本文整理汇总了Java中sun.security.pkcs.SignerInfo类的典型用法代码示例。如果您正苦于以下问题:Java SignerInfo类的具体用法?Java SignerInfo怎么用?Java SignerInfo使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
SignerInfo类属于sun.security.pkcs包,在下文中一共展示了SignerInfo类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: main
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
public static void main(String[] args) throws Exception {
byte[] data = "Hello".getBytes();
X500Name n = new X500Name("cn=Me");
CertAndKeyGen cakg = new CertAndKeyGen("RSA", "SHA256withRSA");
cakg.generate(1024);
X509Certificate cert = cakg.getSelfCertificate(n, 1000);
MessageDigest md = MessageDigest.getInstance("SHA-256");
PKCS9Attributes authed = new PKCS9Attributes(new PKCS9Attribute[]{
new PKCS9Attribute(PKCS9Attribute.CONTENT_TYPE_OID, ContentInfo.DATA_OID),
new PKCS9Attribute(PKCS9Attribute.MESSAGE_DIGEST_OID, md.digest(data)),
});
Signature s = Signature.getInstance("SHA256withRSA");
s.initSign(cakg.getPrivateKey());
s.update(authed.getDerEncoding());
byte[] sig = s.sign();
SignerInfo signerInfo = new SignerInfo(
n,
cert.getSerialNumber(),
AlgorithmId.get("SHA-256"),
authed,
AlgorithmId.get("SHA256withRSA"),
sig,
null
);
PKCS7 pkcs7 = new PKCS7(
new AlgorithmId[] {signerInfo.getDigestAlgorithmId()},
new ContentInfo(data),
new X509Certificate[] {cert},
new SignerInfo[] {signerInfo});
if (pkcs7.verify(signerInfo, data) == null) {
throw new Exception("Not verified");
}
}
示例2: checkTimestamp
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
static void checkTimestamp(String file, String policyId, String digestAlg)
throws Exception {
try (JarFile jf = new JarFile(file)) {
JarEntry je = jf.getJarEntry("META-INF/OLD.RSA");
try (InputStream is = jf.getInputStream(je)) {
byte[] content = IOUtils.readFully(is, -1, true);
PKCS7 p7 = new PKCS7(content);
SignerInfo[] si = p7.getSignerInfos();
if (si == null || si.length == 0) {
throw new Exception("Not signed");
}
PKCS9Attribute p9 = si[0].getUnauthenticatedAttributes()
.getAttribute(PKCS9Attribute.SIGNATURE_TIMESTAMP_TOKEN_OID);
PKCS7 tsToken = new PKCS7((byte[]) p9.getValue());
TimestampToken tt =
new TimestampToken(tsToken.getContentInfo().getData());
if (!tt.getHashAlgorithm().toString().equals(digestAlg)) {
throw new Exception("Digest alg different");
}
if (!tt.getPolicyID().equals(policyId)) {
throw new Exception("policyId different");
}
}
}
}
示例3: signatureBlock
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
/** Write a .RSA file with a digital signature. */
private static void signatureBlock(
Signature signature,
X509Certificate publicKey,
OutputStream out)
throws IOException, GeneralSecurityException {
SignerInfo signerInfo = new SignerInfo(
new X500Name(publicKey.getIssuerX500Principal().getName()),
publicKey.getSerialNumber(),
AlgorithmId.get("SHA1"),
AlgorithmId.get("RSA"),
signature.sign());
PKCS7 pkcs7 = new PKCS7(
new AlgorithmId[] { AlgorithmId.get("SHA1") },
new ContentInfo(ContentInfo.DATA_OID, null),
new X509Certificate[] { publicKey },
new SignerInfo[] { signerInfo });
System.out.print("\rGenerating signature block...");
pkcs7.encodeSignedData(out);
}
示例4: writeSignatureBlock
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
/**
* Write the certificate file with a digital signature.
