public final class SignedDataUtil extends Object
Modifier and Type | Field and Description |
---|---|
static String |
IEEE_P1363_SHA1_OID
SignedData related object identifier.
|
static String |
PKCS1_MD2_WITH_RSA_OID
SignedData related object identifier.
|
static String |
PKCS1_MD4_WITH_RSA_OID
SignedData related object identifier.
|
static String |
PKCS1_MD5_WITH_RSA_OID
SignedData related object identifier.
|
static String |
PKCS1_MGF1
SignedData related object identifier.
|
static String |
PKCS1_RSA_OID
SignedData related object identifier.
|
static String |
PKCS1_RSASSA_PSS_OID
SignedData related object identifier.
|
static String |
PKCS1_SHA1_WITH_RSA_OID
SignedData related object identifier.
|
static String |
PKCS1_SHA224_WITH_RSA_OID
SignedData related object identifier.
|
static String |
PKCS1_SHA256_WITH_RSA_OID
SignedData related object identifier.
|
static String |
PKCS1_SHA384_WITH_RSA_OID
SignedData related object identifier.
|
static String |
PKCS1_SHA512_WITH_RSA_OID
SignedData related object identifier.
|
static String |
RFC_3369_CONTENT_TYPE_OID
SignedData related object identifier.
|
static String |
RFC_3369_MESSAGE_DIGEST_OID
SignedData related object identifier.
|
static String |
RFC_3369_SIGNED_DATA_OID
SignedData related object identifier.
|
static String |
X9_SHA1_WITH_ECDSA_OID
SignedData related object identifier.
|
static String |
X9_SHA224_WITH_ECDSA_OID
SignedData related object identifier.
|
static String |
X9_SHA256_WITH_ECDSA_OID
SignedData related object identifier.
|
static String |
X9_SHA384_WITH_ECDSA_OID
SignedData related object identifier.
|
static String |
X9_SHA512_WITH_ECDSA_OID
SignedData related object identifier.
|
Modifier and Type | Method and Description |
---|---|
static ASN1Set |
createAuthenticatedAttributes(String digestAlgorithm,
String contentTypeOID,
org.bouncycastle.asn1.cms.ContentInfo contentInfo)
Creates the authenticated attributes to be signed.
|
static ASN1Sequence |
createCertificate(X509Certificate certificate)
Encodes an X509 certificate as a BC ASN1 sequence.
|
static ASN1Sequence |
createDigestAlgorithms(String digestAlgorithm)
Encodes the given JCE mnemonic digest algorithm as an BC ASN1 sequence.
|
static org.bouncycastle.asn1.cms.SignedData |
createSignedData(String digestAlgorithm,
String digestEncryptionAlgorithm,
AlgorithmParameterSpec digestEncryptionParameters,
String contentTypeOID,
org.bouncycastle.asn1.cms.ContentInfo contentInfo,
byte[] encryptedDigest,
X509Certificate docSigningCertificate)
Creates a signed data structure, for inclusion in a security object.
|
static org.bouncycastle.asn1.cms.SignedData |
createSignedData(String digestAlgorithm,
String digestEncryptionAlgorithm,
String contentTypeOID,
org.bouncycastle.asn1.cms.ContentInfo contentInfo,
byte[] encryptedDigest,
X509Certificate docSigningCertificate)
Creates a signed data structure, for inclusion in a security object.
|
static org.bouncycastle.asn1.cms.SignerInfo |
createSignerInfo(String digestAlgorithm,
String digestEncryptionAlgorithm,
AlgorithmParameterSpec digestEncryptionParameters,
String contentTypeOID,
org.bouncycastle.asn1.cms.ContentInfo contentInfo,
byte[] encryptedDigest,
X509Certificate docSigningCertificate)
Creates a signer info structures.
|
static org.bouncycastle.asn1.cms.SignerInfo |
createSignerInfo(String digestAlgorithm,
String digestEncryptionAlgorithm,
String contentTypeOID,
org.bouncycastle.asn1.cms.ContentInfo contentInfo,
byte[] encryptedDigest,
X509Certificate docSigningCertificate)
Creates a signer info structures.
