本文整理汇总了Java中org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder类的典型用法代码示例。如果您正苦于以下问题:Java JcaDigestCalculatorProviderBuilder类的具体用法?Java JcaDigestCalculatorProviderBuilder怎么用?Java JcaDigestCalculatorProviderBuilder使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
JcaDigestCalculatorProviderBuilder类属于org.bouncycastle.operator.jcajce包,在下文中一共展示了JcaDigestCalculatorProviderBuilder类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: generateP7B
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
public CMSSignedData generateP7B(X509CertificateHolder caCertificate, PrivateKey caPrivateKey) {
try {
List<X509CertificateHolder> certChain = new ArrayList<X509CertificateHolder>();
certChain.add(caCertificate);
Store certs = new JcaCertStore(certChain);
CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BouncyCastleProvider.PROVIDER_NAME).build(caPrivateKey);
cmsSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build())
.build(sha1Signer, caCertificate));
cmsSignedDataGenerator.addCertificates(certs);
CMSTypedData chainMessage = new CMSProcessableByteArray("chain".getBytes());
CMSSignedData sigData = cmsSignedDataGenerator.generate(chainMessage, false);
return sigData;
} catch(Exception e) {
throw new RuntimeException("Error while generating certificate chain: " + e.getMessage(), e);
}
}
示例2: generateSignatureBlock
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
private static byte[] generateSignatureBlock(
SignerConfig signerConfig, byte[] signatureFileBytes)
throws InvalidKeyException, CertificateEncodingException, SignatureException {
JcaCertStore certs = new JcaCertStore(signerConfig.certificates);
X509Certificate signerCert = signerConfig.certificates.get(0);
String jcaSignatureAlgorithm =
getJcaSignatureAlgorithm(
signerCert.getPublicKey(), signerConfig.signatureDigestAlgorithm);
try {
ContentSigner signer =
new JcaContentSignerBuilder(jcaSignatureAlgorithm)
.build(signerConfig.privateKey);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSignerInfoGenerator(
new SignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().build(),
SignerInfoSignatureAlgorithmFinder.INSTANCE)
.setDirectSignature(true)
.build(signer, new JcaX509CertificateHolder(signerCert)));
gen.addCertificates(certs);
CMSSignedData sigData =
gen.generate(new CMSProcessableByteArray(signatureFileBytes), false);
ByteArrayOutputStream out = new ByteArrayOutputStream();
try (ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded())) {
DEROutputStream dos = new DEROutputStream(out);
dos.writeObject(asn1.readObject());
}
return out.toByteArray();
} catch (OperatorCreationException | CMSException | IOException e) {
throw new SignatureException("Failed to generate signature", e);
}
}
示例3: generateOCSPRequest
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
/**
* Generates an OCSP request using BouncyCastle.
* @param issuerCert certificate of the issues
* @param serialNumber serial number
* @return an OCSP request
* @throws OCSPException
* @throws IOException
*/
private static OCSPReq generateOCSPRequest(X509Certificate issuerCert, BigInteger serialNumber) throws OCSPException, IOException, OperatorException, CertificateEncodingException {
//Add provider BC
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
JcaDigestCalculatorProviderBuilder digestCalculatorProviderBuilder = new JcaDigestCalculatorProviderBuilder();
DigestCalculatorProvider digestCalculatorProvider = digestCalculatorProviderBuilder.build();
DigestCalculator digestCalculator = digestCalculatorProvider.get(CertificateID.HASH_SHA1);
// Generate the id for the certificate we are looking for
CertificateID id = new CertificateID(digestCalculator, new JcaX509CertificateHolder(issuerCert), serialNumber);
// basic request generation with nonce
OCSPReqBuilder gen = new OCSPReqBuilder();
gen.addRequest(id);
// create details for nonce extension
Extension ext = new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, new DEROctetString(new DEROctetString(PdfEncryption.createDocumentId()).getEncoded()));
gen.setRequestExtensions(new Extensions(new Extension[]{ext}));
return gen.build();
}
示例4: isRevocationValid
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
/**
* Checks if OCSP revocation refers to the document signing certificate.
