Java SMIMESignedGenerator.addSignerInfoGenerator方法代码示例

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
private MimeMultipart generateMultiPartECGost(
    MimeBodyPart msg)
    throws Exception
{
    List certList = new ArrayList();

    certList.add(_signCert);
    certList.add(_signEcGostCert);

    Store certs = new JcaCertStore(certList);

    SMIMESignedGenerator gen = new SMIMESignedGenerator();

    gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).build("GOST3411withECGOST3410", _signEcGostKP.getPrivate(), _signEcGostCert));
    gen.addCertificates(certs);

    return gen.generate(msg);
}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
@Test
public void testOutput2() throws Exception {
    SMIMESignedGenerator gen = new SMIMESignedGenerator();
    SignerInfoGenerator signer = new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC").build("SHA1WITHRSA", privateKey, cert);
    gen.addSignerInfoGenerator(signer);

    MimeMultipart mp = gen.generate(createMsg());

    ByteArrayOutputStream os = new ByteArrayOutputStream();
    mp.writeTo(os);

    ByteArrayInputStream is = new ByteArrayInputStream(os.toByteArray());
    String contentType = mp.getContentType();
    contentType = contentType.replace("\r\n", "").replace("\t", " ");

    ByteArrayDataSource ds = new ByteArrayDataSource(is, contentType);
    MimeMultipart mm = new MimeMultipart(ds);
    MimeBodyPart part = (MimeBodyPart) mm.getBodyPart(0);


}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
@Test
public void testPythonVerified() throws Exception {
    SMIMESignedGenerator gen = new SMIMESignedGenerator();
    SignerInfoGenerator signer = new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC").build("SHA1WITHRSA", privateKey, cert);
    gen.addSignerInfoGenerator(signer);

    MimeMultipart mp = gen.generate(createMsg());
    ByteArrayOutputStream os = new ByteArrayOutputStream();
    mp.writeTo(os);
    String contentType = mp.getContentType();
    contentType = contentType.replace("\r\n", "").replace("\t", " ");
    System.out.println(contentType);
    String s = new String(os.toByteArray());
    StringBuilder builder = new StringBuilder();
    builder.append("Content-Type: ").append(contentType).append("\r\n\r\n").append(s);
    String output = builder.toString();

    FileOutputStream fp = new FileOutputStream("smime_signed.txt");
    fp.write(output.getBytes());
    fp.close();


}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
@Override
public void writeTo(SignedOutput out, Class<?> type, Type genericType, Annotation[] annotations, MediaType mediaType, MultivaluedMap<String, Object> headers, OutputStream os) throws IOException, WebApplicationException {
    try {
        SMIMESignedGenerator gen = new SMIMESignedGenerator();
        SignerInfoGenerator signer = new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC").build("SHA1WITHRSA", out.getPrivateKey(), out.getCertificate());
        gen.addSignerInfoGenerator(signer);

        MimeMultipart mp = gen.generate(EnvelopedWriter.createBodyPart(providers, out));
        String contentType = mp.getContentType();
        contentType = contentType.replace("\r\n", "").replace("\t", " ");
        headers.putSingle("Content-Type", contentType);
        mp.writeTo(os);
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
private MimeMultipart generateMultiPartRsa(
    String       algorithm,
    MimeBodyPart msg,
    Date         signingTime,
    Map          micalgs)
    throws Exception
{
    List certList = new ArrayList();

    certList.add(_signCert);
    certList.add(_origCert);

    Store certs = new JcaCertStore(certList);

    ASN1EncodableVector signedAttrs = generateSignedAttributes();
    
    if (signingTime != null)
    {
        signedAttrs.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(signingTime))));
    }

    SMIMESignedGenerator gen = new SMIMESignedGenerator(micalgs);

    gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(signedAttrs))).build(algorithm, _signKP.getPrivate(), _signCert));
    gen.addCertificates(certs);

    return gen.generate(msg);
}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
private MimeMultipart generateMultiPartRsaPSS(
    String digest,
    MimeBodyPart msg,
    Date         signingTime)
    throws Exception
{
    List certList = new ArrayList();

    certList.add(_signCert);
    certList.add(_origCert);

