Examples of org.bouncycastle.cms.CMSSignedDataGenerator

org.bouncycastle.cms.CMSSignedDataGenerator

general class for generating a pkcs7-signature message.

A simple example of usage.

 CertStore               certs... CMSSignedDataGenerator    gen = new CMSSignedDataGenerator(); gen.addSigner(privKey, cert, CMSSignedGenerator.DIGEST_SHA1); gen.addCertificatesAndCRLs(certs); CMSSignedData           data = gen.generate(content, "BC");

        certList.add(_signDsaCert);


        CertStore           certs = CertStore.getInstance("Collection",
                        new CollectionCertStoreParameters(certList), "BC");


        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();


        gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);


        gen.addCertificatesAndCRLs(certs);


        CMSSignedData sd = gen.generate(msg, true, "BC");


        certs = sd.getCertificatesAndCRLs("Collection", "BC");
        Iterator it = certs.getCertificates(null).iterator();


        assertEquals(_origCert, it.next());

View Full Code Here

        certList.add(_origCert);


        CertStore           certs = CertStore.getInstance("Collection",
                        new CollectionCertStoreParameters(certList), "BC");


        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();


        gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);


        gen.addCertificatesAndCRLs(certs);


        CMSSignedData sd = gen.generate(msg, true, "BC");


        certs = sd.getCertificatesAndCRLs("Collection", "BC");
        Iterator it = certs.getCertificates(null).iterator();


        assertEquals(_signCert, it.next());

View Full Code Here

        certList.add(_signCert);


        CertStore           certs = CertStore.getInstance("Collection",
                        new CollectionCertStoreParameters(certList), "BC");


        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();


        gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);


        gen.addCertificatesAndCRLs(certs);


        CMSSignedData original = gen.generate(msg, true, "BC");


        //
        // create new Signer
        //
        gen = new CMSSignedDataGenerator();


        gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA224);


        gen.addCertificatesAndCRLs(certs);


        CMSSignedData newSD = gen.generate(msg, true, "BC");


        //
        // replace signer
        //
        CMSSignedData sd = CMSSignedData.replaceSigners(original, newSD.getSignerInfos());

View Full Code Here


        ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>();
        certList.add(publicKey);
        JcaCertStore certs = new JcaCertStore(certList);


        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
        ContentSigner sha1Signer = new JcaContentSignerBuilder(
                                       "SHA1with" + privateKey.getAlgorithm())
                                   .build(privateKey);
        gen.addSignerInfoGenerator(
            new JcaSignerInfoGeneratorBuilder(
                new JcaDigestCalculatorProviderBuilder()
                .build())
            .setDirectSignature(true)
            .build(sha1Signer, publicKey));
        gen.addCertificates(certs);
        CMSSignedData sigData = gen.generate(data, false);


        ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded());
        DEROutputStream dos = new DEROutputStream(mOutputJar);
        dos.writeObject(asn1.readObject());

View Full Code Here

        certList.add(keyCert);


        CertStore certsAndCrls = CertStore.getInstance("Collection",
                        new CollectionCertStoreParameters(certList));


        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();


        gen.addSigner(keyPair.getPrivate(), keyCert, CMSSignedDataGenerator.DIGEST_SHA1);


        gen.addCertificatesAndCRLs(certsAndCrls);


        CMSSignedData s = gen.generate(msg, true, null);


        ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
        ASN1InputStream aIn = new ASN1InputStream(bIn);


        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));

View Full Code Here

      X509Certificate signCert = (X509Certificate) myKeyStore.getCertificate(myKeyAlias);
      certList.add(signCert);


      Store certs = new JcaCertStore(certList);


      CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
      ContentSigner sha1Signer = new JcaContentSignerBuilder(myAlgorithm).setProvider("BC").build(getPrivateKey());


      gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(sha1Signer, signCert));


      gen.addCertificates(certs);


      CMSSignedData sigData = gen.generate(msg, false);
      return myAlgorithm + ' ' + Base64.encodeBase64String(sigData.getEncoded());
//      return Base64.encodeBase64String(sigData.getEncoded());


    } catch (Exception e) {
      throw new SignatureFailureException(e);

View Full Code Here

  @SuppressWarnings({ "rawtypes", "unchecked" })
  public byte[] sign(final byte[] data) {
    Require.notNull(this.parameters, "parameters");
    Assert.notEmpty(data, "data");
    try {
      CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
      TimeStampClient timeStampClient = this.parameters.getTimeStampClient();


      for (Alias alias : this.parameters.getAliases()) {
        PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry) this.parameters.getStore().get(alias, StoreEntryType.PRIVATE_KEY);


        if (privateKeyEntry == null) {
          throw new SignerException("PrivateKey not found for alias '" + alias.getName() + "'");
        }


        PrivateKey privateKey = privateKeyEntry.getValue();
        Certificate[] chain = privateKeyEntry.getChain();
        Certificate certificate = chain[0];


        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(SignatureType.SHA1_RSA.getAlgorithm());
        contentSignerBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);


        ContentSigner contentSigner = contentSignerBuilder.build(privateKey);


