本文整理汇总了Java中org.bouncycastle.cms.CMSSignedDataGenerator类的典型用法代码示例。如果您正苦于以下问题:Java CMSSignedDataGenerator类的具体用法?Java CMSSignedDataGenerator怎么用?Java CMSSignedDataGenerator使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
CMSSignedDataGenerator类属于org.bouncycastle.cms包,在下文中一共展示了CMSSignedDataGenerator类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: generateSignatureBlock
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
private static byte[] generateSignatureBlock(
SignerConfig signerConfig, byte[] signatureFileBytes)
throws InvalidKeyException, CertificateEncodingException, SignatureException {
JcaCertStore certs = new JcaCertStore(signerConfig.certificates);
X509Certificate signerCert = signerConfig.certificates.get(0);
String jcaSignatureAlgorithm =
getJcaSignatureAlgorithm(
signerCert.getPublicKey(), signerConfig.signatureDigestAlgorithm);
try {
ContentSigner signer =
new JcaContentSignerBuilder(jcaSignatureAlgorithm)
.build(signerConfig.privateKey);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSignerInfoGenerator(
new SignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().build(),
SignerInfoSignatureAlgorithmFinder.INSTANCE)
.setDirectSignature(true)
.build(signer, new JcaX509CertificateHolder(signerCert)));
gen.addCertificates(certs);
CMSSignedData sigData =
gen.generate(new CMSProcessableByteArray(signatureFileBytes), false);
ByteArrayOutputStream out = new ByteArrayOutputStream();
try (ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded())) {
DEROutputStream dos = new DEROutputStream(out);
dos.writeObject(asn1.readObject());
}
return out.toByteArray();
} catch (OperatorCreationException | CMSException | IOException e) {
throw new SignatureException("Failed to generate signature", e);
}
}
示例2: generateP7B
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
public CMSSignedData generateP7B(X509CertificateHolder caCertificate, PrivateKey caPrivateKey) {
try {
List<X509CertificateHolder> certChain = new ArrayList<X509CertificateHolder>();
certChain.add(caCertificate);
Store certs = new JcaCertStore(certChain);
CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BouncyCastleProvider.PROVIDER_NAME).build(caPrivateKey);
cmsSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build())
.build(sha1Signer, caCertificate));
cmsSignedDataGenerator.addCertificates(certs);
CMSTypedData chainMessage = new CMSProcessableByteArray("chain".getBytes());
CMSSignedData sigData = cmsSignedDataGenerator.generate(chainMessage, false);
return sigData;
} catch(Exception e) {
throw new RuntimeException("Error while generating certificate chain: " + e.getMessage(), e);
}
}
示例3: calculateHASH
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
public static byte[] calculateHASH(String digestOID, byte[] data) throws Exception{
String digestName = "";
try{
if(Security.getProvider("BC") == null)
Security.addProvider(new BouncyCastleProvider());
if(digestOID.equals(CMSSignedDataGenerator.DIGEST_MD5))
digestName = "MD5";
if(digestOID.equals(CMSSignedDataGenerator.DIGEST_SHA1))
digestName = "SHA-1";
if(digestOID.equals(CMSSignedDataGenerator.DIGEST_SHA256))
digestName = "SHA-256";
if(digestOID.equals(CMSSignedDataGenerator.DIGEST_SHA384))
digestName = "SHA-384";
if(digestOID.equals(CMSSignedDataGenerator.DIGEST_SHA512))
digestName = "SHA-512";
if(digestName.equals(""))
throw new Exception("Unsupported digestOID");
MessageDigest md = MessageDigest.getInstance(digestName, "BC");
md.update(data);
byte[] hash = md.digest();
return hash;
}catch(Exception e){
throw new Exception("Error on the generation for the Hash "+digestName+":\n"+e.getMessage());
}
}
示例4: buildSignedAttributes
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
private static ASN1Set buildSignedAttributes(byte[] hash, Date dateTime, X509Certificate cert) throws Exception {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new Attribute(CMSAttributes.contentType, new DERSet(PKCSObjectIdentifiers.data)));
