sigandenvelopparser.java

进行与数字证书相关开发必须的java源码

// Decompiled by Jad v1.5.7g. Copyright 2000 Pavel Kouznetsov.
// Jad home page: http://www.geocities.com/SiliconValley/Bridge/8617/jad.html
// Decompiler options: packimports(3) fieldsfirst ansi 
// Source File Name:   SigAndEnvelopParser.java

package jit.asn1parser.pkcs.pkcs7;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import jit.asn1.*;
import jit.asn1.pkcs.PKCSObjectIdentifiers;
import jit.asn1.pkcs.pkcs12.Pfx;
import jit.asn1.pkcs.pkcs7.*;
import jit.asn1.x509.*;
import jit.asn1parser.pkcs.PKCS12Parser;
import jit.asn1parser.x509.SPKIParser;
import jit.asn1parser.x509.X509Cert;
import jit.jcrypto.JKey;
import jit.jcrypto.Session;
import jit.jcrypto.param.CBCParam;
import jit.jcrypto.soft.JMechanism;
import jit.math.BigInteger;

// Referenced classes of package jit.asn1parser.pkcs.pkcs7:
//            EnvelopedDataParser, SignedDataParser, EncryptedDataParser

public class SigAndEnvelopParser
{

    AlgorithmIdentifier digestAlg;
    AlgorithmIdentifier digestEncryptionAlg;
    EnvelopedDataParser envelopedDataParser;
    SignedDataParser signedDataParser;
    EncryptedDataParser encryptedDataParser;
    private Session session;
    private CBCParam cbcParam;

    public SigAndEnvelopParser(Session _session)
    {
        digestAlg = null;
        digestEncryptionAlg = null;
        envelopedDataParser = null;
        signedDataParser = null;
        encryptedDataParser = null;
        session = null;
        cbcParam = null;
        session = _session;
        envelopedDataParser = new EnvelopedDataParser(session);
        signedDataParser = new SignedDataParser(session);
        encryptedDataParser = new EncryptedDataParser(session);
    }

    public SignedAndEnvelopedData generateSigAndEnvelop(DERObjectIdentifier contentType, byte content[], X509Cert recipientCert, Pfx signaturePfx, char pfxPwd[])
        throws Exception
    {
        JMechanism mechanism = new JMechanism(305);
        JKey contentEncryptionKey = session.generateKey(mechanism, 0);
        byte bContentEncryptionKey[] = contentEncryptionKey.getKey();
        EncryptedContentInfo encryptedContentInfo = generateEncryptedContentInfo(contentType, PKCSObjectIdentifiers.des3CBCEncryption, content, contentEncryptionKey);
        SubjectPublicKeyInfo spki = recipientCert.getSubjectPublicKeyInfo();
        SPKIParser spkiParser = new SPKIParser();
        JKey recipientPubKey = spkiParser.getPublicKey(spki);
        BigInteger sn = recipientCert.getSerialNumber();
        X509Name issuer = recipientCert.getIssuer();
        IssuerAndSerialNumber recipientIssuerAndSN = new IssuerAndSerialNumber(issuer, sn);
        PKCS12Parser p12Parser = new PKCS12Parser();
        p12Parser.load(signaturePfx);
        p12Parser.decrypt(pfxPwd);
        JKey singnatureKey = p12Parser.getPrivateKey();
        X509Cert sCert[] = p12Parser.getCertificates();
        sn = sCert[0].getSerialNumber();
        issuer = sCert[0].getIssuer();
        IssuerAndSerialNumber signerIssuerAndSN = new IssuerAndSerialNumber(issuer, sn);
        AlgorithmIdentifier keyEncryptionAlg = null;
        if(recipientPubKey.getKeyType() == 1)
            keyEncryptionAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption);
        else
        if(recipientPubKey.getKeyType() == 1001)
            keyEncryptionAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.ecEncryption);
        RecipientInfo recipientInfo = generateRecipientInfo(recipientIssuerAndSN, keyEncryptionAlg, bContentEncryptionKey, recipientPubKey);
        DERObjectIdentifier signatureAlgOID = null;
        if(singnatureKey.getKeyType() == 2)
            signatureAlgOID = PKCSObjectIdentifiers.sha1WithRSAEncryption;
        else
        if(singnatureKey.getKeyType() == 1002)
            signatureAlgOID = PKCSObjectIdentifiers.sha1WithECEncryption;
        SignerInfo signerInfo = generateSignerInfo(content, signerIssuerAndSN, signatureAlgOID, PKCSObjectIdentifiers.des3CBCEncryption, singnatureKey, contentEncryptionKey);
        AlgorithmIdentifier digestAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1);
        return generateSigAndEnvelop(recipientInfo, digestAlg, encryptedContentInfo, null, null, signerInfo);
    }

