本文整理了Java中org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder.build()
方法的一些代码示例,展示了JcaSimpleSignerInfoVerifierBuilder.build()
的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。JcaSimpleSignerInfoVerifierBuilder.build()
方法的具体详情如下:
包路径:org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder
类名称:JcaSimpleSignerInfoVerifierBuilder
方法名:build
暂无
代码示例来源:origin: resteasy/Resteasy
public boolean verify(PublicKey publicKey) throws Exception
{
SMIMESigned signed = new SMIMESigned(body);
SignerInformationStore signers = signed.getSignerInfos();
SignerInformation signer = (SignerInformation) signers.getSigners().iterator().next();
return (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(publicKey)));
}
代码示例来源:origin: apache/pdfbox
private void validateTimestampToken(TimeStampToken timeStampToken)
throws TSPException, CertificateException, OperatorCreationException, IOException
{
// https://stackoverflow.com/questions/42114742/
Collection<X509CertificateHolder> tstMatches =
timeStampToken.getCertificates().getMatches(timeStampToken.getSID());
X509CertificateHolder holder = tstMatches.iterator().next();
X509Certificate tstCert = new JcaX509CertificateConverter().getCertificate(holder);
SignerInformationVerifier siv = new JcaSimpleSignerInfoVerifierBuilder().setProvider(SecurityProvider.getProvider()).build(tstCert);
timeStampToken.validate(siv);
System.out.println("TimeStampToken validated");
}
代码示例来源:origin: resteasy/Resteasy
public boolean verify(PublicKey publicKey) throws Exception
{
for (Object info : data.getSignerInfos().getSigners())
{
SignerInformation signer = (SignerInformation)info;
if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(publicKey)))
{
return true;
}
}
return false;
}
代码示例来源:origin: resteasy/Resteasy
public boolean verify(X509Certificate certificate) throws Exception
{
for (Object info : data.getSignerInfos().getSigners())
{
SignerInformation signer = (SignerInformation)info;
if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(certificate)))
{
return true;
}
}
return false;
}
public boolean verify(PublicKey publicKey) throws Exception
代码示例来源:origin: apache/pdfbox
setProvider(SecurityProvider.getProvider()).build(certFromSignedData)))
代码示例来源:origin: stackoverflow.com
JcaSimpleSignerInfoVerifierBuilder builder = new JcaSimpleSignerInfoVerifierBuilder();
SignerInformationVerifier verifier = builder.build(signerCertificateHolder);
assertTrue(signerInfo.verify(verifier));
代码示例来源:origin: open-eid/SiVa
private boolean isSignatureValid(TimeStampToken timeStampToken) {
try {
JcaSimpleSignerInfoVerifierBuilder sigVerifierBuilder = new JcaSimpleSignerInfoVerifierBuilder();
Collection certCollection = timeStampToken.getCertificates().getMatches(timeStampToken.getSID());
Iterator certIt = certCollection.iterator();
X509CertificateHolder cert = (X509CertificateHolder) certIt.next();
Certificate x509Cert = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(cert.getEncoded()));
SignerInformationVerifier signerInfoVerifier = sigVerifierBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME).build(x509Cert.getPublicKey());
return timeStampToken.isSignatureValid(signerInfoVerifier);
} catch (Exception e) {
throw new MalformedDocumentException(e);
}
}
代码示例来源:origin: itext/itext7
static void isSignatureValid(TimeStampToken validator, X509Certificate certStoreX509, String provider) throws OperatorCreationException, TSPException {
if (provider == null) provider = "BC";
validator.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(provider).build(certStoreX509));
}
代码示例来源:origin: com.itextpdf/itextpdf
/**
* Verifies a time stamp against a KeyStore.