if (dateTime != null)
v.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(dateTime))));
v.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(hash))));
// CADES support section
ASN1EncodableVector aaV2 = new ASN1EncodableVector();
AlgorithmIdentifier algoId = new AlgorithmIdentifier(new ASN1ObjectIdentifier(CMSSignedDataGenerator.DIGEST_SHA256), null);
aaV2.add(algoId);
byte[] dig = SignUtils.calculateHASH(CMSSignedDataGenerator.DIGEST_SHA256, cert.getEncoded());
aaV2.add(new DEROctetString(dig));
Attribute cades = new Attribute(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new DERSet(new DERSequence(new DERSequence(new DERSequence(aaV2)))));
v.add(cades);
ASN1Set signedAttributes = new DERSet(v);
return signedAttributes;
}
示例5: generateSignatureBlock
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
private static byte[] generateSignatureBlock(SignerConfig signerConfig, byte[] signatureFileBytes) throws InvalidKeyException, CertificateEncodingException, SignatureException {
JcaCertStore certs = new JcaCertStore(signerConfig.certificates);
X509Certificate signerCert = signerConfig.certificates.get(0);
String jcaSignatureAlgorithm = getJcaSignatureAlgorithm(signerCert.getPublicKey(), signerConfig.signatureDigestAlgorithm);
try {
ContentSigner signer = new JcaContentSignerBuilder(jcaSignatureAlgorithm).build(signerConfig.privateKey);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSignerInfoGenerator(new SignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build(), SignerInfoSignatureAlgorithmFinder.INSTANCE).setDirectSignature(true).build(signer,
new JcaX509CertificateHolder(signerCert)));
gen.addCertificates(certs);
CMSSignedData sigData = gen.generate(new CMSProcessableByteArray(signatureFileBytes), false);
ByteArrayOutputStream out = new ByteArrayOutputStream();
try (ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded())) {
DEROutputStream dos = new DEROutputStream(out);
dos.writeObject(asn1.readObject());
}
return out.toByteArray();
} catch (OperatorCreationException | CMSException | IOException e) {
throw new SignatureException("Failed to generate signature", e);
}
}
示例6: preSign
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
public DigestInfo preSign(List<DigestInfo> digestInfos, List<X509Certificate> signingCertificateChain,
IdentityDTO identity, AddressDTO address, byte[] photo) throws NoSuchAlgorithmException {
CMSSignedDataGenerator generator = createCMSSignedDataGenerator(signingCertificateChain);
byte[] toBeSigned = getToBeSigned();
CMSProcessable content = new CMSProcessableByteArray(toBeSigned);
CMSProvider provider = new CMSProvider();
SHA1WithRSAProxySignature.reset();
try {
generator.generate(content, true, provider);
} catch (CMSException e) {
throw new RuntimeException(e);
}
byte[] digestValue = SHA1WithRSAProxySignature.getDigestValue();
String description = getSignatureDescription();
DigestInfo digestInfo = new DigestInfo(digestValue, "SHA1", description);
return digestInfo;
}
示例7: testVerifySignature
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
@Test(description = "This test case tests Signature verification of a Certificate against the keystore")
public void testVerifySignature() throws KeystoreException, CertificateEncodingException, CMSException, IOException {
BASE64Encoder encoder = new BASE64Encoder();
//generate and save a certificate in the keystore
X509Certificate x509Certificate = managementService.generateX509Certificate();
//Generate CMSdata
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
List<X509Certificate> list = new ArrayList<>();
list.add(x509Certificate);
JcaCertStore store = new JcaCertStore(list);
generator.addCertificates(store);
CMSSignedData degenerateSd = generator.generate(new CMSAbsentContent());
byte[] signature = degenerateSd.getEncoded();
boolean verifySignature = managementService.verifySignature(encoder.encode(signature));
