1e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrompackage org.bouncycastle.cms; 2e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 3e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.io.IOException; 4e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.io.InputStream; 5e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.NoSuchAlgorithmException; 6e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.NoSuchProviderException; 7e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.Provider; 8e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.CertStore; 9e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.CertStoreException; 10e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.ArrayList; 11e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.Enumeration; 12e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.Iterator; 13e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.List; 14e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.Map; 15e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 16e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1Encodable; 17e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1EncodableVector; 18e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1InputStream; 19e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1ObjectIdentifier; 20e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1OctetString; 21e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1Primitive; 22e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1Sequence; 23e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1Set; 24e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1TaggedObject; 25e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.BERSequence; 26e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.DERSet; 27e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.cms.ContentInfo; 28e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.cms.SignedData; 29e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.cms.SignerInfo; 30e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.AttributeCertificate; 31e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.Certificate; 32e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.CertificateList; 33e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.cert.X509AttributeCertificateHolder; 34e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.cert.X509CRLHolder; 35e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.cert.X509CertificateHolder; 36e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder; 37e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.SignatureAlgorithmIdentifierFinder; 38e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.util.CollectionStore; 39e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.util.Store; 40e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.x509.NoSuchStoreException; 41e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.x509.X509Store; 42e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 43e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom/** 44e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * general class for handling a pkcs7-signature message. 45e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 46e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * A simple example of usage - note, in the example below the validity of 47e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * the certificate isn't verified, just the fact that one of the certs 48e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * matches the given signer... 49e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 50e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * <pre> 51e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * Store certStore = s.getCertificates(); 52e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * SignerInformationStore signers = s.getSignerInfos(); 53e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * Collection c = signers.getSigners(); 54e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * Iterator it = c.iterator(); 55e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 56e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * while (it.hasNext()) 57e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * { 58e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * SignerInformation signer = (SignerInformation)it.next(); 59e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * Collection certCollection = certStore.getMatches(signer.getSID()); 60e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 61e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * Iterator certIt = certCollection.iterator(); 62e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * X509CertificateHolder cert = (X509CertificateHolder)certIt.next(); 63e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 64e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert))) 65e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * { 66e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * verified++; 67e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * } 68e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * } 69e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * </pre> 70e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 71e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrompublic class CMSSignedData 72e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom{ 73e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private static final CMSSignedHelper HELPER = CMSSignedHelper.INSTANCE; 74e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 75e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SignedData signedData; 76e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ContentInfo contentInfo; 77e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom CMSProcessable signedContent; 78e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SignerInformationStore signerInfoStore; 79e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom X509Store attributeStore; 80e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom X509Store certificateStore; 81e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom X509Store crlStore; 82e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private Map hashes; 83e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 84e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private CMSSignedData( 85e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom CMSSignedData c) 86e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 87e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.signedData = c.signedData; 88e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.contentInfo = c.contentInfo; 89e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.signedContent = c.signedContent; 90e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.signerInfoStore = c.signerInfoStore; 91e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 92e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 93e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public CMSSignedData( 94e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom byte[] sigBlock) 95e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 96e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 97e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this(CMSUtils.readContentInfo(sigBlock)); 98e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 99e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 100e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public CMSSignedData( 101e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom CMSProcessable signedContent, 102e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom byte[] sigBlock) 103e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 104e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 105e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this(signedContent, CMSUtils.readContentInfo(sigBlock)); 106e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 107e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 108e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 109e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * Content with detached signature, digests precomputed 110e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 111e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param hashes a map of precomputed digests for content indexed by name of hash. 112e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param sigBlock the signature object. 113e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 114e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public CMSSignedData( 115e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Map hashes, 116e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom byte[] sigBlock) 117e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 118e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 119e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this(hashes, CMSUtils.readContentInfo(sigBlock)); 120e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 121e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 122e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 123e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * base constructor - content with detached signature. 124e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 125e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param signedContent the content that was signed. 126e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param sigData the signature object. 127e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 128e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public CMSSignedData( 129e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom CMSProcessable signedContent, 130e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom InputStream sigData) 131e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 132e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 133e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this(signedContent, CMSUtils.readContentInfo(new ASN1InputStream(sigData))); 134e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 135e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 136e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 137e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * base constructor - with encapsulated content 138e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 139e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public CMSSignedData( 140e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom InputStream sigData) 141e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 142e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 143e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this(CMSUtils.readContentInfo(sigData)); 144e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 145e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 146e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public CMSSignedData( 147e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom CMSProcessable signedContent, 148e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ContentInfo sigData) 149e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 150e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 151e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.signedContent = signedContent; 152e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.contentInfo = sigData; 153e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.signedData = getSignedData(); 154e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 155e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 156e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public CMSSignedData( 157e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Map hashes, 158e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ContentInfo sigData) 159e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 160e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 161e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.hashes = hashes; 162e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.contentInfo = sigData; 163e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.signedData = getSignedData(); 164e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 165e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 166e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public CMSSignedData( 167e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ContentInfo sigData) 168e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 169e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 170e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.contentInfo = sigData; 171e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.signedData = getSignedData(); 172e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 173e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 174e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // this can happen if the signed message is sent simply to send a 175e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // certificate chain. 