本文整理汇总了Java中org.bouncycastle.cms.CMSTypedData类的典型用法代码示例。如果您正苦于以下问题:Java CMSTypedData类的具体用法?Java CMSTypedData怎么用?Java CMSTypedData使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
CMSTypedData类属于org.bouncycastle.cms包,在下文中一共展示了CMSTypedData类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: generateP7B
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
public CMSSignedData generateP7B(X509CertificateHolder caCertificate, PrivateKey caPrivateKey) {
try {
List<X509CertificateHolder> certChain = new ArrayList<X509CertificateHolder>();
certChain.add(caCertificate);
Store certs = new JcaCertStore(certChain);
CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BouncyCastleProvider.PROVIDER_NAME).build(caPrivateKey);
cmsSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build())
.build(sha1Signer, caCertificate));
cmsSignedDataGenerator.addCertificates(certs);
CMSTypedData chainMessage = new CMSProcessableByteArray("chain".getBytes());
CMSSignedData sigData = cmsSignedDataGenerator.generate(chainMessage, false);
return sigData;
} catch(Exception e) {
throw new RuntimeException("Error while generating certificate chain: " + e.getMessage(), e);
}
}
示例2: testCMSSignature
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
@Test
public void testCMSSignature() throws Exception {
Security.addProvider(new BeIDProvider());
Security.addProvider(new BouncyCastleProvider());
KeyStore keyStore = KeyStore.getInstance("BeID");
keyStore.load(null);
PrivateKey privateKey = (PrivateKey) keyStore.getKey("Authentication",
null);
X509Certificate certificate = (X509Certificate) keyStore
.getCertificate("Authentication");
CMSTypedData msg = new CMSProcessableByteArray(
"Hello world!".getBytes());
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA")
.build(privateKey);
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider("BC")
.build()).build(sha1Signer, certificate));
CMSSignedData sigData = gen.generate(msg, false);
}
示例3: sign
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
private byte[] sign(byte[] data) throws SignatureException {
CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
try {
ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256withRSA").build(this.privateKey);
cmsSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build())
.build(contentSigner, this.certificateChain.get(0)));
for (X509Certificate certificate : this.certificateChain) {
cmsSignedDataGenerator.addCertificate(new X509CertificateHolder(certificate.getEncoded()));
}
CMSTypedData cmsTypedData = new CMSProcessableByteArray(data);
CMSSignedData cmsSignedData = cmsSignedDataGenerator.generate(cmsTypedData, true);
return cmsSignedData.getEncoded();
} catch (Exception e) {
throw new SignatureException(e);
}
}
示例4: encrypt
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
private byte[] encrypt(byte[] data) throws CertificateEncodingException,
CMSException, IOException {
CMSEnvelopedDataGenerator cmsEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
for (X509Certificate destinationCertificate : this.destinationCertificates) {
cmsEnvelopedDataGenerator
.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(
destinationCertificate)
.setProvider(BouncyCastleProvider.PROVIDER_NAME));
}
CMSTypedData cmsTypedData = new CMSProcessableByteArray(data);
CMSEnvelopedData cmsEnvelopedData = cmsEnvelopedDataGenerator.generate(
cmsTypedData,
new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC)
.setProvider(BouncyCastleProvider.PROVIDER_NAME)
.build());
return cmsEnvelopedData.getEncoded();
}
示例5: sign
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
private byte[] sign(byte[] data, boolean includeCertificate)
throws OperatorCreationException, CertificateEncodingException,
CMSException, IOException {
CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256WITHRSAANDMGF1")
.build(this.authenticationPrivateKey);
cmsSignedDataGenerator
.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().build())
.build(contentSigner, this.authenticationCertificate));
if (includeCertificate) {
cmsSignedDataGenerator.addCertificate(new X509CertificateHolder(
this.authenticationCertificate.getEncoded()));
}
CMSTypedData cmsTypedData = new CMSProcessableByteArray(data);
CMSSignedData cmsSignedData = cmsSignedDataGenerator.generate(
cmsTypedData, true);
return cmsSignedData.getEncoded();
}
示例6: sign
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
@Override
public byte[] sign(byte[] data) throws Exception {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
KeyStore inStore = KeyStore.getInstance("PKCS12");
inStore.load(new FileInputStream(packageZipConfiguration.pushPackageSignerCertPath), packageZipConfiguration.pushPackageSignerCertPassword.toCharArray());
Key key = inStore.getKey(packageZipConfiguration.pushPackageSignerCertName, packageZipConfiguration.pushPackageSignerCertPassword.toCharArray());
PrivateKey privateKey = RSAPrivateKeyImpl.parseKey(new DerValue(key.getEncoded()));
Certificate certificate = inStore.getCertificate(packageZipConfiguration.pushPackageSignerCertName);
X509CertificateHolder certificateHolder = new X509CertificateHolder(certificate.getEncoded());
List certList = new ArrayList();
CMSTypedData msg = new CMSProcessableByteArray(data); //Data to sign
certList.add(certificateHolder); //Adding the X509 Certificate
Store certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
//Initializing the the BC's Signer
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(privateKey);
gen.addSignerInfoGenerator(
new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider("BC").build())
.build(sha1Signer, certificateHolder));
//adding the certificate
gen.addCertificates(certs);
//Getting the signed data
CMSSignedData sigData = gen.generate(msg, false);
return sigData.getEncoded();
}
示例7: writeSignatureBlock
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
/**
* Write the certificate file with a digital signature.
