Package org.apache.harmony.security.pkcs7

Examples of org.apache.harmony.security.pkcs7.ContentInfo


                // generate the object from PkiPath encoded form
                return (X509CertPathImpl) ASN1.decode(in);
            } else {
                // generate the object from PKCS #7 encoded form
                ContentInfo ci = (ContentInfo) ContentInfo.ASN1.decode(in);
                SignedData sd = ci.getSignedData();
                if (sd == null) {
                    throw new CertificateException(
                        Messages.getString("security.160")); //$NON-NLS-1$
                }
                List certs = sd.getCertificates();
                if (certs == null) {
                    // empty chain of certificates
                    certs = new ArrayList();
                }
                List result = new ArrayList();
View Full Code Here


                // generate the object from PkiPath encoded form
                return (X509CertPathImpl) ASN1.decode(in);
            } else {
                // generate the object from PKCS #7 encoded form
                ContentInfo ci = (ContentInfo) ContentInfo.ASN1.decode(in);
                SignedData sd = ci.getSignedData();
                if (sd == null) {
                    throw new CertificateException(
                        Messages.getString("security.160")); //$NON-NLS-1$
                }
                List certs = sd.getCertificates();
                if (certs == null) {
                    certs = new ArrayList();
                }
                List result = new ArrayList();
                for (int i=0; i<certs.size(); i++) {
View Full Code Here

    public static Certificate[] verifySignature(InputStream signature, InputStream
            signatureBlock) throws IOException, GeneralSecurityException {

        BerInputStream bis = new BerInputStream(signatureBlock);
        ContentInfo info = (ContentInfo)ContentInfo.ASN1.decode(bis);     
        SignedData signedData = info.getSignedData();
        if (signedData == null) {
            throw new IOException(Messages.getString("security.173")); //$NON-NLS-1$
        }
        Collection encCerts = signedData.getCertificates();
        if (encCerts.isEmpty()) {
            return null;
        }
        X509Certificate[] certs = new X509Certificate[encCerts.size()];
        int i = 0;
        for (Iterator it = encCerts.iterator(); it.hasNext();) {
            certs[i++]= new X509CertImpl((org.apache.harmony.security.x509.Certificate)it.next());
        }

        List sigInfos = signedData.getSignerInfos();
        SignerInfo sigInfo;
        if (!sigInfos.isEmpty()) {
            sigInfo = (SignerInfo)sigInfos.get(0);
        } else {
            return null;
View Full Code Here

       
        Object[] issuerAndSerialNumber = new Object[] { new Name("CN=issuer"),
                ASN1Integer.fromIntValue(12345) };
        // SHA1withDSA OID
        String sha1dsa = "1.2.840.10040.4.3";
        SignerInfo sigInfo = new SignerInfo(1, issuerAndSerialNumber,
                new AlgorithmIdentifier(sha1), null, new AlgorithmIdentifier(
                        sha1dsa), new byte[20], null);
        // TSTInfo OID according to RFC 3161
        int[] tSTInfoOid = new int[] { 1, 2, 840, 113549, 1, 9, 16, 1, 4 };
        ContentInfo tSTInfoEncoded = new ContentInfo(tSTInfoOid,
View Full Code Here

    public void testEncode() throws Exception {

        Object[] issuerAndSerialNumber = new Object[] { new Name("CN=test"),
                BigInteger.TEN.toByteArray() };

        SignerInfo signerInfo = new SignerInfo(1, issuerAndSerialNumber,
                new AlgorithmIdentifier("1.3.14.3.2.26"),// SHA1 OID
                null, new AlgorithmIdentifier("1.2.840.10040.4.1"),// DSA OID
                new byte[] { 0x01 },// signature
                null);

        byte[] encoding = SignerInfo.ASN1.encode(signerInfo);

        signerInfo = (SignerInfo) SignerInfo.ASN1.decode(encoding);

        assertEquals(new X500Principal("CN=test"), signerInfo.getIssuer());
        assertEquals(new BigInteger("10"), signerInfo.getSerialNumber());
    }
View Full Code Here

        try {
            // AuthenticatedAttributes is not public and can be created
            // only as a part of ContentInfo.
            ContentInfo token = (ContentInfo) ContentInfo.ASN1.decode(in);
            SignedData sigData = token.getSignedData();
            SignerInfo sigInfo = (SignerInfo) sigData.getSignerInfos().get(0);
            List authAttributes = sigInfo.getAuthenticatedAttributes();
            assertNotNull("Decoded AuthenticatedAttributes is null",
                    authAttributes);
            assertEquals("Decoded AuthenticatedAttributes size is incorrect",
                    3, authAttributes.size());
View Full Code Here

        for (Iterator it = encCerts.iterator(); it.hasNext();) {
            certs[i++]= new X509CertImpl((org.apache.harmony.security.x509.Certificate)it.next());
        }

        List sigInfos = signedData.getSignerInfos();
        SignerInfo sigInfo;
        if (!sigInfos.isEmpty()) {
            sigInfo = (SignerInfo)sigInfos.get(0);
        } else {
            return null;
        }

