protected CMSSignedData modifySignedData(CMSSignedData sigData, AttributeTable unsignedAttributes, Collection<X509CertificateHolder> extraCertificates) throws IOException, CMSException { SignerInformation signerInformation = sigData.getSignerInfos().getSigners().iterator().next(); signerInformation = SignerInformation.replaceUnsignedAttributes(signerInformation, unsignedAttributes); Collection<X509CertificateHolder> certificates = new ArrayList<>(); certificates.addAll(sigData.getCertificates().getMatches(null)); if (extraCertificates != null) { certificates.addAll(extraCertificates); } Store<X509CertificateHolder> certificateStore = new CollectionStore<>(certificates); AuthenticodeSignedDataGenerator generator = new AuthenticodeSignedDataGenerator(); generator.addCertificates(certificateStore); generator.addSigners(new SignerInformationStore(signerInformation)); ASN1ObjectIdentifier contentType = new ASN1ObjectIdentifier(sigData.getSignedContentTypeOID()); ASN1Encodable content = ASN1Sequence.getInstance(sigData.getSignedContent().getContent()); return generator.generate(contentType, content); }
/** * Create a new {@link org.xwiki.crypto.signer.param.CMSSignedDataVerified} for the given signed data. * * The verified data is filled with the signed data content, content type, and certificates. * * @param signedData the signed data about to be verified. * @param factory a certificate factory to be used for certificates conversion. * @return a new verified signed data to be completed with the signature verifications. */ public static BcCMSSignedDataVerified getCMSSignedDataVerified(CMSSignedData signedData, CertificateFactory factory) { BcCMSSignedDataVerified verifiedData = new BcCMSSignedDataVerified(signedData.getSignedContentTypeOID(), (signedData.getSignedContent() != null ? (byte[]) signedData.getSignedContent().getContent() : null)); BcStoreUtils.addCertificatesToVerifiedData(signedData.getCertificates(), verifiedData, factory); return verifiedData; }