Example 6 with CMSException
use of org.bouncycastle.cms.CMSException in project xipki by xipki.
the class ScepResponder method createSignedData.
private ContentInfo createSignedData(Certificate cert) throws CaException {
CMSSignedDataGenerator cmsSignedDataGen = new CMSSignedDataGenerator();
CMSSignedData cmsSigneddata;
try {
cmsSignedDataGen.addCertificate(new X509CertificateHolder(cert));
if (control.isSendCaCert()) {
cmsSignedDataGen.addCertificate(new X509CertificateHolder(caEmulator.getCaCert()));
}
cmsSigneddata = cmsSignedDataGen.generate(new CMSAbsentContent());
} catch (CMSException ex) {
throw new CaException(ex);
}
return cmsSigneddata.toASN1Structure();
}
Also used :
CMSSignedDataGenerator(org.bouncycastle.cms.CMSSignedDataGenerator)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
CMSAbsentContent(org.bouncycastle.cms.CMSAbsentContent)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
CMSException(org.bouncycastle.cms.CMSException)
Example 7 with CMSException
use of org.bouncycastle.cms.CMSException in project xipki by xipki.
the class PkiMessage method encode.
public ContentInfo encode(ContentSigner signer, X509Certificate signerCert, X509Certificate[] cmsCertSet, X509Certificate recipientCert, ASN1ObjectIdentifier encAlgId) throws MessageEncodingException {
ScepUtil.requireNonNull("signer", signer);
ScepUtil.requireNonNull("signerCert", signerCert);
if (messageData != null) {
ScepUtil.requireNonNull("recipientCert", recipientCert);
ScepUtil.requireNonNull("encAlgId", encAlgId);
}
CMSTypedData content;
if (messageData == null) {
content = new CMSAbsentContent();
} else {
CMSEnvelopedData envelopedData = encrypt(recipientCert, encAlgId);
byte[] encoded;
try {
encoded = envelopedData.getEncoded();
} catch (IOException ex) {
throw new MessageEncodingException(ex);
}
content = new CMSProcessableByteArray(CMSObjectIdentifiers.envelopedData, encoded);
}
try {
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
// signerInfo
JcaSignerInfoGeneratorBuilder signerInfoBuilder = new JcaSignerInfoGeneratorBuilder(new BcDigestCalculatorProvider());
signerInfoBuilder.setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(getSignedAttributes()));
AttributeTable attrTable = getUnsignedAttributes();
if (attrTable != null) {
signerInfoBuilder.setUnsignedAttributeGenerator(new SimpleAttributeTableGenerator(attrTable));
}
// certificateSet
ScepUtil.addCmsCertSet(generator, cmsCertSet);
SignerInfoGenerator signerInfo;
try {
signerInfo = signerInfoBuilder.build(signer, signerCert);
} catch (Exception ex) {
throw new MessageEncodingException(ex);
}
generator.addSignerInfoGenerator(signerInfo);
CMSSignedData signedData = generator.generate(content, true);
return signedData.toASN1Structure();
} catch (CMSException ex) {
throw new MessageEncodingException(ex);
} catch (Exception ex) {
throw new MessageEncodingException(ex);
}
}
Also used :
BcDigestCalculatorProvider(org.bouncycastle.operator.bc.BcDigestCalculatorProvider)
CMSEnvelopedData(org.bouncycastle.cms.CMSEnvelopedData)
CMSSignedDataGenerator(org.bouncycastle.cms.CMSSignedDataGenerator)
CMSProcessableByteArray(org.bouncycastle.cms.CMSProcessableByteArray)
DefaultSignedAttributeTableGenerator(org.bouncycastle.cms.DefaultSignedAttributeTableGenerator)
CMSTypedData(org.bouncycastle.cms.CMSTypedData)
CMSAbsentContent(org.bouncycastle.cms.CMSAbsentContent)
AttributeTable(org.bouncycastle.asn1.cms.AttributeTable)
IOException(java.io.IOException)
MessageEncodingException(org.xipki.scep.exception.MessageEncodingException)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
CMSException(org.bouncycastle.cms.CMSException)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
MessageEncodingException(org.xipki.scep.exception.MessageEncodingException)
IOException(java.io.IOException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
SimpleAttributeTableGenerator(org.bouncycastle.cms.SimpleAttributeTableGenerator)
JcaSignerInfoGeneratorBuilder(org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder)
SignerInfoGenerator(org.bouncycastle.cms.SignerInfoGenerator)
CMSException(org.bouncycastle.cms.CMSException)
Example 8 with CMSException
use of org.bouncycastle.cms.CMSException in project xipki by xipki.