Assert.assertNotNull(verifySignature);
Assert.assertTrue(verifySignature);
log.info("VerifySignature Test Successful");
}
示例8: testExtractCertificateFromSignature
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
@Test(description = "This test case tests extracting Certificate from the header Signature")
public void testExtractCertificateFromSignature() throws KeystoreException, CertificateEncodingException, CMSException, IOException {
BASE64Encoder encoder = new BASE64Encoder();
//generate and save a certificate in the keystore
X509Certificate x509Certificate = managementService.generateX509Certificate();
//Generate CMSdata
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
List<X509Certificate> list = new ArrayList<>();
list.add(x509Certificate);
JcaCertStore store = new JcaCertStore(list);
generator.addCertificates(store);
CMSSignedData degenerateSd = generator.generate(new CMSAbsentContent());
byte[] signature = degenerateSd.getEncoded();
X509Certificate certificate = managementService.extractCertificateFromSignature(encoder.encode(signature));
Assert.assertNotNull(certificate);
Assert.assertEquals(certificate.getType(), CertificateManagementConstants.X_509);
log.info("ExtractCertificateFromSignature Test Successful");
}
示例9: getDataToSign
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
@Override
public ToBeSigned getDataToSign(final DSSDocument toSignDocument, final CAdESSignatureParameters parameters) throws DSSException {
assertSigningDateInCertificateValidityRange(parameters);
final SignaturePackaging packaging = parameters.getSignaturePackaging();
assertSignaturePackaging(packaging);
final SignatureAlgorithm signatureAlgorithm = parameters.getSignatureAlgorithm();
final CustomContentSigner customContentSigner = new CustomContentSigner(signatureAlgorithm.getJCEId());
final SignerInfoGeneratorBuilder signerInfoGeneratorBuilder = cmsSignedDataBuilder.getSignerInfoGeneratorBuilder(parameters, false);
final CMSSignedData originalCmsSignedData = getCmsSignedData(toSignDocument, parameters);
final CMSSignedDataGenerator cmsSignedDataGenerator = cmsSignedDataBuilder.createCMSSignedDataGenerator(parameters, customContentSigner,
signerInfoGeneratorBuilder, originalCmsSignedData);
final DSSDocument toSignData = getToSignData(toSignDocument, parameters, originalCmsSignedData);
final CMSProcessableByteArray content = new CMSProcessableByteArray(DSSUtils.toByteArray(toSignData));
final boolean encapsulate = !SignaturePackaging.DETACHED.equals(packaging);
CMSUtils.generateCMSSignedData(cmsSignedDataGenerator, content, encapsulate);
final byte[] bytes = customContentSigner.getOutputStream().toByteArray();
return new ToBeSigned(bytes);
}
示例10: testCMSSignature
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
@Test
public void testCMSSignature() throws Exception {
Security.addProvider(new BeIDProvider());
Security.addProvider(new BouncyCastleProvider());
KeyStore keyStore = KeyStore.getInstance("BeID");
keyStore.load(null);
PrivateKey privateKey = (PrivateKey) keyStore.getKey("Authentication",
null);
X509Certificate certificate = (X509Certificate) keyStore
.getCertificate("Authentication");
CMSTypedData msg = new CMSProcessableByteArray(
"Hello world!".getBytes());
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA")
.build(privateKey);
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider("BC")
.build()).build(sha1Signer, certificate));
CMSSignedData sigData = gen.generate(msg, false);
}
示例11: sign
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
private byte[] sign(byte[] data) throws SignatureException {
CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
try {
ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256withRSA").build(this.privateKey);
cmsSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build())
.build(contentSigner, this.certificateChain.get(0)));
for (X509Certificate certificate : this.certificateChain) {
