Java Code Examples for org.bouncycastle.asn1.cms.ContentInfo#getInstance()

The following examples show how to use org.bouncycastle.asn1.cms.ContentInfo#getInstance() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: BouncyCastleCrypto.java    From tutorials with MIT License 6 votes vote down vote up
public static boolean verifSignData(final byte[] signedData) throws CMSException, IOException, OperatorCreationException, CertificateException {
    ByteArrayInputStream bIn = new ByteArrayInputStream(signedData);
    ASN1InputStream aIn = new ASN1InputStream(bIn);
    CMSSignedData s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
    aIn.close();
    bIn.close();
    Store certs = s.getCertificates();
    SignerInformationStore signers = s.getSignerInfos();
    Collection<SignerInformation> c = signers.getSigners();
    SignerInformation signer = c.iterator().next();
    Collection<X509CertificateHolder> certCollection = certs.getMatches(signer.getSID());
    Iterator<X509CertificateHolder> certIt = certCollection.iterator();
    X509CertificateHolder certHolder = certIt.next();
    boolean verifResult = signer.verify(new JcaSimpleSignerInfoVerifierBuilder().build(certHolder));
    if (!verifResult) {
        return false;
    }
    return true;
}
 
Example 2
Source File: Client.java    From xipki with Apache License 2.0 5 votes vote down vote up
public X509CRLHolder scepGetCrl(PrivateKey identityKey, X509Cert identityCert,
    X500Name issuer, BigInteger serialNumber) throws ScepClientException {
  Args.notNull(identityKey, "identityKey");
  Args.notNull(identityCert, "identityCert");
  Args.notNull(issuer, "issuer");
  Args.notNull(serialNumber, "serialNumber");

  initIfNotInited();

  PkiMessage pkiMessage = new PkiMessage(TransactionId.randomTransactionId(), MessageType.GetCRL);
  IssuerAndSerialNumber isn = new IssuerAndSerialNumber(issuer, serialNumber);
  pkiMessage.setMessageData(isn);
  ContentInfo request = encryptThenSign(pkiMessage, identityKey, identityCert);
  ScepHttpResponse httpResp = httpSend(Operation.PKIOperation, request);
  CMSSignedData cmsSignedData = parsePkiMessage(httpResp.getContentBytes());
  PkiMessage response = decode(cmsSignedData, identityKey, identityCert);
  if (response.getPkiStatus() != PkiStatus.SUCCESS) {
    throw new ScepClientException("server returned " + response.getPkiStatus());
  }

  ContentInfo messageData = ContentInfo.getInstance(response.getMessageData());

  try {
    return ScepUtil.getCrlFromPkiMessage(SignedData.getInstance(messageData.getContent()));
  } catch (CRLException ex) {
    throw new ScepClientException(ex.getMessage(), ex);
  }
}
 
Example 3
Source File: Client.java    From xipki with Apache License 2.0 5 votes vote down vote up
public List<X509Cert> scepGetCert(PrivateKey identityKey, X509Cert identityCert,
    X500Name issuer, BigInteger serialNumber) throws ScepClientException {
  Args.notNull(identityKey, "identityKey");
  Args.notNull(identityCert, "identityCert");
  Args.notNull(issuer, "issuer");
  Args.notNull(serialNumber, "serialNumber");

  initIfNotInited();

  PkiMessage request = new PkiMessage(TransactionId.randomTransactionId(), MessageType.GetCert);

  IssuerAndSerialNumber isn = new IssuerAndSerialNumber(issuer, serialNumber);
  request.setMessageData(isn);
  ContentInfo envRequest = encryptThenSign(request, identityKey, identityCert);
  ScepHttpResponse httpResp = httpSend(Operation.PKIOperation, envRequest);

  CMSSignedData cmsSignedData = parsePkiMessage(httpResp.getContentBytes());
  DecodedPkiMessage response = decode(cmsSignedData, identityKey, identityCert);
  if (response.getPkiStatus() != PkiStatus.SUCCESS) {
    throw new ScepClientException("server returned " + response.getPkiStatus());
  }

  ContentInfo messageData = ContentInfo.getInstance(response.getMessageData());
  try {
    return ScepUtil.getCertsFromSignedData(SignedData.getInstance(messageData.getContent()));
  } catch (CertificateException ex) {
    throw new ScepClientException(ex.getMessage(), ex);
  }
}