Example 6 with ContentInfo
use of sun.security.pkcs.ContentInfo in project atlas by alibaba.
the class SignedJarBuilder method writeSignatureBlock.
/**
* Write the certificate file with a digital signature.
*/
private void writeSignatureBlock(Signature signature, X509Certificate publicKey, PrivateKey privateKey) throws IOException, GeneralSecurityException {
SignerInfo signerInfo = new SignerInfo(new X500Name(publicKey.getIssuerX500Principal().getName()), publicKey.getSerialNumber(), AlgorithmId.get(DIGEST_ALGORITHM), AlgorithmId.get(privateKey.getAlgorithm()), signature.sign());
PKCS7 pkcs7 = new PKCS7(new AlgorithmId[] { AlgorithmId.get(DIGEST_ALGORITHM) }, new ContentInfo(ContentInfo.DATA_OID, null), new X509Certificate[] { publicKey }, new SignerInfo[] { signerInfo });
pkcs7.encodeSignedData(mOutputJar);
}
Also used :
SignerInfo(sun.security.pkcs.SignerInfo)
ContentInfo(sun.security.pkcs.ContentInfo)
PKCS7(sun.security.pkcs.PKCS7)
X500Name(sun.security.x509.X500Name)
Example 7 with ContentInfo
use of sun.security.pkcs.ContentInfo in project jdk8u_jdk by JetBrains.
the class SimpleSigner method main.
public static void main(String[] argv) throws Exception {
SignerInfo[] signerInfos = new SignerInfo[9];
SimpleSigner signer1 = new SimpleSigner(null, null, null, null);
signerInfos[8] = signer1.genSignerInfo(data1);
signerInfos[7] = signer1.genSignerInfo(new byte[] {});
signerInfos[6] = signer1.genSignerInfo(data2);
SimpleSigner signer2 = new SimpleSigner(null, null, null, null);
signerInfos[5] = signer2.genSignerInfo(data1);
signerInfos[4] = signer2.genSignerInfo(new byte[] {});
signerInfos[3] = signer2.genSignerInfo(data2);
SimpleSigner signer3 = new SimpleSigner(null, null, null, null);
signerInfos[2] = signer3.genSignerInfo(data1);
signerInfos[1] = signer3.genSignerInfo(new byte[] {});
signerInfos[0] = signer3.genSignerInfo(data2);
ContentInfo contentInfo = new ContentInfo(data1);
AlgorithmId[] algIds = { new AlgorithmId(AlgorithmId.SHA256_oid) };
X509Certificate[] certs = { signer3.getCert(), signer2.getCert(), signer1.getCert() };
PKCS7 pkcs71 = new PKCS7(algIds, contentInfo, certs, signerInfos);
System.out.println("SignerInfos in original.");
printSignerInfos(pkcs71.getSignerInfos());
DerOutputStream out = new DerOutputStream();
pkcs71.encodeSignedData(out);
PKCS7 pkcs72 = new PKCS7(out.toByteArray());
System.out.println("\nSignerInfos read back in:");
printSignerInfos(pkcs72.getSignerInfos());
System.out.println("Verified signers of original:");
SignerInfo[] verifs1 = pkcs71.verify();
System.out.println("Verified signers of after read-in:");
SignerInfo[] verifs2 = pkcs72.verify();
if (verifs1.length != verifs2.length) {
throw new RuntimeException("Length or Original vs read-in " + "should be same");
}
}
Also used :
SignerInfo(sun.security.pkcs.SignerInfo)
ContentInfo(sun.security.pkcs.ContentInfo)
CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId)
AlgorithmId(sun.security.x509.AlgorithmId)
DerOutputStream(sun.security.util.DerOutputStream)
PKCS7(sun.security.pkcs.PKCS7)
X509Certificate(java.security.cert.X509Certificate)
Example 8 with ContentInfo
use of sun.security.pkcs.ContentInfo in project jdk8u_jdk by JetBrains.
the class NonStandardNames method main.
public static void main(String[] args) throws Exception {
byte[] data = "Hello".getBytes();
X500Name n = new X500Name("cn=Me");
CertAndKeyGen cakg = new CertAndKeyGen("RSA", "SHA256withRSA");
cakg.generate(1024);
X509Certificate cert = cakg.getSelfCertificate(n, 1000);
MessageDigest md = MessageDigest.getInstance("SHA-256");
PKCS9Attributes authed = new PKCS9Attributes(new PKCS9Attribute[] { new PKCS9Attribute(PKCS9Attribute.CONTENT_TYPE_OID, ContentInfo.DATA_OID), new PKCS9Attribute(PKCS9Attribute.MESSAGE_DIGEST_OID, md.digest(data)) });
Signature s = Signature.getInstance("SHA256withRSA");
s.initSign(cakg.getPrivateKey());
s.update(authed.getDerEncoding());
byte[] sig = s.sign();
SignerInfo signerInfo = new SignerInfo(n, cert.getSerialNumber(), AlgorithmId.get("SHA-256"), authed, AlgorithmId.get("SHA256withRSA"), sig, null);
PKCS7 pkcs7 = new PKCS7(new AlgorithmId[] { signerInfo.getDigestAlgorithmId() }, new ContentInfo(data), new X509Certificate[] { cert }, new SignerInfo[] { signerInfo });
if (pkcs7.verify(signerInfo, data) == null) {
throw new Exception("Not verified");
}
}
Also used :
SignerInfo(sun.security.pkcs.SignerInfo)
PKCS9Attribute(sun.security.pkcs.PKCS9Attribute)
ContentInfo(sun.security.pkcs.ContentInfo)
PKCS7(sun.security.pkcs.PKCS7)
CertAndKeyGen(sun.security.tools.keytool.CertAndKeyGen)
Signature(java.security.Signature)
X500Name(sun.security.x509.X500Name)
MessageDigest(java.security.MessageDigest)
PKCS9Attributes(sun.security.pkcs.PKCS9Attributes)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
ContentInfo (sun.security.pkcs.ContentInfo)8
PKCS7 (sun.security.pkcs.PKCS7)6
SignerInfo (sun.security.pkcs.SignerInfo)5
X509Certificate (java.security.cert.X509Certificate)4
X500Name (sun.security.x509.X500Name)4
DerOutputStream (sun.security.util.DerOutputStream)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
DerValue (sun.security.util.DerValue)2
IOException (java.io.IOException)1
AlgorithmParameters (java.security.AlgorithmParameters)1
KeyStoreException (java.security.KeyStoreException)1
MessageDigest (java.security.MessageDigest)1
Signature (java.security.Signature)1
UnrecoverableEntryException (java.security.UnrecoverableEntryException)1
UnrecoverableKeyException (java.security.UnrecoverableKeyException)1
CertificateEncodingException (java.security.cert.CertificateEncodingException)1
CertificateException (java.security.cert.CertificateException)1
CertificateFactory (java.security.cert.CertificateFactory)1
Cipher (javax.crypto.Cipher)1
Mac (javax.crypto.Mac)1
