Search in sources :

Example 1 with SignedData

use of org.bouncycastle.asn1.pkcs.SignedData in project robovm by robovm.

the class SignedData method toASN1Primitive.

/**
     * Produce an object suitable for an ASN1OutputStream.
     * <pre>
     *  SignedData ::= SEQUENCE {
     *      version Version,
     *      digestAlgorithms DigestAlgorithmIdentifiers,
     *      contentInfo ContentInfo,
     *      certificates
     *          [0] IMPLICIT ExtendedCertificatesAndCertificates
     *                   OPTIONAL,
     *      crls
     *          [1] IMPLICIT CertificateRevocationLists OPTIONAL,
     *      signerInfos SignerInfos }
     * </pre>
     */
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(version);
    v.add(digestAlgorithms);
    v.add(contentInfo);
    if (certificates != null) {
        v.add(new DERTaggedObject(false, 0, certificates));
    }
    if (crls != null) {
        v.add(new DERTaggedObject(false, 1, crls));
    }
    v.add(signerInfos);
    return new BERSequence(v);
}
Also used : DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) BERSequence(org.bouncycastle.asn1.BERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)

Example 2 with SignedData

use of org.bouncycastle.asn1.pkcs.SignedData in project robovm by robovm.

the class SignedData method toASN1Primitive.

/**
     * Produce an object suitable for an ASN1OutputStream.
     * <pre>
     * SignedData ::= SEQUENCE {
     *     version CMSVersion,
     *     digestAlgorithms DigestAlgorithmIdentifiers,
     *     encapContentInfo EncapsulatedContentInfo,
     *     certificates [0] IMPLICIT CertificateSet OPTIONAL,
     *     crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
     *     signerInfos SignerInfos
     *   }
     * </pre>
     */
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(version);
    v.add(digestAlgorithms);
    v.add(contentInfo);
    if (certificates != null) {
        if (certsBer) {
            v.add(new BERTaggedObject(false, 0, certificates));
        } else {
            v.add(new DERTaggedObject(false, 0, certificates));
        }
    }
    if (crls != null) {
        if (crlsBer) {
            v.add(new BERTaggedObject(false, 1, crls));
        } else {
            v.add(new DERTaggedObject(false, 1, crls));
        }
    }
    v.add(signerInfos);
    return new BERSequence(v);
}
Also used : DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) BERSequence(org.bouncycastle.asn1.BERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) BERTaggedObject(org.bouncycastle.asn1.BERTaggedObject)

Example 3 with SignedData

use of org.bouncycastle.asn1.pkcs.SignedData in project robovm by robovm.

the class CMSSignedData method replaceCertificatesAndCRLs.

/**
     * Replace the certificate and CRL information associated with this
     * CMSSignedData object with the new one passed in.
     * 
     * @param signedData the signed data object to be used as a base.
     * @param certsAndCrls the new certificates and CRLs to be used.
     * @return a new signed data object.
     * @exception CMSException if there is an error processing the CertStore
     * @deprecated use method taking Store arguments.
     */
public static CMSSignedData replaceCertificatesAndCRLs(CMSSignedData signedData, CertStore certsAndCrls) throws CMSException {
    //
    // copy
    //
    CMSSignedData cms = new CMSSignedData(signedData);
    //
    // replace the certs and crls in the SignedData object
    //
    ASN1Set certs = null;
    ASN1Set crls = null;
    try {
        ASN1Set set = CMSUtils.createBerSetFromList(CMSUtils.getCertificatesFromStore(certsAndCrls));
        if (set.size() != 0) {
            certs = set;
        }
    } catch (CertStoreException e) {
        throw new CMSException("error getting certs from certStore", e);
    }
    try {
        ASN1Set set = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(certsAndCrls));
        if (set.size() != 0) {
            crls = set;
        }
    } catch (CertStoreException e) {
        throw new CMSException("error getting crls from certStore", e);
    }
    //
    // replace the CMS structure.
    //
    cms.signedData = new SignedData(signedData.signedData.getDigestAlgorithms(), signedData.signedData.getEncapContentInfo(), certs, crls, signedData.signedData.getSignerInfos());
    //
    // replace the contentInfo with the new one
    //
    cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
    return cms;
}
Also used : ASN1Set(org.bouncycastle.asn1.ASN1Set) SignedData(org.bouncycastle.asn1.cms.SignedData) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) CertStoreException(java.security.cert.CertStoreException)

