1e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrompackage org.bouncycastle.cms; 2e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 3e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.io.IOException; 4e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.io.InputStream; 5e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.io.OutputStream; 6e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.NoSuchProviderException; 7e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.Provider; 8e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.Security; 9e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.CRLException; 10e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.CertStore; 11e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.CertStoreException; 12e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.CertificateEncodingException; 13e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.X509CRL; 14e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.security.cert.X509Certificate; 15e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.ArrayList; 16e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.Collection; 17e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.Iterator; 18e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.List; 19e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 20e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1Encodable; 21e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1EncodableVector; 22e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1InputStream; 23a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstromimport org.bouncycastle.asn1.ASN1ObjectIdentifier; 24e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1Primitive; 25e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1Set; 26e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.BEROctetStringGenerator; 27e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.BERSet; 28e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.DERSet; 29e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.DERTaggedObject; 30a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstromimport org.bouncycastle.asn1.cms.CMSObjectIdentifiers; 31e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.cms.ContentInfo; 32e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.cms.IssuerAndSerialNumber; 33a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom// BEGIN android-removed 34a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat; 35a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom// import org.bouncycastle.asn1.ocsp.OCSPResponse; 36a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom// import org.bouncycastle.asn1.ocsp.OCSPResponseStatus; 37a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom// END android-removed 38e1142c149e244797ce73b0e7fad40816e447a817Brian Carlstromimport org.bouncycastle.asn1.x509.Certificate; 39e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.CertificateList; 40e1142c149e244797ce73b0e7fad40816e447a817Brian Carlstromimport org.bouncycastle.asn1.x509.TBSCertificate; 41e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.cert.X509AttributeCertificateHolder; 42e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.cert.X509CRLHolder; 43e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.cert.X509CertificateHolder; 44e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.DigestCalculator; 45e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.util.Store; 46e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.util.io.Streams; 47e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.util.io.TeeInputStream; 48e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.util.io.TeeOutputStream; 49e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 50e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromclass CMSUtils 51e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom{ 52e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static ContentInfo readContentInfo( 53e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom byte[] input) 54e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 55e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 56e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // enforce limit checking as from a byte array 57e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return readContentInfo(new ASN1InputStream(input)); 58e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 59e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 60e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static ContentInfo readContentInfo( 61e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom InputStream input) 62e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 63e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 64e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // enforce some limit checking 65e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return readContentInfo(new ASN1InputStream(input)); 66e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 67e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 68e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static List getCertificatesFromStore(CertStore certStore) 69e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CertStoreException, CMSException 70e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 71e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom List certs = new ArrayList(); 72e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 73e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 74e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 75e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (Iterator it = certStore.getCertificates(null).iterator(); it.hasNext();) 76e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 77e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom X509Certificate c = (X509Certificate)it.next(); 78e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 79e1142c149e244797ce73b0e7fad40816e447a817Brian Carlstrom certs.add(Certificate.getInstance(ASN1Primitive.fromByteArray(c.getEncoded()))); 80e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 81e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 82e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return certs; 83e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 84e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (IllegalArgumentException e) 85e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 86e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("error processing certs", e); 87e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 88e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (IOException e) 89e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 90e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("error processing certs", e); 91e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 92e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (CertificateEncodingException e) 93e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 94e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("error encoding certs", e); 95e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 96e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 97e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 98e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static List getCertificatesFromStore(Store certStore) 99e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 100e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 101e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom List certs = new ArrayList(); 102e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 103e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 104e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 105e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (Iterator it = certStore.getMatches(null).iterator(); it.hasNext();) 106e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 107e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom X509CertificateHolder c = (X509CertificateHolder)it.next(); 108e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 109e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certs.add(c.toASN1Structure()); 110e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 111e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 112e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return certs; 113e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 114e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (ClassCastException e) 115e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 116e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("error processing certs", e); 117e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 118e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 119e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 120e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static List getAttributeCertificatesFromStore(Store attrStore) 121e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 122e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 123e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom List certs = new ArrayList(); 124e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 125e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 126e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 