|
static X509Certificate |
decodeCertificate(Certificate certAsASN1Object)
Decodes an ASN1 encoded BC certificate object to a JCA certificate object.
|
static List<X509Certificate> |
getCertificates(org.bouncycastle.asn1.cms.SignedData signedData)
Extracts the list of embedded certificates from a signed data object.
|
static ASN1Primitive |
getContent(org.bouncycastle.asn1.cms.SignedData signedData)
Extracts the content from a signed data structure.
|
static String |
getDigestEncryptionAlgorithm(org.bouncycastle.asn1.cms.SignedData signedData)
Returns the signature algorithm used in the given signed data structure.
|
static AlgorithmParameterSpec |
getDigestEncryptionAlgorithmParams(org.bouncycastle.asn1.cms.SignedData signedData)
Returns the parameters of the digest encryption (signature) algorithm
used in the given signed data object.
|
static byte[] |
getEContent(org.bouncycastle.asn1.cms.SignedData signedData)
Returns the contents of the signed data over which the
signature is to be computed.
|
static byte[] |
getEncryptedDigest(org.bouncycastle.asn1.cms.SignedData signedData)
Returns the stored signature of the security object.
|
static org.bouncycastle.asn1.cms.IssuerAndSerialNumber |
getIssuerAndSerialNumber(org.bouncycastle.asn1.cms.SignedData signedData)
Returns the issuer and serial number stored in the given signed data structure.
|
static ASN1Object |
getObjectFromTaggedObject(ASN1Encodable asn1Encodable)
Removes the tag from a tagged object.
|
static List<ASN1Primitive> |
getObjectsFromOctetString(ASN1OctetString octetString)
Reads any objects in the given ASN1 octet string (as an ASN1 input stream).
|
static org.bouncycastle.asn1.cms.SignerInfo |
getSignerInfo(org.bouncycastle.asn1.cms.SignedData signedData)
Extracts the signer info structure from a signed data structure.
|
static String |
getSignerInfoDigestAlgorithm(org.bouncycastle.asn1.cms.SignedData signedData)
Returns the digest algirithm used in the signer info in a signed data structure.
|
static byte[] |
getSubjectKeyIdentifier(org.bouncycastle.asn1.cms.SignedData signedData)
Returns the subject-key-identifier in the given signed-data structure
if the signer is identified through a subject-key-identifier.
|
static String |
lookupMnemonicByOID(String oid)
Returns the common mnemonic string (such as "SHA1", "SHA256withRSA") given an OID.
|
static String |
lookupOIDByMnemonic(String name)
Looks up an object identifier for the given JCE mnemonic.
|
static org.bouncycastle.asn1.cms.SignedData |
readSignedData(InputStream inputStream)
Reads a signed data structure from a stream.
|
static byte[] |
signData(String digestAlgorithm,
String digestEncryptionAlgorithm,
AlgorithmParameterSpec digestEncryptionParameters,
String contentTypeOID,
org.bouncycastle.asn1.cms.ContentInfo contentInfo,
PrivateKey privateKey,
String provider)
Signs the (authenticated attributes derived from the given) data.
|
static byte[] |
signData(String digestAlgorithm,
String digestEncryptionAlgorithm,
String contentTypeOID,
org.bouncycastle.asn1.cms.ContentInfo contentInfo,
PrivateKey privateKey,
String provider)
Signs the (authenticated attributes derived from the given) data.
|
static void |
writeData(org.bouncycastle.asn1.cms.SignedData signedData,
OutputStream outputStream)
Writes a signed data structure to a stream.
