/** * Return the details of the signature algorithm used to create this attribute certificate. * * @return the AlgorithmIdentifier describing the signature algorithm used to create this attribute certificate. */ public AlgorithmIdentifier getSignatureAlgorithm() { return x509Certificate.getSignatureAlgorithm(); }
/** * Return the details of the signature algorithm used to create this attribute certificate. * * @return the AlgorithmIdentifier describing the signature algorithm used to create this attribute certificate. */ public AlgorithmIdentifier getSignatureAlgorithm() { return x509Certificate.getSignatureAlgorithm(); }
/** * return a more "meaningful" representation for the signature algorithm used in * the certificate. */ public String getSigAlgName() { return X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm()); }
public final void verify( PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature; String sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm()); try { signature = Signature.getInstance(sigName, BouncyCastleProvider.PROVIDER_NAME); } catch (Exception e) { signature = Signature.getInstance(sigName); } checkSignature(key, signature); }
public final void verify( PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { String sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm()); Signature signature; if (sigProvider != null) { signature = Signature.getInstance(sigName, sigProvider); } else { signature = Signature.getInstance(sigName); } checkSignature(key, signature); }
/** * return the object identifier for the signature. */ public String getSigAlgOID() { return c.getSignatureAlgorithm().getAlgorithm().getId(); }
public final void verify( PublicKey key, Provider sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException { String sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm()); Signature signature; if (sigProvider != null) { signature = Signature.getInstance(sigName, sigProvider); } else { signature = Signature.getInstance(sigName); } checkSignature(key, signature); }
public final void verify( PublicKey key, Provider sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException { String sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm()); Signature signature; if (sigProvider != null) { signature = Signature.getInstance(sigName, sigProvider); } else { signature = Signature.getInstance(sigName); } checkSignature(key, signature); }
/** * return the object identifier for the signature. */ public String getSigAlgOID() { return c.getSignatureAlgorithm().getAlgorithm().getId(); }
public final void verify( PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { String sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm()); Signature signature; if (sigProvider != null) { signature = Signature.getInstance(sigName, sigProvider); } else { signature = Signature.getInstance(sigName); } checkSignature(key, signature); }
/** * return the signature parameters, or null if there aren't any. */ public byte[] getSigAlgParams() { if (c.getSignatureAlgorithm().getParameters() != null) { try { return c.getSignatureAlgorithm().getParameters().toASN1Primitive().getEncoded(ASN1Encoding.DER); } catch (IOException e) { return null; } } else { return null; } }
public final void verify( PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature; String sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm()); try { signature = bcHelper.createSignature(sigName); } catch (Exception e) { signature = Signature.getInstance(sigName); } checkSignature(key, signature); }
/** * return the signature parameters, or null if there aren't any. */ public byte[] getSigAlgParams() { if (c.getSignatureAlgorithm().getParameters() != null) { try { return c.getSignatureAlgorithm().getParameters().toASN1Primitive().getEncoded(ASN1Encoding.DER); } catch (IOException e) { return null; } } else { return null; } }
private void checkSignature( PublicKey key, Signature signature) throws CertificateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException { if (!isAlgIdEqual(c.getSignatureAlgorithm(), c.getTBSCertificate().getSignature())) { throw new CertificateException("signature algorithm in TBS cert not same as outer cert"); } ASN1Encodable params = c.getSignatureAlgorithm().getParameters(); // TODO This should go after the initVerify? X509SignatureUtil.setSignatureParameters(signature, params); signature.initVerify(key); signature.update(this.getTBSCertificate()); if (!signature.verify(this.getSignature())) { throw new SignatureException("certificate does not verify with supplied key"); } }
