List of usage examples for org.bouncycastle.asn1.cms AttributeTable toASN1EncodableVector
public ASN1EncodableVector toASN1EncodableVector()
From source file:CreateSignature.java
License:Apache License
/** * We are extending CMS Signature//from w w w .j av a 2s .co m * * @param signer information about signer * @return information about SignerInformation */ private SignerInformation signTimeStamp(SignerInformation signer) throws IOException, TSPException { AttributeTable unsignedAttributes = signer.getUnsignedAttributes(); ASN1EncodableVector vector = new ASN1EncodableVector(); if (unsignedAttributes != null) { vector = unsignedAttributes.toASN1EncodableVector(); } byte[] token = getTsaClient().getTimeStampToken(signer.getSignature()); ASN1ObjectIdentifier oid = PKCSObjectIdentifiers.id_aa_signatureTimeStampToken; ASN1Encodable signatureTimeStamp = new Attribute(oid, new DERSet(ASN1Primitive.fromByteArray(token))); vector.add(signatureTimeStamp); Attributes signedAttributes = new Attributes(vector); SignerInformation newSigner = SignerInformation.replaceUnsignedAttributes(signer, new AttributeTable(signedAttributes)); // TODO can this actually happen? if (newSigner == null) { return signer; } return newSigner; }
From source file:com.itdhq.poc.ocrsign.CreateSignature.java
License:Apache License
/** * We are extending CMS Signature//from ww w . ja v a2s. c o m * * @param signer information about signer * @return information about SignerInformation */ private SignerInformation signTimeStamp(SignerInformation signer) throws IOException, TSPException { AttributeTable unsignedAttributes = signer.getUnsignedAttributes(); ASN1EncodableVector vector = new ASN1EncodableVector(); if (unsignedAttributes != null) { vector = unsignedAttributes.toASN1EncodableVector(); } byte[] token = getTsaClient().getTimeStampToken(signer.getSignature()); // FIXME /*ASN1ObjectIdentifier oid = PKCSObjectIdentifiers.id_aa_signatureTimeStampToken; ASN1Encodable signatureTimeStamp = new Attribute(oid, new DERSet(ASN1Primitive.fromByteArray(token))); vector.add(signatureTimeStamp); Attributes signedAttributes = new Attributes(vector); SignerInformation newSigner = SignerInformation.replaceUnsignedAttributes( signer, new AttributeTable(signedAttributes)); // TODO can this actually happen? if (newSigner == null) { return signer; } return newSigner;*/ return signer; }
From source file:com.modemo.javase.signature.ValidationTimeStamp.java
License:Apache License
/** * Extend CMS Signer Information with the TimeStampToken into the unsigned Attributes. * * @param signer information about signer * @return information about SignerInformation * @throws IOException//w ww .j a v a2s. c om */ private SignerInformation signTimeStamp(SignerInformation signer) throws IOException { AttributeTable unsignedAttributes = signer.getUnsignedAttributes(); ASN1EncodableVector vector = new ASN1EncodableVector(); if (unsignedAttributes != null) { vector = unsignedAttributes.toASN1EncodableVector(); } byte[] token = tsaClient.getTimeStampToken(signer.getSignature()); ASN1ObjectIdentifier oid = PKCSObjectIdentifiers.id_aa_signatureTimeStampToken; ASN1Encodable signatureTimeStamp = new Attribute(oid, new DERSet(ASN1Primitive.fromByteArray(token))); vector.add(signatureTimeStamp); Attributes signedAttributes = new Attributes(vector); // There is no other way changing the unsigned attributes of the signer information. // result is never null, new SignerInformation always returned, // see source code of replaceUnsignedAttributes return SignerInformation.replaceUnsignedAttributes(signer, new AttributeTable(signedAttributes)); }
From source file:es.gob.afirma.envelopers.cms.EvelopUtils.java
License:Open Source License
/** Genera un atributo de un SET en formato DER * @param attr//w w w . j a va 2s.c om * Atributo a formatear. * @return SET en formato DER del atributo. */ static ASN1Set getAttributeSet(final AttributeTable attr) { if (attr != null) { return new DERSet(attr.toASN1EncodableVector()); } Logger.getLogger("es.gob.afirma").warning("Los atributos eran nulos, se devolvera null"); //$NON-NLS-1$ //$NON-NLS-2$ return null; }
From source file:es.gob.afirma.signers.pkcs7.SigUtils.java
License:Open Source License
/** Genera un atributo de un SET en formato DER * @param attr//from ww w. j ava 2 s. c om * Atributo a formatear. * @return SET en formato DER del atributo. */ public static ASN1Set getAttributeSet(final AttributeTable attr) { if (attr != null) { return new DERSet(attr.toASN1EncodableVector()); } LOGGER.warning("Los atributos eran nulos, se devolvera null"); //$NON-NLS-1$ return null; }
From source file:eu.europa.ec.markt.dss.signature.cades.CadesLevelBaselineLTATimestampExtractor.java
License:Open Source License
