List of usage examples for org.bouncycastle.asn1.cms Attribute Attribute
private Attribute(ASN1Sequence seq)
From source file:passwdmanager.hig.no.lds.DG_SOD.java
/** * Gets the contents of the security object over which the signature is to * be computed.//from ww w . ja v a 2 s. c o m * * See RFC 3369, Cryptographic Message Syntax, August 2002, Section 5.4 for * details. * * FIXME: Maybe throw an exception instead of issuing warnings on stderr if * signed attributes don't check out. * * @see #getDocSigningCertificate() * @see #getSignature() * * @return the contents of the security object over which the signature is * to be computed */ public byte[] getEContent() { SignerInfo signerInfo = getSignerInfo(signedData); ASN1Set signedAttributesSet = signerInfo.getAuthenticatedAttributes(); ContentInfo contentInfo = signedData.getEncapContentInfo(); byte[] contentBytes = ((DEROctetString) contentInfo.getContent()).getOctets(); if (signedAttributesSet.size() == 0) { /* Signed attributes absent, return content to be signed... */ return contentBytes; } else { /* * Signed attributes present (i.e. a structure containing a hash of * the content), return that structure to be signed... */ /* * This option is taken by ICAO passports and assumingly by ISO18013 * license? TODO: ? */ byte[] attributesBytes = signedAttributesSet.getDEREncoded(); String digAlg = signerInfo.getDigestAlgorithm().getObjectId().getId(); try { /* * We'd better check that the content actually digests to the * hash value contained! ;) */ Enumeration<?> attributes = signedAttributesSet.getObjects(); byte[] storedDigestedContent = null; while (attributes.hasMoreElements()) { Attribute attribute = new Attribute((DERSequence) attributes.nextElement()); DERObjectIdentifier attrType = attribute.getAttrType(); if (attrType.equals(RFC_3369_MESSAGE_DIGEST_OID)) { ASN1Set attrValuesSet = attribute.getAttrValues(); if (attrValuesSet.size() != 1) { System.err.println( "WARNING: expected only one attribute value in signedAttribute message digest in eContent!"); } storedDigestedContent = ((DEROctetString) attrValuesSet.getObjectAt(0)).getOctets(); } } if (storedDigestedContent == null) { System.err.println("WARNING: error extracting signedAttribute message digest in eContent!"); } MessageDigest dig = MessageDigest.getInstance(digAlg); byte[] computedDigestedContent = dig.digest(contentBytes); if (!Arrays.equals(storedDigestedContent, computedDigestedContent)) { System.err.println("WARNING: error checking signedAttribute message digest in eContent!"); } } catch (NoSuchAlgorithmException nsae) { System.err.println( "WARNING: error checking signedAttribute in eContent! No such algorithm " + digAlg); } return attributesBytes; } }