private void checkSignature( PublicKey key, Signature signature) throws CertificateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException { if (!isAlgIdEqual(c.getSignatureAlgorithm(), c.getTBSCertificate().getSignature())) { throw new CertificateException("signature algorithm in TBS cert not same as outer cert"); } ASN1Encodable params = c.getSignatureAlgorithm().getParameters(); // TODO This should go after the initVerify? X509SignatureUtil.setSignatureParameters(signature, params); signature.initVerify(key); signature.update(this.getTBSCertificate()); if (!signature.verify(this.getSignature())) { throw new SignatureException("certificate does not verify with supplied key"); } }
/** * Validate the signature on the certificate in this holder. * * @param verifierProvider a ContentVerifierProvider that can generate a verifier for the signature. * @return true if the signature is valid, false otherwise. * @throws CertException if the signature cannot be processed or is inappropriate. */ public boolean isSignatureValid(ContentVerifierProvider verifierProvider) throws CertException { TBSCertificate tbsCert = x509Certificate.getTBSCertificate(); if (!CertUtils.isAlgIdEqual(tbsCert.getSignature(), x509Certificate.getSignatureAlgorithm())) { throw new CertException("signature invalid - algorithm identifier mismatch"); } ContentVerifier verifier; try { verifier = verifierProvider.get((tbsCert.getSignature())); OutputStream sOut = verifier.getOutputStream(); DEROutputStream dOut = new DEROutputStream(sOut); dOut.writeObject(tbsCert); sOut.close(); } catch (Exception e) { throw new CertException("unable to process signature: " + e.getMessage(), e); } return verifier.verify(this.getSignature()); }
public CertificateConfirmationContent build(DigestCalculatorProvider digesterProvider) throws CMPException { ASN1EncodableVector v = new ASN1EncodableVector(); for (int i = 0; i != acceptedCerts.size(); i++) { X509CertificateHolder certHolder = (X509CertificateHolder)acceptedCerts.get(i); BigInteger reqID = (BigInteger)acceptedReqIds.get(i); AlgorithmIdentifier digAlg = digestAlgFinder.find(certHolder.toASN1Structure().getSignatureAlgorithm()); if (digAlg == null) { throw new CMPException("cannot find algorithm for digest from signature"); } DigestCalculator digester; try { digester = digesterProvider.get(digAlg); } catch (OperatorCreationException e) { throw new CMPException("unable to create digest: " + e.getMessage(), e); } CMPUtil.derEncodeToStream(certHolder.toASN1Structure(), digester.getOutputStream()); v.add(new CertStatus(digester.getDigest(), reqID)); } return new CertificateConfirmationContent(CertConfirmContent.getInstance(new DERSequence(v)), digestAlgFinder); }
public CertificateConfirmationContent build(DigestCalculatorProvider digesterProvider) throws CMPException { ASN1EncodableVector v = new ASN1EncodableVector(); for (int i = 0; i != acceptedCerts.size(); i++) { X509CertificateHolder certHolder = (X509CertificateHolder)acceptedCerts.get(i); BigInteger reqID = (BigInteger)acceptedReqIds.get(i); AlgorithmIdentifier digAlg = digestAlgFinder.find(certHolder.toASN1Structure().getSignatureAlgorithm()); if (digAlg == null) { throw new CMPException("cannot find algorithm for digest from signature"); } DigestCalculator digester; try { digester = digesterProvider.get(digAlg); } catch (OperatorCreationException e) { throw new CMPException("unable to create digest: " + e.getMessage(), e); } CMPUtil.derEncodeToStream(certHolder.toASN1Structure(), digester.getOutputStream()); v.add(new CertStatus(digester.getDigest(), reqID)); } return new CertificateConfirmationContent(CertConfirmContent.getInstance(new DERSequence(v)), digestAlgFinder); }
public boolean isVerified(X509CertificateHolder certHolder, DigestCalculatorProvider digesterProvider) throws CMPException { AlgorithmIdentifier digAlg = digestAlgFinder.find(certHolder.toASN1Structure().getSignatureAlgorithm()); if (digAlg == null) { throw new CMPException("cannot find algorithm for digest from signature"); } DigestCalculator digester; try { digester = digesterProvider.get(digAlg); } catch (OperatorCreationException e) { throw new CMPException("unable to create digester: " + e.getMessage(), e); } CMPUtil.derEncodeToStream(certHolder.toASN1Structure(), digester.getOutputStream()); return Arrays.areEqual(certStatus.getCertHash().getOctets(), digester.getDigest()); } }
public boolean isVerified(X509CertificateHolder certHolder, DigestCalculatorProvider digesterProvider) throws CMPException { AlgorithmIdentifier digAlg = digestAlgFinder.find(certHolder.toASN1Structure().getSignatureAlgorithm()); if (digAlg == null) { throw new CMPException("cannot find algorithm for digest from signature"); } DigestCalculator digester; try { digester = digesterProvider.get(digAlg); } catch (OperatorCreationException e) { throw new CMPException("unable to create digester: " + e.getMessage(), e); } CMPUtil.derEncodeToStream(certHolder.toASN1Structure(), digester.getOutputStream()); return Arrays.areEqual(certStatus.getCertHash().getOctets(), digester.getDigest()); } }