    public SignedAndEnvelopedData generateSigAndEnvelop_extendC(DERObjectIdentifier contentType, byte content[], X509Cert recipientCert, Pfx signaturePfx, char pfxPwd[])
        throws Exception
    {
        JMechanism mechanism = new JMechanism(305);
        JKey contentEncryptionKey = session.generateKey(mechanism, 0);
        byte bContentEncryptionKey[] = contentEncryptionKey.getKey();
        EncryptedContentInfo encryptedContentInfo = generateEncryptedContentInfo(contentType, PKCSObjectIdentifiers.des3CBCEncryption, content, contentEncryptionKey);
        SubjectPublicKeyInfo spki = recipientCert.getSubjectPublicKeyInfo();
        SPKIParser spkiParser = new SPKIParser();
        JKey recipientPubKey = spkiParser.getPublicKey(spki);
        BigInteger sn = recipientCert.getSerialNumber();
        X509Name issuer = recipientCert.getIssuer();
        IssuerAndSerialNumber recipientIssuerAndSN = new IssuerAndSerialNumber(issuer, sn);
        PKCS12Parser p12Parser = new PKCS12Parser();
        p12Parser.load(signaturePfx);
        p12Parser.decrypt(pfxPwd);
        JKey singnatureKey = p12Parser.getPrivateKey();
        X509Cert sCert[] = p12Parser.getCertificates();
        sn = sCert[0].getSerialNumber();
        issuer = sCert[0].getIssuer();
        IssuerAndSerialNumber signerIssuerAndSN = new IssuerAndSerialNumber(issuer, sn);
        AlgorithmIdentifier keyEncryptionAlg = null;
        if(recipientPubKey.getKeyType() == 1)
            keyEncryptionAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption);
        else
        if(recipientPubKey.getKeyType() == 1001)
            keyEncryptionAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.ecEncryption);
        RecipientInfo recipientInfo = generateRecipientInfo(recipientIssuerAndSN, keyEncryptionAlg, bContentEncryptionKey, recipientPubKey);
        DERObjectIdentifier signatureAlgOID = null;
        if(singnatureKey.getKeyType() == 2)
            signatureAlgOID = PKCSObjectIdentifiers.sha1WithRSAEncryption;
        else
        if(singnatureKey.getKeyType() == 1002)
            signatureAlgOID = PKCSObjectIdentifiers.sha1WithECEncryption;
        SignerInfo signerInfo = generateSignerInfo_extendC(encryptedContentInfo.getEncryptedContent().getOctets(), signerIssuerAndSN, signatureAlgOID, singnatureKey);
        AlgorithmIdentifier digestAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1);
        return generateSigAndEnvelop(recipientInfo, digestAlg, encryptedContentInfo, null, null, signerInfo);
    }