* @param ts the time stamp
* @param keystore the <CODE>KeyStore</CODE>
* @param provider the provider or <CODE>null</CODE> to use the BouncyCastle provider
* @return <CODE>true</CODE> is a certificate was found
*/
public static boolean verifyTimestampCertificates(TimeStampToken ts, KeyStore keystore, String provider) {
if (provider == null)
provider = "BC";
try {
for (Enumeration<String> aliases = keystore.aliases(); aliases.hasMoreElements();) {
try {
String alias = aliases.nextElement();
if (!keystore.isCertificateEntry(alias))
continue;
X509Certificate certStoreX509 = (X509Certificate)keystore.getCertificate(alias);
ts.isSignatureValid(new JcaSimpleSignerInfoVerifierBuilder().setProvider(provider).build(certStoreX509));
return true;
}
catch (Exception ex) {
}
}
}
catch (Exception e) {
}
return false;
}
代码示例来源:origin: com.itextpdf/sign
static void isSignatureValid(TimeStampToken validator, X509Certificate certStoreX509, String provider) throws OperatorCreationException, TSPException {
if (provider == null) provider = "BC";
validator.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(provider).build(certStoreX509));
}
代码示例来源:origin: be.e_contract.mycarenet/mycarenet-ehealth-certra
private byte[] getCmsData(byte[] cms) throws Exception {
CMSSignedData cmsSignedData = new CMSSignedData(cms);
SignerInformationStore signers = cmsSignedData.getSignerInfos();
SignerInformation signer = (SignerInformation) signers.getSigners().iterator().next();
SignerId signerId = signer.getSID();
Store certificateStore = cmsSignedData.getCertificates();
Collection<X509CertificateHolder> certificateCollection = certificateStore.getMatches(signerId);
X509CertificateHolder certificateHolder = certificateCollection.iterator().next();
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(certificateHolder.getEncoded()));
// we trust SSL here, no need for explicit verification of CMS signing
// certificate
LOG.debug("CMS signing certificate subject: " + certificate.getSubjectX500Principal());
SignerInformationVerifier signerInformationVerifier = new JcaSimpleSignerInfoVerifierBuilder()
.build(certificate);
boolean signatureResult = signer.verify(signerInformationVerifier);
if (false == signatureResult) {
throw new SecurityException("woops");
}
CMSTypedData signedContent = cmsSignedData.getSignedContent();
byte[] responseData = (byte[]) signedContent.getContent();
return responseData;
}
代码示例来源:origin: org.apache.pdfbox/pdfbox-examples
private void validateTimestampToken(TimeStampToken timeStampToken)
throws IOException, CertificateException, TSPException, OperatorCreationException
{
// https://stackoverflow.com/questions/42114742/
Collection<X509CertificateHolder> tstMatches =
timeStampToken.getCertificates().getMatches(timeStampToken.getSID());
X509CertificateHolder holder = tstMatches.iterator().next();
X509Certificate tstCert = new JcaX509CertificateConverter().getCertificate(holder);
SignerInformationVerifier siv = new JcaSimpleSignerInfoVerifierBuilder().setProvider(SecurityProvider.getProvider()).build(tstCert);
timeStampToken.validate(siv);
System.out.println("TimeStampToken validated");
}
代码示例来源:origin: arhs/sd-dss
private TimestampValidation validateTimestampToken(final TimeStampToken timeStampToken, final CertificateToken issuerToken) {
TimestampValidity timestampValidity;
try {
final JcaSimpleSignerInfoVerifierBuilder verifierBuilder = new JcaSimpleSignerInfoVerifierBuilder();
final X509Certificate x509Certificate = issuerToken.getCertificate();
final SignerInformationVerifier verifier = verifierBuilder.build(x509Certificate);
timeStampToken.validate(verifier);
timestampValidity = TimestampValidity.VALID;
} catch (IllegalArgumentException e) {
timestampValidity = TimestampValidity.NO_SIGNING_CERTIFICATE;
LOG.error("No signing certificate for timestamp token: " + e);
} catch (TSPValidationException e) {
timestampValidity = TimestampValidity.NOT_VALID_SIGNATURE;
} catch (TSPException e) {
timestampValidity = TimestampValidity.NOT_VALID_STRUCTURE;
} catch (OperatorCreationException e) {
timestampValidity = TimestampValidity.NOT_VALID_STRUCTURE;
}
final TimestampValidation timestampValidation = new TimestampValidation(timestampValidity);
return timestampValidation;
}
代码示例来源:origin: stackoverflow.com
X509CertificateHolder certHolder = (X509CertificateHolder) objMatch;
System.out.print("verifying against " + certHolder.getSubject().toString());
if (signer.verify(verifier.build(certHolder))) {
System.out.println(": verified");
} else {
代码示例来源:origin: open-eid/digidoc4j
private boolean isSignatureValid(TimeStampToken token) {
try {
X509CertificateHolder holder = (X509CertificateHolder) token.getCertificates().getMatches(token.getSID())
.iterator().next();
return token.isSignatureValid(
new JcaSimpleSignerInfoVerifierBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build(
DSSUtils.loadCertificate(holder.getEncoded()).getCertificate().getPublicKey()));
} catch (Exception e) {
throw new DigiDoc4JException(e);
}
}
代码示例来源:origin: org.nhind/agent
/**
* Verifies if the signature is valid using the signature certificate.