|
public static final String RFC_3369_SIGNED_DATA_OID
public static final String RFC_3369_CONTENT_TYPE_OID
public static final String RFC_3369_MESSAGE_DIGEST_OID
public static final String PKCS1_RSA_OID
public static final String PKCS1_MD2_WITH_RSA_OID
public static final String PKCS1_MD4_WITH_RSA_OID
public static final String PKCS1_MD5_WITH_RSA_OID
public static final String PKCS1_SHA1_WITH_RSA_OID
public static final String PKCS1_MGF1
public static final String PKCS1_RSASSA_PSS_OID
public static final String PKCS1_SHA256_WITH_RSA_OID
public static final String PKCS1_SHA384_WITH_RSA_OID
public static final String PKCS1_SHA512_WITH_RSA_OID
public static final String PKCS1_SHA224_WITH_RSA_OID
public static final String X9_SHA1_WITH_ECDSA_OID
public static final String X9_SHA224_WITH_ECDSA_OID
public static final String X9_SHA256_WITH_ECDSA_OID
public static final String X9_SHA384_WITH_ECDSA_OID
public static final String X9_SHA512_WITH_ECDSA_OID
public static final String IEEE_P1363_SHA1_OID
public static org.bouncycastle.asn1.cms.SignedData readSignedData(InputStream inputStream) throws IOException
inputStream
- the stream to read fromIOException
- on error reading from the streampublic static void writeData(org.bouncycastle.asn1.cms.SignedData signedData, OutputStream outputStream) throws IOException
signedData
- the signed data to writeoutputStream
- the stream to write toIOException
- on error writing to the streampublic static ASN1Primitive getContent(org.bouncycastle.asn1.cms.SignedData signedData)
signedData
- the signed datapublic static ASN1Object getObjectFromTaggedObject(ASN1Encodable asn1Encodable) throws IOException
asn1Encodable
- the encoded tagged objectIOException
- if the input is not a tagged object or the tagNo is not 0public static String getSignerInfoDigestAlgorithm(org.bouncycastle.asn1.cms.SignedData signedData)
signedData
- the signed data structurepublic static AlgorithmParameterSpec getDigestEncryptionAlgorithmParams(org.bouncycastle.asn1.cms.SignedData signedData)
"RSASSA/PSS"
this includes the hash algorithm
and the salt length.signedData
- the signed data objectPSSParameterSpec.DEFAULT
for RSASSA/PSS, or null
on unrecognized algorithmspublic static String getDigestEncryptionAlgorithm(org.bouncycastle.asn1.cms.SignedData signedData)
signedData
- the signed data structurepublic static byte[] getEContent(org.bouncycastle.asn1.cms.SignedData signedData) throws SignatureException
signedData
- the signed dataSignatureException
- if the contents do not check outpublic static byte[] getEncryptedDigest(org.bouncycastle.asn1.cms.SignedData signedData)
signedData
- the signed datapublic static org.bouncycastle.asn1.cms.IssuerAndSerialNumber getIssuerAndSerialNumber(org.bouncycastle.asn1.cms.SignedData signedData)
signedData
- the signed data structurepublic static byte[] getSubjectKeyIdentifier(org.bouncycastle.asn1.cms.SignedData signedData)
null
if the signer is identified through
issuer name and serial number.signedData
- the signed-data-structurepublic static List<ASN1Primitive> getObjectsFromOctetString(ASN1OctetString octetString)
octetString
- the octet stringpublic static List<X509Certificate> getCertificates(org.bouncycastle.asn1.cms.SignedData signedData)
signedData
- the signed data objectpublic static X509Certificate decodeCertificate(Certificate certAsASN1Object) throws IOException, GeneralSecurityException
certAsASN1Object
- the ASN1 objectIOException
- on error decoding the DER structure, never happensGeneralSecurityException
- on error decodingpublic static org.bouncycastle.asn1.cms.SignedData createSignedData(String digestAlgorithm, String digestEncryptionAlgorithm, String contentTypeOID, org.bouncycastle.asn1.cms.ContentInfo contentInfo, byte[] encryptedDigest, X509Certificate docSigningCertificate) throws GeneralSecurityException
digestAlgorithm
- the digest algorithmdigestEncryptionAlgorithm
- the signature algorithmcontentTypeOID
- the object identifiercontentInfo
- the content infoencryptedDigest
- the signature bytesdocSigningCertificate
- the document signer certificateGeneralSecurityException
