Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/quite/humla-spongycastle.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/pkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java
diff options
context:
space:
mode:
Diffstat (limited to 'pkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java')
-rw-r--r--pkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java370
1 files changed, 370 insertions, 0 deletions
diff --git a/pkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java b/pkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java
new file mode 100644
index 00000000..ce20884c
--- /dev/null
+++ b/pkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java
@@ -0,0 +1,370 @@
+package org.bouncycastle.cms;
+
+import java.io.IOException;
+import java.security.Provider;
+import java.security.cert.CRLException;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import org.bouncycastle.asn1.ASN1Encodable;
+import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.ASN1Primitive;
+import org.bouncycastle.asn1.ASN1Sequence;
+import org.bouncycastle.asn1.ASN1Set;
+import org.bouncycastle.asn1.ASN1TaggedObject;
+import org.bouncycastle.asn1.DERNull;
+import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
+import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
+import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import org.bouncycastle.asn1.x509.AttributeCertificate;
+import org.bouncycastle.asn1.x509.Certificate;
+import org.bouncycastle.asn1.x509.CertificateList;
+import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
+import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import org.bouncycastle.cert.X509AttributeCertificateHolder;
+import org.bouncycastle.cert.X509CRLHolder;
+import org.bouncycastle.cert.X509CertificateHolder;
+import org.bouncycastle.cert.jcajce.JcaX509CRLConverter;
+import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
+import org.bouncycastle.util.CollectionStore;
+import org.bouncycastle.util.Store;
+import org.bouncycastle.x509.NoSuchStoreException;
+import org.bouncycastle.x509.X509CollectionStoreParameters;
+import org.bouncycastle.x509.X509Store;
+import org.bouncycastle.x509.X509V2AttributeCertificate;
+
+class CMSSignedHelper
+{
+ static final CMSSignedHelper INSTANCE = new CMSSignedHelper();
+
+ private static final Map encryptionAlgs = new HashMap();
+ private static final Map digestAlgs = new HashMap();
+ private static final Map digestAliases = new HashMap();
+
+ private static void addEntries(ASN1ObjectIdentifier alias, String digest, String encryption)
+ {
+ digestAlgs.put(alias.getId(), digest);
+ encryptionAlgs.put(alias.getId(), encryption);
+ }
+
+ static
+ {
+ addEntries(NISTObjectIdentifiers.dsa_with_sha224, "SHA224", "DSA");
+ addEntries(NISTObjectIdentifiers.dsa_with_sha256, "SHA256", "DSA");
+ addEntries(NISTObjectIdentifiers.dsa_with_sha384, "SHA384", "DSA");
+ addEntries(NISTObjectIdentifiers.dsa_with_sha512, "SHA512", "DSA");
+ addEntries(OIWObjectIdentifiers.dsaWithSHA1, "SHA1", "DSA");
+ addEntries(OIWObjectIdentifiers.md4WithRSA, "MD4", "RSA");
+ addEntries(OIWObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
+ addEntries(OIWObjectIdentifiers.md5WithRSA, "MD5", "RSA");
+ addEntries(OIWObjectIdentifiers.sha1WithRSA, "SHA1", "RSA");
+ addEntries(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2", "RSA");
+ addEntries(PKCSObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
+ addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5", "RSA");
+ addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1", "RSA");
+ addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA");
+ addEntries(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256", "RSA");
+ addEntries(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384", "RSA");
+ addEntries(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512", "RSA");
+ addEntries(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1", "ECDSA");
+ addEntries(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224", "ECDSA");
+ addEntries(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256", "ECDSA");
+ addEntries(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384", "ECDSA");
+ addEntries(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512", "ECDSA");