176e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 177e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (signedData.getEncapContentInfo().getContent() != null) 178e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 179e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.signedContent = new CMSProcessableByteArray( 180e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ((ASN1OctetString)(signedData.getEncapContentInfo() 181e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom .getContent())).getOctets()); 182e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 183e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom else 184e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 185e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom this.signedContent = null; 186e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 187e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 188e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 189e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private SignedData getSignedData() 190e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 191e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 192e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 193e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 194e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return SignedData.getInstance(contentInfo.getContent()); 195e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 196e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (ClassCastException e) 197e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 198e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("Malformed content.", e); 199e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 200e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (IllegalArgumentException e) 201e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 202e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("Malformed content.", e); 203e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 204e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 205e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 206e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 207e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * Return the version number for this object 208e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 209e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public int getVersion() 210e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 211e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return signedData.getVersion().getValue().intValue(); 212e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 213e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 214e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 215e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * return the collection of signers that are associated with the 216e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * signatures for the message. 217e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 218e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public SignerInformationStore getSignerInfos() 219e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 220e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (signerInfoStore == null) 221e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 222e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set s = signedData.getSignerInfos(); 223e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom List signerInfos = new ArrayList(); 224e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); 225e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 226e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (int i = 0; i != s.size(); i++) 227e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 228e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SignerInfo info = SignerInfo.getInstance(s.getObjectAt(i)); 229e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1ObjectIdentifier contentType = signedData.getEncapContentInfo().getContentType(); 230e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 231e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (hashes == null) 232e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 233e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom signerInfos.add(new SignerInformation(info, contentType, signedContent, null)); 234e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 235e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom else 236e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 237e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Object obj = hashes.keySet().iterator().next(); 238e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom byte[] hash = (obj instanceof String) ? (byte[])hashes.get(info.getDigestAlgorithm().getAlgorithm().getId()) : (byte[])hashes.get(info.getDigestAlgorithm().getAlgorithm()); 239e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 240e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom signerInfos.add(new SignerInformation(info, contentType, null, hash)); 241e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 242e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 243e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 244e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom signerInfoStore = new SignerInformationStore(signerInfos); 245e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 246e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 247e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return signerInfoStore; 248e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 249e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 250e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 251e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * return a X509Store containing the attribute certificates, if any, contained 252e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * in this message. 253e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 254e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param type type of store to create 255e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param provider name of provider to use 256e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @return a store of attribute certificates 257e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception NoSuchProviderException if the provider requested isn't available. 258e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception NoSuchStoreException if the store type isn't available. 259e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception CMSException if a general exception prevents creation of the X509Store 260e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @deprecated use base Store returning method 261e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 262e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public X509Store getAttributeCertificates( 263e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom String type, 264e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom String provider) 265e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws NoSuchStoreException, NoSuchProviderException, CMSException 266e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 267e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return getAttributeCertificates(type, CMSUtils.getProvider(provider)); 268e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 269e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 270e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 271e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * return a X509Store containing the attribute certificates, if any, contained 272e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * in this message. 273e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 274e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param type type of store to create 275e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param provider provider to use 276e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @return a store of attribute certificates 277e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception NoSuchStoreException if the store type isn't available. 278e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception CMSException if a general exception prevents creation of the X509Store 279e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @deprecated use base Store returning method 280e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 281e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public X509Store getAttributeCertificates( 282e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom String type, 283e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Provider provider) 284e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws NoSuchStoreException, CMSException 285e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 286e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (attributeStore == null) 287e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 288e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom attributeStore = HELPER.createAttributeStore(type, provider, signedData.getCertificates()); 289e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 290e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 291e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return attributeStore; 292e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 293e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 294e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 295e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * return a X509Store containing the public key certificates, if any, contained 296e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * in this message. 297e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 298e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param type type of store to create 299e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param provider name of provider to use 300e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @return a store of public key certificates 301e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception NoSuchProviderException if the provider requested isn't available. 