Search in sources :

Example 6 with ContentInfo

use of org.bouncycastle.asn1.pkcs.ContentInfo in project robovm by robovm.

the class CMSSignedData method replaceSigners.

// BEGIN android-removed
// /**
//  * Verify all the SignerInformation objects and their associated counter signatures attached
//  * to this CMS SignedData object.
//  *
//  * @param verifierProvider  a provider of SignerInformationVerifier objects.
//  * @return true if all verify, false otherwise.
//  * @throws CMSException  if an exception occurs during the verification process.
//  */
// public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider)
//     throws CMSException
// {
//     return verifySignatures(verifierProvider, false);
// }
//
// /**
//  * Verify all the SignerInformation objects and optionally their associated counter signatures attached
//  * to this CMS SignedData object.
//  *
//  * @param verifierProvider  a provider of SignerInformationVerifier objects.
//  * @param ignoreCounterSignatures if true don't check counter signatures. If false check counter signatures as well.
//  * @return true if all verify, false otherwise.
//  * @throws CMSException  if an exception occurs during the verification process.
//  */
// public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider, boolean ignoreCounterSignatures)
//     throws CMSException
// {
//     Collection signers = this.getSignerInfos().getSigners();
//
//     for (Iterator it = signers.iterator(); it.hasNext();)
//     {
//         SignerInformation signer = (SignerInformation)it.next();
//
//         try
//         {
//             SignerInformationVerifier verifier = verifierProvider.get(signer.getSID());
//
//             if (!signer.verify(verifier))
//             {
//                 return false;
//             }
//
//             if (!ignoreCounterSignatures)
//             {
//                 Collection counterSigners = signer.getCounterSignatures().getSigners();
//
//                 for  (Iterator cIt = counterSigners.iterator(); cIt.hasNext();)
//                 {
//                     SignerInformation counterSigner = (SignerInformation)cIt.next();
//                     SignerInformationVerifier counterVerifier = verifierProvider.get(signer.getSID());
//
//                     if (!counterSigner.verify(counterVerifier))
//                     {
//                         return false;
//                     }
//                 }
//             }
//         }
//         catch (OperatorCreationException e)
//         {
//             throw new CMSException("failure in verifier provider: " + e.getMessage(), e);
//         }
//     }
//
//     return true;
// }
// END android-removed
/**
     * Replace the SignerInformation store associated with this
     * CMSSignedData object with the new one passed in. You would
     * probably only want to do this if you wanted to change the unsigned 
     * attributes associated with a signer, or perhaps delete one.
     * 
     * @param signedData the signed data object to be used as a base.
     * @param signerInformationStore the new signer information store to use.
     * @return a new signed data object.
     */
public static CMSSignedData replaceSigners(CMSSignedData signedData, SignerInformationStore signerInformationStore) {
    //
    // copy
    //
    CMSSignedData cms = new CMSSignedData(signedData);
    //
    // replace the store
    //
    cms.signerInfoStore = signerInformationStore;
    //
    // replace the signers in the SignedData object
    //
    ASN1EncodableVector digestAlgs = new ASN1EncodableVector();
    ASN1EncodableVector vec = new ASN1EncodableVector();
    Iterator it = signerInformationStore.getSigners().iterator();
    while (it.hasNext()) {
        SignerInformation signer = (SignerInformation) it.next();
        digestAlgs.add(CMSSignedHelper.INSTANCE.fixAlgID(signer.getDigestAlgorithmID()));
        vec.add(signer.toASN1Structure());
    }
    ASN1Set digests = new DERSet(digestAlgs);
    ASN1Set signers = new DERSet(vec);
    ASN1Sequence sD = (ASN1Sequence) signedData.signedData.toASN1Primitive();
    vec = new ASN1EncodableVector();
    //
    // signers are the last item in the sequence.
    //
    // version
    vec.add(sD.getObjectAt(0));
    vec.add(digests);
    for (int i = 2; i != sD.size() - 1; i++) {
        vec.add(sD.getObjectAt(i));
    }
    vec.add(signers);
    cms.signedData = SignedData.getInstance(new BERSequence(vec));
    //
    // replace the contentInfo with the new one
    //
    cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
    return cms;
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ASN1Set(org.bouncycastle.asn1.ASN1Set) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) BERSequence(org.bouncycastle.asn1.BERSequence) Iterator(java.util.Iterator) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DERSet(org.bouncycastle.asn1.DERSet)

Example 7 with ContentInfo

use of org.bouncycastle.asn1.pkcs.ContentInfo in project robovm by robovm.

the class CMSSignedData method replaceCertificatesAndCRLs.

