SignerInfoGenerator( SignerIdentifier signerIdentifier, ContentSigner signer, DigestCalculatorProvider digesterProvider, CMSSignatureEncryptionAlgorithmFinder sigEncAlgFinder, CMSAttributeTableGenerator sAttrGen, CMSAttributeTableGenerator unsAttrGen) throws OperatorCreationException { this.signerIdentifier = signerIdentifier; this.signer = signer; if (digesterProvider != null) { this.digester = digesterProvider.get(digAlgFinder.find(signer.getAlgorithmIdentifier())); } else { this.digester = null; } this.sAttrGen = sAttrGen; this.unsAttrGen = unsAttrGen; this.sigEncAlgFinder = sigEncAlgFinder; }
private SignerInfoGenerator createGenerator(ContentSigner contentSigner, SignerIdentifier sigId) throws OperatorCreationException { if (directSignature) { return new SignerInfoGenerator(sigId, contentSigner, digestProvider, sigEncAlgFinder, true); } if (signedGen != null || unsignedGen != null) { if (signedGen == null) { signedGen = new DefaultSignedAttributeTableGenerator(); } return new SignerInfoGenerator(sigId, contentSigner, digestProvider, sigEncAlgFinder, signedGen, unsignedGen); } return new SignerInfoGenerator(sigId, contentSigner, digestProvider, sigEncAlgFinder); }
SignerInformation( SignerInfo info, ASN1ObjectIdentifier contentType, CMSProcessable content, byte[] resultDigest) { this.info = info; this.contentType = contentType; this.isCounterSignature = contentType == null; SignerIdentifier s = info.getSID(); if (s.isTagged()) { ASN1OctetString octs = ASN1OctetString.getInstance(s.getId()); sid = new SignerId(octs.getOctets()); } else { IssuerAndSerialNumber iAnds = IssuerAndSerialNumber.getInstance(s.getId()); sid = new SignerId(iAnds.getName(), iAnds.getSerialNumber().getValue()); } this.digestAlgorithm = info.getDigestAlgorithm(); this.signedAttributeSet = info.getAuthenticatedAttributes(); this.unsignedAttributeSet = info.getUnauthenticatedAttributes(); this.encryptionAlgorithm = info.getDigestEncryptionAlgorithm(); this.signature = info.getEncryptedDigest().getOctets(); this.content = content; this.resultDigest = resultDigest; }
SignerInfoGenerator( SignerIdentifier signerIdentifier, ContentSigner signer, DigestCalculatorProvider digesterProvider, CMSSignatureEncryptionAlgorithmFinder sigEncAlgFinder) throws OperatorCreationException { this(signerIdentifier, signer, digesterProvider, sigEncAlgFinder, false); }
SignerInfoGenerator( SignerIdentifier signerIdentifier, ContentSigner signer, DigestCalculatorProvider digesterProvider, CMSSignatureEncryptionAlgorithmFinder sigEncAlgFinder, boolean isDirectSignature) throws OperatorCreationException { this.signerIdentifier = signerIdentifier; this.signer = signer; if (digesterProvider != null) { this.digester = digesterProvider.get(digAlgFinder.find(signer.getAlgorithmIdentifier())); } else { this.digester = null; } if (isDirectSignature) { this.sAttrGen = null; this.unsAttrGen = null; } else { this.sAttrGen = new DefaultSignedAttributeTableGenerator(); this.unsAttrGen = null; } this.sigEncAlgFinder = sigEncAlgFinder; }
/** * Build a generator with the passed in certHolder issuer and serial number as the signerIdentifier. * * @param contentSigner operator for generating the final signature in the SignerInfo with. * @param certHolder carrier for the X.509 certificate related to the contentSigner. * @return a SignerInfoGenerator * @throws OperatorCreationException if the generator cannot be built. */ public SignerInfoGenerator build(ContentSigner contentSigner, X509CertificateHolder certHolder) throws OperatorCreationException { SignerIdentifier sigId = new SignerIdentifier(new IssuerAndSerialNumber(certHolder.toASN1Structure())); SignerInfoGenerator sigInfoGen = createGenerator(contentSigner, sigId); sigInfoGen.setAssociatedCertificate(certHolder); return sigInfoGen; }
/** * 3) Fields version, sid, digestAlgorithm, signedAttrs, signatureAlgorithm, and * signature within the SignedData.signerInfos’s item corresponding to the signature being archive * time-stamped, in their order of appearance. * * @param signerInformation * @return */ private byte[] getSignedFields(final SignerInformation signerInformation) { final SignerInfo signerInfo = signerInformation.toASN1Structure(); final ASN1Integer version = signerInfo.getVersion(); final SignerIdentifier sid = signerInfo.getSID(); final AlgorithmIdentifier digestAlgorithm = signerInfo.getDigestAlgorithm(); final DERTaggedObject signedAttributes = CMSUtils.getDERSignedAttributes(signerInformation); final AlgorithmIdentifier digestEncryptionAlgorithm = signerInfo.getDigestEncryptionAlgorithm(); final ASN1OctetString encryptedDigest = signerInfo.getEncryptedDigest(); final byte[] derEncodedVersion = DSSASN1Utils.getDEREncoded(version); final byte[] derEncodedSid = DSSASN1Utils.getDEREncoded(sid); final byte[] derEncodedDigestAlgorithm = DSSASN1Utils.getDEREncoded(digestAlgorithm); final byte[] derEncodedSignedAttributes = DSSASN1Utils.getDEREncoded(signedAttributes); final byte[] derEncodedDigestEncryptionAlgorithm = DSSASN1Utils.getDEREncoded(digestEncryptionAlgorithm); final byte[] derEncodedEncryptedDigest = DSSASN1Utils.getDEREncoded(encryptedDigest); if (LOG.isDebugEnabled()) { LOG.debug("getSignedFields Version={}", Utils.toBase64(derEncodedVersion)); LOG.debug("getSignedFields Sid={}", Utils.toBase64(derEncodedSid)); LOG.debug("getSignedFields DigestAlgorithm={}", Utils.toBase64(derEncodedDigestAlgorithm)); LOG.debug("getSignedFields SignedAttributes={}", Utils.toBase64(derEncodedSignedAttributes)); LOG.debug("getSignedFields DigestEncryptionAlgorithm={}", Utils.toBase64(derEncodedDigestEncryptionAlgorithm)); LOG.debug("getSignedFields EncryptedDigest={}", Utils.toBase64(derEncodedEncryptedDigest)); } final byte[] concatenatedArrays = DSSUtils.concatenate(derEncodedVersion, derEncodedSid, derEncodedDigestAlgorithm, derEncodedSignedAttributes, derEncodedDigestEncryptionAlgorithm, derEncodedEncryptedDigest); return concatenatedArrays; }