302e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception NoSuchStoreException if the store type isn't available. 303e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception CMSException if a general exception prevents creation of the X509Store 304e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @deprecated use base Store returning method 305e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 306e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public X509Store getCertificates( 307e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom String type, 308e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom String provider) 309e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws NoSuchStoreException, NoSuchProviderException, CMSException 310e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 311e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return getCertificates(type, CMSUtils.getProvider(provider)); 312e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 313e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 314e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 315e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * return a X509Store containing the public key certificates, if any, contained 316e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * in this message. 317e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 318e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param type type of store to create 319e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param provider provider to use 320e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @return a store of public key certificates 321e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception NoSuchStoreException if the store type isn't available. 322e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception CMSException if a general exception prevents creation of the X509Store 323e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @deprecated use base Store returning method 324e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 325e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public X509Store getCertificates( 326e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom String type, 327e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Provider provider) 328e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws NoSuchStoreException, CMSException 329e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 330e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (certificateStore == null) 331e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 332e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certificateStore = HELPER.createCertificateStore(type, provider, signedData.getCertificates()); 333e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 334e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 335e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return certificateStore; 336e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 337e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 338e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 339e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * return a X509Store containing CRLs, if any, contained 340e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * in this message. 341e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 342e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param type type of store to create 343e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param provider name of provider to use 344e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @return a store of CRLs 345e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception NoSuchProviderException if the provider requested isn't available. 346e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception NoSuchStoreException if the store type isn't available. 347e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception CMSException if a general exception prevents creation of the X509Store 348e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @deprecated use base Store returning method 349e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 350e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public X509Store getCRLs( 351e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom String type, 352e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom String provider) 353e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws NoSuchStoreException, NoSuchProviderException, CMSException 354e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 355e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return getCRLs(type, CMSUtils.getProvider(provider)); 356e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 357e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 358e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 359e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * return a X509Store containing CRLs, if any, contained 360e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * in this message. 361e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 362e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param type type of store to create 363e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param provider provider to use 364e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @return a store of CRLs 365e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception NoSuchStoreException if the store type isn't available. 366e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception CMSException if a general exception prevents creation of the X509Store 367e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @deprecated use base Store returning method 368e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 369e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public X509Store getCRLs( 370e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom String type, 371e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Provider provider) 372e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws NoSuchStoreException, CMSException 373e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 374e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (crlStore == null) 375e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 376e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom crlStore = HELPER.createCRLsStore(type, provider, signedData.getCRLs()); 377e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 378e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 379e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return crlStore; 380e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 381e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 382e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 383e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * return a CertStore containing the certificates and CRLs associated with 384e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * this message. 385e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 386e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception NoSuchProviderException if the provider requested isn't available. 387e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception NoSuchAlgorithmException if the cert store isn't available. 388e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception CMSException if a general exception prevents creation of the CertStore 389e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @deprecated use base Store returning method 390e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 391e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public CertStore getCertificatesAndCRLs( 392e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom String type, 393e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom String provider) 394e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws NoSuchAlgorithmException, NoSuchProviderException, CMSException 395e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 396e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return getCertificatesAndCRLs(type, CMSUtils.getProvider(provider)); 397e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 398e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 399e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 400e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * return a CertStore containing the certificates and CRLs associated with 401e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * this message. 402e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 403e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception NoSuchAlgorithmException if the cert store isn't available. 404e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception CMSException if a general exception prevents creation of the CertStore 405e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @deprecated use base Store returning method 406e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 407e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public CertStore getCertificatesAndCRLs( 408e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom String type, 409e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Provider provider) 410e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws NoSuchAlgorithmException, CMSException 411e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 412e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set certSet = signedData.getCertificates(); 413e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set crlSet = signedData.getCRLs(); 414e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 415e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return HELPER.createCertStore(type, provider, certSet, crlSet); 416e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 417e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 418e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public Store getCertificates() 419e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 420e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set certSet = signedData.getCertificates(); 421e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 422e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (certSet != null) 423e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 424e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom List certList = new ArrayList(certSet.size()); 425e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 426e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (Enumeration en = certSet.getObjects(); en.hasMoreElements();) 427e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 428e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); 429e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 430e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (obj instanceof ASN1Sequence) 431e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 432e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certList.add(new X509CertificateHolder(Certificate.getInstance(obj))); 433e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 434e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 435e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 436e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new CollectionStore(certList); 437e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 438e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 439e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new CollectionStore(new