    Store certs = new JcaCertStore(certList);

    ASN1EncodableVector signedAttrs = generateSignedAttributes();

    if (signingTime != null)
    {
        signedAttrs.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(signingTime))));
    }

    SMIMESignedGenerator gen = new SMIMESignedGenerator();

    gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).setSignedAttributeGenerator(new AttributeTable(signedAttrs)).build(digest + "withRSAandMGF1", _signKP.getPrivate(), _signCert));
    gen.addCertificates(certs);

    return gen.generate(msg);
}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
@Test
public void testOutput() throws Exception {
    SMIMESignedGenerator gen = new SMIMESignedGenerator();
    SignerInfoGenerator signer = new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC").build("SHA1WITHRSA", privateKey, cert);
    gen.addSignerInfoGenerator(signer);

    MimeMultipart mp = gen.generate(createMsg());

    output(mp);

}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
@PublicAtsApi
public Package sign( Package sourcePackage ) throws ActionException {

    try {
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }

        KeyStore ks = getKeystore();
        PrivateKey privateKey = (PrivateKey) ks.getKey(aliasOrCN, certPassword.toCharArray());
        X509Certificate cer = (X509Certificate) ks.getCertificate(aliasOrCN);

        /* Create the SMIMESignedGenerator */
        SMIMECapabilityVector capabilities = new SMIMECapabilityVector();
        capabilities.addCapability(SMIMECapability.dES_EDE3_CBC);
        capabilities.addCapability(SMIMECapability.rC2_CBC, 128);
        capabilities.addCapability(SMIMECapability.dES_CBC);

        ASN1EncodableVector attributes = new ASN1EncodableVector();
        attributes.add(new SMIMEEncryptionKeyPreferenceAttribute(new IssuerAndSerialNumber(new X500Name( (cer).getIssuerDN()
                                                                                                              .getName()),
                                                                                           cer.getSerialNumber())));
        attributes.add(new SMIMECapabilitiesAttribute(capabilities));

        if (signatureAlgorithm == null) {
            signatureAlgorithm = SignatureAlgorithm.DSA.equals(privateKey.getAlgorithm())
                                                                                          ? "SHA1withDSA"
                                                                                          : "MD5withRSA";
        }

        SMIMESignedGenerator signer = new SMIMESignedGenerator();
        JcaSimpleSignerInfoGeneratorBuilder signerGeneratorBuilder = new JcaSimpleSignerInfoGeneratorBuilder();
        signerGeneratorBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME);
        signerGeneratorBuilder.setSignedAttributeGenerator(new AttributeTable(attributes));
        signer.addSignerInfoGenerator(signerGeneratorBuilder.build(signatureAlgorithm, privateKey,
                                                                   cer));

        /* Add the list of certs to the generator */
        List<X509Certificate> certList = new ArrayList<X509Certificate>();
        certList.add(cer);
        Store<?> certs = new JcaCertStore(certList);
        signer.addCertificates(certs);

        /* Sign the message */
        Session session = Session.getDefaultInstance(System.getProperties(), null);

        MimeMultipart mm = signer.generate(getMimeMessage(sourcePackage));
        MimeMessage signedMessage = new MimeMessage(session);

        /* Set all original MIME headers in the signed message */
        Enumeration<?> headers = getMimeMessage(sourcePackage).getAllHeaderLines();
        while (headers.hasMoreElements()) {
            signedMessage.addHeaderLine((String) headers.nextElement());
        }

        /* Set the content of the signed message */
        signedMessage.setContent(mm);
        signedMessage.saveChanges();

        return new MimePackage(signedMessage);
    } catch (Exception e) {
        throw new ActionException(EXCEPTION_WHILE_SIGNING, e);
    }
}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
private MimeBodyPart signMessage(MimeBodyPart bodyPart) throws Exception{
	X509Certificate cert = partnershipDVO.getVerifyX509Certificate();
	
	/* Create the SMIMESignedGenerator */
       SMIMECapabilityVector capabilities = new SMIMECapabilityVector();
       capabilities.addCapability(SMIMECapability.dES_EDE3_CBC);
       capabilities.addCapability(SMIMECapability.rC2_CBC, 128);
       capabilities.addCapability(SMIMECapability.dES_CBC);