Example 4 with SignedData

use of org.bouncycastle.asn1.pkcs.SignedData in project robovm by robovm.

the class CMSSignedData method replaceSigners.

// BEGIN android-removed
// /**
//  * Verify all the SignerInformation objects and their associated counter signatures attached
//  * to this CMS SignedData object.
//  *
//  * @param verifierProvider  a provider of SignerInformationVerifier objects.
//  * @return true if all verify, false otherwise.
//  * @throws CMSException  if an exception occurs during the verification process.
//  */
// public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider)
//     throws CMSException
// {
//     return verifySignatures(verifierProvider, false);
// }
//
// /**
//  * Verify all the SignerInformation objects and optionally their associated counter signatures attached
//  * to this CMS SignedData object.
//  *
//  * @param verifierProvider  a provider of SignerInformationVerifier objects.
//  * @param ignoreCounterSignatures if true don't check counter signatures. If false check counter signatures as well.
//  * @return true if all verify, false otherwise.
//  * @throws CMSException  if an exception occurs during the verification process.
//  */
// public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider, boolean ignoreCounterSignatures)
//     throws CMSException
// {
//     Collection signers = this.getSignerInfos().getSigners();
//
//     for (Iterator it = signers.iterator(); it.hasNext();)
//     {
//         SignerInformation signer = (SignerInformation)it.next();
//
//         try
//         {
//             SignerInformationVerifier verifier = verifierProvider.get(signer.getSID());
//
//             if (!signer.verify(verifier))
//             {
//                 return false;
//             }
//
//             if (!ignoreCounterSignatures)
//             {
//                 Collection counterSigners = signer.getCounterSignatures().getSigners();
//
//                 for  (Iterator cIt = counterSigners.iterator(); cIt.hasNext();)
//                 {
//                     SignerInformation counterSigner = (SignerInformation)cIt.next();
//                     SignerInformationVerifier counterVerifier = verifierProvider.get(signer.getSID());
//
//                     if (!counterSigner.verify(counterVerifier))
//                     {
//                         return false;
//                     }
//                 }
//             }
//         }
//         catch (OperatorCreationException e)
//         {
//             throw new CMSException("failure in verifier provider: " + e.getMessage(), e);
//         }
//     }
//
//     return true;
// }
// END android-removed
/**
     * Replace the SignerInformation store associated with this
     * CMSSignedData object with the new one passed in. You would
     * probably only want to do this if you wanted to change the unsigned 
     * attributes associated with a signer, or perhaps delete one.
     * 
     * @param signedData the signed data object to be used as a base.
     * @param signerInformationStore the new signer information store to use.
     * @return a new signed data object.
     */
public static CMSSignedData replaceSigners(CMSSignedData signedData, SignerInformationStore signerInformationStore) {
    //
    // copy
    //
    CMSSignedData cms = new CMSSignedData(signedData);
    //
    // replace the store
    //
    cms.signerInfoStore = signerInformationStore;
    //
    // replace the signers in the SignedData object
    //
    ASN1EncodableVector digestAlgs = new ASN1EncodableVector();
    ASN1EncodableVector vec = new ASN1EncodableVector();
    Iterator it = signerInformationStore.getSigners().iterator();
    while (it.hasNext()) {
        SignerInformation signer = (SignerInformation) it.next();
        digestAlgs.add(CMSSignedHelper.INSTANCE.fixAlgID(signer.getDigestAlgorithmID()));
        vec.add(signer.toASN1Structure());
    }
    ASN1Set digests = new DERSet(digestAlgs);
    ASN1Set signers = new DERSet(vec);
    ASN1Sequence sD = (ASN1Sequence) signedData.signedData.toASN1Primitive();
    vec = new ASN1EncodableVector();
    //
    // signers are the last item in the sequence.
    //
    // version
    vec.add(sD.getObjectAt(0));
    vec.add(digests);
    for (int i = 2; i != sD.size() - 1; i++) {
        vec.add(sD.getObjectAt(i));
    }
    vec.add(signers);
    cms.signedData = SignedData.getInstance(new BERSequence(vec));
    //
    // replace the contentInfo with the new one
    //
    cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
    return cms;
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ASN1Set(org.bouncycastle.asn1.ASN1Set) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) BERSequence(org.bouncycastle.asn1.BERSequence) Iterator(java.util.Iterator) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DERSet(org.bouncycastle.asn1.DERSet)