*/
private void writeSignatureBlock(CMSTypedData data,
X509Certificate publicKey,
PrivateKey privateKey) throws IOException, CertificateEncodingException, OperatorCreationException, CMSException {
ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>();
certList.add(publicKey);
JcaCertStore certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1with" +
privateKey.getAlgorithm()).build(
privateKey);
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder()
.build()).setDirectSignature(
true).build(sha1Signer, publicKey));
gen.addCertificates(certs);
CMSSignedData sigData = gen.generate(data, false);
ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded());
DEROutputStream dos = new DEROutputStream(mOutputJar);
dos.writeObject(asn1.readObject());
dos.flush();
dos.close();
asn1.close();
}
示例8: writeSignatureBlock
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
/** Sign data and write the digital signature to 'out'. */
private static void writeSignatureBlock(
CMSTypedData data, X509Certificate publicKey, PrivateKey privateKey,
OutputStream out)
throws IOException,
CertificateEncodingException,
OperatorCreationException,
CMSException {
ArrayList < X509Certificate > certList = new ArrayList < > (1);
certList.add(publicKey);
JcaCertStore certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner signer = new JcaContentSignerBuilder(getSignatureAlgorithm(publicKey))
.setProvider(sBouncyCastleProvider)
.build(privateKey);
gen.addSignerInfoGenerator(
new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder()
.setProvider(sBouncyCastleProvider)
.build())
.setDirectSignature(true)
.build(signer, publicKey));
gen.addCertificates(certs);
CMSSignedData sigData = gen.generate(data, false);
ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded());
DEROutputStream dos = new DEROutputStream(out);
dos.writeObject(asn1.readObject());
}
示例9: signRequest
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
/**
* Signs a time stamp request
*
* @param privateKey private key to sign with
* @param certificates certificate chain
* @param request request to be signed
* @return The signed request
*/
public byte[] signRequest(PrivateKey privateKey, Certificate[] certificates, byte[] request, String algorithm) {
try {
logger.info(timeStampMessagesBundle.getString("info.timestamp.sign.request"));
Security.addProvider(new BouncyCastleProvider());
X509Certificate signCert = (X509Certificate) certificates[0];
List<X509Certificate> certList = new ArrayList<>();
certList.add(signCert);
// setup the generator
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
String varAlgorithm = null;
if (algorithm != null && !algorithm.isEmpty()){
varAlgorithm = algorithm;
}else{
varAlgorithm = "SHA256withRSA";
}
SignerInfoGenerator signerInfoGenerator = new JcaSimpleSignerInfoGeneratorBuilder().build(varAlgorithm, privateKey, signCert);
generator.addSignerInfoGenerator(signerInfoGenerator);
Store<?> certStore = new JcaCertStore(certList);
generator.addCertificates(certStore);
// Store crlStore = new JcaCRLStore(crlList);
// generator.addCRLs(crlStore);
// Create the signed data object
CMSTypedData data = new CMSProcessableByteArray(request);
CMSSignedData signed = generator.generate(data, true);
return signed.getEncoded();
} catch (CMSException | IOException | OperatorCreationException | CertificateEncodingException ex) {
logger.info(ex.getMessage());
}
return null;
}
示例10: toSignedData
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
private CMSSignedData toSignedData()
throws CertificateEncodingException,
OperatorCreationException, CMSException,
InvalidKeyException, SignatureException,
NoSuchAlgorithmException, NoSuchProviderException {
if (Security.getProvider("BC") == null) {
Security.addProvider(new BouncyCastleProvider());
}
List<X509Certificate> certList = new ArrayList<X509Certificate>();
CMSTypedData msg = new CMSProcessableByteArray(Xml.this
.toString().getBytes(Charsets.UTF_8));
certList.add(signCert);
@SuppressWarnings("unchecked")
Store<X509Certificate> certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner signer = new JcaContentSignerBuilder(
BouncyCastleWsaaManager.SIGNING_ALGORITHM)
.setProvider("BC").build(privateKey);
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider(