       ASN1EncodableVector attributes = new ASN1EncodableVector();
       attributes.add(new SMIMEEncryptionKeyPreferenceAttribute(
           new IssuerAndSerialNumber(new X509Name(cert.getIssuerDN().getName()), cert.getSerialNumber()))
       );
       attributes.add(new SMIMECapabilitiesAttribute(capabilities));

       SMIMESignedGenerator signer = new SMIMESignedGenerator();
       signer.setContentTransferEncoding("base64");
signer.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(SECURITY_PROVIDER)
			      .setSignedAttributeGenerator(new AttributeTable(attributes))
			      .build("SHA1withRSA",
				     keyMan.getPrivateKey(),
				     partnershipDVO.getVerifyX509Certificate()));

       // Add the list of certs to the generator
       ArrayList certList = new ArrayList();
       certList.add(cert);
       CertStore certs = CertStore.getInstance("Collection",
               new CollectionCertStoreParameters(certList), "BC");
signer.addCertificates(new JcaCertStore(certList));

       // Sign body part
MimeMultipart mm = signer.generate(bodyPart);

       InternetHeaders headers = new InternetHeaders();
       boolean isContentTypeFolded = new Boolean(System.getProperty("mail.mime.foldtext","true")).booleanValue();
       headers.setHeader("Content-Type", isContentTypeFolded? mm.getContentType():mm.getContentType().replaceAll("\\s", " "));
       ByteArrayOutputStream baos = new ByteArrayOutputStream();
       mm.writeTo(baos);  
       MimeBodyPart signedPart = new MimeBodyPart(headers, baos.toByteArray());
       
       return signedPart;
}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
private MimeBodyPart generateEncapsulatedRsa(String sigAlg, MimeBodyPart msg)
    throws Exception
{
    List certList = new ArrayList();

    certList.add(_signCert);
    certList.add(_origCert);

    Store certs = new JcaCertStore(certList);

    ASN1EncodableVector signedAttrs = generateSignedAttributes();

    SMIMESignedGenerator gen = new SMIMESignedGenerator();

    gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).setSignedAttributeGenerator(new AttributeTable(signedAttrs)).build(sigAlg, _signKP.getPrivate(), _signCert));
    gen.addCertificates(certs);

    return gen.generateEncapsulated(msg);
}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
public void testMimeMultipartBinaryParser()
    throws Exception
{
    MimeBodyPart m = createMultipartMessage();

    List certList = new ArrayList();

    certList.add(_signCert);
    certList.add(_origCert);

    Store certs = new JcaCertStore(certList);

    ASN1EncodableVector signedAttrs = generateSignedAttributes();

    SMIMESignedGenerator gen = new SMIMESignedGenerator("binary");

    gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).setSignedAttributeGenerator(new AttributeTable(signedAttrs)).build("SHA1withRSA", _signKP.getPrivate(), _signCert));
    gen.addCertificates(certs);

    MimeMultipart mm = gen.generate(m);

    SMIMESignedParser s = new SMIMESignedParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), mm, "binary");

    verifySigners(s.getCertificates(), s.getSignerInfos());
}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
public void testHeadersEncapsulated()
    throws Exception
{
    List           certList = new ArrayList();

    certList.add(_signCert);
    certList.add(_origCert);

    Store           certs = new JcaCertStore(certList);

    ASN1EncodableVector signedAttrs = generateSignedAttributes();

    SMIMESignedGenerator gen = new SMIMESignedGenerator();

    gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).setSignedAttributeGenerator(new AttributeTable(signedAttrs)).build("SHA1withRSA", _signKP.getPrivate(), _signCert));

    gen.addCertificates(certs);

    MimeBodyPart res = gen.generateEncapsulated(msg);

    assertEquals("application/pkcs7-mime; name=smime.p7m; smime-type=signed-data", res.getHeader("Content-Type")[0]);
    assertEquals("attachment; filename=\"smime.p7m\"", res.getHeader("Content-Disposition")[0]);
    assertEquals("S/MIME Cryptographic Signed Data", res.getHeader("Content-Description")[0]);
}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
public void sign(X509Certificate cert, PrivateKey privateKey, String digestAlg) throws SFRMException {
      try {
      	
