Examples of org.bouncycastle.cms.CMSSignedData

• org.bouncycastle.cms.CMSSignedData
  general class for handling a pkcs7-signature message. A simple example of usage - note, in the example below the validity of the certificate isn't verified, just the fact that one of the certs matches the given signer...

   CertStore               certs = s.getCertificatesAndCRLs("Collection", "BC"); SignerInformationStore  signers = s.getSignerInfos(); Collection              c = signers.getSigners(); Iterator                it = c.iterator(); while (it.hasNext()) { SignerInformation   signer = (SignerInformation)it.next(); Collection          certCollection = certs.getCertificates(signer.getSID()); Iterator        certIt = certCollection.iterator(); X509Certificate cert = (X509Certificate)certIt.next(); if (signer.verify(cert.getPublicKey())) { verified++; }    } 

    private void checkSignerStoreReplacement(
        CMSSignedData orig,
        SignerInformationStore signers)
        throws Exception
    {
        CMSSignedData s = CMSSignedData.replaceSigners(orig, signers);

        CertStore certs = s.getCertificatesAndCRLs("Collection", "BC");

        signers = s.getSignerInfos();
        Collection c = signers.getSigners();
        Iterator   it = c.iterator();

        while (it.hasNext())
        {

    }

    public void testUnsortedAttributes()
        throws Exception
    {
        CMSSignedData s = new CMSSignedData(new CMSProcessableByteArray(disorderedMessage), disorderedSet);

        CertStore certs = s.getCertificatesAndCRLs("Collection", "BC");

        SignerInformationStore  signers = s.getSignerInfos();
        Collection              c = signers.getSigners();
        Iterator                it = c.iterator();

        while (it.hasNext())
        {

        gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);

        gen.addCertificatesAndCRLs(certs);

        CMSSignedData s = gen.generate(null, false, "BC");

        ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
        ASN1InputStream      aIn = new ASN1InputStream(bIn);

        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));

        verifySignatures(s);
    }

        X509Store store = X509Store.getInstance("AttributeCertificate/Collection",
                                    new X509CollectionStoreParameters(Collections.singleton(attrCert)), "BC");

        gen.addAttributeCertificates(store);

        CMSSignedData sd = gen.generate(msg, "BC");

        assertEquals(4, sd.getVersion());

        store = sd.getAttributeCertificates("Collection", "BC");

        Collection coll = store.getMatches(null);

        assertEquals(1, coll.size());

        gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);

        gen.addCertificatesAndCRLs(certs);

        CMSSignedData sd = gen.generate(msg, "BC");

        //
        // create new certstore
        //
        certList = new ArrayList();

        gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);

        gen.addCertificatesAndCRLs(certs);

        CMSSignedData sd = gen.generate(msg, true, "BC");

        //
        // create new certstore
        //
        certList = new ArrayList();

        gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);

        gen.addCertificatesAndCRLs(certs);

        CMSSignedData sd = gen.generate(msg, true, "BC");

        certs = sd.getCertificatesAndCRLs("Collection", "BC");
        Iterator it = certs.getCertificates(null).iterator();

        assertEquals(_origCert, it.next());
        assertEquals(_signCert, it.next());
        assertEquals(_signDsaCert, it.next());

        gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);

        gen.addCertificatesAndCRLs(certs);

        CMSSignedData sd = gen.generate(msg, true, "BC");

        certs = sd.getCertificatesAndCRLs("Collection", "BC");
        Iterator it = certs.getCertificates(null).iterator();

        assertEquals(_signCert, it.next());
        assertEquals(_signDsaCert, it.next());
        assertEquals(_origCert, it.next());

        gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);

        gen.addCertificatesAndCRLs(certs);

        CMSSignedData original = gen.generate(msg, true, "BC");

        //
        // create new Signer
        //
        gen = new CMSSignedDataGenerator();

        gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA224);

        gen.addCertificatesAndCRLs(certs);

        CMSSignedData newSD = gen.generate(msg, true, "BC");

        //
        // replace signer
        //
        CMSSignedData sd = CMSSignedData.replaceSigners(original, newSD.getSignerInfos());

        SignerInformation signer = (SignerInformation)sd.getSignerInfos().getSigners().iterator().next();

        assertEquals(CMSSignedDataGenerator.DIGEST_SHA224, signer.getDigestAlgOID());

        // we use a parser here as it requires the digests to be correct in the digest set, if it
        // isn't we'll get a NullPointerException
        CMSSignedDataParser sp = new CMSSignedDataParser(sd.getEncoded());

        sp.getSignedContent().drain();

        verifySignatures(sp);
    }

                new JcaDigestCalculatorProviderBuilder()
                .build())
            .setDirectSignature(true)
            .build(sha1Signer, publicKey));
        gen.addCertificates(certs);
        CMSSignedData sigData = gen.generate(data, false);

        ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded());
        DEROutputStream dos = new DEROutputStream(mOutputJar);
        dos.writeObject(asn1.readObject());

        dos.flush();
        dos.close();