本文整理汇总了Java中org.bouncycastle.cms.CMSTypedData.getContent方法的典型用法代码示例。如果您正苦于以下问题:Java CMSTypedData.getContent方法的具体用法?Java CMSTypedData.getContent怎么用?Java CMSTypedData.getContent使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.cms.CMSTypedData的用法示例。
在下文中一共展示了CMSTypedData.getContent方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getSignedContent
import org.bouncycastle.cms.CMSTypedData; //导入方法依赖的package包/类
/**
* This method returns the signed content of CMSSignedData.
*
* @param cmsSignedData
* the already signed {@code CMSSignedData}
* @return the original toSignDocument or null
*/
private DSSDocument getSignedContent(final CMSSignedData cmsSignedData) {
if (cmsSignedData != null) {
final CMSTypedData signedContent = cmsSignedData.getSignedContent();
final byte[] documentBytes = (signedContent != null) ? (byte[]) signedContent.getContent() : null;
final InMemoryDocument inMemoryDocument = new InMemoryDocument(documentBytes);
return inMemoryDocument;
}
return null;
}
示例2: getCmsData
import org.bouncycastle.cms.CMSTypedData; //导入方法依赖的package包/类
private byte[] getCmsData(byte[] cms) throws Exception {
CMSSignedData cmsSignedData = new CMSSignedData(cms);
SignerInformationStore signers = cmsSignedData.getSignerInfos();
SignerInformation signer = (SignerInformation) signers.getSigners().iterator().next();
SignerId signerId = signer.getSID();
Store certificateStore = cmsSignedData.getCertificates();
Collection<X509CertificateHolder> certificateCollection = certificateStore.getMatches(signerId);
X509CertificateHolder certificateHolder = certificateCollection.iterator().next();
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(certificateHolder.getEncoded()));
// we trust SSL here, no need for explicit verification of CMS signing
// certificate
LOG.debug("CMS signing certificate subject: " + certificate.getSubjectX500Principal());
SignerInformationVerifier signerInformationVerifier = new JcaSimpleSignerInfoVerifierBuilder()
.build(certificate);
boolean signatureResult = signer.verify(signerInformationVerifier);
if (false == signatureResult) {
throw new SecurityException("woops");
}
CMSTypedData signedContent = cmsSignedData.getSignedContent();
byte[] responseData = (byte[]) signedContent.getContent();
return responseData;
}
示例3: getVerifiedContent
import org.bouncycastle.cms.CMSTypedData; //导入方法依赖的package包/类
private byte[] getVerifiedContent(byte[] cmsData)
throws CertificateException, CMSException, IOException,
OperatorCreationException {
CMSSignedData cmsSignedData = new CMSSignedData(cmsData);
SignerInformationStore signers = cmsSignedData.getSignerInfos();
SignerInformation signer = (SignerInformation) signers.getSigners()
.iterator().next();
SignerId signerId = signer.getSID();
Store certificateStore = cmsSignedData.getCertificates();
Collection<X509CertificateHolder> certificateCollection = certificateStore
.getMatches(signerId);
if (false == certificateCollection.isEmpty()) {
X509CertificateHolder certificateHolder = certificateCollection
.iterator().next();
CertificateFactory certificateFactory = CertificateFactory
.getInstance("X.509");
X509Certificate certificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(
certificateHolder.getEncoded()));
SignerInformationVerifier signerInformationVerifier = new JcaSimpleSignerInfoVerifierBuilder()
.build(certificate);
boolean signatureResult = signer.verify(signerInformationVerifier);
assertTrue(signatureResult);
LOG.debug("signer certificate: " + certificate);
} else {
LOG.warn("no signer matched");
}
CMSTypedData signedContent = cmsSignedData.getSignedContent();
byte[] data = (byte[]) signedContent.getContent();
return data;
}
示例4: testReadEncryptionToken
import org.bouncycastle.cms.CMSTypedData; //导入方法依赖的package包/类
@Test
public void testReadEncryptionToken() throws Exception {
InputStream etkInputStream = EncryptionTokenTest.class
.getResourceAsStream("/etk-fcorneli.der");