          /* Create the SMIMESignedGenerator */
          SMIMECapabilityVector capabilities = new SMIMECapabilityVector();
          capabilities.addCapability(SMIMECapability.dES_EDE3_CBC);
          capabilities.addCapability(SMIMECapability.rC2_CBC, 128);
          capabilities.addCapability(SMIMECapability.dES_CBC);
                      
          SMIMESignedGenerator signer = new SMIMESignedGenerator();
          
          signer.setContentTransferEncoding("binary");

   String signerDigestAlg = "";
   
   if (digestAlg.equalsIgnoreCase(ALG_SIGN_MD5))
signerDigestAlg = "MD5withRSA";
   else if (digestAlg.equalsIgnoreCase(ALG_SIGN_SHA1))
signerDigestAlg = "SHA1withRSA";
   else
throw new SFRMException("Encryption algorihtm error - " + digestAlg);

   signer.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder()
    .setProvider(SECURITY_PROVIDER)
    .build(signerDigestAlg, privateKey, cert));

          /* Add the list of certs to the generator */
          ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>();
          certList.add(cert);
          CertStore certs = CertStore.getInstance("Collection",
                  new CollectionCertStoreParameters(certList), "BC");
          // signer.addCertificatesAndCRLs(certs);
   signer.addCertificates(new JcaCertStore(certList));

          /* Sign the body part */
          MimeMultipart mm = signer.generate(bodyPart);

          InternetHeaders headers = new InternetHeaders();
          headers.setHeader("Content-Type", mm.getContentType());
          
          ByteArrayOutputStream baos = new ByteArrayOutputStream();
          mm.writeTo(baos);
         
          this.bodyPart = new MimeBodyPart(headers, baos.toByteArray());
          
          this.setIsSigned(true);
          
      } catch (org.bouncycastle.mail.smime.SMIMEException ex) {
          throw new SFRMException("Unable to sign body part", ex.getUnderlyingException());
      } catch (Exception e) {
          throw new SFRMException("Unable to sign body part", e);
      }
  }
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
public void testMD5WithRSAAddSignersSHA1()
    throws Exception
{
    MimeMultipart smm = generateMultiPartRsa("SHA1withRSA", msg, SMIMESignedGenerator.STANDARD_MICALGS);
    SMIMESigned   s = new SMIMESigned(smm);

    assertEquals("sha-1", getMicAlg(smm));

    List certList = new ArrayList();

    certList.add(_signCert);
    certList.add(_origCert);

    Store certs = new JcaCertStore(certList);

    SMIMESignedGenerator gen = new SMIMESignedGenerator();

    gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).build("MD5withRSA", _signKP.getPrivate(), _signCert));
    
    gen.addSigners(s.getSignerInfos());

    gen.addCertificates(certs);

    smm = gen.generate(msg);

    SMIMESigned newS =  new SMIMESigned(gen.generate(msg));

    verifyMessageBytes(msg, newS.getContent());

    verifySigners(newS.getCertificates(), newS.getSignerInfos());

    assertEquals("\"md5,sha-1\"", getMicAlg(smm));
}
 

import org.bouncycastle.mail.smime.SMIMESignedGenerator; //导入方法依赖的package包/类
public void testSHA224WithRSAParserEncryptedWithDES()
    throws Exception
{
    List certList = new ArrayList();
    
    certList.add(_signCert);
    certList.add(_origCert);

    Store certs = new JcaCertStore(certList);

    ASN1EncodableVector signedAttrs = generateSignedAttributes();

    SMIMESignedGenerator gen = new SMIMESignedGenerator();

    gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(signedAttrs))).build("SHA224withRSA", _signKP.getPrivate(), _signCert));
    gen.addCertificates(certs);

    MimeMultipart     smm = gen.generate(msg);
    SMIMESignedParser s = new SMIMESignedParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), smm);
    
    certs = s.getCertificates();
    
    assertEquals(getDigestOid(s.getSignerInfos()), NISTObjectIdentifiers.id_sha224.toString());
    
    verifyMessageBytes(msg, s.getContent());

    verifySigners(certs, s.getSignerInfos());
}