Example 5 with SignedData

use of org.bouncycastle.asn1.pkcs.SignedData in project robovm by robovm.

the class CMSSignedData method replaceCertificatesAndCRLs.

/**
     * Replace the certificate and CRL information associated with this
     * CMSSignedData object with the new one passed in.
     *
     * @param signedData the signed data object to be used as a base.
     * @param certificates the new certificates to be used.
     * @param attrCerts the new attribute certificates to be used.
     * @param crls the new CRLs to be used.
     * @return a new signed data object.
     * @exception CMSException if there is an error processing the CertStore
     */
public static CMSSignedData replaceCertificatesAndCRLs(CMSSignedData signedData, Store certificates, Store attrCerts, Store crls) throws CMSException {
    //
    // copy
    //
    CMSSignedData cms = new CMSSignedData(signedData);
    //
    // replace the certs and crls in the SignedData object
    //
    ASN1Set certSet = null;
    ASN1Set crlSet = null;
    if (certificates != null || attrCerts != null) {
        List certs = new ArrayList();
        if (certificates != null) {
            certs.addAll(CMSUtils.getCertificatesFromStore(certificates));
        }
        if (attrCerts != null) {
            certs.addAll(CMSUtils.getAttributeCertificatesFromStore(attrCerts));
        }
        ASN1Set set = CMSUtils.createBerSetFromList(certs);
        if (set.size() != 0) {
            certSet = set;
        }
    }
    if (crls != null) {
        ASN1Set set = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(crls));
        if (set.size() != 0) {
            crlSet = set;
        }
    }
    //
    // replace the CMS structure.
    //
    cms.signedData = new SignedData(signedData.signedData.getDigestAlgorithms(), signedData.signedData.getEncapContentInfo(), certSet, crlSet, signedData.signedData.getSignerInfos());
    //
    // replace the contentInfo with the new one
    //
    cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData);
    return cms;
}
Also used : ASN1Set(org.bouncycastle.asn1.ASN1Set) SignedData(org.bouncycastle.asn1.cms.SignedData) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List)

Aggregations

ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)10 IOException (java.io.IOException)7 X509Certificate (java.security.cert.X509Certificate)6 ASN1Set (org.bouncycastle.asn1.ASN1Set)6 ContentInfo (org.bouncycastle.asn1.cms.ContentInfo)6 ArrayList (java.util.ArrayList)5 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)5 DERSet (org.bouncycastle.asn1.DERSet)5 SignedData (org.bouncycastle.asn1.cms.SignedData)5 ByteArrayInputStream (java.io.ByteArrayInputStream)4 CertificateEncodingException (java.security.cert.CertificateEncodingException)4 Iterator (java.util.Iterator)4 List (java.util.List)4 BERSequence (org.bouncycastle.asn1.BERSequence)4 DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)4 ByteArrayOutputStream (java.io.ByteArrayOutputStream)3 DERObjectIdentifier (org.bouncycastle.asn1.DERObjectIdentifier)3 CMSSignedData (org.bouncycastle.cms.CMSSignedData)3 InputStream (java.io.InputStream)2 OutputStream (java.io.OutputStream)2