public void parse( InputStream stream, ContentHandler handler, Metadata metadata, ParseContext context) throws IOException, SAXException, TikaException { try { DigestCalculatorProvider digestCalculatorProvider = new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(); CMSSignedDataParser parser = new CMSSignedDataParser(digestCalculatorProvider, new CloseShieldInputStream(stream)); try { CMSTypedStream content = parser.getSignedContent(); if (content == null) { throw new TikaException("cannot parse detached pkcs7 signature (no signed data to parse)"); } try (InputStream input = content.getContentStream()) { Parser delegate = context.get(Parser.class, EmptyParser.INSTANCE); delegate.parse(input, handler, metadata, context); } } finally { parser.close(); } } catch (OperatorCreationException e) { throw new TikaException("Unable to create DigestCalculatorProvider", e); } catch (CMSException e) { throw new TikaException("Unable to parse pkcs7 signed data", e); } }
public void verifySign(byte[] signedData,byte[]bPlainText) throws Exception { InputStream is = new ByteArrayInputStream(bPlainText); CMSSignedDataParser sp = new CMSSignedDataParser(new CMSTypedStream (is),signedData); CMSTypedStream signedContent = sp.getSignedContent(); signedContent.drain(); //CMSSignedData s = new CMSSignedData(signedData); Store certStore = sp.getCertificates(); SignerInformationStore signers = sp.getSignerInfos(); Collection c = signers.getSigners(); Iterator it = c.iterator(); while (it.hasNext()) { SignerInformation signer = (SignerInformation)it.next(); Collection certCollection = certStore.getMatches(signer.getSID()); Iterator certIt = certCollection.iterator(); X509CertificateHolder certHolder = (X509CertificateHolder)certIt.next(); if ( !signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(certHolder))) { throw new DENException("Verification FAILED! "); } else { logger.debug("verify success" ); } } }
public static void parseSignedDataContentStream(InputStream signedStream, OutputStream outStream, X509Certificate cert) throws CMSException, IOException { installBouncyCastleProviderIfNecessary(); // use the CMS parser to unwrap signature from the SignedData CMSSignedDataParser parser = new CMSSignedDataParser(signedStream); // TODO do verify the signature InputStream contentStream = parser.getSignedContent().getContentStream(); IoUtil.copyStream(contentStream, outStream); }
Files.copy(sp.getSignedContent().getContentStream(), extractToFile, StandardCopyOption.REPLACE_EXISTING);
Files.copy(sp.getSignedContent().getContentStream(), extractToFile, StandardCopyOption.REPLACE_EXISTING);
final InputStream contentStream = sp.getSignedContent().getContentStream();
/** * This method recreates a {@code SignerInformation} with the content using a {@code CMSSignedDataParser}. * * @return * @throws CMSException * @throws IOException */ private SignerInformation recreateSignerInformation() throws CMSException, IOException { final DSSDocument dssDocument = detachedContents.get(0); // only one element for CAdES Signature final InputStream inputStream = dssDocument.openStream(); final CMSTypedStream signedContent = new CMSTypedStream(inputStream); final CMSSignedDataParser cmsSignedDataParser = new CMSSignedDataParser(new BcDigestCalculatorProvider(), signedContent, cmsSignedData.getEncoded()); cmsSignedDataParser.getSignedContent().drain(); // Closes the stream final SignerId signerId = signerInformation.getSID(); final SignerInformation signerInformationToCheck = cmsSignedDataParser.getSignerInfos().get(signerId); return signerInformationToCheck; }
protected OutputStreamBuilder getOutputStream(CMSSignedDataParser sp, Exchange exchange) throws Exception { // get the InputStream with the plain data InputStream data; try { data = sp.getSignedContent().getContentStream(); } catch (NullPointerException e) { // nullpointer exception is // thrown when the signed content // is missing throw getContentMissingException(e); } // the input stream must be completely read, otherwise the signer // info is not available! OutputStreamBuilder osb = OutputStreamBuilder.withExchange(exchange); try { // data can be null in the case of explicit Signed Data if (data != null) { try { IOHelper.copy(data, osb); } finally { IOHelper.close(data); } } } catch (IOException e) { throw new CryptoCmsException("Error during reading the signed content of the signed data object", e); } return osb; }
protected void unmarshalInternal(InputStream is, InputStream signature, Exchange exchange) throws Exception { CMSSignedDataParser sp; try { sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build(), new CMSTypedStream(is), signature); } catch (CMSException e) { throw new CryptoCmsFormatException(getFormatErrorMessage(), e); } try { // content must be read in order to calculate the hash for the // signature sp.getSignedContent().drain(); } catch (NullPointerException e) { // nullpointer exception is thrown // when the signed content is missing throw getContentMissingException(e); } LOG.debug("Signed data found"); debugLog(sp); verify(sp, exchange); }
parser = new CMSSignedDataParser(digestCalculatorProvider, new CloseShieldInputStream(stream)); content = parser.getSignedContent(); } catch (CMSException e) { throw new TikaException("Unable to parse pkcs7 signed data", e);
public void parse( InputStream stream, ContentHandler handler, Metadata metadata, ParseContext context) throws IOException, SAXException, TikaException { try { DigestCalculatorProvider digestCalculatorProvider = new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(); CMSSignedDataParser parser = new CMSSignedDataParser(digestCalculatorProvider, new CloseShieldInputStream(stream)); try { CMSTypedStream content = parser.getSignedContent(); if (content == null) { throw new TikaException("cannot parse detached pkcs7 signature (no signed data to parse)"); } try (InputStream input = content.getContentStream()) { Parser delegate = context.get(Parser.class, EmptyParser.INSTANCE); delegate.parse(input, handler, metadata, context); } } finally { parser.close(); } } catch (OperatorCreationException e) { throw new TikaException("Unable to create DigestCalculatorProvider", e); } catch (CMSException e) { throw new TikaException("Unable to parse pkcs7 signed data", e); } }