@Override public byte[] sign(byte[] data) throws NoIdleSignerException, SignatureException { ConcurrentBagEntrySigner signer = borrowSigner(); try { OutputStream signatureStream = signer.value().getOutputStream(); try { signatureStream.write(data); } catch (IOException ex) { throw new SignatureException( "could not write data to SignatureStream: " + ex.getMessage(), ex); } return signer.value().getSignature(); } finally { requiteSigner(signer); } }
public DfltConcurrentContentSigner(boolean mac, List<XiContentSigner> signers, Key signingKey) throws NoSuchAlgorithmException { Args.notEmpty(signers, "signers"); this.mac = mac; AlgorithmIdentifier algorithmIdentifier = signers.get(0).getAlgorithmIdentifier(); this.algorithmName = AlgorithmUtil.getSigOrMacAlgoName(algorithmIdentifier); this.algorithmCode = AlgorithmUtil.getSigOrMacAlgoCode(algorithmIdentifier); for (XiContentSigner signer : signers) { this.signers.add(new ConcurrentBagEntrySigner(signer)); } this.signingKey = signingKey; this.name = "defaultSigner-" + NAME_INDEX.getAndIncrement(); }
@Override public byte[] sign(final byte[] data) throws NoIdleSignerException, SignatureException { ConcurrentBagEntrySigner contentSigner = borrowContentSigner(); try { OutputStream signatureStream = contentSigner.value().getOutputStream(); try { signatureStream.write(data); } catch (IOException ex) { throw new SignatureException( "could not write data to SignatureStream: " + ex.getMessage(), ex); } return contentSigner.value().getSignature(); } finally { requiteContentSigner(contentSigner); } }
public DefaultConcurrentContentSigner(final boolean mac, final List<XiContentSigner> signers, final Key signingKey) throws NoSuchAlgorithmException { ParamUtil.requireNonEmpty("signers", signers); this.mac = mac; AlgorithmIdentifier algorithmIdentifier = signers.get(0).getAlgorithmIdentifier(); this.algorithmName = AlgorithmUtil.getSigOrMacAlgoName(algorithmIdentifier); this.algorithmCode = AlgorithmUtil.getSigOrMacAlgoCode(algorithmIdentifier); for (XiContentSigner signer : signers) { this.signers.add(new ConcurrentBagEntrySigner(signer)); } this.signingKey = signingKey; this.name = "defaultSigner-" + NAME_INDEX.getAndIncrement(); }
@Override public boolean isHealthy() { ConcurrentBagEntrySigner signer = null; try { signer = borrowSigner(); OutputStream stream = signer.value().getOutputStream(); stream.write(new byte[]{1, 2, 3, 4}); byte[] signature = signer.value().getSignature(); return signature != null && signature.length > 0; } catch (Exception ex) { LogUtil.error(LOG, ex); return false; } finally { if (signer != null) { requiteSigner(signer); } } }
@Override public boolean isHealthy() { ConcurrentBagEntrySigner signer = null; try { signer = borrowContentSigner(); OutputStream stream = signer.value().getOutputStream(); stream.write(new byte[]{1, 2, 3, 4}); byte[] signature = signer.value().getSignature(); return signature != null && signature.length > 0; } catch (Exception ex) { LogUtil.error(LOG, ex); return false; } finally { if (signer != null) { requiteContentSigner(signer); } } }
@Override public byte[][] sign(byte[][] data) throws NoIdleSignerException, SignatureException { byte[][] signatures = new byte[data.length][]; ConcurrentBagEntrySigner signer = borrowSigner(); try { XiContentSigner xiSigner = signer.value(); for (int i = 0; i < data.length; i++) { OutputStream signatureStream = xiSigner.getOutputStream(); try { signatureStream.write(data[i]); } catch (IOException ex) { throw new SignatureException( "could not write data to SignatureStream: " + ex.getMessage(), ex); } signatures[i] = xiSigner.getSignature(); } } finally { requiteSigner(signer); } return signatures; }
