use of org.openecard.bouncycastle.operator.jcajce.JcaContentSignerBuilder in project open-ecard by ecsec.
the class SignatureTest method createSignature.
private CMSSignedData createSignature(String alias, byte[] challenge) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, SignatureException, OperatorCreationException, CertificateEncodingException, CMSException {
PrivateKey privKey = (PrivateKey) signStore.getKey(alias, pass.toCharArray());
X509Certificate cert = (X509Certificate) signStore.getCertificate(alias);
Certificate[] certChain = (Certificate[]) signStore.getCertificateChain(alias);
Store certs = new JcaCertStore(Arrays.asList(certChain));
// Signature signature = Signature.getInstance("SHA256WithRSA");
// signature.initSign(privKey);
// signature.update(challenge);
// byte[] signedBytes = signature.sign();
CMSTypedData msg = new CMSProcessableByteArray(challenge);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner signer = new JcaContentSignerBuilder("SHA256withRSA").build(privKey);
DigestCalculatorProvider dgProv = new JcaDigestCalculatorProviderBuilder().build();
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(dgProv).build(signer, cert));
gen.addCertificates(certs);
CMSSignedData sigData = gen.generate(msg, false);
return sigData;
}
Aggregations