List of usage examples for org.bouncycastle.asn1.cms Attribute getAttributeValues
public ASN1Encodable[] getAttributeValues()
From source file:net.jsign.SignatureAssert.java
License:Apache License
public static void assertTimestamped(String message, CMSSignedData signedData) { SignerInformation signerInformation = signedData.getSignerInfos().getSigners().iterator().next(); AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes(); Assert.assertNotNull(message + " (missing unauthenticated attributse)", unsignedAttributes); Attribute authenticodeTimestampAttribute = unsignedAttributes.get(CMSAttributes.counterSignature); Attribute rfc3161TimestampAttribute = unsignedAttributes .get(AuthenticodeObjectIdentifiers.SPC_RFC3161_OBJID); Assert.assertTrue(message + " (no counter signature attribute found)", authenticodeTimestampAttribute != null || rfc3161TimestampAttribute != null); if (authenticodeTimestampAttribute != null) { Assert.assertNotNull(message + " (counter signature attribute value is null)", authenticodeTimestampAttribute.getAttributeValues()); Assert.assertTrue(message + " (counter signature attribute value is empty)", authenticodeTimestampAttribute.getAttributeValues().length > 0); } else {//from ww w .j av a 2s . c om Assert.assertNotNull(message + " (counter signature attribute value is null)", rfc3161TimestampAttribute.getAttributeValues()); Assert.assertTrue(message + " (counter signature attribute value is empty)", rfc3161TimestampAttribute.getAttributeValues().length > 0); } }
From source file:se.tillvaxtverket.ttsigvalws.ttwssigvalidation.pdf.PdfSignatureVerifier.java
License:Open Source License
private static Date getClaimedSigningTime(SignerInformation signer) { try {// w ww. ja v a 2 s. c om AttributeTable signedAttributes = signer.getSignedAttributes(); Attribute sigTimeAttr = signedAttributes.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.5")); ASN1Encodable[] attributeValues = sigTimeAttr.getAttributeValues(); ASN1UTCTime utcTime = (ASN1UTCTime) attributeValues[0]; return utcTime.getDate(); } catch (Exception e) { return null; } }
From source file:se.tillvaxtverket.ttsigvalws.ttwssigvalidation.pdf.PdfSignatureVerifier.java
License:Open Source License
private static void verifyPadesProperties(SignerInformation signer, CMSSigVerifyResult sigResult) { try {//from w ww.j a v a2 s . c o m AttributeTable signedAttributes = signer.getSignedAttributes(); Attribute essSigningCertV2Attr = signedAttributes .get(new ASN1ObjectIdentifier(PdfObjectIds.ID_AA_SIGNING_CERTIFICATE_V2)); Attribute signingCertAttr = signedAttributes .get(new ASN1ObjectIdentifier(PdfObjectIds.ID_AA_SIGNING_CERTIFICATE_V1)); if (essSigningCertV2Attr == null && signingCertAttr == null) { sigResult.setPades(false); sigResult.setPadesVerified(false); return; } //Start assuming that PAdES validation is non-successful sigResult.setPades(true); sigResult.setPadesVerified(false); sigResult.setValid(false); DEROctetString certHashOctStr = null; DigestAlgorithm hashAlgo = null; if (essSigningCertV2Attr != null) { ASN1Encodable[] attributeValues = essSigningCertV2Attr.getAttributeValues(); ASN1Sequence signingCertificateV2Seq = (ASN1Sequence) attributeValues[0]; //Holds sequence of certs and policy ASN1Sequence essCertV2Seq = (ASN1Sequence) signingCertificateV2Seq.getObjectAt(0); // holds sequence of cert ASN1Sequence certSeq = (ASN1Sequence) essCertV2Seq.getObjectAt(0); //Holds seq of algoId, cert hash and sigId ASN1Sequence algoSeq = (ASN1Sequence) certSeq.getObjectAt(0); //Holds sequence of OID and algo params ASN1ObjectIdentifier algoOid = (ASN1ObjectIdentifier) algoSeq.getObjectAt(0); hashAlgo = getDigestAlgo(algoOid); certHashOctStr = (DEROctetString) certSeq.getObjectAt(1); } else { if (signingCertAttr != null) { ASN1Encodable[] attributeValues = signingCertAttr.getAttributeValues(); ASN1Sequence signingCertificateV2Seq = (ASN1Sequence) attributeValues[0]; //Holds sequence of certs and policy ASN1Sequence essCertV2Seq = (ASN1Sequence) signingCertificateV2Seq.getObjectAt(0); // holds sequence of cert ASN1Sequence certSeq = (ASN1Sequence) essCertV2Seq.getObjectAt(0); //holds sequence of cert hash and sigID certHashOctStr = (DEROctetString) certSeq.getObjectAt(0); hashAlgo = DigestAlgorithm.SHA1; } } if (hashAlgo == null || certHashOctStr == null) { sigResult.setStatus("Unsupported hash algo for ESS-SigningCertAttributeV2"); return; } MessageDigest md = MessageDigest.getInstance(hashAlgo.getName()); md.update(sigResult.getCert().getEncoded()); byte[] certHash = md.digest(); // //Debug // String certHashStr = String.valueOf(Base64Coder.encode(certHash)); // String expectedCertHashStr = String.valueOf(Base64Coder.encode(certHashOctStr.getOctets())); if (!Arrays.equals(certHash, certHashOctStr.getOctets())) { sigResult.setStatus("Cert Hash mismatch"); return; } //PadES validation was successful sigResult.setPadesVerified(true); sigResult.setValid(true); } catch (Exception e) { sigResult.setStatus("Exception while examining Pades signed cert attr: " + e.getMessage()); } }