public void testSHA1WithRSAStream() throws Exception {
List certList = new ArrayList();
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
certList.add(new X509CertificateHolder(keyCert.getEncoded()));
DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().build();
CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
gen.addSignerInfoGenerator(
new JcaSignerInfoGeneratorBuilder(digCalcProv)
.build(
new JcaContentSignerBuilder("SHA1withRSA").build(keyPair.getPrivate()), keyCert));
gen.addCertificates(new CollectionStore(certList));
OutputStream sigOut = gen.open(bOut);
sigOut.write(TEST_MESSAGE.getBytes());
sigOut.close();
CMSSignedDataParser sp =
new CMSSignedDataParser(
digCalcProv,
new CMSTypedStream(new ByteArrayInputStream(TEST_MESSAGE.getBytes())),
bOut.toByteArray());
sp.getSignedContent().drain();
//
// compute expected content digest
//
MessageDigest md = MessageDigest.getInstance("SHA1");
byte[] contentDigest = md.digest(TEST_MESSAGE.getBytes());
Store certStore = sp.getCertificates();
SignerInformationStore signers = sp.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext()) {
SignerInformation signer = (SignerInformation) it.next();
Collection certCollection = certStore.getMatches(signer.getSID());
Iterator certIt = certCollection.iterator();
X509CertificateHolder cert = (X509CertificateHolder) certIt.next();
assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().build(cert)));
if (contentDigest != null) {
assertTrue(MessageDigest.isEqual(contentDigest, signer.getContentDigest()));
}
}
}
public void testSHA1WithRSAEncapsulated() throws Exception {
List certList = new ArrayList();
CMSTypedData msg = new CMSProcessableByteArray(TEST_MESSAGE.getBytes());
certList.add(new X509CertificateHolder(keyCert.getEncoded()));
DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().build();
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSignerInfoGenerator(
new JcaSignerInfoGeneratorBuilder(digCalcProv)
.build(
new JcaContentSignerBuilder("SHA1withRSA").build(keyPair.getPrivate()), keyCert));
gen.addCertificates(new CollectionStore(certList));
CMSSignedData s = gen.generate(msg, true);
ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
ASN1InputStream aIn = new ASN1InputStream(bIn);
s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
Store certsAndCrls = s.getCertificates();
SignerInformationStore signers = s.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext()) {
SignerInformation signer = (SignerInformation) it.next();
Collection certCollection = certsAndCrls.getMatches(signer.getSID());
Iterator certIt = certCollection.iterator();
X509CertificateHolder cert = (X509CertificateHolder) certIt.next();
assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().build(cert)));
}
}