org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder.build()方法的使用及代码示例

x33g5p2x  于9个月前 转载在 其他  
字(11.8k)|赞(0)|评价(0)|浏览(12)

本文整理了Java中org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder.build()方法的一些代码示例,展示了JcaSimpleSignerInfoVerifierBuilder.build()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。JcaSimpleSignerInfoVerifierBuilder.build()方法的具体详情如下:
包路径:org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder
类名称:JcaSimpleSignerInfoVerifierBuilder
方法名:build

JcaSimpleSignerInfoVerifierBuilder.build介绍

暂无

代码示例

代码示例来源:origin: resteasy/Resteasy

public boolean verify(PublicKey publicKey) throws Exception
{
 SMIMESigned signed = new SMIMESigned(body);
 SignerInformationStore signers = signed.getSignerInfos();
 SignerInformation signer = (SignerInformation) signers.getSigners().iterator().next();
 return (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(publicKey)));
}

代码示例来源:origin: apache/pdfbox

private void validateTimestampToken(TimeStampToken timeStampToken)
    throws TSPException, CertificateException, OperatorCreationException, IOException
{
  // https://stackoverflow.com/questions/42114742/
  Collection<X509CertificateHolder> tstMatches =
      timeStampToken.getCertificates().getMatches(timeStampToken.getSID());
  X509CertificateHolder holder = tstMatches.iterator().next();
  X509Certificate tstCert = new JcaX509CertificateConverter().getCertificate(holder);
  SignerInformationVerifier siv = new JcaSimpleSignerInfoVerifierBuilder().setProvider(SecurityProvider.getProvider()).build(tstCert);
  timeStampToken.validate(siv);
  System.out.println("TimeStampToken validated");
}

代码示例来源:origin: resteasy/Resteasy

public boolean verify(PublicKey publicKey) throws Exception
{
 for (Object info : data.getSignerInfos().getSigners())
 {
   SignerInformation signer = (SignerInformation)info;
   if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(publicKey)))
   {
    return true;
   }
 }
 return false;
}

代码示例来源:origin: resteasy/Resteasy

public boolean verify(X509Certificate certificate) throws Exception
{
 for (Object info : data.getSignerInfos().getSigners())
 {
   SignerInformation signer = (SignerInformation)info;
   if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(certificate)))
   {
    return true;
   }
 }
 return false;
}
public boolean verify(PublicKey publicKey) throws Exception

代码示例来源:origin: apache/pdfbox

setProvider(SecurityProvider.getProvider()).build(certFromSignedData)))

代码示例来源:origin: stackoverflow.com

JcaSimpleSignerInfoVerifierBuilder builder = new JcaSimpleSignerInfoVerifierBuilder();
SignerInformationVerifier verifier = builder.build(signerCertificateHolder);
assertTrue(signerInfo.verify(verifier));

代码示例来源:origin: open-eid/SiVa

private boolean isSignatureValid(TimeStampToken timeStampToken) {
  try {
    JcaSimpleSignerInfoVerifierBuilder sigVerifierBuilder = new JcaSimpleSignerInfoVerifierBuilder();
    Collection certCollection = timeStampToken.getCertificates().getMatches(timeStampToken.getSID());
    Iterator certIt = certCollection.iterator();
    X509CertificateHolder cert = (X509CertificateHolder) certIt.next();
    Certificate x509Cert = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(cert.getEncoded()));
    SignerInformationVerifier signerInfoVerifier = sigVerifierBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME).build(x509Cert.getPublicKey());
    return timeStampToken.isSignatureValid(signerInfoVerifier);
  } catch (Exception e) {
    throw new MalformedDocumentException(e);
  }
}

代码示例来源:origin: itext/itext7

static void isSignatureValid(TimeStampToken validator, X509Certificate certStoreX509, String provider) throws OperatorCreationException, TSPException {
  if (provider == null) provider = "BC";
  validator.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(provider).build(certStoreX509));
}

代码示例来源:origin: com.itextpdf/itextpdf

/**
 * Verifies a time stamp against a KeyStore.
 * @param ts the time stamp
 * @param keystore the <CODE>KeyStore</CODE>
 * @param provider the provider or <CODE>null</CODE> to use the BouncyCastle provider
 * @return <CODE>true</CODE> is a certificate was found
 */
public static boolean verifyTimestampCertificates(TimeStampToken ts, KeyStore keystore, String provider) {
  if (provider == null)
    provider = "BC";
  try {
    for (Enumeration<String> aliases = keystore.aliases(); aliases.hasMoreElements();) {
      try {
        String alias = aliases.nextElement();
        if (!keystore.isCertificateEntry(alias))
          continue;
        X509Certificate certStoreX509 = (X509Certificate)keystore.getCertificate(alias);
        ts.isSignatureValid(new JcaSimpleSignerInfoVerifierBuilder().setProvider(provider).build(certStoreX509));
        return true;
      }
      catch (Exception ex) {
      }
    }
  }
  catch (Exception e) {
  }
  return false;
}

