当前位置: 首页>>代码示例>>Java>>正文

Java CMSSignedDataGenerator.addCRLs方法代码示例

本文整理汇总了Java中org.bouncycastle.cms.CMSSignedDataGenerator.addCRLs方法的典型用法代码示例。如果您正苦于以下问题:Java CMSSignedDataGenerator.addCRLs方法的具体用法?Java CMSSignedDataGenerator.addCRLs怎么用?Java CMSSignedDataGenerator.addCRLs使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.bouncycastle.cms.CMSSignedDataGenerator的用法示例。


在下文中一共展示了CMSSignedDataGenerator.addCRLs方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: createCMSSignedDataGenerator

import org.bouncycastle.cms.CMSSignedDataGenerator; //导入方法依赖的package包/类
/**
 * Note:
 * Section 5.1 of RFC 3852 [4] requires that, the CMS SignedData version be set to 3 if certificates from
 * SignedData is present AND (any version 1 attribute certificates are present OR any SignerInfo structures
 * are version 3 OR eContentType from encapContentInfo is other than id-data). Otherwise, the CMS
 * SignedData version is required to be set to 1.
 * ---> CMS SignedData Version is handled automatically by BouncyCastle.
 *
 * @param parameters
 *            set of the driving signing parameters
 * @param contentSigner
 *            the contentSigned to get the hash of the data to be signed
 * @param signerInfoGeneratorBuilder
 *            true if the unsigned attributes must be included
 * @param originalSignedData
 *            the original signed data if extending an existing signature. null otherwise.
 * @return the bouncycastle signed data generator which signs the document and adds the required signed and unsigned
 *         CMS attributes
 * @throws eu.europa.esig.dss.DSSException
 */
protected CMSSignedDataGenerator createCMSSignedDataGenerator(final CAdESSignatureParameters parameters, final ContentSigner contentSigner,
		final SignerInfoGeneratorBuilder signerInfoGeneratorBuilder, final CMSSignedData originalSignedData) throws DSSException {
	try {

		final CertificateToken signingCertificate = parameters.getSigningCertificate();

		final CMSSignedDataGenerator generator = new CMSSignedDataGenerator();

		final X509CertificateHolder certHolder = DSSASN1Utils.getX509CertificateHolder(signingCertificate);
		final SignerInfoGenerator signerInfoGenerator = signerInfoGeneratorBuilder.build(contentSigner, certHolder);

		generator.addSignerInfoGenerator(signerInfoGenerator);

		final List<CertificateToken> certificateChain = new LinkedList<CertificateToken>();
		if (originalSignedData != null) {

			generator.addSigners(originalSignedData.getSignerInfos());
			generator.addAttributeCertificates(originalSignedData.getAttributeCertificates());
			generator.addCRLs(originalSignedData.getCRLs());
			generator.addOtherRevocationInfo(id_pkix_ocsp_basic, originalSignedData.getOtherRevocationInfo(id_pkix_ocsp_basic));
			generator.addOtherRevocationInfo(id_ri_ocsp_response, originalSignedData.getOtherRevocationInfo(id_ri_ocsp_response));

			final Store<X509CertificateHolder> certificates = originalSignedData.getCertificates();
			final Collection<X509CertificateHolder> certificatesMatches = certificates.getMatches(null);
			for (final X509CertificateHolder certificatesMatch : certificatesMatches) {
				final CertificateToken token = DSSASN1Utils.getCertificate(certificatesMatch);
				if (!certificateChain.contains(token)) {
					certificateChain.add(token);
				}
			}
		}

		final JcaCertStore jcaCertStore = getJcaCertStore(certificateChain, parameters);
		generator.addCertificates(jcaCertStore);
		return generator;
	} catch (CMSException | OperatorCreationException e) {
		throw new DSSException(e);
	}
}
开发者ID:esig,项目名称:dss,代码行数:60,代码来源:CMSSignedDataBuilder.java

示例2: regenerateCMSSignedData

import org.bouncycastle.cms.CMSSignedDataGenerator; //导入方法依赖的package包/类
protected CMSSignedData regenerateCMSSignedData(CMSSignedData cmsSignedData, CAdESSignatureParameters parameters, Store certificatesStore,
		Store attributeCertificatesStore, Store crlsStore, Store otherRevocationInfoFormatStoreBasic, Store otherRevocationInfoFormatStoreOcsp) {
	try {

