📄 signeddataparser.java
字号:
// Decompiled by Jad v1.5.7g. Copyright 2000 Pavel Kouznetsov.
// Jad home page: http://www.geocities.com/SiliconValley/Bridge/8617/jad.html
// Decompiler options: packimports(3) fieldsfirst ansi
// Source File Name: SignedDataParser.java
package jit.asn1parser.pkcs.pkcs7;
import jit.asn1.*;
import jit.asn1.pkcs.PKCSObjectIdentifiers;
import jit.asn1.pkcs.pkcs12.Pfx;
import jit.asn1.pkcs.pkcs7.*;
import jit.asn1.x509.*;
import jit.asn1parser.Parser;
import jit.asn1parser.pkcs.PKCS12Parser;
import jit.asn1parser.x509.SPKIParser;
import jit.asn1parser.x509.X509Cert;
import jit.cryptolib.toolkit.Crypto;
import jit.jcrypto.*;
import jit.jcrypto.soft.JMechanism;
import jit.math.BigInteger;
public class SignedDataParser
{
private Session session;
public SignedDataParser(Session _session)
{
session = null;
session = _session;
}
public SignerInfo generateSignerInfo(byte data[], IssuerAndSerialNumber sn, JKey jPriKey, DERObjectIdentifier sigId)
throws Exception
{
if(sn == null)
throw new Exception("SignedDataParser(generateSignerInfo): SignedDataParser(generateSignerInfo): IssuerAndSerialNumber must not be null.");
Mechanism digestM = null;
Mechanism cryptoM = null;
AlgorithmIdentifier digestAlg = null;
AlgorithmIdentifier digestEncryptionAlg = null;
byte hashcode[] = null;
byte signature[] = null;
if(jPriKey.getKeyType() == 2)
{
cryptoM = new JMechanism(1);
digestEncryptionAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption);
if(sigId.equals(PKCSObjectIdentifiers.md2WithRSAEncryption))
{
digestM = new JMechanism(512);
digestAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.md2);
} else
if(sigId.equals(PKCSObjectIdentifiers.md5WithRSAEncryption))
{
digestM = new JMechanism(528);
digestAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.md5);
} else
if(sigId.equals(PKCSObjectIdentifiers.sha1WithRSAEncryption))
{
digestM = new JMechanism(544);
digestAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1);
} else
{
throw new Exception(String.valueOf(String.valueOf((new StringBuffer("SignedDataParser(generateSignerInfo): not support signature algorithm:")).append(sigId.getId()).append(" in RSA mod."))));
}
DigestInfo di = generateDigestInfo(digestM, data);
hashcode = Parser.writeDERObj2Bytes(di.getDERObject());
signature = session.encrypt(cryptoM, jPriKey, hashcode);
} else
if(jPriKey.getKeyType() == 1002)
{
cryptoM = new JMechanism(1027);
digestEncryptionAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.ecEncryption);
if(!sigId.equals(PKCSObjectIdentifiers.sha1WithECEncryption))
throw new Exception(String.valueOf(String.valueOf((new StringBuffer("SignedDataParser(generateSignerInfo): not support signature algorithm:")).append(sigId.getId()).append(" in ECC mod."))));
digestM = new JMechanism(544);
digestAlg = new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1);
signature = session.sign(cryptoM, jPriKey, data);
signature = Crypto.encodeECDSASignature(signature);
} else
{
throw new Exception("SignedDataParser(generateSignerInfo): the priKey type neither RSA nor ECC.");
}
DEROctetString derO = new DEROctetString(signature);
DERInteger version = new DERInteger(1);
return new SignerInfo(version, sn, digestAlg, null, digestEncryptionAlg, derO, null);
}
public boolean verifySignerInfo(byte data[], SignerInfo signerInfo, X509Cert pubCert)
throws Exception
{
SubjectPublicKeyInfo spki = pubCert.getSubjectPublicKeyInfo();
SPKIParser spkiParser = new SPKIParser();
JKey pubKey = spkiParser.getPublicKey(spki);
BigInteger sn = pubCert.getSerialNumber();