* @return true if it checks false otherwise
* @since 2.1.6
*/
public boolean isRevocationValid() {
if (basicResp == null)
return false;
if (signCerts.size() < 2)
return false;
try {
X509Certificate[] cs = (X509Certificate[])getSignCertificateChain();
SingleResp sr = basicResp.getResponses()[0];
CertificateID cid = sr.getCertID();
X509Certificate sigcer = getSigningCertificate();
X509Certificate isscer = cs[1];
CertificateID tis = new CertificateID(
new JcaDigestCalculatorProviderBuilder().build().get(CertificateID.HASH_SHA1), new JcaX509CertificateHolder(isscer), sigcer.getSerialNumber());
return tis.equals(cid);
}
catch (Exception ex) {
}
return false;
}
示例5: generateSignatureBlock
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
private static byte[] generateSignatureBlock(SignerConfig signerConfig, byte[] signatureFileBytes) throws InvalidKeyException, CertificateEncodingException, SignatureException {
JcaCertStore certs = new JcaCertStore(signerConfig.certificates);
X509Certificate signerCert = signerConfig.certificates.get(0);
String jcaSignatureAlgorithm = getJcaSignatureAlgorithm(signerCert.getPublicKey(), signerConfig.signatureDigestAlgorithm);
try {
ContentSigner signer = new JcaContentSignerBuilder(jcaSignatureAlgorithm).build(signerConfig.privateKey);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSignerInfoGenerator(new SignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build(), SignerInfoSignatureAlgorithmFinder.INSTANCE).setDirectSignature(true).build(signer,
new JcaX509CertificateHolder(signerCert)));
gen.addCertificates(certs);
CMSSignedData sigData = gen.generate(new CMSProcessableByteArray(signatureFileBytes), false);
ByteArrayOutputStream out = new ByteArrayOutputStream();
try (ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded())) {
DEROutputStream dos = new DEROutputStream(out);
dos.writeObject(asn1.readObject());
}
return out.toByteArray();
} catch (OperatorCreationException | CMSException | IOException e) {
throw new SignatureException("Failed to generate signature", e);
}
}
示例6: createTimeStampToken
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
public static TimeStampToken createTimeStampToken(PrivateKey privateKey, List<X509Certificate> certificateChain)
throws Exception {
Store certs = new JcaCertStore(certificateChain);
TimeStampRequestGenerator requestGen = new TimeStampRequestGenerator();
requestGen.setCertReq(true);
TimeStampRequest request = requestGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
new JcaSimpleSignerInfoGeneratorBuilder().build("SHA1withRSA", privateKey, certificateChain.get(0)),
new JcaDigestCalculatorProviderBuilder().build()
.get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1)),
new ASN1ObjectIdentifier("1.2"));
tsTokenGen.addCertificates(certs);
return tsTokenGen.generate(request, BigInteger.ONE, new Date());
}
示例7: testCMSSignature
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
@Test
public void testCMSSignature() throws Exception {
Security.addProvider(new BeIDProvider());
Security.addProvider(new BouncyCastleProvider());
KeyStore keyStore = KeyStore.getInstance("BeID");
keyStore.load(null);
PrivateKey privateKey = (PrivateKey) keyStore.getKey("Authentication",
null);
X509Certificate certificate = (X509Certificate) keyStore
.getCertificate("Authentication");
CMSTypedData msg = new CMSProcessableByteArray(
"Hello world!".getBytes());
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA")
.build(privateKey);
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider("BC")
.build()).build(sha1Signer, certificate));
CMSSignedData sigData = gen.generate(msg, false);
}
示例8: sign
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
private byte[] sign(byte[] data) throws SignatureException {
CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
try {
ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256withRSA").build(this.privateKey);
cmsSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build())
.build(contentSigner, this.certificateChain.get(0)));
for (X509Certificate certificate : this.certificateChain) {
cmsSignedDataGenerator.addCertificate(new X509CertificateHolder(certificate.getEncoded()));
}
CMSTypedData cmsTypedData = new CMSProcessableByteArray(data);
CMSSignedData cmsSignedData = cmsSignedDataGenerator.generate(cmsTypedData, true);
return cmsSignedData.getEncoded();
} catch (Exception e) {
throw new SignatureException(e);
}
}
示例9: sign
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
private byte[] sign(byte[] data, boolean includeCertificate)
throws OperatorCreationException, CertificateEncodingException,
CMSException, IOException {
CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256WITHRSAANDMGF1")
.build(this.authenticationPrivateKey);
cmsSignedDataGenerator
.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().build())
.build(contentSigner, this.authenticationCertificate));
if (includeCertificate) {
cmsSignedDataGenerator.addCertificate(new X509CertificateHolder(
this.authenticationCertificate.getEncoded()));
}
CMSTypedData cmsTypedData = new CMSProcessableByteArray(data);
CMSSignedData cmsSignedData = cmsSignedDataGenerator.generate(
cmsTypedData, true);
