Blob Blame History Raw
diff -up ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/EnvelopedInputImpl.java.ade1 ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/EnvelopedInputImpl.java
--- ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/EnvelopedInputImpl.java.ade1	2014-06-26 16:24:28.166315424 +0800
+++ ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/EnvelopedInputImpl.java	2014-06-26 17:32:29.632936971 +0800
@@ -3,6 +3,7 @@ package org.jboss.resteasy.security.smim
 import org.bouncycastle.cms.RecipientInformation;
 import org.bouncycastle.cms.RecipientInformationStore;
 import org.bouncycastle.cms.jcajce.JceKeyTransRecipientId;
+import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
 import org.bouncycastle.mail.smime.SMIMEEnveloped;
 import org.bouncycastle.mail.smime.SMIMEUtil;
 import org.jboss.resteasy.core.Headers;
@@ -159,7 +160,8 @@ public class EnvelopedInputImpl implemen
          RecipientInformationStore recipients = m.getRecipientInfos();
          RecipientInformation recipient = recipients.get(recId);
 
-         decrypted = SMIMEUtil.toMimeBodyPart(recipient.getContent(pKey, "BC"));
+         decrypted = SMIMEUtil.toMimeBodyPart(recipient.getContent(
+             new JceKeyTransEnvelopedRecipient(pKey).setProvider("BC")));
       }
       catch (Exception e1)
       {
diff -up ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/MultipartSignedInputImpl.java.ade1 ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/MultipartSignedInputImpl.java
--- ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/MultipartSignedInputImpl.java.ade1	2014-06-26 17:07:37.679401083 +0800
+++ ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/MultipartSignedInputImpl.java	2014-06-26 17:11:10.734149755 +0800
@@ -2,6 +2,7 @@ package org.jboss.resteasy.security.smim
 
 import org.bouncycastle.cms.SignerInformation;
 import org.bouncycastle.cms.SignerInformationStore;
+import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
 import org.bouncycastle.mail.smime.SMIMESigned;
 import org.jboss.resteasy.util.GenericType;
 
@@ -157,7 +158,8 @@ public class MultipartSignedInputImpl im
 
       SignerInformationStore signers = signed.getSignerInfos();
       SignerInformation signer = (SignerInformation) signers.getSigners().iterator().next();
-      return signer.verify(publicKey, "BC");
+      return signer.verify(new JcaSimpleSignerInfoVerifierBuilder()
+             .setProvider("BC").build(publicKey));
 
    }
 
diff -up ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureInput.java.ade1 ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureInput.java
--- ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureInput.java.ade1	2014-06-26 16:36:24.564853001 +0800
+++ ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureInput.java	2014-06-26 18:52:43.301108577 +0800
@@ -3,6 +3,7 @@ package org.jboss.resteasy.security.smim
 import org.bouncycastle.cms.CMSException;
 import org.bouncycastle.cms.CMSSignedData;
 import org.bouncycastle.cms.SignerInformation;
+import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
 import org.jboss.resteasy.specimpl.MultivaluedMapImpl;
 import org.jboss.resteasy.util.Base64;
 import org.jboss.resteasy.util.GenericType;
@@ -206,7 +207,8 @@ public class PKCS7SignatureInput<T>
       for (Object info : data.getSignerInfos().getSigners())
       {
          SignerInformation signer = (SignerInformation)info;
-         if (signer.verify(certificate, "BC"))
+         if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder()
+             .setProvider("BC").build(certificate)))
          {
             return true;
          }
@@ -218,7 +220,8 @@ public class PKCS7SignatureInput<T>
       for (Object info : data.getSignerInfos().getSigners())
       {
          SignerInformation signer = (SignerInformation)info;
-         if (signer.verify(publicKey, "BC"))
+         if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder()
+             .setProvider("BC").build(publicKey)))
          {
             return true;
          }
diff -up ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureWriter.java.ade1 ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureWriter.java
--- ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureWriter.java.ade1	2014-06-24 23:38:42.464516920 +0800
+++ ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureWriter.java	2014-06-26 18:05:06.601349666 +0800
@@ -4,7 +4,13 @@ import org.bouncycastle.cms.CMSException
 import org.bouncycastle.cms.CMSProcessable;
 import org.bouncycastle.cms.CMSProcessableByteArray;
 import org.bouncycastle.cms.CMSSignedData;
+import org.bouncycastle.cms.CMSTypedData;
 import org.bouncycastle.cms.CMSSignedDataGenerator;
+import org.bouncycastle.operator.ContentSigner;
+import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
+import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
+import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
+import org.bouncycastle.operator.OperatorCreationException;
 import org.jboss.resteasy.security.BouncyIntegration;
 import org.jboss.resteasy.specimpl.MultivaluedMapImpl;
 import org.jboss.resteasy.spi.WriterException;
@@ -25,6 +31,7 @@ import java.lang.reflect.Type;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 import java.security.cert.X509Certificate;
+import java.security.cert.CertificateEncodingException;
 
 /**
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@@ -70,7 +77,7 @@ public class PKCS7SignatureWriter implem
       }
    }
 
-   public static byte[] sign(Providers providers, SignedOutput out) throws IOException, NoSuchAlgorithmException, NoSuchProviderException, CMSException
+   public static byte[] sign(Providers providers, SignedOutput out) throws IOException, NoSuchAlgorithmException, NoSuchProviderException, CMSException, OperatorCreationException, CertificateEncodingException
    {
       ByteArrayOutputStream bodyOs = new ByteArrayOutputStream();
       MessageBodyWriter writer = providers.getMessageBodyWriter(out.getType(), out.getGenericType(), null, out.getMediaType());
@@ -82,11 +89,18 @@ public class PKCS7SignatureWriter implem
       bodyHeaders.add("Content-Type",  out.getMediaType().toString());
       writer.writeTo(out.getEntity(), out.getType(), out.getGenericType(), null, out.getMediaType(), bodyHeaders, bodyOs);
       CMSSignedDataGenerator signGen = new CMSSignedDataGenerator();
-      signGen.addSigner(out.getPrivateKey(), (X509Certificate)out.getCertificate(), CMSSignedDataGenerator.DIGEST_SHA1);
+
+      ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(out.getPrivateKey());
+      signGen.addSignerInfoGenerator(
+               new JcaSignerInfoGeneratorBuilder(
+                    new JcaDigestCalculatorProviderBuilder().setProvider("BC").build())
+                    .build(sha1Signer, (X509Certificate)out.getCertificate()));
+
+      //signGen.addSigner(out.getPrivateKey(), (X509Certificate)out.getCertificate(), CMSSignedDataGenerator.DIGEST_SHA1);
       //signGen.addCertificatesAndCRLs(certs);
-      CMSProcessable content = new CMSProcessableByteArray(bodyOs.toByteArray());
+      CMSTypedData content = new CMSProcessableByteArray(bodyOs.toByteArray());
 
-      CMSSignedData signedData = signGen.generate(content, true, "BC");
+      CMSSignedData signedData = signGen.generate(content, true);
       return signedData.getEncoded();
    }
 }