    public SignedAndEnvelopedData generateSigAndEnvelop_extendC(DERObjectIdentifier contentType, byte content[], X509Cert recipientCert, X509Cert signerCert, JKey singnatureKey)
        throws Exception
    {
        JMechanism mechanism = new JMechanism(305);
        JKey contentEncryptionKey = session.generateKey(mechanism, 0);
        byte bContentEncryptionKey[] = contentEncryptionKey.getKey();
        EncryptedContentInfo encryptedContentInfo = generateEncryptedContentInfo(contentType, PKCSObjectIdentifiers.des3CBCEncryption, content, contentEncryptionKey);
        SubjectPublicKeyInfo spki = recipientCert.getSubjectPublicKeyInfo();
        SPKIParser spkiParser = new SPKIParser();
        JKey recipientPubKey = spkiParser.getPublicKey(spki);
        BigInteger sn = recipientCert.getSerialNumber();
        X509Name issuer = recipientCert.getIssuer();
        IssuerAndSerialNumber recipientIssuerAndSN = new IssuerAndSerialNumber(issuer, sn);
        sn = signerCert.getSerialNumber();
        issuer = signerCert.getIssuer();
        IssuerAndSerialNumber signerIssuerAndSN = new IssuerAndSerialNumber(issuer, sn);
        AlgorithmIdentifier keyEncryptionAlg = null;
        if(recipientPubKey.getKeyType() == 1)
            keyEncryptionAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption);
        else
        if(recipientPubKey.getKeyType() == 1001)
            keyEncryptionAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.ecEncryption);
        RecipientInfo recipientInfo = generateRecipientInfo(recipientIssuerAndSN, keyEncryptionAlg, bContentEncryptionKey, recipientPubKey);
        DERObjectIdentifier signatureAlgOID = null;
        if(singnatureKey.getKeyType() == 2)
            signatureAlgOID = PKCSObjectIdentifiers.sha1WithRSAEncryption;
        else
        if(singnatureKey.getKeyType() == 1002)
            signatureAlgOID = PKCSObjectIdentifiers.sha1WithECEncryption;
        SignerInfo signerInfo = generateSignerInfo_extendC(encryptedContentInfo.getEncryptedContent().getOctets(), signerIssuerAndSN, signatureAlgOID, singnatureKey);
        AlgorithmIdentifier digestAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1);
        return generateSigAndEnvelop(recipientInfo, digestAlg, encryptedContentInfo, null, null, signerInfo);
    }

    public SignedAndEnvelopedData generateSigAndEnvelop(RecipientInfo recipientInfo, AlgorithmIdentifier digestAlg, EncryptedContentInfo encryptedContentInfo, ASN1Set certificates, ASN1Set crls, SignerInfo signerInfo)
        throws Exception
    {
        if(recipientInfo == null || digestAlg == null || encryptedContentInfo == null || signerInfo == null)
        {
            throw new Exception("elements of SignedAndEnvelopedData must not be null");
        } else
        {
            DERInteger version = new DERInteger(1);
            DERSet recipientInfos = new DERSet(recipientInfo.getDERObject());
            DERSet digestAlgs = new DERSet(digestAlg.getDERObject());
            DERSet signerInfos = new DERSet(signerInfo.getDERObject());
            SignedAndEnvelopedData sigAndEnvelop = new SignedAndEnvelopedData(version, recipientInfos, digestAlgs, encryptedContentInfo, certificates, crls, signerInfos);
            return sigAndEnvelop;
        }
    }

    public RecipientInfo generateRecipientInfo(IssuerAndSerialNumber issuerAndSN, AlgorithmIdentifier keyEncryptionAlg, byte contentEncryptKey[], JKey jRecipientPubKey)
        throws Exception
    {
        return envelopedDataParser.generateRecipientInfo(issuerAndSN, keyEncryptionAlg, contentEncryptKey, jRecipientPubKey);
    }

    public EncryptedContentInfo generateEncryptedContentInfo(DERObjectIdentifier contentType, DERObjectIdentifier contentEncryptionOID, byte contentInfo[], JKey jContentEncryptKey)
        throws Exception
    {
        EncryptedContentInfo encryptedContentInfo = envelopedDataParser.generateEncryptedContentInfo(contentType, contentEncryptionOID, contentInfo, jContentEncryptKey);
        AlgorithmIdentifier alg = encryptedContentInfo.getContentEncryptionAlgorithm();
        DEROctetString doct = (DEROctetString)alg.getParameters();
        byte CBCParamIV[] = doct.getOctets();
        cbcParam = new CBCParam(CBCParamIV);
        return encryptedContentInfo;
    }

    private byte[] generateHash(byte contentInfo[], DERObjectIdentifier singnatureAlg)
        throws Exception
    {
        byte hashContentInfo[] = null;
        JMechanism mechanism = null;
        if(singnatureAlg.equals(PKCSObjectIdentifiers.md2WithRSAEncryption))
        {
            digestAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.md2, null);
            digestEncryptionAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, null);
            mechanism = new JMechanism(512);
        } else
        if(singnatureAlg.equals(PKCSObjectIdentifiers.md5WithRSAEncryption))
        {
            digestAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.md5, null);
            digestEncryptionAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, null);
            mechanism = new JMechanism(528);
        } else
        if(singnatureAlg.equals(PKCSObjectIdentifiers.sha1WithRSAEncryption))
        {
            digestEncryptionAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, null);