private SubjectPublicKeyInfo getSenderPublicKeyInfo(AlgorithmIdentifier recKeyAlgId, OriginatorIdentifierOrKey originator) throws CMSException, IOException { OriginatorPublicKey opk = originator.getOriginatorKey(); if (opk != null) { return getPublicKeyInfoFromOriginatorPublicKey(recKeyAlgId, opk); } OriginatorId origID; IssuerAndSerialNumber iAndSN = originator.getIssuerAndSerialNumber(); if (iAndSN != null) { origID = new OriginatorId(iAndSN.getName(), iAndSN.getSerialNumber().getValue()); } else { SubjectKeyIdentifier ski = originator.getSubjectKeyIdentifier(); origID = new OriginatorId(ski.getKeyIdentifier()); } return getPublicKeyInfoFromOriginatorId(origID); }
KeyTransRecipientInformation( KeyTransRecipientInfo info, AlgorithmIdentifier messageAlgorithm, CMSSecureReadable secureReadable, AuthAttributesProvider additionalData) { super(info.getKeyEncryptionAlgorithm(), messageAlgorithm, secureReadable, additionalData); this.info = info; RecipientIdentifier r = info.getRecipientIdentifier(); if (r.isTagged()) { ASN1OctetString octs = ASN1OctetString.getInstance(r.getId()); rid = new KeyTransRecipientId(octs.getOctets()); } else { IssuerAndSerialNumber iAnds = IssuerAndSerialNumber.getInstance(r.getId()); rid = new KeyTransRecipientId(iAnds.getName(), iAnds.getSerialNumber().getValue()); } }
private KeyTransRecipientInfo computeRecipientInfo(X509Certificate x509certificate, byte[] abyte0) throws GeneralSecurityException, IOException { ASN1InputStream asn1inputstream = new ASN1InputStream(new ByteArrayInputStream(x509certificate.getTBSCertificate())); TBSCertificateStructure tbscertificatestructure = TBSCertificateStructure.getInstance(asn1inputstream.readObject()); AlgorithmIdentifier algorithmidentifier = tbscertificatestructure.getSubjectPublicKeyInfo().getAlgorithm(); IssuerAndSerialNumber issuerandserialnumber = new IssuerAndSerialNumber( tbscertificatestructure.getIssuer(), tbscertificatestructure.getSerialNumber().getValue()); Cipher cipher = Cipher.getInstance(algorithmidentifier.getAlgorithm().getId()); cipher.init(1, x509certificate); DEROctetString deroctetstring = new DEROctetString(cipher.doFinal(abyte0)); RecipientIdentifier recipId = new RecipientIdentifier(issuerandserialnumber); return new KeyTransRecipientInfo( recipId, algorithmidentifier, deroctetstring); }
private static byte[] getEncodedRecipID(IssuerAndSerialNumber recipientID) throws CertificateEncodingException { try { return recipientID.getEncoded(ASN1Encoding.DER); } catch (final IOException e) { throw new CertificateEncodingException("Cannot process extracted IssuerAndSerialNumber: " + e.getMessage()) { public Throwable getCause() { return e; } }; } }
public boolean match(Object obj) { if (obj instanceof X509CertificateHolder) { X509CertificateHolder certHldr = (X509CertificateHolder)obj; if (this.getSerialNumber() != null) { IssuerAndSerialNumber iAndS = new IssuerAndSerialNumber(certHldr.toASN1Structure()); return iAndS.getName().equals(this.issuer) && iAndS.getSerialNumber().getValue().equals(this.serialNumber); } else if (subjectKeyId != null) { Extension ext = certHldr.getExtension(Extension.subjectKeyIdentifier); if (ext == null) { return Arrays.areEqual(subjectKeyId, MSOutlookKeyIdCalculator.calculateKeyId(certHldr.getSubjectPublicKeyInfo())); } byte[] subKeyID = ASN1OctetString.getInstance(ext.getParsedValue()).getOctets(); return Arrays.areEqual(subjectKeyId, subKeyID); } } else if (obj instanceof byte[]) { return Arrays.areEqual(subjectKeyId, (byte[])obj); } return false; }