*/
private void writeSignatureBlock(Signature signature, X509Certificate publicKey,
PrivateKey privateKey)
throws IOException, GeneralSecurityException {
SignerInfo signerInfo = new SignerInfo(
new X500Name(publicKey.getIssuerX500Principal().getName()),
publicKey.getSerialNumber(),
AlgorithmId.get(DIGEST_ALGORITHM),
AlgorithmId.get(privateKey.getAlgorithm()),
signature.sign());
PKCS7 pkcs7 = new PKCS7(
new AlgorithmId[]{AlgorithmId.get(DIGEST_ALGORITHM)},
new ContentInfo(ContentInfo.DATA_OID, null),
new X509Certificate[]{publicKey},
new SignerInfo[]{signerInfo});
pkcs7.encodeSignedData(mOutputJar);
}
示例5: writeSignatureBlock
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
/** Write the certificate file with a digital signature. */
private void writeSignatureBlock(Signature signature, X509Certificate publicKey,
PrivateKey privateKey)
throws IOException, GeneralSecurityException {
SignerInfo signerInfo = new SignerInfo(
new X500Name(publicKey.getIssuerX500Principal().getName()),
publicKey.getSerialNumber(),
AlgorithmId.get(DIGEST_ALGORITHM),
AlgorithmId.get(privateKey.getAlgorithm()),
signature.sign());
PKCS7 pkcs7 = new PKCS7(
new AlgorithmId[] { AlgorithmId.get(DIGEST_ALGORITHM) },
new ContentInfo(ContentInfo.DATA_OID, null),
new X509Certificate[] { publicKey },
new SignerInfo[] { signerInfo });
pkcs7.encodeSignedData(mOutputJar);
}
示例6: checkTimestamp
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
static void checkTimestamp(String file, String policyId, String digestAlg)
throws Exception {
try (JarFile jf = new JarFile(file)) {
JarEntry je = jf.getJarEntry("META-INF/OLD.RSA");
try (InputStream is = jf.getInputStream(je)) {
byte[] content = is.readAllBytes();
PKCS7 p7 = new PKCS7(content);
SignerInfo[] si = p7.getSignerInfos();
if (si == null || si.length == 0) {
throw new Exception("Not signed");
}
PKCS9Attribute p9 = si[0].getUnauthenticatedAttributes()
.getAttribute(PKCS9Attribute.SIGNATURE_TIMESTAMP_TOKEN_OID);
PKCS7 tsToken = new PKCS7((byte[]) p9.getValue());
TimestampToken tt =
new TimestampToken(tsToken.getContentInfo().getData());
if (!tt.getHashAlgorithm().toString().equals(digestAlg)) {
throw new Exception("Digest alg different");
}
if (!tt.getPolicyID().equals(policyId)) {
throw new Exception("policyId different");
}
}
}
}
示例7: writeSignatureBlock
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
/** Write a .RSA file with a digital signature. */
private static void writeSignatureBlock(
Signature signature, X509Certificate publicKey, OutputStream out)
throws IOException, GeneralSecurityException {
SignerInfo signerInfo = new SignerInfo(
new X500Name(publicKey.getIssuerX500Principal().getName()),
publicKey.getSerialNumber(),
AlgorithmId.get("SHA1"),
AlgorithmId.get("RSA"),
signature.sign());
PKCS7 pkcs7 = new PKCS7(
new AlgorithmId[] { AlgorithmId.get("SHA1") },
new ContentInfo(ContentInfo.DATA_OID, null),
new X509Certificate[] { publicKey },
new SignerInfo[] { signerInfo });
pkcs7.encodeSignedData(out);
}
示例8: writeSignatureBlock
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
/** Write the certificate file with a digital signature. */
private void writeSignatureBlock(Signature signature, X509Certificate publicKey,
PrivateKey privateKey)
throws IOException, GeneralSecurityException {
SignerInfo signerInfo = new SignerInfo(
new X500Name(publicKey.getIssuerX500Principal().getName()),
publicKey.getSerialNumber(),
AlgorithmId.get(DIGEST_ALGORITHM),
AlgorithmId.get(privateKey.getAlgorithm()),
signature.sign());
PKCS7 pkcs7 = new PKCS7(
new AlgorithmId[] { AlgorithmId.get(DIGEST_ALGORITHM) },
new ContentInfo(ContentInfo.DATA_OID, null),
new X509Certificate[] { publicKey },
new SignerInfo[] { signerInfo });
pkcs7.encodeSignedData(mOutputJar);
}
示例9: verify
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
public static void verify(byte[] sign, byte[] data)
throws IOException, NoSuchAlgorithmException, SignatureException,
InvalidKeyException, CertificateException, NoSuchProviderException {
PKCS7 p7 = new PKCS7(sign);
SignerInfo[] sis = p7.verify(data);
// check the results of the verification
if (sis == null)
throw new SignatureException("Signature failed verification, data has been tampered");
/* for (int i = 0; i < sis.length; i++) {
SignerInfo si = sis[i];
X509Certificate cert = si.getCertificate(p7);
// 证书是否过期验证,如果不用系统日期可用cert.checkValidity(date);
cert.checkValidity();
// if (!cert.equals(rootCertificate)) {
// //验证证书签名
// cert.verify(rootCertificate.getPublicKey());
// }
// 验证dn
if (i == 0 && dn != null) {
X500Principal name = cert.getSubjectX500Principal();
if (!dn.equals(name.getName(X500Principal.RFC1779))
&& !new X500Principal(dn).equals(name))
throw new SignatureException("Signer dn '"
+ name.getName(X500Principal.RFC1779)
+ "' does not matchs '" + dn + "'");
}
} */
}
示例10: verifyJarSignature
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
private boolean verifyJarSignature(JarFile jar) throws IOException, NoSuchAlgorithmException, SignatureException,
InvalidKeyException, CertificateException, NoSuchProviderException {
SignatureBean sgb = getSpecifyFileBytes(jar);
if (sgb == null) {
return false;
}
PKCS7 p7 = new PKCS7(sgb.getRsaFileBytes());
SignerInfo[] sis = p7.verify(sgb.getSfFileBytes());
if (sis == null)
return false;
else
return true;
}
示例11: encodePKCS7
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
/**
* Encode the CertPath using PKCS#7 format.