the class NextCaMessage method encode.
public ContentInfo encode(PrivateKey signingKey, X509Certificate signerCert, X509Certificate[] cmsCertSet) throws MessageEncodingException {
ScepUtil.requireNonNull("signingKey", signingKey);
ScepUtil.requireNonNull("signerCert", signerCert);
try {
byte[] degenratedSignedDataBytes;
try {
CMSSignedDataGenerator degenerateSignedData = new CMSSignedDataGenerator();
degenerateSignedData.addCertificate(new X509CertificateHolder(caCert.getEncoded()));
if (raCerts != null && !raCerts.isEmpty()) {
for (X509Certificate m : raCerts) {
degenerateSignedData.addCertificate(new X509CertificateHolder(m.getEncoded()));
}
}
degenratedSignedDataBytes = degenerateSignedData.generate(new CMSAbsentContent()).getEncoded();
} catch (CertificateEncodingException ex) {
throw new MessageEncodingException(ex.getMessage(), ex);
}
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
// I don't known which hash algorithm is supported by the client, use SHA-1
String signatureAlgo = getSignatureAlgorithm(signingKey, ScepHashAlgo.SHA1);
ContentSigner signer = new JcaContentSignerBuilder(signatureAlgo).build(signingKey);
// signerInfo
JcaSignerInfoGeneratorBuilder signerInfoBuilder = new JcaSignerInfoGeneratorBuilder(new BcDigestCalculatorProvider());
signerInfoBuilder.setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator());
SignerInfoGenerator signerInfo = signerInfoBuilder.build(signer, signerCert);
generator.addSignerInfoGenerator(signerInfo);
CMSTypedData cmsContent = new CMSProcessableByteArray(CMSObjectIdentifiers.signedData, degenratedSignedDataBytes);
// certificateSet
ScepUtil.addCmsCertSet(generator, cmsCertSet);
return generator.generate(cmsContent, true).toASN1Structure();
} catch (CMSException | CertificateEncodingException | IOException | OperatorCreationException ex) {
throw new MessageEncodingException(ex);
}
}
Also used :
BcDigestCalculatorProvider(org.bouncycastle.operator.bc.BcDigestCalculatorProvider)
CMSSignedDataGenerator(org.bouncycastle.cms.CMSSignedDataGenerator)
CMSProcessableByteArray(org.bouncycastle.cms.CMSProcessableByteArray)
DefaultSignedAttributeTableGenerator(org.bouncycastle.cms.DefaultSignedAttributeTableGenerator)
CMSTypedData(org.bouncycastle.cms.CMSTypedData)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
CMSAbsentContent(org.bouncycastle.cms.CMSAbsentContent)
ContentSigner(org.bouncycastle.operator.ContentSigner)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
IOException(java.io.IOException)
MessageEncodingException(org.xipki.scep.exception.MessageEncodingException)
X509Certificate(java.security.cert.X509Certificate)
JcaSignerInfoGeneratorBuilder(org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
SignerInfoGenerator(org.bouncycastle.cms.SignerInfoGenerator)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
CMSException(org.bouncycastle.cms.CMSException)
Example 9 with CMSException
use of org.bouncycastle.cms.CMSException in project jruby-openssl by jruby.
the class PEMInputOutput method readPKCS7.
/**
* Reads in a PKCS7 object. This returns a ContentInfo object suitable for use with the CMS
* API.