/** * The field unsignedAttrsHashIndex is a sequence of octet strings. Each one contains the hash value of one * instance of Attribute within unsignedAttrs field of the SignerInfo. A hash value for every instance of * Attribute, as present at the time when the corresponding archive time-stamp is requested, shall be included in * unsignedAttrsHashIndex. No other hash values shall be included in this field. * * @param signerInformation/*from w ww . j a va 2 s . co m*/ * @return */ @SuppressWarnings("unchecked") private ASN1Sequence getUnsignedAttributesHashIndex(SignerInformation signerInformation) throws DSSException { final ASN1EncodableVector unsignedAttributesHashIndex = new ASN1EncodableVector(); AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes(); final ASN1EncodableVector asn1EncodableVector = unsignedAttributes.toASN1EncodableVector(); for (int i = 0; i < asn1EncodableVector.size(); i++) { final Attribute attribute = (Attribute) asn1EncodableVector.get(i); if (!excludedAttributesFromAtsHashIndex.contains(attribute.getAttrType())) { final DEROctetString derOctetStringDigest = getAttributeDerOctetStringHash(attribute); unsignedAttributesHashIndex.add(derOctetStringDigest); } } return new DERSequence(unsignedAttributesHashIndex); }
From source file:eu.europa.ec.markt.dss.signature.cades.CadesLevelBaselineLTATimestampExtractor.java
License:Open Source License
/** * The field unsignedAttrsHashIndex is a sequence of octet strings. Each one contains the hash value of one * instance of Attribute within unsignedAttrs field of the SignerInfo. A hash value for every instance of * Attribute, as present at the time when the corresponding archive time-stamp is requested, shall be included in * unsignedAttrsHashIndex. No other hash values shall be included in this field. * <p/>/* w w w . j a va 2 s. c o m*/ * We check that every hash attribute found in the timestamp token is found if the signerInformation. * <p/> * If there is more unsigned attributes in the signerInformation than present in the hash attributes list * (and there is at least the archiveTimestampAttributeV3), we don't report any error nor which attributes are signed by the timestamp. * If there is some attributes that are not present or altered in the signerInformation, we just return some empty sequence to make * sure that the timestamped data will not match. We do not report which attributes hash are present if any. * <p/> * If there is not attribute at all in the archive timestamp hash index, that would means we didn't check anything. * * @param signerInformation * @param timestampToken * @return */ @SuppressWarnings("unchecked") private ASN1Sequence getVerifiedUnsignedAttributesHashIndex(SignerInformation signerInformation, TimestampToken timestampToken) throws DSSException { final ASN1Sequence unsignedAttributesHashes = getUnsignedAttributesHashIndex(timestampToken); final ArrayList<DEROctetString> timestampUnsignedAttributesHashesList = Collections .list(unsignedAttributesHashes.getObjects()); AttributeTable unsignedAttributes = CAdESSignature.getUnsignedAttributes(signerInformation); final ASN1EncodableVector asn1EncodableVector = unsignedAttributes.toASN1EncodableVector(); for (int i = 0; i < asn1EncodableVector.size(); i++) { final Attribute attribute = (Attribute) asn1EncodableVector.get(i); final DEROctetString derOctetStringDigest = getAttributeDerOctetStringHash(attribute); final ASN1ObjectIdentifier attrType = attribute.getAttrType(); if (timestampUnsignedAttributesHashesList.remove(derOctetStringDigest)) { // attribute present in signature and in timestamp LOG.debug("Attribute {} present in timestamp", attrType.getId()); } else { LOG.debug("Attribute {} not present in timestamp", attrType.getId()); } } if (!timestampUnsignedAttributesHashesList.isEmpty()) { LOG.error("{} attribute hash in Timestamp have not been found in document attributes: {}", timestampUnsignedAttributesHashesList.size(), timestampUnsignedAttributesHashesList); // return a empty DERSequence to screw up the hash return new DERSequence(); } // return the original DERSequence return unsignedAttributesHashes; }
From source file:eu.europa.esig.dss.cades.signature.CadesLevelBaselineLTATimestampExtractor.java
License:Open Source License
/** * The field unsignedAttrsHashIndex is a sequence of octet strings. Each one contains the hash value of one * instance of Attribute within unsignedAttrs field of the SignerInfo. A hash value for every instance of * Attribute, as present at the time when the corresponding archive time-stamp is requested, shall be included in * unsignedAttrsHashIndex. No other hash values shall be included in this field. * * We check that every hash attribute found in the timestamp token is found if the signerInformation. * * If there is more unsigned attributes in the signerInformation than present in the hash attributes list * (and there is at least the archiveTimestampAttributeV3), we don't report any error nor which attributes are * signed by the timestamp./*w w w. j a v a2 s . c o m*/ * If there is some attributes that are not present or altered in the signerInformation, we just return some empty * sequence to make * sure that the timestamped data will not match. We do not report which attributes hash are present if