cmsSignedDataGenerator.addCertificate(new X509CertificateHolder(certificate.getEncoded()));
}
CMSTypedData cmsTypedData = new CMSProcessableByteArray(data);
CMSSignedData cmsSignedData = cmsSignedDataGenerator.generate(cmsTypedData, true);
return cmsSignedData.getEncoded();
} catch (Exception e) {
throw new SignatureException(e);
}
}
示例12: sign
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
private byte[] sign(byte[] data, boolean includeCertificate)
throws OperatorCreationException, CertificateEncodingException,
CMSException, IOException {
CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256WITHRSAANDMGF1")
.build(this.authenticationPrivateKey);
cmsSignedDataGenerator
.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().build())
.build(contentSigner, this.authenticationCertificate));
if (includeCertificate) {
cmsSignedDataGenerator.addCertificate(new X509CertificateHolder(
this.authenticationCertificate.getEncoded()));
}
CMSTypedData cmsTypedData = new CMSProcessableByteArray(data);
CMSSignedData cmsSignedData = cmsSignedDataGenerator.generate(
cmsTypedData, true);
return cmsSignedData.getEncoded();
}
示例13: createSignedDataGenerator
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
private CMSSignedDataGenerator createSignedDataGenerator()
{
try
{
SignerInfoGenerator signerInfoGenerator = createSignerInfoGenerator();
CMSSignedDataGenerator signedDataGenerator = new CMSSignedDataGenerator();
signedDataGenerator.addSignerInfoGenerator(signerInfoGenerator);
signedDataGenerator.addCertificate(inHolder(signerCertificate));
signedDataGenerator.addCertificate(inHolder(caCertificate));
return signedDataGenerator;
}
catch (CMSException e)
{
throw YonaException.unexpected(e);
}
}
示例14: sign
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
@Override
public byte[] sign(byte[] data) throws Exception {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
KeyStore inStore = KeyStore.getInstance("PKCS12");
inStore.load(new FileInputStream(packageZipConfiguration.pushPackageSignerCertPath), packageZipConfiguration.pushPackageSignerCertPassword.toCharArray());
Key key = inStore.getKey(packageZipConfiguration.pushPackageSignerCertName, packageZipConfiguration.pushPackageSignerCertPassword.toCharArray());
PrivateKey privateKey = RSAPrivateKeyImpl.parseKey(new DerValue(key.getEncoded()));
Certificate certificate = inStore.getCertificate(packageZipConfiguration.pushPackageSignerCertName);
X509CertificateHolder certificateHolder = new X509CertificateHolder(certificate.getEncoded());
List certList = new ArrayList();
CMSTypedData msg = new CMSProcessableByteArray(data); //Data to sign
certList.add(certificateHolder); //Adding the X509 Certificate
Store certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
//Initializing the the BC's Signer
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(privateKey);
gen.addSignerInfoGenerator(
new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider("BC").build())
.build(sha1Signer, certificateHolder));
//adding the certificate
gen.addCertificates(certs);
//Getting the signed data
CMSSignedData sigData = gen.generate(msg, false);
return sigData.getEncoded();
}
示例15: buildSignedData
import org.bouncycastle.cms.CMSSignedDataGenerator; //导入依赖的package包/类
private SignedData buildSignedData(X509Certificate cert) throws OperationException {
CMSSignedDataGenerator cmsSignedDataGen = new CMSSignedDataGenerator();
try {
X509CertificateHolder certHolder = new X509CertificateHolder(cert.getEncoded());
cmsSignedDataGen.addCertificate(certHolder);
if (control.includeCaCert()) {
refreshCa();
cmsSignedDataGen.addCertificate(caCert.certHolder());
}
CMSSignedData signedData = cmsSignedDataGen.generate(new CMSAbsentContent());
return SignedData.getInstance(signedData.toASN1Structure().getContent());
} catch (CMSException | IOException | CertificateEncodingException ex) {
LogUtil.error(LOG, ex);
throw new OperationException(ErrorCode.SYSTEM_FAILURE, ex);
}
}