代码示例来源:origin: com.itextpdf/sign

static void isSignatureValid(TimeStampToken validator, X509Certificate certStoreX509, String provider) throws OperatorCreationException, TSPException {
  if (provider == null) provider = "BC";
  validator.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(provider).build(certStoreX509));
}

代码示例来源:origin: be.e_contract.mycarenet/mycarenet-ehealth-certra

private byte[] getCmsData(byte[] cms) throws Exception {
  CMSSignedData cmsSignedData = new CMSSignedData(cms);
  SignerInformationStore signers = cmsSignedData.getSignerInfos();
  SignerInformation signer = (SignerInformation) signers.getSigners().iterator().next();
  SignerId signerId = signer.getSID();
  Store certificateStore = cmsSignedData.getCertificates();
  Collection<X509CertificateHolder> certificateCollection = certificateStore.getMatches(signerId);
  X509CertificateHolder certificateHolder = certificateCollection.iterator().next();
  CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
  X509Certificate certificate = (X509Certificate) certificateFactory
      .generateCertificate(new ByteArrayInputStream(certificateHolder.getEncoded()));
  // we trust SSL here, no need for explicit verification of CMS signing
  // certificate
  LOG.debug("CMS signing certificate subject: " + certificate.getSubjectX500Principal());
  SignerInformationVerifier signerInformationVerifier = new JcaSimpleSignerInfoVerifierBuilder()
      .build(certificate);
  boolean signatureResult = signer.verify(signerInformationVerifier);
  if (false == signatureResult) {
    throw new SecurityException("woops");
  }
  CMSTypedData signedContent = cmsSignedData.getSignedContent();
  byte[] responseData = (byte[]) signedContent.getContent();
  return responseData;
}

代码示例来源:origin: org.apache.pdfbox/pdfbox-examples

private void validateTimestampToken(TimeStampToken timeStampToken)
    throws IOException, CertificateException, TSPException, OperatorCreationException
{
  // https://stackoverflow.com/questions/42114742/
  Collection<X509CertificateHolder> tstMatches =
      timeStampToken.getCertificates().getMatches(timeStampToken.getSID());
  X509CertificateHolder holder = tstMatches.iterator().next();
  X509Certificate tstCert = new JcaX509CertificateConverter().getCertificate(holder);
  SignerInformationVerifier siv = new JcaSimpleSignerInfoVerifierBuilder().setProvider(SecurityProvider.getProvider()).build(tstCert);
  timeStampToken.validate(siv);
  System.out.println("TimeStampToken validated");
}

代码示例来源:origin: arhs/sd-dss

private TimestampValidation validateTimestampToken(final TimeStampToken timeStampToken, final CertificateToken issuerToken) {
  TimestampValidity timestampValidity;
  try {
    final JcaSimpleSignerInfoVerifierBuilder verifierBuilder = new JcaSimpleSignerInfoVerifierBuilder();
    final X509Certificate x509Certificate = issuerToken.getCertificate();
    final SignerInformationVerifier verifier = verifierBuilder.build(x509Certificate);
    timeStampToken.validate(verifier);
    timestampValidity = TimestampValidity.VALID;
  } catch (IllegalArgumentException e) {
    timestampValidity = TimestampValidity.NO_SIGNING_CERTIFICATE;
    LOG.error("No signing certificate for timestamp token: " + e);
  } catch (TSPValidationException e) {
    timestampValidity = TimestampValidity.NOT_VALID_SIGNATURE;
  } catch (TSPException e) {
    timestampValidity = TimestampValidity.NOT_VALID_STRUCTURE;
  } catch (OperatorCreationException e) {
    timestampValidity = TimestampValidity.NOT_VALID_STRUCTURE;
  }
  final TimestampValidation timestampValidation = new TimestampValidation(timestampValidity);
  return timestampValidation;
}

代码示例来源:origin: stackoverflow.com

X509CertificateHolder certHolder = (X509CertificateHolder) objMatch;
System.out.print("verifying against " + certHolder.getSubject().toString());
if (signer.verify(verifier.build(certHolder))) {
  System.out.println(": verified");
} else {

