org.bouncycastle.asn1.cms.CMSObjectIdentifiers Java Examples
The following examples show how to use
org.bouncycastle.asn1.cms.CMSObjectIdentifiers.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CMSOCSPSource.java From dss with GNU Lesser General Public License v2.1 | 6 votes |
private void addBasicOcspRespFrom_id_ri_ocsp_response() { final Store otherRevocationInfo = cmsSignedData.getOtherRevocationInfo(CMSObjectIdentifiers.id_ri_ocsp_response); final Collection otherRevocationInfoMatches = otherRevocationInfo.getMatches(null); for (final Object object : otherRevocationInfoMatches) { if (object instanceof ASN1Sequence) { final ASN1Sequence otherRevocationInfoMatch = (ASN1Sequence) object; final BasicOCSPResp basicOCSPResp; if (otherRevocationInfoMatch.size() == 4) { basicOCSPResp = DSSRevocationUtils.getBasicOcspResp(otherRevocationInfoMatch); } else { final OCSPResp ocspResp = DSSRevocationUtils.getOcspResp(otherRevocationInfoMatch); basicOCSPResp = DSSRevocationUtils.fromRespToBasic(ocspResp); } OCSPResponseBinary ocspResponseIdentifier = OCSPResponseBinary.build(basicOCSPResp); ocspResponseIdentifier.setAsn1ObjectIdentifier(CMSObjectIdentifiers.id_ri_ocsp_response); addBinary(ocspResponseIdentifier, RevocationOrigin.CMS_SIGNED_DATA); } else { LOG.warn("Unsupported object type for id_ri_ocsp_response (SHALL be an ASN1Sequence) : {}", object.getClass().getSimpleName()); } } }
Example #2
Source File: CreateMultipleVisualizations.java From testarea-pdfbox2 with Apache License 2.0 | 4 votes |
CMSProcessableInputStream(InputStream is) { this(new ASN1ObjectIdentifier(CMSObjectIdentifiers.data.getId()), is); }
Example #3
Source File: ZipUtils.java From isu with GNU General Public License v3.0 | 4 votes |
CMSProcessableFile(File file) { this.file = file; type = new ASN1ObjectIdentifier(CMSObjectIdentifiers.data.getId()); buffer = new byte[4096]; }
Example #4
Source File: CMSSignedDataBuilder.java From dss with GNU Lesser General Public License v2.1 | 4 votes |
/** * Extends the provided {@code cmsSignedData} with the required validation data * @param cmsSignedData {@link CMSSignedData} to be extended * @param validationDataForInclusion the {@link ValidationDataForInclusion} to be included into the cmsSignedData * @param detachedContents list of detached {@link DSSDocument}s * @return extended {@link CMSSignedData} */ @SuppressWarnings({ "unchecked", "rawtypes" }) public CMSSignedData extendCMSSignedData(CMSSignedData cmsSignedData, ValidationDataForInclusion validationDataForInclusion, List<DSSDocument> detachedContents) { Store<X509CertificateHolder> certificatesStore = cmsSignedData.getCertificates(); final Set<CertificateToken> certificates = validationDataForInclusion.getCertificateTokens(); final Collection<X509CertificateHolder> newCertificateStore = new HashSet<>(certificatesStore.getMatches(null)); for (final CertificateToken certificateToken : certificates) { final X509CertificateHolder x509CertificateHolder = DSSASN1Utils.getX509CertificateHolder(certificateToken); newCertificateStore.add(x509CertificateHolder); } certificatesStore = new CollectionStore<>(newCertificateStore); Store<X509CRLHolder> crlsStore = cmsSignedData.getCRLs(); final Collection<X509CRLHolder> newCrlsStore = new HashSet<>(crlsStore.getMatches(null)); final List<CRLToken> crlTokens = validationDataForInclusion.getCrlTokens(); for (final CRLToken crlToken : crlTokens) { final X509CRLHolder x509CRLHolder = getX509CrlHolder(crlToken); newCrlsStore.add(x509CRLHolder); } crlsStore = new CollectionStore<>(newCrlsStore); Store otherRevocationInfoFormatStoreBasic = cmsSignedData.getOtherRevocationInfo(OCSPObjectIdentifiers.id_pkix_ocsp_basic); final Collection<ASN1Primitive> newOtherRevocationInfoFormatStore = new HashSet<>(otherRevocationInfoFormatStoreBasic.getMatches(null)); final List<OCSPToken> ocspTokens = validationDataForInclusion.getOcspTokens(); for (final OCSPToken ocspToken : ocspTokens) { final BasicOCSPResp basicOCSPResp = ocspToken.getBasicOCSPResp(); if (basicOCSPResp != null) { newOtherRevocationInfoFormatStore.add(DSSASN1Utils.toASN1Primitive(DSSASN1Utils.getEncoded(basicOCSPResp))); } } otherRevocationInfoFormatStoreBasic = new CollectionStore(newOtherRevocationInfoFormatStore); Store attributeCertificatesStore = cmsSignedData.getAttributeCertificates(); Store otherRevocationInfoFormatStoreOcsp = cmsSignedData.getOtherRevocationInfo(CMSObjectIdentifiers.id_ri_ocsp_response); final CMSSignedDataBuilder cmsSignedDataBuilder = new CMSSignedDataBuilder(certificateVerifier); cmsSignedData = cmsSignedDataBuilder.regenerateCMSSignedData(cmsSignedData, detachedContents, certificatesStore, attributeCertificatesStore, crlsStore, otherRevocationInfoFormatStoreBasic, otherRevocationInfoFormatStoreOcsp); return cmsSignedData; }
Example #5
Source File: NextCaMessage.java From xipki with Apache License 2.0 | 4 votes |
public ContentInfo encode(PrivateKey signingKey, X509Cert signerCert, X509Cert[] cmsCertSet) throws MessageEncodingException { Args.notNull(signingKey, "signingKey"); Args.notNull(signerCert, "signerCert"); try { CMSSignedDataGenerator degenerateSignedData = new CMSSignedDataGenerator(); degenerateSignedData.addCertificate(caCert.toBcCert()); if (CollectionUtil.isNotEmpty(raCerts)) { for (X509Cert m : raCerts) { degenerateSignedData.addCertificate(m.toBcCert()); } } byte[] degenratedSignedDataBytes = degenerateSignedData.generate( new CMSAbsentContent()).getEncoded(); CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); // I don't known which hash algorithm is supported by the client, use SHA-1 String signatureAlgo = getSignatureAlgorithm(signingKey, HashAlgo.SHA1); ContentSigner signer = new JcaContentSignerBuilder(signatureAlgo).build(signingKey); // signerInfo JcaSignerInfoGeneratorBuilder signerInfoBuilder = new JcaSignerInfoGeneratorBuilder( new BcDigestCalculatorProvider()); signerInfoBuilder.setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator()); SignerInfoGenerator signerInfo = signerInfoBuilder.build(signer, signerCert.toBcCert()); generator.addSignerInfoGenerator(signerInfo); CMSTypedData cmsContent = new CMSProcessableByteArray(CMSObjectIdentifiers.signedData, degenratedSignedDataBytes); // certificateSet ScepUtil.addCmsCertSet(generator, cmsCertSet); return generator.generate(cmsContent, true).toASN1Structure(); } catch (CMSException | CertificateEncodingException | IOException | OperatorCreationException ex) { throw new MessageEncodingException(ex); } }