X509Name issuer = pubCert.getIssuer();
IssuerAndSerialNumber acturalIssuerAndSN = new IssuerAndSerialNumber(issuer, sn);
IssuerAndSerialNumber issuerAndSN = signerInfo.getIssuerAndSerialNumber();
if(!acturalIssuerAndSN.equals(issuerAndSN))
throw new Exception("SignedDataParser(verifySignerInfo): the IssuerAndSerialNubmer of signer Cert is not suitable.");
Mechanism cryptoM = null;
Mechanism digestM = null;
DERObjectIdentifier digestId = signerInfo.getDigestAlgorithm().getObjectId();
if(digestId.equals(PKCSObjectIdentifiers.md2))
digestM = new JMechanism(512);
else
if(digestId.equals(PKCSObjectIdentifiers.md5))
digestM = new JMechanism(528);
else
if(digestId.equals(PKCSObjectIdentifiers.sha1))
digestM = new JMechanism(544);
else
throw new Exception("SignedDataParser(verifySignerInfo):not support DigestMessage algorithm:".concat(String.valueOf(String.valueOf(digestId.getId()))));
DERObjectIdentifier encryptionId = signerInfo.getDigestEncryptionAlgorithm().getObjectId();
if(encryptionId.equals(PKCSObjectIdentifiers.rsaEncryption))
cryptoM = new JMechanism(1);
else
if(encryptionId.equals(PKCSObjectIdentifiers.ecEncryption))
cryptoM = new JMechanism(1027);
else
throw new Exception("SignedDataParser(verifySignerInfo):not support encryption algorithm:".concat(String.valueOf(String.valueOf(encryptionId.getId()))));
byte signature[] = signerInfo.getEncryptedDigest().getOctets();
if(pubKey.getKeyType() == 1)
if(cryptoM.getMechanismType() != 1)
{
throw new Exception("SignedDataParser(verifySignerInfo):the Key type is not consistent with the encryption algorithm.");
} else
{
byte decryptedSig[] = session.decrypt(cryptoM, pubKey, signature);
DigestInfo dif = generateDigestInfo(digestM, data);
byte b_dif[] = Parser.writeDERObj2Bytes(dif.getDERObject());
return Crypto.isEqualArray(decryptedSig, b_dif);
}
if(pubKey.getKeyType() == 1001)
{
if(cryptoM.getMechanismType() != 1027)
{
throw new Exception("SignedDataParser(verifySignerInfo):the Key type is not consistent with the encryption algorithm.");
} else
{
signature = Crypto.decodeECCSignature(signature);
return session.verifySign(cryptoM, pubKey, data, signature);
}
} else
{
throw new Exception("SignedDataParser(verifySignerInfo):the priKey type neither RSA nor ECC.");
}
}
public SignedData generateSignedData(boolean withContent, byte sourceData[], DERObjectIdentifier digestAlg, Pfx signerPfx, char pfxPwd[], ASN1Set x509certs, ASN1Set crls)
throws Exception
{
return generateSignedData(withContent, PKCSObjectIdentifiers.data, sourceData, digestAlg, signerPfx, pfxPwd, x509certs, crls);
}
public SignedData generateSignedData(boolean withContent, byte sourceData[], DERObjectIdentifier digestAlg, Pfx signerPfx, char pfxPwd[])
throws Exception
{
return generateSignedData(withContent, PKCSObjectIdentifiers.data, sourceData, digestAlg, signerPfx, pfxPwd, null, null);
}
public SignedData generateSignedData(boolean withContent, DERObjectIdentifier contentType, byte sourceData[], DERObjectIdentifier digestAlg, Pfx signerPfx, char pfxPwd[], ASN1Set x509certs,
ASN1Set crls)
throws Exception
{
PKCS12Parser p12Parser = new PKCS12Parser();
p12Parser.load(signerPfx);
p12Parser.decrypt(pfxPwd);
JKey jPriKey = p12Parser.getPrivateKey();
X509Cert certStru[] = p12Parser.getCertificates();
X509Cert cert = certStru[0];
BigInteger sn = cert.getSerialNumber();
X509Name issuer = cert.getIssuer();
IssuerAndSerialNumber issuerAndSN = new IssuerAndSerialNumber(issuer, sn);
int keyType;
if(jPriKey.getKeyType() == 2)
keyType = 0;
else
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -