Example usage for org.bouncycastle.asn1.cms Attribute Attribute

List of usage examples for org.bouncycastle.asn1.cms Attribute Attribute

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.cms.*
  5. Attribute
  6. Attribute

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.cms Attribute Attribute.

Prototype

private Attribute(ASN1Sequence seq)

Source Link

Usage

From source file:passwdmanager.hig.no.lds.DG_SOD.java

/**
 * Gets the contents of the security object over which the signature is to
 * be computed.//from   ww w  . ja v a 2 s.  c  o m
 * 
 * See RFC 3369, Cryptographic Message Syntax, August 2002, Section 5.4 for
 * details.
 * 
 * FIXME: Maybe throw an exception instead of issuing warnings on stderr if
 * signed attributes don't check out.
 * 
 * @see #getDocSigningCertificate()
 * @see #getSignature()
 * 
 * @return the contents of the security object over which the signature is
 *         to be computed
 */
public byte[] getEContent() {
    SignerInfo signerInfo = getSignerInfo(signedData);
    ASN1Set signedAttributesSet = signerInfo.getAuthenticatedAttributes();

    ContentInfo contentInfo = signedData.getEncapContentInfo();
    byte[] contentBytes = ((DEROctetString) contentInfo.getContent()).getOctets();

    if (signedAttributesSet.size() == 0) {
        /* Signed attributes absent, return content to be signed... */
        return contentBytes;
    } else {
        /*
         * Signed attributes present (i.e. a structure containing a hash of
         * the content), return that structure to be signed...
         */
        /*
         * This option is taken by ICAO passports and assumingly by ISO18013
         * license? TODO: ?
         */
        byte[] attributesBytes = signedAttributesSet.getDEREncoded();
        String digAlg = signerInfo.getDigestAlgorithm().getObjectId().getId();
        try {
            /*
             * We'd better check that the content actually digests to the
             * hash value contained! ;)
             */
            Enumeration<?> attributes = signedAttributesSet.getObjects();
            byte[] storedDigestedContent = null;
            while (attributes.hasMoreElements()) {
                Attribute attribute = new Attribute((DERSequence) attributes.nextElement());
                DERObjectIdentifier attrType = attribute.getAttrType();
                if (attrType.equals(RFC_3369_MESSAGE_DIGEST_OID)) {
                    ASN1Set attrValuesSet = attribute.getAttrValues();
                    if (attrValuesSet.size() != 1) {
                        System.err.println(
                                "WARNING: expected only one attribute value in signedAttribute message digest in eContent!");
                    }
                    storedDigestedContent = ((DEROctetString) attrValuesSet.getObjectAt(0)).getOctets();
                }
            }
            if (storedDigestedContent == null) {
                System.err.println("WARNING: error extracting signedAttribute message digest in eContent!");
            }
            MessageDigest dig = MessageDigest.getInstance(digAlg);
            byte[] computedDigestedContent = dig.digest(contentBytes);
            if (!Arrays.equals(storedDigestedContent, computedDigestedContent)) {
                System.err.println("WARNING: error checking signedAttribute message digest in eContent!");
            }
        } catch (NoSuchAlgorithmException nsae) {
            System.err.println(
                    "WARNING: error checking signedAttribute in eContent! No such algorithm " + digAlg);
        }
        return attributesBytes;
    }
}