private void validate(final CMSSignedData pkiMessage) { SignedData sd = SignedData.getInstance(pkiMessage.toASN1Structure() .getContent()); LOGGER.debug("pkiMessage version: {}", sd.getVersion()); LOGGER.debug("pkiMessage contentInfo contentType: {}", sd .getEncapContentInfo().getContentType()); }
public void setSignature(CMSSignedData signature) throws IOException { this.signature = signature; byte[] content = signature.toASN1Structure().getEncoded("DER"); this.content = pad(content, 8); this.size = this.content.length + 8; this.type = CertificateType.PKCS_SIGNED_DATA.getValue(); }
@Override protected AttributeTable getUnsignedAttributes(CMSSignedData token) { Attribute rfc3161CounterSignature = new Attribute(AuthenticodeObjectIdentifiers.SPC_RFC3161_OBJID, new DERSet(token.toASN1Structure())); return new AttributeTable(rfc3161CounterSignature); } }
final ArrayList<DEROctetString> crlHashesList = Collections.list(crlHashes.getObjects()); final SignedData signedData = SignedData.getInstance(cadesSignature.getCmsSignedData().toASN1Structure().getContent()); final ASN1Set signedDataCRLs = signedData.getCRLs(); if (signedDataCRLs != null) {
private ContentInfo createSignedData(CertificateList crl) throws CaException { CMSSignedDataGenerator cmsSignedDataGen = new CMSSignedDataGenerator(); cmsSignedDataGen.addCRL(new X509CRLHolder(crl)); CMSSignedData cmsSigneddata; try { cmsSigneddata = cmsSignedDataGen.generate(new CMSAbsentContent()); } catch (CMSException ex) { throw new CaException(ex.getMessage(), ex); } return cmsSigneddata.toASN1Structure(); }
/** * 1) The SignedData.encapContentInfo.eContentType. * * @param cmsSignedData * @return cmsSignedData.getSignedContentTypeOID() as DER encoded */ private byte[] getEncodedContentType(final CMSSignedData cmsSignedData) { final ContentInfo contentInfo = cmsSignedData.toASN1Structure(); final SignedData signedData = SignedData.getInstance(contentInfo.getContent()); try { return signedData.getEncapContentInfo().getContentType().getEncoded(ASN1Encoding.DER); } catch (IOException e) { throw new DSSException(e); } }
/** * The field crlsHashIndex is a sequence of octet strings. Each one contains the hash value of one instance of * RevocationInfoChoice within crls field of the root SignedData. A hash value for every instance of * RevocationInfoChoice, as present at the time when the corresponding archive time-stamp is requested, shall be * included in crlsHashIndex. No other hash values shall be included in this field. * * @return * @throws eu.europa.ec.markt.dss.exception.DSSException */ @SuppressWarnings("unchecked") private ASN1Sequence getCRLsHashIndex() throws DSSException { final ASN1EncodableVector crlsHashIndex = new ASN1EncodableVector(); final SignedData signedData = SignedData.getInstance(cadesSignature.getCmsSignedData().toASN1Structure().getContent()); final ASN1Set signedDataCRLs = signedData.getCRLs(); if (signedDataCRLs != null) { final Enumeration<ASN1Encodable> crLs = signedDataCRLs.getObjects(); if (crLs != null) { while (crLs.hasMoreElements()) { final ASN1Encodable asn1Encodable = crLs.nextElement(); digestAndAddToList(crlsHashIndex, DSSASN1Utils.getDEREncoded(asn1Encodable)); } } } return new DERSequence(crlsHashIndex); }
@Override public byte[] getContentTimestampData(final TimestampToken timestampToken) { final ContentInfo contentInfo = cmsSignedData.toASN1Structure(); final SignedData signedData = SignedData.getInstance(contentInfo.getContent()); ContentInfo content = signedData.getEncapContentInfo(); if (content == null || content.getContent() == null) { // Detached signatures have either no encapContentInfo in signedData, or it exists but has no eContent final byte[] originalDocumentBytes = getOriginalDocumentBytes(); if (originalDocumentBytes != null) { return originalDocumentBytes; } else { LOG.error("No original data provided for content timestamp!"); return DSSUtils.EMPTY_BYTE_ARRAY; } } //else { ASN1OctetString octet = (ASN1OctetString) content.getContent(); return octet.getOctets(); // ContentInfo info2 = new ContentInfo(PKCSObjectIdentifiers.data, octet); // byte[] contentInfoBytes = null; // try { // contentInfoBytes = info2.getEncoded(); // } catch (IOException e) { // e.printStackTrace(); // } // if (LOG.isTraceEnabled()) { // LOG.trace("Content Info: {}", DSSUtils.toHex(contentInfoBytes)); // } // return contentInfoBytes; // return DSSUtils.EMPTY_BYTE_ARRAY; }