        // Issuer
        X500Principal issuer = sigInfo.getIssuer();

        // Certificate serial number
        BigInteger snum = sigInfo.getSerialNumber();

        // Locate the certificate
        int issuerSertIndex = 0;
        for (i = 0; i < certs.length; i++) {
            if (issuer.equals(certs[i].getIssuerDN()) &&
                    snum.equals(certs[i].getSerialNumber())) {
                issuerSertIndex = i;
                break;
            }
        }
        if (i == certs.length) { // No issuer certificate found
            return null;
        }

        if (certs[issuerSertIndex].hasUnsupportedCriticalExtension()) {
            throw new SecurityException(Messages.getString("security.174")); //$NON-NLS-1$
        }

        // Get Signature instance
        Signature sig = null;
        String da = sigInfo.getdigestAlgorithm();
        String dea = sigInfo.getDigestEncryptionAlgorithm();
        String alg = null;
        if (da != null && dea != null) {
            alg = da + "with" +  dea; //$NON-NLS-1$
            try{
                sig = Signature.getInstance(alg);
            } catch (NoSuchAlgorithmException e) {}
        }
        if (sig == null) {
            alg = da;
            if (alg == null) {
                return null;
            }
            try{
                sig = Signature.getInstance(alg);
            } catch (NoSuchAlgorithmException e) {
                return null;
            }
        }
        sig.initVerify(certs[issuerSertIndex]);

        // If the authenticatedAttributes field of SignerInfo contains more than zero attributes,
        // compute the message digest on the ASN.1 DER encoding of the Attributes value.
        // Otherwise, compute the message digest on the data.
        List atr = sigInfo.getAuthenticatedAttributes();

        byte[] sfBytes = new byte[signature.available()];
        signature.read(sfBytes);

        if (atr == null) {
            sig.update(sfBytes);   
        } else {
            sig.update(sigInfo.getEncodedAuthenticatedAttributes());

            // If the authenticatedAttributes field contains the message-digest attribute,
            // verify that it equals the computed digest of the signature file
            byte[] existingDigest = null;
            for (Iterator it = atr.iterator(); it.hasNext();) {
                AttributeTypeAndValue a = (AttributeTypeAndValue)it.next();
                if (Arrays.equals(a.getType().getOid(), MESSAGE_DIGEST_OID) ){
//TODO value                    existingDigest = a.AttributeValue;
                }
            }
            if (existingDigest != null) {
                MessageDigest md = MessageDigest.getInstance(sigInfo.getDigestAlgorithm());
                byte[] computedDigest = md.digest(sfBytes);
                if (!Arrays.equals(existingDigest, computedDigest)) {
                    throw new SecurityException(Messages.getString("security.175")); //$NON-NLS-1$
                }
            }
        }

        if (!sig.verify(sigInfo.getEncryptedDigest())) {
            throw new SecurityException(Messages.getString("security.176")); //$NON-NLS-1$
        }

        return createChain(certs[issuerSertIndex], certs);
    }
View Full Code Here

        for (Iterator it = encCerts.iterator(); it.hasNext();) {
            certs[i++]= new X509CertImpl((org.apache.harmony.security.x509.Certificate)it.next());
        }

        List sigInfos = signedData.getSignerInfos();
        SignerInfo sigInfo;
        if (!sigInfos.isEmpty()) {
            sigInfo = (SignerInfo)sigInfos.get(0);
        } else {
            return null;
        }

        // Issuer
        X500Principal issuer = sigInfo.getIssuer();

        // Certificate serial number
        BigInteger snum = sigInfo.getSerialNumber();

        // Locate the certificate
        int issuerSertIndex = 0;
        for (i = 0; i < certs.length; i++) {
            if (issuer.equals(certs[i].getIssuerDN()) &&
                    snum.equals(certs[i].getSerialNumber())) {
                issuerSertIndex = i;
                break;
            }
        }
        if (i == certs.length) { // No issuer certificate found
            return null;
        }

        if (certs[issuerSertIndex].hasUnsupportedCriticalExtension()) {
            throw new SecurityException(Messages.getString("security.174")); //$NON-NLS-1$
        }

        // Get Signature instance
        Signature sig = null;
        String da = sigInfo.getdigestAlgorithm();
        String dea = sigInfo.getDigestEncryptionAlgorithm();
        String alg = null;
        if (da != null && dea != null) {
            alg = da + "with" +  dea; //$NON-NLS-1$
            try{
                sig = Signature.getInstance(alg);
            } catch (NoSuchAlgorithmException e) {}
        }
        if (sig == null) {
            alg = da;
            if (alg == null) {
                return null;
            }
            try{
                sig = Signature.getInstance(alg);
            } catch (NoSuchAlgorithmException e) {
                return null;
            }
        }
        sig.initVerify(certs[issuerSertIndex]);