+ addEntries(X9ObjectIdentifiers.id_dsa_with_sha1, "SHA1", "DSA");
+ addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1", "ECDSA");
+ addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA");
+ addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256", "ECDSA");
+ addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384", "ECDSA");
+ addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512", "ECDSA");
+ addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "SHA1", "RSA");
+ addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA");
+ addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1");
+ addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1");
+
+ encryptionAlgs.put(X9ObjectIdentifiers.id_dsa.getId(), "DSA");
+ encryptionAlgs.put(PKCSObjectIdentifiers.rsaEncryption.getId(), "RSA");
+ encryptionAlgs.put(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA");
+ encryptionAlgs.put(X509ObjectIdentifiers.id_ea_rsa.getId(), "RSA");
+ encryptionAlgs.put(CMSSignedDataGenerator.ENCRYPTION_RSA_PSS, "RSAandMGF1");
+ encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_94.getId(), "GOST3410");
+ encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_2001.getId(), "ECGOST3410");
+ encryptionAlgs.put("1.3.6.1.4.1.5849.1.6.2", "ECGOST3410");
+ encryptionAlgs.put("1.3.6.1.4.1.5849.1.1.5", "GOST3410");
+ encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001.getId(), "ECGOST3410");
+ encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94.getId(), "GOST3410");
+
+ digestAlgs.put(PKCSObjectIdentifiers.md2.getId(), "MD2");
+ digestAlgs.put(PKCSObjectIdentifiers.md4.getId(), "MD4");
+ digestAlgs.put(PKCSObjectIdentifiers.md5.getId(), "MD5");
+ digestAlgs.put(OIWObjectIdentifiers.idSHA1.getId(), "SHA1");
+ digestAlgs.put(NISTObjectIdentifiers.id_sha224.getId(), "SHA224");
+ digestAlgs.put(NISTObjectIdentifiers.id_sha256.getId(), "SHA256");
+ digestAlgs.put(NISTObjectIdentifiers.id_sha384.getId(), "SHA384");
+ digestAlgs.put(NISTObjectIdentifiers.id_sha512.getId(), "SHA512");
+ digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd128.getId(), "RIPEMD128");
+ digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd160.getId(), "RIPEMD160");
+ digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd256.getId(), "RIPEMD256");
+ digestAlgs.put(CryptoProObjectIdentifiers.gostR3411.getId(), "GOST3411");
+ digestAlgs.put("1.3.6.1.4.1.5849.1.2.1", "GOST3411");
+
+ digestAliases.put("SHA1", new String[] { "SHA-1" });
+ digestAliases.put("SHA224", new String[] { "SHA-224" });
+ digestAliases.put("SHA256", new String[] { "SHA-256" });
+ digestAliases.put("SHA384", new String[] { "SHA-384" });
+ digestAliases.put("SHA512", new String[] { "SHA-512" });
+ }
+
+ /**
+ * Return the digest algorithm using one of the standard JCA string
+ * representations rather than the algorithm identifier (if possible).
+ */
+ String getDigestAlgName(
+ String digestAlgOID)
+ {
+ String algName = (String)digestAlgs.get(digestAlgOID);
+
+ if (algName != null)
+ {
+ return algName;
+ }
+
+ return digestAlgOID;
+ }
+
+ /**
+ * Return the digest encryption algorithm using one of the standard
+ * JCA string representations rather the the algorithm identifier (if
+ * possible).
+ */
+ String getEncryptionAlgName(
+ String encryptionAlgOID)
+ {
+ String algName = (String)encryptionAlgs.get(encryptionAlgOID);
+
+ if (algName != null)
+ {
+ return algName;
+ }
+
+ return encryptionAlgOID;
+ }
+
+ X509Store createAttributeStore(
+ String type,
+ Provider provider,
+ Store certStore)
+ throws NoSuchStoreException, CMSException
+ {
+ try
+ {
+ Collection certHldrs = certStore.getMatches(null);
+ List certs = new ArrayList(certHldrs.size());
+
+ for (Iterator it = certHldrs.iterator(); it.hasNext();)
+ {
+ certs.add(new X509V2AttributeCertificate(((X509AttributeCertificateHolder)it.next()).getEncoded()));
+ }
+
+ return X509Store.getInstance(
+ "AttributeCertificate/" +type, new X509CollectionStoreParameters(certs), provider);
+ }
+ catch (IllegalArgumentException e)
+ {
+ throw new CMSException("can't setup the X509Store", e);
+ }
+ catch (IOException e)
+ {
+ throw new CMSException("can't setup the X509Store", e);
+ }
+ }
+
+ X509Store createCertificateStore(
+ String type,
