Please help me. Making PKCS#7 file with pfx-file
843810Feb 26 2004 — edited Oct 9 2006
Hello.
I need to make a file in PKCS#7 with a pfx-file, zip-file.
From the pfx-file I take a private key,
and with the private key and a file to sign, I would like make a file in PKCS#7.
With a man(or woman) named Subhani's code,
I got a file.
but input data file was 100Kbytes, but a file created by the code was just 2 KBytes!
What happen???
Is there anybody help me????
[[[[[[[[[[[ source code ]]]]]]]]]]]]]]]]
char[] storepswd = {'k', 'i', 'p', 'o'};
String alias;
KeyStore keyStore = KeyStore.getInstance("PKCS12");
// aa.pfx - Trial Digitlal Id got from Verisign site.
keyStore.load(new FileInputStream("aa.pfx"), storepswd);
Provider provider = keyStore.getProvider();
for(Enumeration e = keyStore.aliases() ; e.hasMoreElements() ;) {
alias = e.nextElement().toString();
}
// Retrieving private key
PrivateKey privKey = (PrivateKey)keyStore.getKey(alias, storepswd);
java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate)keyStore.getCertificate(alias);
java.security.cert.Certificate[] certChain = keyStore.getCertificateChain(alias);
// Length of certChain is ?
System.out.println("certificte chain "+certChain.length);
// Retrieving public key
PublicKey pubKey = cert.getPublicKey();
// Have to support RSA - MD5 only
Signature rsa = Signature.getInstance("MD5withRSA");
rsa.initSign(privKey);
/* Update and sign the data */
// dumpPart1.dat and dumpPart2.dat are bytes of PDF document.
// Two dat files are compulsory in order to embed signature(PKCS#7 Format) in PDF doc
FileInputStream fis = new FileInputStream("testwapdata.wap");
BufferedInputStream bufin = new BufferedInputStream(fis);
byte[] buffer = new byte[1024];
int len;
while (bufin.available() != 0) {
len = bufin.read(buffer);
rsa.update(buffer, 0, len);
};
/*<-comment for test
FileInputStream fis1 = new FileInputStream("dumpPart2.dat");
BufferedInputStream bufin1 = new BufferedInputStream(fis1);
byte[] buffer1 = new byte[1024];
int len1;
while (bufin1.available() != 0) {
len1 = bufin1.read(buffer1);
rsa.update(buffer1, 0, len1);
};
bufin1.close();
->*/
/* Now that all the data to be signed has been read in,
generate a signature for it */
// The array contains signature bytes.
byte[] rsaSign = rsa.sign();
// using BouncyCastl clasess for PKCS#7 Format
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(privKey, cert, CMSSignedDataGenerator.DIGEST_MD5);
ArrayList certList = new ArrayList();
for ( int i = 0; i < certChain.length;i++){
certList.add(certChain);
}
CertStore certs = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), "BC");
gen.addCertificatesAndCRLs( certs );
//gen.addCertificatesAndCRLs(certChain);
CMSProcessableByteArray process = new CMSProcessableByteArray(rsaSign);
CMSSignedData data = gen.generate(process, "BC");
FileOutputStream contentStream = new FileOutputStream("test.zip");
contentStream.write(data.getEncoded());
bufin.close();
contentStream.close();
} catch(Exception e) {
e.printStackTrace();
}