final ContentInfo contentInfo = cmsSignedData.toASN1Structure(); final SignedData signedData = SignedData.getInstance(contentInfo.getContent());
private SignedData buildSignedData(X509Certificate cert) throws OperationException { CMSSignedDataGenerator cmsSignedDataGen = new CMSSignedDataGenerator(); try { X509CertificateHolder certHolder = new X509CertificateHolder(cert.getEncoded()); cmsSignedDataGen.addCertificate(certHolder); if (control.isIncludeCaCert()) { refreshCa(); cmsSignedDataGen.addCertificate(caCert.getCertHolder()); } CMSSignedData signedData = cmsSignedDataGen.generate(new CMSAbsentContent()); return SignedData.getInstance(signedData.toASN1Structure().getContent()); } catch (CMSException | IOException | CertificateEncodingException ex) { LogUtil.error(LOG, ex); throw new OperationException(ErrorCode.SYSTEM_FAILURE, ex); } } // method buildSignedData
private CMSSignedData addNestedSignature(CMSSignedData primary, CMSSignedData secondary) throws CMSException { SignerInformation signerInformation = primary.getSignerInfos().getSigners().iterator().next(); AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes(); if (unsignedAttributes == null) { unsignedAttributes = new AttributeTable(new DERSet()); } Attribute nestedSignaturesAttribute = unsignedAttributes.get(AuthenticodeObjectIdentifiers.SPC_NESTED_SIGNATURE_OBJID); if (nestedSignaturesAttribute == null) { // first nested signature unsignedAttributes = unsignedAttributes.add(AuthenticodeObjectIdentifiers.SPC_NESTED_SIGNATURE_OBJID, secondary.toASN1Structure()); } else { // append the signature to the previous nested signatures ASN1EncodableVector nestedSignatures = new ASN1EncodableVector(); for (ASN1Encodable nestedSignature : nestedSignaturesAttribute.getAttrValues()) { nestedSignatures.add(nestedSignature); } nestedSignatures.add(secondary.toASN1Structure()); ASN1EncodableVector attributes = unsignedAttributes.remove(AuthenticodeObjectIdentifiers.SPC_NESTED_SIGNATURE_OBJID).toASN1EncodableVector(); attributes.add(new Attribute(AuthenticodeObjectIdentifiers.SPC_NESTED_SIGNATURE_OBJID, new DERSet(nestedSignatures))); unsignedAttributes = new AttributeTable(attributes); } signerInformation = SignerInformation.replaceUnsignedAttributes(signerInformation, unsignedAttributes); return CMSSignedData.replaceSigners(primary, new SignerInformationStore(signerInformation)); }
private ContentInfo createSignedData(Certificate cert) throws CaException { CMSSignedDataGenerator cmsSignedDataGen = new CMSSignedDataGenerator(); CMSSignedData cmsSigneddata; try { cmsSignedDataGen.addCertificate(new X509CertificateHolder(cert)); if (control.isSendCaCert()) { cmsSignedDataGen.addCertificate(new X509CertificateHolder(caEmulator.getCaCert())); } cmsSigneddata = cmsSignedDataGen.generate(new CMSAbsentContent()); } catch (CMSException ex) { throw new CaException(ex); } return cmsSigneddata.toASN1Structure(); }
private SignedData getCrl(X509Ca ca, BigInteger serialNumber) throws FailInfoException, OperationException { if (!control.isSupportGetCrl()) { throw FailInfoException.BAD_REQUEST; } CertificateList crl = ca.getBcCurrentCrl(); if (crl == null) { throw FailInfoException.BAD_REQUEST; } CMSSignedDataGenerator cmsSignedDataGen = new CMSSignedDataGenerator(); cmsSignedDataGen.addCRL(new X509CRLHolder(crl)); CMSSignedData signedData; try { signedData = cmsSignedDataGen.generate(new CMSAbsentContent()); } catch (CMSException ex) { LogUtil.error(LOG, ex, "could not generate CMSSignedData"); throw new OperationException(ErrorCode.SYSTEM_FAILURE, ex); } return SignedData.getInstance(signedData.toASN1Structure().getContent()); } // method getCrl
payload = new MimeEntity(new ByteArrayInputStream(signatures.toASN1Structure().getEncoded()));
return generator.generate(cmsContent, true).toASN1Structure(); } catch (CMSException | CertificateEncodingException | IOException | OperatorCreationException ex) {
return signedData.toASN1Structure(); } catch (Exception ex) { throw new MessageEncodingException(ex);