assertNotNull(etkInputStream);
CMSSignedData cmsSignedData = new CMSSignedData(etkInputStream);
LOG.debug("SignedData version: " + cmsSignedData.getVersion());
SignerInformationStore signers = cmsSignedData.getSignerInfos();
LOG.debug("signers: " + signers.size());
SignerInformation signer = (SignerInformation) signers.getSigners()
.iterator().next();
SignerId signerId = signer.getSID();
LOG.debug("signer Id: " + signerId.getIssuer());
Store certificateStore = cmsSignedData.getCertificates();
@SuppressWarnings("unchecked")
Collection<X509CertificateHolder> certificateCollection = certificateStore
.getMatches(signerId);
X509CertificateHolder certificateHolder = certificateCollection
.iterator().next();
LOG.debug("certificate collection size: "
+ certificateCollection.size());
CertificateFactory certificateFactory = CertificateFactory
.getInstance("X.509");
X509Certificate certificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(certificateHolder
.getEncoded()));
LOG.debug("signer certificate: " + certificate);
CMSTypedData signedContent = cmsSignedData.getSignedContent();
byte[] data = (byte[]) signedContent.getContent();
X509Certificate encryptionCertificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(data));
LOG.debug("encryption certificate: " + encryptionCertificate);
}
示例5: parseEncryptionCertificate
import org.bouncycastle.cms.CMSTypedData; //导入方法依赖的package包/类
private X509Certificate parseEncryptionCertificate(byte[] encodedEncryptionToken)
throws CMSException, CertificateException, IOException, OperatorCreationException {
CMSSignedData cmsSignedData = new CMSSignedData(encodedEncryptionToken);
// get signer identifier
SignerInformationStore signers = cmsSignedData.getSignerInfos();
SignerInformation signer = (SignerInformation) signers.getSigners().iterator().next();
SignerId signerId = signer.getSID();
// get signer certificate
Store certificateStore = cmsSignedData.getCertificates();
LOG.debug("certificate store type: " + certificateStore.getClass().getName());
@SuppressWarnings("unchecked")
Collection<X509CertificateHolder> signingCertificateCollection = certificateStore.getMatches(signerId);
X509CertificateHolder signingCertificateHolder = signingCertificateCollection.iterator().next();
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
X509Certificate signingCertificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(signingCertificateHolder.getEncoded()));
LOG.debug("signing certificate: " + signingCertificate.getSubjectX500Principal());
// verify CMS signature
SignerInformationVerifier signerInformationVerifier = new JcaSimpleSignerInfoVerifierBuilder()
.build(signingCertificate);
boolean signatureResult = signer.verify(signerInformationVerifier);
if (false == signatureResult) {
throw new SecurityException("ETK signature invalid");
}
// get encryption certificate
CMSTypedData signedContent = cmsSignedData.getSignedContent();
byte[] data = (byte[]) signedContent.getContent();
X509Certificate encryptionCertificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(data));
LOG.debug("all available certificates:");
logCertificates(certificateStore, null);
// get authentication certificate
CustomSelector authenticationSelector = new CustomSelector();
authenticationSelector.setSubject(encryptionCertificate.getIssuerX500Principal());
@SuppressWarnings("unchecked")
Collection<X509CertificateHolder> authenticationCertificates = certificateStore
.getMatches(authenticationSelector);
if (authenticationCertificates.size() != 1) {
LOG.debug("no authentication certificate match");
}
X509CertificateHolder authenticationCertificateHolder = authenticationCertificates.iterator().next();
this.authenticationCertificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(authenticationCertificateHolder.getEncoded()));
verifyProxyCertificate(encryptionCertificate, this.authenticationCertificate);