		final CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
		cmsSignedDataGenerator.addSigners(cmsSignedData.getSignerInfos());
		cmsSignedDataGenerator.addAttributeCertificates(attributeCertificatesStore);
		cmsSignedDataGenerator.addCertificates(certificatesStore);
		cmsSignedDataGenerator.addCRLs(crlsStore);
		cmsSignedDataGenerator.addOtherRevocationInfo(id_pkix_ocsp_basic, otherRevocationInfoFormatStoreBasic);
		cmsSignedDataGenerator.addOtherRevocationInfo(id_ri_ocsp_response, otherRevocationInfoFormatStoreOcsp);
		final boolean encapsulate = cmsSignedData.getSignedContent() != null;
		if (!encapsulate) {
			List<DSSDocument> detachedContents = parameters.getDetachedContents();
			// CAdES can only sign one document
			final InputStream inputStream = detachedContents.get(0).openStream();
			final CMSProcessableByteArray content = new CMSProcessableByteArray(DSSUtils.toByteArray(inputStream));
			Utils.closeQuietly(inputStream);
			cmsSignedData = cmsSignedDataGenerator.generate(content, encapsulate);
		} else {
			cmsSignedData = cmsSignedDataGenerator.generate(cmsSignedData.getSignedContent(), encapsulate);
		}
		return cmsSignedData;
	} catch (CMSException e) {
		throw new DSSException(e);
	}
}
开发者ID:esig,项目名称:dss,代码行数:28,代码来源:CMSSignedDataBuilder.java

示例3: testSHA1WithRSACounterSignature

import org.bouncycastle.cms.CMSSignedDataGenerator; //导入方法依赖的package包/类
public void testSHA1WithRSACounterSignature()
    throws Exception
{
    List certList = new ArrayList();
    List crlList = new ArrayList();
    CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());

    certList.add(_signCert);
    certList.add(_origCert);

    crlList.add(_signCrl);

    Store           certStore = new JcaCertStore(certList);
    Store           crlStore = new JcaCRLStore(crlList);

    CMSSignedDataGenerator gen = new CMSSignedDataGenerator();

    ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_signKP.getPrivate());

    gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _signCert));

    gen.addCertificates(certStore);
    gen.addCRLs(crlStore);
    
    CMSSignedData s = gen.generate(msg, true);
    SignerInformation origSigner = (SignerInformation)s.getSignerInfos().getSigners().toArray()[0];
    SignerInformationStore counterSigners1 = gen.generateCounterSigners(origSigner);
    SignerInformationStore counterSigners2 = gen.generateCounterSigners(origSigner);

    SignerInformation signer1 = SignerInformation.addCounterSigners(origSigner, counterSigners1);
    SignerInformation signer2 = SignerInformation.addCounterSigners(signer1, counterSigners2);

    SignerInformationStore cs = signer2.getCounterSignatures();
    Collection csSigners = cs.getSigners();
    assertEquals(2, csSigners.size());

    Iterator it = csSigners.iterator();
    while (it.hasNext())
    {
        SignerInformation   cSigner = (SignerInformation)it.next();
        Collection certCollection = certStore.getMatches(cSigner.getSID());

        Iterator certIt = certCollection.iterator();
        X509CertificateHolder cert = (X509CertificateHolder)certIt.next();

        assertTrue(cSigner.isCounterSignature());
        assertNull(cSigner.getSignedAttributes().get(PKCSObjectIdentifiers.pkcs_9_at_contentType));
        assertEquals(true, cSigner.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
    }
}
开发者ID:credentials,项目名称:irma_future_id,代码行数:51,代码来源:BcSignedDataTest.java

示例4: testSHA1WithRSACounterSignature

import org.bouncycastle.cms.CMSSignedDataGenerator; //导入方法依赖的package包/类
public void testSHA1WithRSACounterSignature()
    throws Exception
{
    List                certList = new ArrayList();
    List                crlList = new ArrayList();
    CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());

    certList.add(_signCert);
    certList.add(_origCert);

    crlList.add(_signCrl);

    Store           certStore = new JcaCertStore(certList);
    Store           crlStore = new JcaCRLStore(crlList);

    CMSSignedDataGenerator gen = new CMSSignedDataGenerator();

    ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_signKP.getPrivate());

    gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _signCert));

    gen.addCertificates(certStore);
    gen.addCRLs(crlStore);
    
    CMSSignedData s = gen.generate(msg, true);
    SignerInformation origSigner = (SignerInformation)s.getSignerInfos().getSigners().toArray()[0];
    SignerInformationStore counterSigners1 = gen.generateCounterSigners(origSigner);
    SignerInformationStore counterSigners2 = gen.generateCounterSigners(origSigner);

    SignerInformation signer1 = SignerInformation.addCounterSigners(origSigner, counterSigners1);
    SignerInformation signer2 = SignerInformation.addCounterSigners(signer1, counterSigners2);

    SignerInformationStore cs = signer2.getCounterSignatures();
    Collection csSigners = cs.getSigners();
    assertEquals(2, csSigners.size());

    Iterator it = csSigners.iterator();
    while (it.hasNext())
    {
        SignerInformation   cSigner = (SignerInformation)it.next();
        Collection          certCollection = certStore.getMatches(cSigner.getSID());

        Iterator        certIt = certCollection.iterator();
        X509CertificateHolder cert = (X509CertificateHolder)certIt.next();

        assertTrue(cSigner.isCounterSignature());
        assertNull(cSigner.getSignedAttributes().get(PKCSObjectIdentifiers.pkcs_9_at_contentType));
        assertEquals(true, cSigner.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
    }
}
开发者ID:credentials,项目名称:irma_future_id,代码行数:51,代码来源:NewSignedDataTest.java


注:本文中的org.bouncycastle.cms.CMSSignedDataGenerator.addCRLs方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。