ArrayList()); 440e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 441e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 442e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public Store getCRLs() 443e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 444e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set crlSet = signedData.getCRLs(); 445e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 446e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (crlSet != null) 447e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 448e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom List crlList = new ArrayList(crlSet.size()); 449e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 450e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();) 451e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 452e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); 453e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 454e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (obj instanceof ASN1Sequence) 455e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 456e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom crlList.add(new X509CRLHolder(CertificateList.getInstance(obj))); 457e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 458e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 459e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 460e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new CollectionStore(crlList); 461e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 462e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 463e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new CollectionStore(new ArrayList()); 464e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 465e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 466e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public Store getAttributeCertificates() 467e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 468e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set certSet = signedData.getCertificates(); 469e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 470e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (certSet != null) 471e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 472e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom List certList = new ArrayList(certSet.size()); 473e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 474e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (Enumeration en = certSet.getObjects(); en.hasMoreElements();) 475e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 476e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); 477e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 478e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (obj instanceof ASN1TaggedObject) 479e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 480e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certList.add(new X509AttributeCertificateHolder(AttributeCertificate.getInstance(((ASN1TaggedObject)obj).getObject()))); 481e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 482e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 483e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 484e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new CollectionStore(certList); 485e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 486e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 487e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new CollectionStore(new ArrayList()); 488e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 489e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 490e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 491e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * Return the a string representation of the OID associated with the 492e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * encapsulated content info structure carried in the signed data. 493e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 494e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @return the OID for the content type. 495e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 496e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public String getSignedContentTypeOID() 497e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 498e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return signedData.getEncapContentInfo().getContentType().getId(); 499e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 500e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 501e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public CMSProcessable getSignedContent() 502e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 503e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return signedContent; 504e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 505e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 506e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 507e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * return the ContentInfo 508e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @deprecated use toASN1Structure() 509e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 510e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public ContentInfo getContentInfo() 511e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 512e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return contentInfo; 513e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 514e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 515e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 516e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * return the ContentInfo 517e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 518e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public ContentInfo toASN1Structure() 519e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 520e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return contentInfo; 521e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 522e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 523e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 524e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * return the ASN.1 encoded representation of this object. 525e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 526e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public byte[] getEncoded() 527e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws IOException 528e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 529e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return contentInfo.getEncoded(); 530e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 531e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 532e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 533e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * Replace the signerinformation store associated with this 534e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * CMSSignedData object with the new one passed in. You would 535e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * probably only want to do this if you wanted to change the unsigned 536e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * attributes associated with a signer, or perhaps delete one. 537e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 538e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param signedData the signed data object to be used as a base. 539e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param signerInformationStore the new signer information store to use. 540e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @return a new signed data object. 541e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 542e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public static CMSSignedData replaceSigners( 543e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom CMSSignedData signedData, 544e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SignerInformationStore signerInformationStore) 545e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 546e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 547e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // copy 548e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 549e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom CMSSignedData cms = new CMSSignedData(signedData); 550e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 551e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 552e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // replace the store 553e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 554e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom cms.signerInfoStore = signerInformationStore; 555e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 556e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 557e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // replace the signers in the SignedData object 558e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 559e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1EncodableVector digestAlgs = new ASN1EncodableVector(); 560e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1EncodableVector vec = new ASN1EncodableVector(); 561e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 562e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Iterator it = signerInformationStore.getSigners().iterator(); 563e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom while (it.hasNext()) 564e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 565e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SignerInformation signer = (SignerInformation)it.next(); 566e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom digestAlgs.add(CMSSignedHelper.INSTANCE.fixAlgID(signer.getDigestAlgorithmID())); 567e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom vec.add(signer.toASN1Structure()); 568e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 569e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 570e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set digests = new DERSet(digestAlgs); 571e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set signers = new DERSet(vec); 572e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Sequence sD = (ASN1Sequence)signedData.signedData.toASN1Primitive(); 573e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 574e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom vec = new ASN1EncodableVector(); 575e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 576e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 577e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // signers are the last item in the sequence. 