127e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (Iterator it = attrStore.getMatches(null).iterator(); it.hasNext();) 128e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 129e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom X509AttributeCertificateHolder attrCert = (X509AttributeCertificateHolder)it.next(); 130e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 131e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certs.add(new DERTaggedObject(false, 2, attrCert.toASN1Structure())); 132e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 133e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 134e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return certs; 135e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 136e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (ClassCastException e) 137e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 138e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("error processing certs", e); 139e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 140e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 141e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 142e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static List getCRLsFromStore(CertStore certStore) 143e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CertStoreException, CMSException 144e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 145e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom List crls = new ArrayList(); 146e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 147e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 148e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 149e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (Iterator it = certStore.getCRLs(null).iterator(); it.hasNext();) 150e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 151e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom X509CRL c = (X509CRL)it.next(); 152e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 153e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom crls.add(CertificateList.getInstance(ASN1Primitive.fromByteArray(c.getEncoded()))); 154e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 155e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 156e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return crls; 157e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 158e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (IllegalArgumentException e) 159e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 160e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("error processing crls", e); 161e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 162e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (IOException e) 163e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 164e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("error processing crls", e); 165e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 166e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (CRLException e) 167e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 168e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("error encoding crls", e); 169e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 170e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 171e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 172e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static List getCRLsFromStore(Store crlStore) 173e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 174e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 175e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom List certs = new ArrayList(); 176e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 177e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 178e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 179e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (Iterator it = crlStore.getMatches(null).iterator(); it.hasNext();) 180e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 181e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom X509CRLHolder c = (X509CRLHolder)it.next(); 182e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 183e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom certs.add(c.toASN1Structure()); 184e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 185e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 186e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return certs; 187e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 188e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (ClassCastException e) 189e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 190e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("error processing certs", e); 191e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 192e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 193e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 194a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // BEGIN android-removed 195a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // static Collection getOthersFromStore(ASN1ObjectIdentifier otherRevocationInfoFormat, Store otherRevocationInfos) 196a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // { 197a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // List others = new ArrayList(); 198a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // 199a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // for (Iterator it = otherRevocationInfos.getMatches(null).iterator(); it.hasNext();) 200a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // { 201a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // ASN1Encodable info = (ASN1Encodable)it.next(); 202a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // 203a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // if (CMSObjectIdentifiers.id_ri_ocsp_response.equals(otherRevocationInfoFormat)) 204a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // { 205a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // OCSPResponse resp = OCSPResponse.getInstance(info); 206a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // 207a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // if (resp.getResponseStatus().getValue().intValue() != OCSPResponseStatus.SUCCESSFUL) 208a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // { 209a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // throw new IllegalArgumentException("cannot add unsuccessful OCSP response to CMS SignedData"); 210a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // } 211a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // } 212a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // 213a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // others.add(new DERTaggedObject(false, 1, new OtherRevocationInfoFormat(otherRevocationInfoFormat, info))); 214a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // } 215a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // 216a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // return others; 217a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // } 218a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom // END android-removed 219a198e1ecc615e26a167d0f2dca9fa7e5fc62de10Brian Carlstrom 220e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static ASN1Set createBerSetFromList(List derObjects) 221e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 222e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1EncodableVector v = new ASN1EncodableVector(); 223e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 224e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (Iterator it = derObjects.iterator(); it.hasNext();) 225e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 226e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom v.add((ASN1Encodable)it.next()); 227e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 228e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 229e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new BERSet(v); 230e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 231e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 232e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static ASN1Set createDerSetFromList(List derObjects) 233e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 234e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1EncodableVector v = new ASN1EncodableVector(); 235e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 236e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (Iterator it = derObjects.iterator(); it.hasNext();) 237e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 238e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom v.add((ASN1Encodable)it.next()); 239e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 240e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 241e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new DERSet(v); 242e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 243e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 244e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static OutputStream createBEROctetOutputStream(OutputStream s, 245e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom int tagNo, boolean isExplicit, int bufferSize) throws IOException 246e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 247e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom BEROctetStringGenerator