        // If the authenticatedAttributes field of SignerInfo contains more than zero attributes,
        // compute the message digest on the ASN.1 DER encoding of the Attributes value.
        // Otherwise, compute the message digest on the data.
        List atr = sigInfo.getAuthenticatedAttributes();

        byte[] sfBytes = InputStreamHelper.readFullyAndClose(signature);

        if (atr == null) {
            sig.update(sfBytes);   
        } else {
            sig.update(sigInfo.getEncodedAuthenticatedAttributes());

            // If the authenticatedAttributes field contains the message-digest attribute,
            // verify that it equals the computed digest of the signature file
            byte[] existingDigest = null;
            for (Iterator it = atr.iterator(); it.hasNext();) {
                AttributeTypeAndValue a = (AttributeTypeAndValue)it.next();
                if (Arrays.equals(a.getType().getOid(), MESSAGE_DIGEST_OID) ){
//TODO value                    existingDigest = a.AttributeValue;
                }
            }
            if (existingDigest != null) {
                MessageDigest md = MessageDigest.getInstance(sigInfo.getDigestAlgorithm());
                byte[] computedDigest = md.digest(sfBytes);
                if (!Arrays.equals(existingDigest, computedDigest)) {
                    throw new SecurityException(Messages.getString("security.175")); //$NON-NLS-1$
                }
            }
        }

        if (!sig.verify(sigInfo.getEncryptedDigest())) {
            throw new SecurityException(Messages.getString("security.176")); //$NON-NLS-1$
        }

        return createChain(certs[issuerSertIndex], certs);
    }
View Full Code Here

        for (Iterator it = encCerts.iterator(); it.hasNext();) {
            certs[i++]= new X509CertImpl((org.apache.harmony.security.x509.Certificate)it.next());
        }

        List sigInfos = signedData.getSignerInfos();
        SignerInfo sigInfo;
        if (!sigInfos.isEmpty()) {
            sigInfo = (SignerInfo)sigInfos.get(0);
        } else {
            return null;
        }

        // Issuer
        X500Principal issuer = sigInfo.getIssuer();

        // Certificate serial number
        BigInteger snum = sigInfo.getSerialNumber();

        // Locate the certificate
        int issuerSertIndex = 0;
        for (i = 0; i < certs.length; i++) {
            if (issuer.equals(certs[i].getIssuerDN()) &&
                    snum.equals(certs[i].getSerialNumber())) {
                issuerSertIndex = i;
                break;
            }
        }
        if (i == certs.length) { // No issuer certificate found
            return null;
        }

        if (certs[issuerSertIndex].hasUnsupportedCriticalExtension()) {
            throw new SecurityException(Messages.getString("security.174")); //$NON-NLS-1$
        }

        // Get Signature instance
        Signature sig = null;
        String da = sigInfo.getdigestAlgorithm();
        String dea = sigInfo.getDigestEncryptionAlgorithm();
        String alg = null;
        if (da != null && dea != null) {
            alg = da + "with" +  dea; //$NON-NLS-1$
            try{
                sig = Signature.getInstance(alg);
            } catch (NoSuchAlgorithmException e) {}
        }
        if (sig == null) {
            alg = da;
            if (alg == null) {
                return null;
            }
            try{
                sig = Signature.getInstance(alg);
            } catch (NoSuchAlgorithmException e) {
                return null;
            }
        }
        sig.initVerify(certs[issuerSertIndex]);

        // If the authenticatedAttributes field of SignerInfo contains more than zero attributes,
        // compute the message digest on the ASN.1 DER encoding of the Attributes value.
        // Otherwise, compute the message digest on the data.
        List atr = sigInfo.getAuthenticatedAttributes();

        byte[] sfBytes = new byte[signature.available()];
        signature.read(sfBytes);

        if (atr == null) {
            sig.update(sfBytes);   
        } else {
            sig.update(sigInfo.getEncodedAuthenticatedAttributes());

            // If the authenticatedAttributes field contains the message-digest attribute,
            // verify that it equals the computed digest of the signature file
            byte[] existingDigest = null;
            for (Iterator it = atr.iterator(); it.hasNext();) {
                AttributeTypeAndValue a = (AttributeTypeAndValue)it.next();
                if (Arrays.equals(a.getType().getOid(), MESSAGE_DIGEST_OID) ){
//TODO value                    existingDigest = a.AttributeValue;
                }
            }
            if (existingDigest != null) {
                MessageDigest md = MessageDigest.getInstance(sigInfo.getDigestAlgorithm());
                byte[] computedDigest = md.digest(sfBytes);
                if (!Arrays.equals(existingDigest, computedDigest)) {
                    throw new SecurityException(Messages.getString("security.175")); //$NON-NLS-1$
                }
            }
        }

        if (!sig.verify(sigInfo.getEncryptedDigest())) {
            throw new SecurityException(Messages.getString("security.176")); //$NON-NLS-1$
        }

        return createChain(certs[issuerSertIndex], certs);
    }
View Full Code Here

TOP

Related Classes of org.apache.harmony.security.pkcs7.ContentInfo

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.