578e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 579e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom vec.add(sD.getObjectAt(0)); // version 580e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom vec.add(digests); 581e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 582e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (int i = 2; i != sD.size() - 1; i++) 583e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 584e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom vec.add(sD.getObjectAt(i)); 585e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 586e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 587e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom vec.add(signers); 588e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 589e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom cms.signedData = SignedData.getInstance(new BERSequence(vec)); 590e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 591e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 592e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // replace the contentInfo with the new one 593e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 594e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData); 595e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 596e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return cms; 597e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 598e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 599e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 600e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * Replace the certificate and CRL information associated with this 601e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * CMSSignedData object with the new one passed in. 602e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 603e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param signedData the signed data object to be used as a base. 604e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param certsAndCrls the new certificates and CRLs to be used. 605e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @return a new signed data object. 606e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception CMSException if there is an error processing the CertStore 607e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 608e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public static CMSSignedData replaceCertificatesAndCRLs( 609e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom CMSSignedData signedData, 610e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom CertStore certsAndCrls) 611e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 612e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 613e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 614e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // copy 615e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 616e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom CMSSignedData cms = new CMSSignedData(signedData); 617e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 618e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 619e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // replace the certs and crls in the SignedData object 620e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 621e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set certs = null; 622e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set crls = null; 623e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 624e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 625e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 626e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set set = CMSUtils.createBerSetFromList(CMSUtils.getCertificatesFromStore(certsAndCrls)); 627e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 628e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (set.size() != 0) 629e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 630e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certs = set; 631e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 632e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 633e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (CertStoreException e) 634e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 635e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("error getting certs from certStore", e); 636e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 637e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 638e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 639e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 640e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set set = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(certsAndCrls)); 641e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 642e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (set.size() != 0) 643e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 644e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom crls = set; 645e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 646e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 647e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (CertStoreException e) 648e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 649e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("error getting crls from certStore", e); 650e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 651e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 652e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 653e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // replace the CMS structure. 654e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 655e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom cms.signedData = new SignedData(signedData.signedData.getDigestAlgorithms(), 656e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom signedData.signedData.getEncapContentInfo(), 657e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certs, 658e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom crls, 659e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom signedData.signedData.getSignerInfos()); 660e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 661e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 662e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // replace the contentInfo with the new one 663e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 664e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData); 665e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 666e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return cms; 667e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 668e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 669e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom /** 670e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * Replace the certificate and CRL information associated with this 671e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * CMSSignedData object with the new one passed in. 672e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * 673e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param signedData the signed data object to be used as a base. 674e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param certificates the new certificates to be used. 675e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param attrCerts the new attribute certificates to be used. 676e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @param crls the new CRLs to be used. 677e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @return a new signed data object. 678e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom * @exception CMSException if there is an error processing the CertStore 679e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom */ 680e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public static CMSSignedData replaceCertificatesAndCRLs( 681e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom CMSSignedData signedData, 682e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Store certificates, 683e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Store attrCerts, 684e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Store crls) 685e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 686e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 687e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 688e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // copy 689e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 690e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom CMSSignedData cms = new CMSSignedData(signedData); 691e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 692e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 693e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // replace the certs and crls in the SignedData object 694e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 695e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set certSet = null; 696e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set crlSet = null; 697e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 698e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (certificates != null || attrCerts != null) 699e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 700e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom List certs = new ArrayList(); 701e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 702e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (certificates != null) 703e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 704e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certs.addAll(CMSUtils.getCertificatesFromStore(certificates)); 705e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 706e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (attrCerts != null) 707e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 708e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certs.addAll(CMSUtils.getAttributeCertificatesFromStore(attrCerts)); 709e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 710e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 711e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set set = CMSUtils.createBerSetFromList(certs); 712e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 713e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (set.size() != 0) 714e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 715e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certSet = set; 716e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 717e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 718e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 719e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (crls != null) 720e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 721e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Set set = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(crls)); 722e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 723e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (set.size() != 0) 724e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 725e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom crlSet = set; 726e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 727e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 728e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 729e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 730e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // replace the CMS structure. 731e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 732e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom cms.signedData = new SignedData(signedData.signedData.getDigestAlgorithms(), 733e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom signedData.signedData.getEncapContentInfo(), 734e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certSet, 735e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom crlSet, 736e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom signedData.signedData.getSignerInfos()); 737e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 738e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 739e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // replace the contentInfo with the new one 740e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // 741e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom cms.contentInfo = new ContentInfo(cms.contentInfo.getContentType(), cms.signedData); 742e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 743e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return cms; 744e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 745e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom} 746