any. * * If there is not attribute at all in the archive timestamp hash index, that would means we didn't check anything. * * @param signerInformation * @param timestampToken * @return */ @SuppressWarnings("unchecked") private ASN1Sequence getVerifiedUnsignedAttributesHashIndex(SignerInformation signerInformation, TimestampToken timestampToken) throws DSSException { final ASN1Sequence unsignedAttributesHashes = getUnsignedAttributesHashIndex(timestampToken); final List<DEROctetString> timestampUnsignedAttributesHashesList = new ArrayList<DEROctetString>(); if (unsignedAttributesHashes != null) { timestampUnsignedAttributesHashesList.addAll(Collections.list(unsignedAttributesHashes.getObjects())); } AttributeTable unsignedAttributes = CMSUtils.getUnsignedAttributes(signerInformation); final ASN1EncodableVector asn1EncodableVector = unsignedAttributes.toASN1EncodableVector(); for (int i = 0; i < asn1EncodableVector.size(); i++) { final Attribute attribute = (Attribute) asn1EncodableVector.get(i); final DEROctetString derOctetStringDigest = getAttributeDerOctetStringHash(attribute); final ASN1ObjectIdentifier attrType = attribute.getAttrType(); if (timestampUnsignedAttributesHashesList.remove(derOctetStringDigest)) { // attribute present in signature and in timestamp LOG.debug("Attribute {} present in timestamp", attrType.getId()); } else { LOG.debug("Attribute {} not present in timestamp", attrType.getId()); } } if (!timestampUnsignedAttributesHashesList.isEmpty()) { LOG.error("{} attribute hash in Timestamp have not been found in document attributes: {}", timestampUnsignedAttributesHashesList.size(), timestampUnsignedAttributesHashesList); // return a empty DERSequence to screw up the hash return new DERSequence(); } // return the original DERSequence return unsignedAttributesHashes; }
From source file:eu.europa.esig.dss.cades.signature.CAdESLevelBExternalSignatureTest.java
License:Open Source License
private ExternalSignatureResult simulateExternalSignature(ToBeSigned toBeSigned) { ExternalSignatureResult externalSignatureResult = new ExternalSignatureResult(); // Get hold of signature certificate. CertificateToken signingCertificate = getSigningCert(); externalSignatureResult.setSigningCertificate(signingCertificate); DigestAlgorithm digestAlgo = signatureParameters.getDigestAlgorithm(); // Add the signing-certificate/signing-certificate-v2 attribute to DER encoded SignedAttributes. try (ASN1InputStream asn1InputStream = new ASN1InputStream(toBeSigned.getBytes())) { DLSet dlSet = (DLSet) asn1InputStream.readObject(); AttributeTable signedAttribute = new AttributeTable(dlSet); ASN1EncodableVector signedAttributeEncodableVector = signedAttribute.toASN1EncodableVector(); CMSUtils.addSigningCertificateAttribute(signedAttributeEncodableVector, digestAlgo, signingCertificate); DERSet signedAttributesData = new DERSet(signedAttributeEncodableVector); // Update toBeSigned toBeSigned.setBytes(signedAttributesData.getEncoded()); externalSignatureResult.setSignedData(toBeSigned.getBytes()); } catch (Exception e) { LOG.error("Error while simulating external CAdES signature", e); }/*from w ww . j a va 2s . c o m*/ SignatureValue signatureValue = getToken().sign(toBeSigned, getSignatureParameters().getDigestAlgorithm(), getSignatureParameters().getMaskGenerationFunction(), getPrivateKeyEntry()); externalSignatureResult.setSignatureValue(signatureValue); return externalSignatureResult; }
From source file:eu.europa.esig.dss.pades.signature.PAdESLevelBExternalSignatureTest.java
License:Open Source License
private ExternalSignatureResult simulateExternalSignature(ToBeSigned toBeSigned) { ExternalSignatureResult externalSignatureResult = new ExternalSignatureResult(); // Get hold of signature certificate. CertificateToken signingCertificate = getSigningCert(); externalSignatureResult.setSigningCertificate(signingCertificate); DigestAlgorithm digestAlgo = signatureParameters.getDigestAlgorithm(); // Add the signing-certificate/signing-certificate-v2 attribute to DER encoded SignedAttributes. try (ASN1InputStream asn1InputStream = new ASN1InputStream(toBeSigned.getBytes())) { DLSet dlSet = (DLSet) asn1InputStream.readObject(); AttributeTable signedAttribute = new AttributeTable(dlSet); ASN1EncodableVector signedAttributeEncodableVector = signedAttribute.toASN1EncodableVector(); CMSUtils.addSigningCertificateAttribute(signedAttributeEncodableVector, digestAlgo, signingCertificate); DERSet signedAttributesData = new DERSet(signedAttributeEncodableVector); // Update toBeSigned toBeSigned.setBytes(signedAttributesData.getEncoded()); externalSignatureResult.setSignedData(toBeSigned.getBytes()); } catch (Exception e) { LOG.error("Error while simulating external PAdES signature", e); }// w w w .j a v a 2 s . c om SignatureValue signatureValue = getToken().sign(toBeSigned, digestAlgo, getSignatureParameters().getMaskGenerationFunction(), getPrivateKeyEntry()); externalSignatureResult.setSignatureValue(signatureValue); return externalSignatureResult; }