+ Provider provider,
+ Store certStore)
+ throws NoSuchStoreException, CMSException
+ {
+ try
+ {
+ JcaX509CertificateConverter converter = new JcaX509CertificateConverter().setProvider(provider);
+ Collection certHldrs = certStore.getMatches(null);
+ List certs = new ArrayList(certHldrs.size());
+
+ for (Iterator it = certHldrs.iterator(); it.hasNext();)
+ {
+ certs.add(converter.getCertificate((X509CertificateHolder)it.next()));
+ }
+
+ return X509Store.getInstance(
+ "Certificate/" +type, new X509CollectionStoreParameters(certs), provider);
+ }
+ catch (IllegalArgumentException e)
+ {
+ throw new CMSException("can't setup the X509Store", e);
+ }
+ catch (CertificateException e)
+ {
+ throw new CMSException("can't setup the X509Store", e);
+ }
+ }
+
+ X509Store createCRLsStore(
+ String type,
+ Provider provider,
+ Store crlStore)
+ throws NoSuchStoreException, CMSException
+ {
+ try
+ {
+ JcaX509CRLConverter converter = new JcaX509CRLConverter().setProvider(provider);
+ Collection crlHldrs = crlStore.getMatches(null);
+ List crls = new ArrayList(crlHldrs.size());
+
+ for (Iterator it = crlHldrs.iterator(); it.hasNext();)
+ {
+ crls.add(converter.getCRL((X509CRLHolder)it.next()));
+ }
+
+ return X509Store.getInstance(
+ "CRL/" +type, new X509CollectionStoreParameters(crls), provider);
+ }
+ catch (IllegalArgumentException e)
+ {
+ throw new CMSException("can't setup the X509Store", e);
+ }
+ catch (CRLException e)
+ {
+ throw new CMSException("can't setup the X509Store", e);
+ }
+ }
+
+ AlgorithmIdentifier fixAlgID(AlgorithmIdentifier algId)
+ {
+ if (algId.getParameters() == null)
+ {
+ return new AlgorithmIdentifier(algId.getAlgorithm(), DERNull.INSTANCE);
+ }
+
+ return algId;
+ }
+
+ void setSigningEncryptionAlgorithmMapping(ASN1ObjectIdentifier oid, String algorithmName)
+ {
+ encryptionAlgs.put(oid.getId(), algorithmName);
+ }
+
+ void setSigningDigestAlgorithmMapping(ASN1ObjectIdentifier oid, String algorithmName)
+ {
+ digestAlgs.put(oid.getId(), algorithmName);
+ }
+
+ Store getCertificates(ASN1Set certSet)
+ {
+ if (certSet != null)
+ {
+ List certList = new ArrayList(certSet.size());
+
+ for (Enumeration en = certSet.getObjects(); en.hasMoreElements();)
+ {
+ ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive();
+
+ if (obj instanceof ASN1Sequence)
+ {
+ certList.add(new X509CertificateHolder(Certificate.getInstance(obj)));
+ }
+ }
+
+ return new CollectionStore(certList);
+ }
+
+ return new CollectionStore(new ArrayList());
+ }
+
+ Store getAttributeCertificates(ASN1Set certSet)
+ {
+ if (certSet != null)
+ {
+ List certList = new ArrayList(certSet.size());
+
+ for (Enumeration en = certSet.getObjects(); en.hasMoreElements();)
+ {
+ ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive();
+
+ if (obj instanceof ASN1TaggedObject)
+ {
+ certList.add(new X509AttributeCertificateHolder(AttributeCertificate.getInstance(((ASN1TaggedObject)obj).getObject())));
+ }
+ }
+
+ return new CollectionStore(certList);
+ }
+
+ return new CollectionStore(new ArrayList());
+ }
+
+ Store getCRLs(ASN1Set crlSet)
+ {
+ if (crlSet != null)
+ {
+ List crlList = new ArrayList(crlSet.size());
+
+ for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();)
+ {
+ ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive();
+
+ if (obj instanceof ASN1Sequence)
+ {
+ crlList.add(new X509CRLHolder(CertificateList.getInstance(obj)));
+ }
+ }
+
+ return new CollectionStore(crlList);
+ }
+
+ return new CollectionStore(new ArrayList());
+ }
+
+ Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat, ASN1Set crlSet)
+ {
+ if (crlSet != null)
+ {
+ List crlList = new ArrayList(crlSet.size());
+
+ for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();)
+ {
+ ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive();
+
+ if (obj instanceof ASN1TaggedObject)
+ {
+ ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(obj);
+
+ if (tObj.getTagNo() == 1)
+ {
+ OtherRevocationInfoFormat other = OtherRevocationInfoFormat.getInstance(tObj, false);
+
+ if (otherRevocationInfoFormat.equals(other.getInfoFormat()))
+ {
+ crlList.add(other.getInfo());
+ }
+ }
+ }
+ }
+
+ return new CollectionStore(crlList);
+ }
+
+ return new CollectionStore(new ArrayList());
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 13:21:12 +0300