SignerInformation( SignerInfo info, ASN1ObjectIdentifier contentType, CMSProcessable content, byte[] resultDigest) { this.info = info; this.contentType = contentType; this.isCounterSignature = contentType == null; SignerIdentifier s = info.getSID(); if (s.isTagged()) { ASN1OctetString octs = ASN1OctetString.getInstance(s.getId()); sid = new SignerId(octs.getOctets()); } else { IssuerAndSerialNumber iAnds = IssuerAndSerialNumber.getInstance(s.getId()); sid = new SignerId(iAnds.getName(), iAnds.getSerialNumber().getValue()); } this.digestAlgorithm = info.getDigestAlgorithm(); this.signedAttributeSet = info.getAuthenticatedAttributes(); this.unsignedAttributeSet = info.getUnauthenticatedAttributes(); this.encryptionAlgorithm = info.getDigestEncryptionAlgorithm(); this.signature = info.getEncryptedDigest().getOctets(); this.content = content; this.resultDigest = resultDigest; }
static void readRecipientInfo(List infos, KeyAgreeRecipientInfo info, AlgorithmIdentifier messageAlgorithm, CMSSecureReadable secureReadable, AuthAttributesProvider additionalData) { ASN1Sequence s = info.getRecipientEncryptedKeys(); for (int i = 0; i < s.size(); ++i) { RecipientEncryptedKey id = RecipientEncryptedKey.getInstance( s.getObjectAt(i)); RecipientId rid; KeyAgreeRecipientIdentifier karid = id.getIdentifier(); IssuerAndSerialNumber iAndSN = karid.getIssuerAndSerialNumber(); if (iAndSN != null) { rid = new KeyAgreeRecipientId(iAndSN.getName(), iAndSN.getSerialNumber().getValue()); } else { RecipientKeyIdentifier rKeyID = karid.getRKeyID(); // Note: 'date' and 'other' fields of RecipientKeyIdentifier appear to be only informational rid = new KeyAgreeRecipientId(rKeyID.getSubjectKeyIdentifier().getOctets()); } infos.add(new KeyAgreeRecipientInformation(info, rid, id.getEncryptedKey(), messageAlgorithm, secureReadable, additionalData)); } }
static IssuerAndSerialNumber getIssuerAndSerialNumber(X509Certificate cert) throws CertificateEncodingException { Certificate certStruct = Certificate.getInstance(cert.getEncoded()); return new IssuerAndSerialNumber(certStruct.getIssuer(), cert.getSerialNumber()); }
/** * Build a generator with the passed in certHolder issuer and serial number as the signerIdentifier. * * @param contentSigner operator for generating the final signature in the SignerInfo with. * @param certHolder carrier for the X.509 certificate related to the contentSigner. * @return a SignerInfoGenerator * @throws OperatorCreationException if the generator cannot be built. */ public SignerInfoGenerator build(ContentSigner contentSigner, X509CertificateHolder certHolder) throws OperatorCreationException { SignerIdentifier sigId = new SignerIdentifier(new IssuerAndSerialNumber(certHolder.toASN1Structure())); SignerInfoGenerator sigInfoGen = createGenerator(contentSigner, sigId); sigInfoGen.setAssociatedCertificate(certHolder); return sigInfoGen; }
protected static byte[] getPartyVInfoFromRID(KeyTransRecipientId recipientId) throws IOException { if (recipientId.getSerialNumber() != null) { return new IssuerAndSerialNumber(recipientId.getIssuer(), recipientId.getSerialNumber()).getEncoded(ASN1Encoding.DER); } else { return new DEROctetString(recipientId.getSubjectKeyIdentifier()).getEncoded(); } }
/** * Return a CMS IssuerAndSerialNumber structure for the passed in X.509 certificate. * * @param cert the X.509 certificate to get the issuer and serial number for. * @return an IssuerAndSerialNumber structure representing the certificate. */ public static IssuerAndSerialNumber createIssuerAndSerialNumberFor( X509Certificate cert) throws CertificateParsingException { try { return new IssuerAndSerialNumber(PrincipalUtil.getIssuerX509Principal(cert), cert.getSerialNumber()); } catch (Exception e) { throw new CertificateParsingException("exception extracting issuer and serial number: " + e); } }