代码示例来源:origin: open-eid/digidoc4j

private boolean isSignatureValid(TimeStampToken token) {
 try {
  X509CertificateHolder holder = (X509CertificateHolder) token.getCertificates().getMatches(token.getSID())
    .iterator().next();
  return token.isSignatureValid(
    new JcaSimpleSignerInfoVerifierBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build(
      DSSUtils.loadCertificate(holder.getEncoded()).getCertificate().getPublicKey()));
 } catch (Exception e) {
  throw new DigiDoc4JException(e);
 }
}

代码示例来源:origin: org.nhind/agent

/**
 * Verifies if the signature is valid using the signature certificate.
 * @return True if the signature is valid.  False otherwise.
 */
public boolean checkSignature()
{        
  try
  {
    signatureValid = signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(CryptoExtensions.getJCEProviderName()).build(signerCert));     		    	
  }
  catch (Exception e)
  {     
    // TODO: Log an error
    signatureValid = false; 
  }
  finally
  {
    logDigests(signer);
  }  
  
  return signatureValid;
}

代码示例来源:origin: no.difi.commons/commons-asic

@SuppressWarnings("unchecked")
  public static no.difi.commons.asic.jaxb.asic.Certificate validate(byte[] data, byte[] signature) {
    no.difi.commons.asic.jaxb.asic.Certificate certificate = null;

    try {
      CMSSignedData cmsSignedData = new CMSSignedData(new CMSProcessableByteArray(data), signature);
      Store store = cmsSignedData.getCertificates();
      SignerInformationStore signerInformationStore = cmsSignedData.getSignerInfos();

      for (SignerInformation signerInformation : signerInformationStore.getSigners()) {
        X509CertificateHolder x509Certificate = (X509CertificateHolder) store.getMatches(signerInformation.getSID()).iterator().next();
        logger.info(x509Certificate.getSubject().toString());

        if (signerInformation.verify(jcaSimpleSignerInfoVerifierBuilder.build(x509Certificate))) {
          certificate = new no.difi.commons.asic.jaxb.asic.Certificate();
          certificate.setCertificate(x509Certificate.getEncoded());
          certificate.setSubject(x509Certificate.getSubject().toString());
        }
      }
    } catch (Exception e) {
      logger.warn(e.getMessage());
      certificate = null;
    }

    if (certificate == null)
      throw new IllegalStateException("Unable to verify signature.");

    return certificate;
  }
}

代码示例来源:origin: com.helger/ph-asic

LOG.debug (x509Certificate.getSubject ().toString ());
if (aSignerInformation.verify (s_aJcaSimpleSignerInfoVerifierBuilder.build (x509Certificate)))

代码示例来源:origin: difi/oxalis

public void validate(X509Certificate certificate) throws OxalisSecurityException, PeppolSecurityException {
  try {
    SignerInformationVerifier verifier = new JcaSimpleSignerInfoVerifierBuilder()
        .setProvider(BouncyCastleProvider.PROVIDER_NAME)
        .build(certificate.getPublicKey());
    for (SignerInformation signerInformation : smimeSigned.getSignerInfos().getSigners()) {
      if (signerInformation.verify(verifier)) {
        signer = certificate;
        digest = signerInformation.getContentDigest();
        return;
      }
    }
  } catch (CMSException e) {
    throw new OxalisSecurityException(e.getMessage(), e);
  } catch (OperatorCreationException e) {
    throw new OxalisSecurityException("Unable to create SignerInformationVerifier.", e);
  }
  throw new PeppolSecurityException("Unable to verify signature.");
}

代码示例来源:origin: no.difi.oxalis/oxalis-as2

public void validate(X509Certificate certificate) throws OxalisSecurityException, PeppolSecurityException {
  try {
    SignerInformationVerifier verifier = new JcaSimpleSignerInfoVerifierBuilder()
        .setProvider(BouncyCastleProvider.PROVIDER_NAME)
        .build(certificate.getPublicKey());
    for (SignerInformation signerInformation : smimeSigned.getSignerInfos().getSigners()) {
      if (signerInformation.verify(verifier)) {
        signer = certificate;
        digest = signerInformation.getContentDigest();
        return;
      }
    }
  } catch (CMSException e) {
    throw new OxalisSecurityException(e.getMessage(), e);
  } catch (OperatorCreationException e) {
    throw new OxalisSecurityException("Unable to create SignerInformationVerifier.", e);
  }
  throw new PeppolSecurityException("Unable to verify signature.");
}

相关文章