        JcaDigestCalculatorProviderBuilder digestCalculatorProviderBuilder = new JcaDigestCalculatorProviderBuilder();
        digestCalculatorProviderBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
        DigestCalculatorProvider digestCalculatorProvider = digestCalculatorProviderBuilder.build();


        JcaSignerInfoGeneratorBuilder signerInfoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(digestCalculatorProvider);


        // if (timeStampClient == null) {
        // DERObject derObject = new ASN1UTCTime(new Date());
        // DERSet derSet = new DERSet(derObject);
        //
        // Attribute attribute = new Attribute(PKCSObjectIdentifiers.pkcs_9_at_signingTime, derSet);
        // Hashtable hashtable = new Hashtable();
        // hashtable.put(PKCSObjectIdentifiers.pkcs_9_at_signingTime, attribute);
        //
        // AttributeTable table = new AttributeTable(hashtable);
        // CMSAttributeTableGenerator attributeTableGenerator = new DefaultSignedAttributeTableGenerator(table);
        // signerInfoGeneratorBuilder.setSignedAttributeGenerator(attributeTableGenerator);
        // }


        SignerInfoGenerator signerInfoGenerator = signerInfoGeneratorBuilder.build(contentSigner, (X509Certificate) certificate);


        cmsSignedDataGenerator.addSignerInfoGenerator(signerInfoGenerator);
        cmsSignedDataGenerator.addCertificates(this.getCertificateStore(chain));
      }


      CMSTypedData content = new CMSProcessableByteArray(data);


      CMSSignedData signedData = cmsSignedDataGenerator.generate(content, true);


      if (timeStampClient != null) {
        SignerInformationStore signerInformationStore = signedData.getSignerInfos();
        List list = new ArrayList();
        for (Object o : signerInformationStore.getSigners()) {

View Full Code Here

  @SuppressWarnings({ "rawtypes", "unchecked" })
  public byte[] sign(final byte[] data) {
    Require.notNull(this.parameters, "parameters");
    Assert.notEmpty(data, "data");
    try {
      CMSSignedDataGenerator signedDataGenerator = new CMSSignedDataGenerator();
      TimeStampClient timeStampClient = this.parameters.getTimeStampClient();
      PKCS7SignatureMode mode = this.parameters.getSignatureMode();
      SignatureType signatureType = this.parameters.getSignatureType();


      if (signatureType == null) {
        signatureType = SignatureType.SHA1_RSA;
      }


      for (Identity identity : this.parameters.getIdentities()) {
        PrivateKey privateKey = identity.getPrivateKey();
        Certificate[] chain = identity.getChain();
        Certificate certificate = chain[0];


        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(signatureType.getAlgorithm());
        if (ConditionUtils.isNotEmpty(this.parameters.getProvider())) {
          contentSignerBuilder.setProvider(this.parameters.getProvider());
        } else {
          contentSignerBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
        }


        ContentSigner contentSigner = contentSignerBuilder.build(privateKey);


        JcaDigestCalculatorProviderBuilder digestCalculatorProviderBuilder = new JcaDigestCalculatorProviderBuilder();
        digestCalculatorProviderBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
        DigestCalculatorProvider digestCalculatorProvider = digestCalculatorProviderBuilder.build();


        JcaSignerInfoGeneratorBuilder signerInfoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(digestCalculatorProvider);


        if (this.parameters.isDataDigested()) {
          Attribute attr = new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(data)));
          ASN1EncodableVector v = new ASN1EncodableVector();
          v.add(attr);
          signerInfoGeneratorBuilder.setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(v)));
        }


        SignerInfoGenerator signerInfoGenerator = signerInfoGeneratorBuilder.build(contentSigner, (X509Certificate) certificate);


        signedDataGenerator.addSignerInfoGenerator(signerInfoGenerator);
        signedDataGenerator.addCertificates(this.getCertificateStore(chain));
      }


      CMSTypedData content = null;
      boolean encapsulate = true;


      if (this.parameters.isDataDigested()) {
        content = new CMSAbsentContent();
        encapsulate = false;
      } else {
        if ((this.parameters.isMergeSignatures()) && (this.isSigned(data))) {
          CMSSignedData signedData = new CMSSignedData(data);
          signedDataGenerator.addSigners(signedData.getSignerInfos());
          content = (CMSTypedData) signedData.getSignedContent();
        } else {
          content = new CMSProcessableByteArray(data);
        }


        if (PKCS7SignatureMode.DETACHED.equals(mode)) {
          encapsulate = false;
        }
      }


      CMSSignedData signedData = null;


      if (this.parameters.isDataDigested()) {
        signedData = signedDataGenerator.generate(CMSSignedGenerator.DATA, null, false, Security.getProvider(BouncyCastleProviderHelper.PROVIDER_NAME), true);
      } else {
        signedData = signedDataGenerator.generate(content, encapsulate);
      }


      if (timeStampClient != null) {
        SignerInformationStore signerInformationStore = signedData.getSignerInfos();
        List list = new ArrayList();