/**
     * Replace the certificate and CRL information associated with this
     * CMSSignedData object with the new one passed in.
     *
     * @param signedData the signed data object to be used as a base.
     * @param certificates the new certificates to be used.
     * @param attrCerts the new attribute certificates to be used.
     * @param crls the new CRLs to be used.
     * @return a new signed data object.
     * @exception CMSException if there is an error processing the CertStore
     */
public static CMSSignedData replaceCertificatesAndCRLs(CMSSignedData signedData, Store certificates, Store attrCerts, Store crls) throws CMSException {
    //
    // copy
    //
    CMSSignedData cms = new CMSSignedData(signedData);
    //
    // replace the certs and crls in the SignedData object
    //
    ASN1Set certSet = null;
    ASN1Set crlSet = null;
    if (certificates != null || attrCerts != null) {
        List certs = new ArrayList();
        if (certificates != null) {
            certs.addAll(CMSUtils.getCertificatesFromStore(certificates));
        }
        if (attrCerts != null) {
            certs.addAll(CMSUtils.getAttributeCertificatesFromStore(attrCerts));
        }
        ASN1Set set = CMSUtils.createBerSetFromList(certs);
        if (set.size() != 0) {
            certSet = set;
        }
    }
    if (crls != null) {
        ASN1Set set = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(crls));
        if (set.size() != 0) {
            crlSet = set;
        }
    }
    //
    // replace the CMS structure.
    //
    cms.signedData = new SignedData(signedData.signedData.getDigestAlgorithms(), signedData.signedData.getEncapContentInfo(), certSet, crlSet, signedData.signedData.getSignerInfos());
    //
    // replace the contentInfo with the new one
    //
    cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
    return cms;
}
Also used : ASN1Set(org.bouncycastle.asn1.ASN1Set) SignedData(org.bouncycastle.asn1.cms.SignedData) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List)

Example 8 with ContentInfo

use of org.bouncycastle.asn1.pkcs.ContentInfo in project robovm by robovm.

the class SignedData method toASN1Primitive.

/**
     * Produce an object suitable for an ASN1OutputStream.
     * <pre>
     *  SignedData ::= SEQUENCE {
     *      version Version,
     *      digestAlgorithms DigestAlgorithmIdentifiers,
     *      contentInfo ContentInfo,
     *      certificates
     *          [0] IMPLICIT ExtendedCertificatesAndCertificates
     *                   OPTIONAL,
     *      crls
     *          [1] IMPLICIT CertificateRevocationLists OPTIONAL,
     *      signerInfos SignerInfos }
     * </pre>
     */
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(version);
    v.add(digestAlgorithms);
    v.add(contentInfo);
    if (certificates != null) {
        v.add(new DERTaggedObject(false, 0, certificates));
    }
    if (crls != null) {
        v.add(new DERTaggedObject(false, 1, crls));
    }
    v.add(signerInfos);
    return new BERSequence(v);
}
Also used : DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) BERSequence(org.bouncycastle.asn1.BERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)

Example 9 with ContentInfo

use of org.bouncycastle.asn1.pkcs.ContentInfo in project robovm by robovm.

the class ContentInfo method toASN1Primitive.

/**
     * Produce an object suitable for an ASN1OutputStream.
     * <pre>
     * ContentInfo ::= SEQUENCE {
     *          contentType ContentType,
     *          content
     *          [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
     * </pre>
     */
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(contentType);
    if (content != null) {
        v.add(new BERTaggedObject(0, content));
    }
    return new BERSequence(v);
}
Also used : BERSequence(org.bouncycastle.asn1.BERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) BERTaggedObject(org.bouncycastle.asn1.BERTaggedObject)

Example 10 with ContentInfo

use of org.bouncycastle.asn1.pkcs.ContentInfo in project robovm by robovm.

the class SignedData method toASN1Primitive.

/**
     * Produce an object suitable for an ASN1OutputStream.
     * <pre>
     * SignedData ::= SEQUENCE {
     *     version CMSVersion,
     *     digestAlgorithms DigestAlgorithmIdentifiers,
     *     encapContentInfo EncapsulatedContentInfo,
     *     certificates [0] IMPLICIT CertificateSet OPTIONAL,
     *     crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
     *     signerInfos SignerInfos
     *   }
     * </pre>
     */
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(version);
    v.add(digestAlgorithms);
    v.add(contentInfo);
    if (certificates != null) {
        if (certsBer) {
            v.add(new BERTaggedObject(false, 0, certificates));
        } else {
            v.add(new DERTaggedObject(false, 0, certificates));
        }
    }
    if (crls != null) {
        if (crlsBer) {
            v.add(new BERTaggedObject(false, 1, crls));
        } else {
            v.add(new DERTaggedObject(false, 1, crls));
        }
    }
    v.add(signerInfos);
    return new BERSequence(v);
}
Also used : DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) BERSequence(org.bouncycastle.asn1.BERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) BERTaggedObject(org.bouncycastle.asn1.BERTaggedObject)

Aggregations

ContentInfo (org.bouncycastle.asn1.cms.ContentInfo)24 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)22 IOException (java.io.IOException)20 X509Certificate (java.security.cert.X509Certificate)18 CMSSignedData (org.bouncycastle.cms.CMSSignedData)14 CertificateException (java.security.cert.CertificateException)12 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)12 BERSequence (org.bouncycastle.asn1.BERSequence)12 CertificateEncodingException (java.security.cert.CertificateEncodingException)11 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)9 ASN1Set (org.bouncycastle.asn1.ASN1Set)9 SignedData (org.bouncycastle.asn1.cms.SignedData)9 CMSException (org.bouncycastle.cms.CMSException)9 PrivateKey (java.security.PrivateKey)8 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)8 DERSet (org.bouncycastle.asn1.DERSet)8 ContentInfo (org.bouncycastle.asn1.pkcs.ContentInfo)8 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)7 ByteArrayInputStream (java.io.ByteArrayInputStream)6 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)6