return cmsSignedData.getEncoded();
}
示例10: getOCSPReqBuilder
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
private OCSPReqBuilder getOCSPReqBuilder(BigInteger serialNumber) throws Exception {
// Generate the id for the certificate we are looking for
CertificateID id = new CertificateID(
new JcaDigestCalculatorProviderBuilder().setProvider("BC").build().get(CertificateID.HASH_SHA1),
new X509CertificateHolder(issuingCertificate.getEncoded()),
serialNumber
);
OCSPReqBuilder requestBuilder = new OCSPReqBuilder();
requestBuilder.addRequest(id, new Extensions(new Extension[] { buildNonceExtension() }));
// create nonce extension
requestBuilder.setRequestExtensions(new Extensions(new Extension[] { buildNonceExtension() }));
return requestBuilder;
}
示例11: createSignerInfoGenerator
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
private SignerInfoGenerator createSignerInfoGenerator()
{
try
{
ContentSigner sha1Signer = createContentSigner();
JcaDigestCalculatorProviderBuilder digestProviderBuilder = new JcaDigestCalculatorProviderBuilder().setProvider("BC");
JcaSignerInfoGeneratorBuilder signerInfoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(
digestProviderBuilder.build());
return signerInfoGeneratorBuilder.build(sha1Signer, signerCertificate);
}
catch (CertificateException | OperatorCreationException e)
{
throw YonaException.unexpected(e);
}
}
示例12: sign
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
@Override
public byte[] sign(byte[] data) throws Exception {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
KeyStore inStore = KeyStore.getInstance("PKCS12");
inStore.load(new FileInputStream(packageZipConfiguration.pushPackageSignerCertPath), packageZipConfiguration.pushPackageSignerCertPassword.toCharArray());
Key key = inStore.getKey(packageZipConfiguration.pushPackageSignerCertName, packageZipConfiguration.pushPackageSignerCertPassword.toCharArray());
PrivateKey privateKey = RSAPrivateKeyImpl.parseKey(new DerValue(key.getEncoded()));
Certificate certificate = inStore.getCertificate(packageZipConfiguration.pushPackageSignerCertName);
X509CertificateHolder certificateHolder = new X509CertificateHolder(certificate.getEncoded());
List certList = new ArrayList();
CMSTypedData msg = new CMSProcessableByteArray(data); //Data to sign
certList.add(certificateHolder); //Adding the X509 Certificate
Store certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
//Initializing the the BC's Signer
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(privateKey);
gen.addSignerInfoGenerator(
new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider("BC").build())
.build(sha1Signer, certificateHolder));
//adding the certificate
gen.addCertificates(certs);
//Getting the signed data
CMSSignedData sigData = gen.generate(msg, false);
return sigData.getEncoded();
}
示例13: testSHA1WithRSAEncapsulatedParserAndFile
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
public void testSHA1WithRSAEncapsulatedParserAndFile()
throws Exception
{
File tmp = File.createTempFile("bcTest", ".mime");
MimeBodyPart res = generateEncapsulatedRsa("SHA1withRSA", msg);
SMIMESignedParser s = new SMIMESignedParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), res, tmp);
FileBackedMimeBodyPart content = (FileBackedMimeBodyPart)s.getContent();
verifyMessageBytes(msg, s.getContent());
verifySigners(s.getCertificates(), s.getSignerInfos());
assertTrue(tmp.exists());
s.close();
content.dispose();
assertFalse(tmp.exists());
}
示例14: doVerify
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
/**
* @deprecated
*/
private boolean doVerify(
PublicKey key,
Provider sigProvider)
throws CMSException, NoSuchAlgorithmException
{
try
{
SignerInformationVerifier verifier;
if (sigProvider != null)
{
if (!sigProvider.getName().equalsIgnoreCase("BC"))
{
verifier = new JcaSignerInfoVerifierBuilder(new JcaDigestCalculatorProviderBuilder().build()).setProvider(sigProvider).build(key);
}
else
{
verifier = new JcaSimpleSignerInfoVerifierBuilder().setProvider(sigProvider).build(key);
}
}
else
{
verifier = new JcaSimpleSignerInfoVerifierBuilder().build(key);
}
return doVerify(verifier);
}
catch (OperatorCreationException e)
{
throw new CMSException("unable to create verifier: " + e.getMessage(), e);
}
}
示例15: writeSignatureBlock
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; //导入依赖的package包/类
/**
* Write the certificate file with a digital signature.
*/
private void writeSignatureBlock(CMSTypedData data,
X509Certificate publicKey,
PrivateKey privateKey) throws IOException, CertificateEncodingException, OperatorCreationException, CMSException {
ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>();
certList.add(publicKey);
JcaCertStore certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1with" +
privateKey.getAlgorithm()).build(
privateKey);
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder()
.build()).setDirectSignature(
true).build(sha1Signer, publicKey));
gen.addCertificates(certs);
CMSSignedData sigData = gen.generate(data, false);
ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded());
DEROutputStream dos = new DEROutputStream(mOutputJar);
dos.writeObject(asn1.readObject());
dos.flush();
dos.close();
asn1.close();
}