- on errorpublic static org.bouncycastle.asn1.cms.SignedData createSignedData(String digestAlgorithm, String digestEncryptionAlgorithm, AlgorithmParameterSpec digestEncryptionParameters, String contentTypeOID, org.bouncycastle.asn1.cms.ContentInfo contentInfo, byte[] encryptedDigest, X509Certificate docSigningCertificate) throws GeneralSecurityException
digestAlgorithm
- the digest algorithmdigestEncryptionAlgorithm
- the signature algorithmdigestEncryptionParameters
- the digest encryption algorithm parameterscontentTypeOID
- the object identifiercontentInfo
- the content infoencryptedDigest
- the signature bytesdocSigningCertificate
- the document signer certificateGeneralSecurityException
- on errorpublic static org.bouncycastle.asn1.cms.SignerInfo createSignerInfo(String digestAlgorithm, String digestEncryptionAlgorithm, String contentTypeOID, org.bouncycastle.asn1.cms.ContentInfo contentInfo, byte[] encryptedDigest, X509Certificate docSigningCertificate) throws GeneralSecurityException
digestAlgorithm
- the digest algorithmdigestEncryptionAlgorithm
- the signature algorithmcontentTypeOID
- the object identifiercontentInfo
- the content infoencryptedDigest
- the signature bytesdocSigningCertificate
- the document signer certificateGeneralSecurityException
- on errorpublic static org.bouncycastle.asn1.cms.SignerInfo createSignerInfo(String digestAlgorithm, String digestEncryptionAlgorithm, AlgorithmParameterSpec digestEncryptionParameters, String contentTypeOID, org.bouncycastle.asn1.cms.ContentInfo contentInfo, byte[] encryptedDigest, X509Certificate docSigningCertificate) throws GeneralSecurityException
digestAlgorithm
- the digest algorithmdigestEncryptionAlgorithm
- the signature algorithmdigestEncryptionParameters
- the digest encryption algorithm parameters, or null
contentTypeOID
- the object identifiercontentInfo
- the content infoencryptedDigest
- the signature bytesdocSigningCertificate
- the document signer certificateGeneralSecurityException
- on errorpublic static ASN1Set createAuthenticatedAttributes(String digestAlgorithm, String contentTypeOID, org.bouncycastle.asn1.cms.ContentInfo contentInfo) throws GeneralSecurityException
digestAlgorithm
- the digest algorithmcontentTypeOID
- the object identifiercontentInfo
- the content info to digestGeneralSecurityException
- on errorpublic static ASN1Sequence createDigestAlgorithms(String digestAlgorithm) throws NoSuchAlgorithmException
digestAlgorithm
- the JCE mnemonic digest algorithmNoSuchAlgorithmException
- when the digest algorithm is not knownpublic static ASN1Sequence createCertificate(X509Certificate certificate) throws CertificateException
certificate
- a certificateCertificateException
- on errorpublic static byte[] signData(String digestAlgorithm, String digestEncryptionAlgorithm, String contentTypeOID, org.bouncycastle.asn1.cms.ContentInfo contentInfo, PrivateKey privateKey, String provider)
digestAlgorithm
- the digest algorithmdigestEncryptionAlgorithm
- the signature algorithmcontentTypeOID
- the object identifiercontentInfo
- the content infoprivateKey
- the private key to use for signingprovider
- the preferred provider to usepublic static byte[] signData(String digestAlgorithm, String digestEncryptionAlgorithm, AlgorithmParameterSpec digestEncryptionParameters, String contentTypeOID, org.bouncycastle.asn1.cms.ContentInfo contentInfo, PrivateKey privateKey, String provider)
digestAlgorithm
- the digest algorithmdigestEncryptionAlgorithm
- the signature algorithmdigestEncryptionParameters
- the parameters, or null
contentTypeOID
- the object identifiercontentInfo
- the content infoprivateKey
- the private key to use for signingprovider
- the preferred provider to usepublic static org.bouncycastle.asn1.cms.SignerInfo getSignerInfo(org.bouncycastle.asn1.cms.SignedData signedData)
signedData
- the signed data structurepublic static String lookupMnemonicByOID(String oid) throws NoSuchAlgorithmException
oid
- an object identifierNoSuchAlgorithmException
- if the provided OID is not yet supportedpublic static String lookupOIDByMnemonic(String name) throws NoSuchAlgorithmException
name
- a JCE mnemonic stringNoSuchAlgorithmException
- if the mnemonic does not correspond to a known object identifierCopyright © 2023. All rights reserved.