View Full Code Here

  @SuppressWarnings({ "rawtypes", "unchecked" })
  public byte[] sign(final byte[] data) {
    Require.notNull(this.parameters, "parameters");
    Assert.notEmpty(data, "data");
    try {
      CMSSignedDataGenerator signedDataGenerator = new CMSSignedDataGenerator();
      TimeStampClient timeStampClient = this.parameters.getTimeStampClient();
      PKCS7SignatureMode mode = this.parameters.getSignatureMode();
      SignatureType signatureType = this.parameters.getSignatureType();


      if (signatureType == null) {
        signatureType = SignatureType.SHA1_RSA;
      }


      for (Alias alias : this.parameters.getAliases()) {
        PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry) this.parameters.getStore().get(alias, StoreEntryType.PRIVATE_KEY);


        if (privateKeyEntry == null) {
          throw new SignerException("PrivateKey not found for alias '" + alias.getName() + "'");
        }


        PrivateKey privateKey = privateKeyEntry.getValue();
        Certificate[] chain = privateKeyEntry.getChain();
        Certificate certificate = chain[0];


        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(signatureType.getAlgorithm());
        if (ConditionUtils.isNotEmpty(this.parameters.getProvider())) {
          contentSignerBuilder.setProvider(this.parameters.getProvider());
        } else {
          contentSignerBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
        }


        ContentSigner contentSigner = contentSignerBuilder.build(privateKey);


        JcaDigestCalculatorProviderBuilder digestCalculatorProviderBuilder = new JcaDigestCalculatorProviderBuilder();
        digestCalculatorProviderBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
        DigestCalculatorProvider digestCalculatorProvider = digestCalculatorProviderBuilder.build();


        JcaSignerInfoGeneratorBuilder signerInfoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(digestCalculatorProvider);


        if (this.parameters.isDataDigested()) {
          Attribute attr = new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(data)));
          ASN1EncodableVector v = new ASN1EncodableVector();
          v.add(attr);
          signerInfoGeneratorBuilder.setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(v)));
        }


        SignerInfoGenerator signerInfoGenerator = signerInfoGeneratorBuilder.build(contentSigner, (X509Certificate) certificate);


        signedDataGenerator.addSignerInfoGenerator(signerInfoGenerator);
        signedDataGenerator.addCertificates(this.getCertificateStore(chain));
      }


      CMSTypedData content = null;
      boolean encapsulate = true;


      if (this.parameters.isDataDigested()) {
        content = new CMSAbsentContent();
        encapsulate = false;
      } else {
        if ((this.parameters.isMergeSignatures()) && (this.isSigned(data))) {
          CMSSignedData signedData = new CMSSignedData(data);
          signedDataGenerator.addSigners(signedData.getSignerInfos());
          content = (CMSTypedData) signedData.getSignedContent();
        } else {
          content = new CMSProcessableByteArray(data);
        }


        if (PKCS7SignatureMode.DETACHED.equals(mode)) {
          encapsulate = false;
        }
      }


      CMSSignedData signedData = null;


      if (this.parameters.isDataDigested()) {
        signedData = signedDataGenerator.generate(CMSSignedGenerator.DATA, null, false, Security.getProvider(BouncyCastleProviderHelper.PROVIDER_NAME), true);
      } else {
        signedData = signedDataGenerator.generate(content, encapsulate);
      }


      if (timeStampClient != null) {
        SignerInformationStore signerInformationStore = signedData.getSignerInfos();
        List list = new ArrayList();

View Full Code Here


        ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>();
        certList.add(publicKey);
        JcaCertStore certs = new JcaCertStore(certList);


        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
        ContentSigner sha1Signer = new JcaContentSignerBuilder(
                                       "SHA1with" + privateKey.getAlgorithm())
                                   .build(privateKey);
        gen.addSignerInfoGenerator(
            new JcaSignerInfoGeneratorBuilder(
                new JcaDigestCalculatorProviderBuilder()
                .build())
            .setDirectSignature(true)
            .build(sha1Signer, publicKey));
        gen.addCertificates(certs);
        CMSSignedData sigData = gen.generate(data, false);


        ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded());
        DEROutputStream dos = new DEROutputStream(mOutputJar);
        dos.writeObject(asn1.readObject());

View Full Code Here

0 1 2 3 4 5

TOP

Related Classes of org.bouncycastle.cms.CMSSignedDataGenerator

br.net.woodstock.rockframework.security.cert.impl.BouncyCastlePKCS7CertificateWriter

br.net.woodstock.rockframework.security.sign.impl.BouncyCastlePKCS7Signer

ca.uhn.hl7v2.hoh.sign.BouncyCastleCmsMessageSigner

com.android.builder.signing.SignedJarBuilder

com.android.sdklib.internal.build.SignedJarBuilder

com.android.signapk.SignApk

org.apache.pdfbox.examples.signature.CreateSignature

org.apache.pdfbox.examples.signature.CreateVisibleSignature

org.bouncycastle.asn1.ASN1EncodableVector

org.bouncycastle.asn1.ASN1InputStream

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.