private PKCS10CertificationRequest generateRequest(ConcurrentContentSigner signer, SubjectPublicKeyInfo subjectPublicKeyInfo, X500Name subjectDn, Map<ASN1ObjectIdentifier, ASN1Encodable> attributes) throws XiSecurityException { ParamUtil.requireNonNull("signer", signer); ParamUtil.requireNonNull("subjectPublicKeyInfo", subjectPublicKeyInfo); ParamUtil.requireNonNull("subjectDn", subjectDn); PKCS10CertificationRequestBuilder csrBuilder = new PKCS10CertificationRequestBuilder(subjectDn, subjectPublicKeyInfo); if (CollectionUtil.isNonEmpty(attributes)) { for (ASN1ObjectIdentifier attrType : attributes.keySet()) { csrBuilder.addAttribute(attrType, attributes.get(attrType)); } } ConcurrentBagEntrySigner signer0; try { signer0 = signer.borrowSigner(); } catch (NoIdleSignerException ex) { throw new XiSecurityException(ex.getMessage(), ex); } try { return csrBuilder.build(signer0.value()); } finally { signer.requiteSigner(signer0); } }
public static PKIMessage addProtection(PKIMessage pkiMessage, ConcurrentContentSigner signer, GeneralName signerName, boolean addSignerCert) throws CMPException, NoIdleSignerException { ParamUtil.requireNonNull("pkiMessage", pkiMessage); ParamUtil.requireNonNull("signer", signer); final GeneralName tmpSignerName; if (signerName != null) { tmpSignerName = signerName; } else { if (signer.getCertificate() == null) { throw new IllegalArgumentException("signer without certificate is not allowed"); } X500Name x500Name = X500Name.getInstance( signer.getCertificate().getSubjectX500Principal().getEncoded()); tmpSignerName = new GeneralName(x500Name); } ProtectedPKIMessageBuilder builder = newProtectedPKIMessageBuilder(pkiMessage, tmpSignerName, null); if (addSignerCert) { X509CertificateHolder signerCert = signer.getBcCertificate(); builder.addCMPCertificate(signerCert); } ConcurrentBagEntrySigner signer0 = signer.borrowSigner(); ProtectedPKIMessage signedMessage; try { signedMessage = builder.build(signer0.value()); } finally { signer.requiteSigner(signer0); } return signedMessage.toASN1Structure(); }
public static PKIMessage addProtection(PKIMessage pkiMessage, ConcurrentContentSigner signer, GeneralName signerName, boolean addSignerCert) throws CMPException, NoIdleSignerException { Args.notNull(pkiMessage, "pkiMessage"); Args.notNull(signer, "signer"); final GeneralName tmpSignerName; if (signerName != null) { tmpSignerName = signerName; } else { if (signer.getCertificate() == null) { throw new IllegalArgumentException("signer without certificate is not allowed"); } X500Name x500Name = X500Name.getInstance( signer.getCertificate().getSubjectX500Principal().getEncoded()); tmpSignerName = new GeneralName(x500Name); } ProtectedPKIMessageBuilder builder = newProtectedPKIMessageBuilder(pkiMessage, tmpSignerName, null); if (addSignerCert) { X509CertificateHolder signerCert = signer.getBcCertificate(); builder.addCMPCertificate(signerCert); } ConcurrentBagEntrySigner signer0 = signer.borrowSigner(); ProtectedPKIMessage signedMessage; try { signedMessage = builder.build(signer0.value()); } finally { signer.requiteSigner(signer0); } return signedMessage.toASN1Structure(); }
crlHolder = crlBuilder.build(signer0.value()); } finally { concurrentSigner.requiteSigner(signer0);
return reqBuilder.build(signer0.value(), certChain); } finally { signer.requiteSigner(signer0);
X509CertificateHolder certHolder; try { certHolder = certBuilder.build(signer0.value()); } finally { signer.requiteSigner(signer0);
ProtectedPKIMessage signedMessage; try { signedMessage = builder.build(signer0.value()); } finally { signer.requiteContentSigner(signer0);
certHolder = certBuilder.build(signer0.value()); } finally { gct.signer.requiteSigner(signer0);