* @return True if the signature is valid. False otherwise.
*/
public boolean checkSignature()
{
try
{
signatureValid = signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(CryptoExtensions.getJCEProviderName()).build(signerCert));
}
catch (Exception e)
{
// TODO: Log an error
signatureValid = false;
}
finally
{
logDigests(signer);
}
return signatureValid;
}
代码示例来源:origin: no.difi.commons/commons-asic
@SuppressWarnings("unchecked")
public static no.difi.commons.asic.jaxb.asic.Certificate validate(byte[] data, byte[] signature) {
no.difi.commons.asic.jaxb.asic.Certificate certificate = null;
try {
CMSSignedData cmsSignedData = new CMSSignedData(new CMSProcessableByteArray(data), signature);
Store store = cmsSignedData.getCertificates();
SignerInformationStore signerInformationStore = cmsSignedData.getSignerInfos();
for (SignerInformation signerInformation : signerInformationStore.getSigners()) {
X509CertificateHolder x509Certificate = (X509CertificateHolder) store.getMatches(signerInformation.getSID()).iterator().next();
logger.info(x509Certificate.getSubject().toString());
if (signerInformation.verify(jcaSimpleSignerInfoVerifierBuilder.build(x509Certificate))) {
certificate = new no.difi.commons.asic.jaxb.asic.Certificate();
certificate.setCertificate(x509Certificate.getEncoded());
certificate.setSubject(x509Certificate.getSubject().toString());
}
}
} catch (Exception e) {
logger.warn(e.getMessage());
certificate = null;
}
if (certificate == null)
throw new IllegalStateException("Unable to verify signature.");
return certificate;
}
}
代码示例来源:origin: com.helger/ph-asic
LOG.debug (x509Certificate.getSubject ().toString ());
if (aSignerInformation.verify (s_aJcaSimpleSignerInfoVerifierBuilder.build (x509Certificate)))
代码示例来源:origin: difi/oxalis
public void validate(X509Certificate certificate) throws OxalisSecurityException, PeppolSecurityException {
try {
SignerInformationVerifier verifier = new JcaSimpleSignerInfoVerifierBuilder()
.setProvider(BouncyCastleProvider.PROVIDER_NAME)
.build(certificate.getPublicKey());
for (SignerInformation signerInformation : smimeSigned.getSignerInfos().getSigners()) {
if (signerInformation.verify(verifier)) {
signer = certificate;
digest = signerInformation.getContentDigest();
return;
}
}
} catch (CMSException e) {
throw new OxalisSecurityException(e.getMessage(), e);
} catch (OperatorCreationException e) {
throw new OxalisSecurityException("Unable to create SignerInformationVerifier.", e);
}
throw new PeppolSecurityException("Unable to verify signature.");
}
代码示例来源:origin: no.difi.oxalis/oxalis-as2
public void validate(X509Certificate certificate) throws OxalisSecurityException, PeppolSecurityException {
try {
SignerInformationVerifier verifier = new JcaSimpleSignerInfoVerifierBuilder()
.setProvider(BouncyCastleProvider.PROVIDER_NAME)
.build(certificate.getPublicKey());
for (SignerInformation signerInformation : smimeSigned.getSignerInfos().getSigners()) {
if (signerInformation.verify(verifier)) {
signer = certificate;
digest = signerInformation.getContentDigest();
return;
}
}
} catch (CMSException e) {
throw new OxalisSecurityException(e.getMessage(), e);
} catch (OperatorCreationException e) {
throw new OxalisSecurityException("Unable to create SignerInformationVerifier.", e);
}
throw new PeppolSecurityException("Unable to verify signature.");
}
内容来源于网络,如有侵权,请联系作者删除!