attached as an unsigned attribute.
*
* @param signerInformation the signerInfo to be used as the basis.
* @param counterSigners signer info objects carrying counter signature.
* @return a copy of the original SignerInformationObject with the changed attributes.
*/
public static SignerInformation addCounterSigners(SignerInformation signerInformation, SignerInformationStore counterSigners) {
// TODO Perform checks from RFC 3852 11.4
SignerInfo sInfo = signerInformation.info;
AttributeTable unsignedAttr = signerInformation.getUnsignedAttributes();
ASN1EncodableVector v;
if (unsignedAttr != null) {
v = unsignedAttr.toASN1EncodableVector();
} else {
v = new ASN1EncodableVector();
}
ASN1EncodableVector sigs = new ASN1EncodableVector();
for (Iterator it = counterSigners.getSigners().iterator(); it.hasNext(); ) {
sigs.add(((SignerInformation) it.next()).toASN1Structure());
}
v.add(new Attribute(CMSAttributes.counterSignature, new DERSet(sigs)));
return new SignerInformation(new SignerInfo(sInfo.getSID(), sInfo.getDigestAlgorithm(), sInfo.getAuthenticatedAttributes(), sInfo.getDigestEncryptionAlgorithm(), sInfo.getEncryptedDigest(), new DERSet(v)), signerInformation.contentType, signerInformation.content, null);
}
Also used :
SignerInfo(org.bouncycastle.asn1.cms.SignerInfo)
Attribute(org.bouncycastle.asn1.cms.Attribute)
AttributeTable(org.bouncycastle.asn1.cms.AttributeTable)
Iterator(java.util.Iterator)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
DERSet(org.bouncycastle.asn1.DERSet)
Example 17 with Attribute
use of org.bouncycastle.asn1.pkcs.Attribute in project robovm by robovm.
the class X509AttributeCertificateHolder method isSignatureValid.
/**
* Validate the signature on the attribute certificate in this holder.
*
* @param verifierProvider a ContentVerifierProvider that can generate a verifier for the signature.
* @return true if the signature is valid, false otherwise.
* @throws CertException if the signature cannot be processed or is inappropriate.
*/
public boolean isSignatureValid(ContentVerifierProvider verifierProvider) throws CertException {
AttributeCertificateInfo acinfo = attrCert.getAcinfo();
if (!CertUtils.isAlgIdEqual(acinfo.getSignature(), attrCert.getSignatureAlgorithm())) {
throw new CertException("signature invalid - algorithm identifier mismatch");
}
ContentVerifier verifier;
try {
verifier = verifierProvider.get((acinfo.getSignature()));
OutputStream sOut = verifier.getOutputStream();
DEROutputStream dOut = new DEROutputStream(sOut);
dOut.writeObject(acinfo);
sOut.close();
} catch (Exception e) {
throw new CertException("unable to process signature: " + e.getMessage(), e);
}
return verifier.verify(attrCert.getSignatureValue().getBytes());
}
Also used :
AttributeCertificateInfo(org.bouncycastle.asn1.x509.AttributeCertificateInfo)
ContentVerifier(org.bouncycastle.operator.ContentVerifier)
OutputStream(java.io.OutputStream)
DEROutputStream(org.bouncycastle.asn1.DEROutputStream)
IOException(java.io.IOException)
DEROutputStream(org.bouncycastle.asn1.DEROutputStream)
Example 18 with Attribute
use of org.bouncycastle.asn1.pkcs.Attribute in project robovm by robovm.
the class X509AttributeCertificateHolder method getAttributes.
/**
* Return an array of attributes matching the passed in type OID.
*
* @param type the type of the attribute being looked for.
* @return an array of Attribute of the requested type, zero length if none present.
*/
public Attribute[] getAttributes(ASN1ObjectIdentifier type) {
ASN1Sequence seq = attrCert.getAcinfo().getAttributes();
List list = new ArrayList();
for (int i = 0; i != seq.size(); i++) {
Attribute attr = Attribute.getInstance(seq.getObjectAt(i));
if (attr.getAttrType().equals(type)) {
list.add(attr);
}
}
if (list.size() == 0) {
return EMPTY_ARRAY;
}
return (Attribute[]) list.toArray(new Attribute[list.size()]);
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
Attribute(org.bouncycastle.asn1.x509.Attribute)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 19 with Attribute
use of org.bouncycastle.asn1.pkcs.Attribute in project robovm by robovm.
the class CMSSignedData method replaceCertificatesAndCRLs.
/**
* Replace the certificate and CRL information associated with this
* CMSSignedData object with the new one passed in.
*
* @param signedData the signed data object to be used as a base.
* @param certificates the new certificates to be used.
* @param attrCerts the new attribute certificates to be used.
* @param crls the new CRLs to be used.
* @return a new signed data object.
* @exception CMSException if there is an error processing the CertStore
*/
public static CMSSignedData replaceCertificatesAndCRLs(CMSSignedData signedData, Store certificates, Store attrCerts, Store crls) throws CMSException {
//
// copy
//
CMSSignedData cms = new CMSSignedData(signedData);
//
// replace the certs and crls in the SignedData object
//
ASN1Set certSet = null;
ASN1Set crlSet = null;
if (certificates != null || attrCerts != null) {
List certs = new ArrayList();
if (certificates != null) {
certs.addAll(CMSUtils.getCertificatesFromStore(certificates));
}
if (attrCerts != null) {
certs.addAll(CMSUtils.getAttributeCertificatesFromStore(attrCerts));
}
ASN1Set set = CMSUtils.createBerSetFromList(certs);
if (set.size() != 0) {
certSet = set;
}
}
if (crls != null) {
ASN1Set set = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(crls));
if (set.size() != 0) {
crlSet = set;
}
}
//
// replace the CMS structure.
//
cms.signedData = new SignedData(signedData.signedData.getDigestAlgorithms(), signedData.signedData.getEncapContentInfo(), certSet, crlSet, signedData.signedData.getSignerInfos());
//
// replace the contentInfo with the new one
//
cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
return cms;
}
Also used :
ASN1Set(org.bouncycastle.asn1.ASN1Set)
SignedData(org.bouncycastle.asn1.cms.SignedData)
ContentInfo(org.bouncycastle.asn1.cms.ContentInfo)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 20 with Attribute
use of org.bouncycastle.asn1.pkcs.Attribute in project robovm by robovm.
the class Attribute method toASN1Primitive.
/**
* Produce an object suitable for an ASN1OutputStream.
* <pre>
* Attribute ::= SEQUENCE {
* attrType OBJECT IDENTIFIER,
* attrValues SET OF AttributeValue
* }
* </pre>
*/
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(attrType);
v.add(attrValues);
return new DERSequence(v);
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
Aggregations
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)18
IOException (java.io.IOException)16
ArrayList (java.util.ArrayList)13
List (java.util.List)11
Attribute (org.bouncycastle.asn1.cms.Attribute)10
X509Certificate (java.security.cert.X509Certificate)9
DEROctetString (org.bouncycastle.asn1.DEROctetString)9
DERSequence (org.bouncycastle.asn1.DERSequence)9
GeneralName (org.bouncycastle.asn1.x509.GeneralName)9
Iterator (java.util.Iterator)8
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)8
DERObject (org.bouncycastle.asn1.DERObject)8
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)6
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)6
ASN1Set (org.bouncycastle.asn1.ASN1Set)6
AttributeTable (org.bouncycastle.asn1.cms.AttributeTable)6
Enumeration (java.util.Enumeration)5
X500Principal (javax.security.auth.x500.X500Principal)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4
Vector (java.util.Vector)4