*
* @return a byte array containing the binary encoding of the PKCS#7 object
* @exception CertificateEncodingException if an exception occurs
*/
private byte[] encodePKCS7() throws CertificateEncodingException {
PKCS7 p7 = new PKCS7(new AlgorithmId[0],
new ContentInfo(ContentInfo.DATA_OID, null),
certs.toArray(new X509Certificate[certs.size()]),
new SignerInfo[0]);
DerOutputStream derout = new DerOutputStream();
try {
p7.encodeSignedData(derout);
} catch (IOException ioe) {
throw new CertificateEncodingException(ioe.getMessage());
}
return derout.toByteArray();
}
示例12: getSigners
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
/**
* Given the PKCS7 block and SignerInfo[], create an array of
* CodeSigner objects. We do this only *once* for a given
* signature block file.
*/
private CodeSigner[] getSigners(SignerInfo infos[], PKCS7 block)
throws IOException, NoSuchAlgorithmException, SignatureException,
CertificateException {
ArrayList<CodeSigner> signers = null;
for (int i = 0; i < infos.length; i++) {
SignerInfo info = infos[i];
ArrayList<X509Certificate> chain = info.getCertificateChain(block);
CertPath certChain = certificateFactory.generateCertPath(chain);
if (signers == null) {
signers = new ArrayList<CodeSigner>();
}
// Append the new code signer
signers.add(new CodeSigner(certChain, info.getTimestamp()));
if (debug != null) {
debug.println("Signature Block Certificate: " +
chain.get(0));
}
}
if (signers != null) {
return signers.toArray(new CodeSigner[signers.size()]);
} else {
return null;
}
}
示例13: printSignerInfos
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
static void printSignerInfos(SignerInfo signerInfo) throws IOException {
ByteArrayOutputStream strm = new ByteArrayOutputStream();
signerInfo.derEncode(strm);
System.out.println("SignerInfo, length: "
+ strm.toByteArray().length);
System.out.println(hexDump.encode(strm.toByteArray()));
System.out.println("\n");
strm.reset();
}
示例14: getSigners
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
/**
* Given the PKCS7 block and SignerInfo[], create an array of
* CodeSigner objects. We do this only *once* for a given
* signature block file.
*/
private CodeSigner[] getSigners(SignerInfo[] infos, PKCS7 block)
throws IOException, NoSuchAlgorithmException, SignatureException,
CertificateException {
ArrayList<CodeSigner> signers = null;
for (int i = 0; i < infos.length; i++) {
SignerInfo info = infos[i];
ArrayList<X509Certificate> chain = info.getCertificateChain(block);
CertPath certChain = certificateFactory.generateCertPath(chain);
if (signers == null) {
signers = new ArrayList<>();
}
// Append the new code signer
signers.add(new CodeSigner(certChain, info.getTimestamp()));
if (debug != null) {
debug.println("Signature Block Certificate: " +
chain.get(0));
}
}
if (signers != null) {
return signers.toArray(new CodeSigner[signers.size()]);
} else {
return null;
}
}
示例15: Signer
import sun.security.pkcs.SignerInfo; //导入依赖的package包/类
private Signer(
String name,
CentralDirectoryRecord sigBlockEntry,
CentralDirectoryRecord sigFileEntry,
Result.SignerInfo result) {
mName = name;
mResult = result;
mSignatureBlockEntry = sigBlockEntry;
mSignatureFileEntry = sigFileEntry;
}