"BC").build()).build(signer, signCert));
gen.addCertificates(certs);
return gen.generate(msg, true);
}
示例11: writeSignatureBlock
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
/** Write the certificate file with a digital signature. */
private void writeSignatureBlock(CMSTypedData data, X509Certificate publicKey,
PrivateKey privateKey)
throws IOException,
CertificateEncodingException,
OperatorCreationException,
CMSException {
ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>();
certList.add(publicKey);
JcaCertStore certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder(
"SHA1with" + privateKey.getAlgorithm())
.build(privateKey);
gen.addSignerInfoGenerator(
new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder()
.build())
.setDirectSignature(true)
.build(sha1Signer, publicKey));
gen.addCertificates(certs);
CMSSignedData sigData = gen.generate(data, false);
ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded());
DEROutputStream dos = new DEROutputStream(mOutputJar);
dos.writeObject(asn1.readObject());
dos.flush();
dos.close();
asn1.close();
}
示例12: getOriginalDocumentStream
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
public InputStream getOriginalDocumentStream() throws DSSException {
final CMSTypedData signedContent = cmsSignedData.getSignedContent();
if (signedContent != null) {
return new ByteArrayInputStream(CMSUtils.getSignedContent(signedContent));
} else if (Utils.collectionSize(detachedContents) == 1) {
return detachedContents.get(0).openStream();
} else {
throw new DSSException("Only enveloping and detached signatures are supported");
}
}
示例13: getSignedContent
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
/**
* This method returns the signed content extracted from a CMSTypedData
*
* @param cmsTypedData
* {@code CMSTypedData} cannot be null
* @return the signed content extracted from {@code CMSTypedData}
*/
public static byte[] getSignedContent(final CMSTypedData cmsTypedData) {
if (cmsTypedData == null) {
throw new DSSException("CMSTypedData is null (should be a detached signature)");
}
try (ByteArrayOutputStream originalDocumentData = new ByteArrayOutputStream()) {
cmsTypedData.write(originalDocumentData);
return originalDocumentData.toByteArray();
} catch (CMSException | IOException e) {
throw new DSSException(e);
}
}
示例14: getSignedContent
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
/**
* This method returns the signed content of CMSSignedData.
*
* @param cmsSignedData
* the already signed {@code CMSSignedData}
* @return the original toSignDocument or null
*/
private DSSDocument getSignedContent(final CMSSignedData cmsSignedData) {
if (cmsSignedData != null) {
final CMSTypedData signedContent = cmsSignedData.getSignedContent();
final byte[] documentBytes = (signedContent != null) ? (byte[]) signedContent.getContent() : null;
final InMemoryDocument inMemoryDocument = new InMemoryDocument(documentBytes);
return inMemoryDocument;
}
return null;
}
示例15: getCmsData
import org.bouncycastle.cms.CMSTypedData; //导入依赖的package包/类
private byte[] getCmsData(byte[] cms) throws Exception {
CMSSignedData cmsSignedData = new CMSSignedData(cms);
SignerInformationStore signers = cmsSignedData.getSignerInfos();
SignerInformation signer = (SignerInformation) signers.getSigners().iterator().next();
SignerId signerId = signer.getSID();
Store certificateStore = cmsSignedData.getCertificates();
Collection<X509CertificateHolder> certificateCollection = certificateStore.getMatches(signerId);
X509CertificateHolder certificateHolder = certificateCollection.iterator().next();
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(certificateHolder.getEncoded()));
// we trust SSL here, no need for explicit verification of CMS signing
// certificate
LOG.debug("CMS signing certificate subject: " + certificate.getSubjectX500Principal());
SignerInformationVerifier signerInformationVerifier = new JcaSimpleSignerInfoVerifierBuilder()
.build(certificate);
boolean signatureResult = signer.verify(signerInformationVerifier);
if (false == signatureResult) {
throw new SecurityException("woops");
}
CMSTypedData signedContent = cmsSignedData.getSignedContent();
byte[] responseData = (byte[]) signedContent.getContent();
return responseData;
}