*
* @return the X509Certificate
* @throws IOException if an I/O error occured
*/
private static CMSSignedData readPKCS7(BufferedReader in, char[] p, String endMarker) throws IOException {
ByteArrayOutputStream bytes = new ByteArrayOutputStream();
String line;
StringBuilder buffer = new StringBuilder();
while ((line = in.readLine()) != null) {
if (line.contains(endMarker))
break;
buffer.append(line.trim());
final int len = buffer.length();
Base64.decode(buffer.substring(0, (len / 4) * 4), bytes);
buffer.delete(0, (len / 4) * 4);
}
if (buffer.length() != 0) {
throw new IOException("base64 data appears to be truncated");
}
if (line == null)
throw new IOException(endMarker + " not found");
try {
ASN1InputStream aIn = new ASN1InputStream(bytes.toByteArray());
return new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
} catch (CMSException e) {
throw new IOException("problem parsing PKCS7 object: " + e, e);
}
}
Also used :
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
ByteArrayOutputStream(org.jruby.ext.openssl.util.ByteArrayOutputStream)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
IOException(java.io.IOException)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
CMSException(org.bouncycastle.cms.CMSException)
Example 10 with CMSException
use of org.bouncycastle.cms.CMSException in project xipki by xipki.
the class ScepImpl method getCrl.
// method buildSignedData
private SignedData getCrl(X509Ca ca, BigInteger serialNumber) throws FailInfoException, OperationException {
if (!control.isSupportGetCrl()) {
throw FailInfoException.BAD_REQUEST;
}
CertificateList crl = ca.getBcCurrentCrl();
if (crl == null) {
throw FailInfoException.BAD_REQUEST;
}
CMSSignedDataGenerator cmsSignedDataGen = new CMSSignedDataGenerator();
cmsSignedDataGen.addCRL(new X509CRLHolder(crl));
CMSSignedData signedData;
try {
signedData = cmsSignedDataGen.generate(new CMSAbsentContent());
} catch (CMSException ex) {
LogUtil.error(LOG, ex, "could not generate CMSSignedData");
throw new OperationException(ErrorCode.SYSTEM_FAILURE, ex);
}
return SignedData.getInstance(signedData.toASN1Structure().getContent());
}
Also used :
CMSSignedDataGenerator(org.bouncycastle.cms.CMSSignedDataGenerator)
CMSAbsentContent(org.bouncycastle.cms.CMSAbsentContent)
CertificateList(org.bouncycastle.asn1.x509.CertificateList)
X509CRLHolder(org.bouncycastle.cert.X509CRLHolder)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
OperationException(org.xipki.ca.api.OperationException)
CMSException(org.bouncycastle.cms.CMSException)
Aggregations
CMSException (org.bouncycastle.cms.CMSException)41
CMSSignedData (org.bouncycastle.cms.CMSSignedData)30
IOException (java.io.IOException)28
OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)19
X509Certificate (java.security.cert.X509Certificate)18
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)14
CMSSignedDataGenerator (org.bouncycastle.cms.CMSSignedDataGenerator)14
CMSProcessableByteArray (org.bouncycastle.cms.CMSProcessableByteArray)13
CertificateEncodingException (java.security.cert.CertificateEncodingException)11
CertificateException (java.security.cert.CertificateException)10
SignerInformation (org.bouncycastle.cms.SignerInformation)9
CMSAbsentContent (org.bouncycastle.cms.CMSAbsentContent)8
SignerInformationStore (org.bouncycastle.cms.SignerInformationStore)8
InputStream (java.io.InputStream)7
AttributeTable (org.bouncycastle.asn1.cms.AttributeTable)7
TSPException (org.bouncycastle.tsp.TSPException)7
CertificateCoreException (org.demoiselle.signer.core.exception.CertificateCoreException)7
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)6
Attribute (org.bouncycastle.asn1.cms.Attribute)6
CMSTypedData (org.bouncycastle.cms.CMSTypedData)6