octGen = new BEROctetStringGenerator(s, tagNo, isExplicit); 248e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 249e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (bufferSize != 0) 250e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 251e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return octGen.getOctetOutputStream(new byte[bufferSize]); 252e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 253e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 254e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return octGen.getOctetOutputStream(); 255e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 256e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 257e1142c149e244797ce73b0e7fad40816e447a817Brian Carlstrom static TBSCertificate getTBSCertificateStructure( 258e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom X509Certificate cert) 259e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 260e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 261e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 262e1142c149e244797ce73b0e7fad40816e447a817Brian Carlstrom return TBSCertificate.getInstance( 263e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1Primitive.fromByteArray(cert.getTBSCertificate())); 264e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 265e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (Exception e) 266e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 267e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new IllegalArgumentException( 268e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom "can't extract TBS structure from this cert"); 269e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 270e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 271e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 272e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static IssuerAndSerialNumber getIssuerAndSerialNumber(X509Certificate cert) 273e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 274e1142c149e244797ce73b0e7fad40816e447a817Brian Carlstrom TBSCertificate tbsCert = getTBSCertificateStructure(cert); 275e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new IssuerAndSerialNumber(tbsCert.getIssuer(), tbsCert.getSerialNumber().getValue()); 276e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 277e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 278e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private static ContentInfo readContentInfo( 279e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1InputStream in) 280e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CMSException 281e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 282e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 283e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 284e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return ContentInfo.getInstance(in.readObject()); 285e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 286e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (IOException e) 287e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 288e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("IOException reading content.", e); 289e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 290e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (ClassCastException e) 291e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 292e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("Malformed content.", e); 293e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 294e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (IllegalArgumentException e) 295e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 296e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CMSException("Malformed content.", e); 297e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 298e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 299e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 300e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public static byte[] streamToByteArray( 301e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom InputStream in) 302e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws IOException 303e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 304e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return Streams.readAll(in); 305e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 306e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 307e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public static byte[] streamToByteArray( 308e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom InputStream in, 309e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom int limit) 310e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws IOException 311e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 312e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return Streams.readAllLimited(in, limit); 313e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 314e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 315e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom public static Provider getProvider(String providerName) 316e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws NoSuchProviderException 317e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 318e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (providerName != null) 319e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 320e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Provider prov = Security.getProvider(providerName); 321e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 322e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (prov != null) 323e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 324e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return prov; 325e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 326e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 327e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new NoSuchProviderException("provider " + providerName + " not found."); 328e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 329e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 330e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return null; 331e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 332e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 333e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static InputStream attachDigestsToInputStream(Collection digests, InputStream s) 334e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 335e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom InputStream result = s; 336e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Iterator it = digests.iterator(); 337e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom while (it.hasNext()) 338e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 339e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom DigestCalculator digest = (DigestCalculator)it.next(); 340e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom result = new TeeInputStream(result, digest.getOutputStream()); 341e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 342e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return result; 343e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 344e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 345e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static OutputStream attachSignersToOutputStream(Collection signers, OutputStream s) 346e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 347e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom OutputStream result = s; 348e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom Iterator it = signers.iterator(); 349e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom while (it.hasNext()) 350e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 351e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom SignerInfoGenerator signerGen = (SignerInfoGenerator)it.next(); 352e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom result = getSafeTeeOutputStream(result, signerGen.getCalculatingOutputStream()); 353e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 354e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return result; 355e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 356e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 357e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static OutputStream getSafeOutputStream(OutputStream s) 358e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 359e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return s == null ? new NullOutputStream() : s; 360e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 361e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 362e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static OutputStream getSafeTeeOutputStream(OutputStream s1, 363e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom OutputStream s2) 364e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 365e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return s1 == null ? getSafeOutputStream(s2) 366e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom : s2 == null ? getSafeOutputStream(s1) : new TeeOutputStream( 367e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom s1, s2); 368e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 369e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom} 370