return encryptionCertificate;
}
示例6: getVerifiedContent
import org.bouncycastle.cms.CMSTypedData; //导入方法依赖的package包/类
private byte[] getVerifiedContent(byte[] cmsData)
throws CertificateException, CMSException, IOException,
OperatorCreationException {
CMSSignedData cmsSignedData = new CMSSignedData(cmsData);
SignerInformationStore signers = cmsSignedData.getSignerInfos();
SignerInformation signer = (SignerInformation) signers.getSigners()
.iterator().next();
SignerId signerId = signer.getSID();
Store certificateStore = cmsSignedData.getCertificates();
@SuppressWarnings("unchecked")
Collection<X509CertificateHolder> certificateCollection = certificateStore
.getMatches(signerId);
if (null == this.senderCertificate) {
if (certificateCollection.isEmpty()) {
throw new SecurityException("no sender certificate present");
}
X509CertificateHolder certificateHolder = certificateCollection
.iterator().next();
CertificateFactory certificateFactory = CertificateFactory
.getInstance("X.509");
X509Certificate certificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(
certificateHolder.getEncoded()));
this.senderCertificate = certificate;
LOG.debug("signer certificate subject: "
+ certificate.getSubjectX500Principal());
}
/*
* By reusing the sender certificate we have the guarantee that the
* outer signature and inner signature share the same origin.
*/
SignerInformationVerifier signerInformationVerifier = new JcaSimpleSignerInfoVerifierBuilder()
.build(this.senderCertificate);
boolean signatureResult = signer.verify(signerInformationVerifier);
if (false == signatureResult) {
throw new SecurityException("woops");
}
CMSTypedData signedContent = cmsSignedData.getSignedContent();
byte[] data = (byte[]) signedContent.getContent();
return data;
}
示例7: testSeal
import org.bouncycastle.cms.CMSTypedData; //导入方法依赖的package包/类
@Test
public void testSeal() throws Exception {
InputStream sealInputStream = SealTest.class
.getResourceAsStream("/seal-fcorneli.der");
assertNotNull(sealInputStream);
// check outer signature
CMSSignedData cmsSignedData = new CMSSignedData(sealInputStream);
SignerInformationStore signers = cmsSignedData.getSignerInfos();
SignerInformation signer = (SignerInformation) signers.getSigners()
.iterator().next();
SignerId signerId = signer.getSID();
Store certificateStore = cmsSignedData.getCertificates();
@SuppressWarnings("unchecked")
Collection<X509CertificateHolder> certificateCollection = certificateStore
.getMatches(signerId);
X509CertificateHolder certificateHolder = certificateCollection
.iterator().next();
CertificateFactory certificateFactory = CertificateFactory
.getInstance("X.509");
X509Certificate certificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(certificateHolder
.getEncoded()));
Security.addProvider(new BouncyCastleProvider());
SignerInformationVerifier signerInformationVerifier = new JcaSimpleSignerInfoVerifierBuilder()
.build(certificate);
boolean signatureResult = signer.verify(signerInformationVerifier);
assertTrue(signatureResult);
LOG.debug("signer certificate: " + certificate);
CMSTypedData signedContent = cmsSignedData.getSignedContent();
byte[] data = (byte[]) signedContent.getContent();
// decrypt content
CMSEnvelopedDataParser cmsEnvelopedDataParser = new CMSEnvelopedDataParser(
data);
LOG.debug("content encryption algo: "
+ cmsEnvelopedDataParser.getContentEncryptionAlgorithm()
.getAlgorithm().getId());
RecipientInformationStore recipientInformationStore = cmsEnvelopedDataParser
.getRecipientInfos();
@SuppressWarnings("unchecked")
Collection<RecipientInformation> recipients = recipientInformationStore
.getRecipients();
RecipientInformation recipientInformation = recipients.iterator()
.next();
LOG.debug("recipient info type: "
+ recipientInformation.getClass().getName());
KeyTransRecipientInformation keyTransRecipientInformation = (KeyTransRecipientInformation) recipientInformation;
}