List of usage examples for org.bouncycastle.asn1 DEROctetString DEROctetString
public DEROctetString(ASN1Encodable obj) throws IOException
From source file:eu.europa.ec.markt.dss.signature.cades.CadesLevelBaselineLTATimestampExtractor.java
License:Open Source License
private void digestAndAddToList(ASN1EncodableVector crlsHashIndex, byte[] encoded) { final byte[] digest = DSSUtils.digest(hashIndexDigestAlgorithm, encoded); if (LOG.isDebugEnabled()) { LOG.debug("Adding to crlsHashIndex with hash {}", DSSUtils.encodeHexString(digest)); }// ww w .j a v a2 s. c o m final DEROctetString derOctetStringDigest = new DEROctetString(digest); crlsHashIndex.add(derOctetStringDigest); }
From source file:eu.europa.ec.markt.dss.signature.cades.CadesLevelBaselineLTATimestampExtractor.java
License:Open Source License
private void handleRevocationEncoded(ArrayList<DEROctetString> crlHashesList, byte[] ocspHolderEncoded) { final byte[] digest = DSSUtils.digest(hashIndexDigestAlgorithm, ocspHolderEncoded); final DEROctetString derOctetStringDigest = new DEROctetString(digest); if (crlHashesList.remove(derOctetStringDigest)) { // attribute present in signature and in timestamp if (LOG.isDebugEnabled()) { LOG.debug("CRL/OCSP present in timestamp {}", DSSUtils.toHex(derOctetStringDigest.getOctets())); }/*from w ww . j a va 2 s . co m*/ } else { if (LOG.isDebugEnabled()) { LOG.debug("CRL/OCSP not present in timestamp {}", DSSUtils.toHex(derOctetStringDigest.getOctets())); } } }
From source file:eu.europa.ec.markt.dss.signature.cades.CadesLevelBaselineLTATimestampExtractor.java
License:Open Source License
private boolean handleCrlEncoded(ArrayList<DEROctetString> crlHashesList, byte[] crlHolderEncoded) { final byte[] digest = DSSUtils.digest(hashIndexDigestAlgorithm, crlHolderEncoded); final DEROctetString derOctetStringDigest = new DEROctetString(digest); return crlHashesList.remove(derOctetStringDigest); }
From source file:eu.europa.ec.markt.dss.signature.cades.CadesLevelBaselineLTATimestampExtractor.java
License:Open Source License
private DEROctetString getAttributeDerOctetStringHash(Attribute attribute) throws DSSException { final byte[] attributeEncoded = DSSASN1Utils.getDEREncoded(attribute); final byte[] digest = DSSUtils.digest(hashIndexDigestAlgorithm, attributeEncoded); return new DEROctetString(digest); }
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESProfileBES.java
License:Open Source License
private Attribute makeSignerAttrAttribute(SignatureParameters parameters) { DEROctetString[] roles = new DEROctetString[1]; roles[0] = new DEROctetString(parameters.getClaimedSignerRole().getBytes()); return new Attribute(PKCSObjectIdentifiers.id_aa_ets_signerAttr, new DERSet(new SignerAttribute(new DERSequence(roles)))); }
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESProfileC.java
License:Open Source License
/** * Create a reference to a X509Certificate * //w w w. j a va 2s.c o m * @param cert * @return * @throws NoSuchAlgorithmException * @throws CertificateEncodingException */ private OtherCertID makeOtherCertID(X509Certificate cert) throws NoSuchAlgorithmException, CertificateEncodingException { MessageDigest sha1digest = MessageDigest.getInstance(X509ObjectIdentifiers.id_SHA1.getId(), new BouncyCastleProvider()); byte[] d = sha1digest.digest(cert.getEncoded()); LOG.info(new DEROctetString(d).getDERObject().toString()); OtherHash hash = new OtherHash(sha1digest.digest(cert.getEncoded())); OtherCertID othercertid = new OtherCertID(new DERSequence(hash.getDERObject())); return othercertid; }
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESProfileEPES.java
License:Open Source License
@Override public Hashtable<ASN1ObjectIdentifier, ASN1Encodable> getSignedAttributes(SignatureParameters parameters) { try {/*from w w w. ja va 2 s . c o m*/ Hashtable<ASN1ObjectIdentifier, ASN1Encodable> signedAttrs = super.getSignedAttributes(parameters); Attribute policy = null; SignaturePolicyIdentifier sigPolicy = null; switch (parameters.getSignaturePolicy()) { case EXPLICIT: sigPolicy = new SignaturePolicyIdentifier( new SignaturePolicyId(new DERObjectIdentifier(parameters.getSignaturePolicyId()), new OtherHashAlgAndValue( new AlgorithmIdentifier(DigestAlgorithm .getByName(parameters.getSignaturePolicyHashAlgo()).getOid()), new DEROctetString(parameters.getSignaturePolicyHashValue())))); policy = new Attribute(PKCSObjectIdentifiers.id_aa_ets_sigPolicyId, new DERSet(sigPolicy)); signedAttrs.put(PKCSObjectIdentifiers.id_aa_ets_sigPolicyId, policy); break; case IMPLICIT: sigPolicy = new SignaturePolicyIdentifier(); sigPolicy.isSignaturePolicyImplied(); policy = new Attribute(PKCSObjectIdentifiers.id_aa_ets_sigPolicyId, new DERSet(sigPolicy)); signedAttrs.put(PKCSObjectIdentifiers.id_aa_ets_sigPolicyId, policy); break; case NO_POLICY: break; } return signedAttrs; } catch (NoSuchAlgorithmException ex) { throw new ProfileException(ex.getMessage()); } }
From source file:eu.europa.ec.markt.dss.signature.pades.PAdESLevelBaselineB.java
License:Open Source License
AttributeTable getSignedAttributes(Map params, CAdESLevelBaselineB cadesProfile, SignatureParameters parameters,
byte[] messageDigest) {
AttributeTable signedAttributes = cadesProfile.getSignedAttributes(parameters);
if (signedAttributes.get(CMSAttributes.contentType) == null) {
ASN1ObjectIdentifier contentType = (ASN1ObjectIdentifier) params
.get(CMSAttributeTableGenerator.CONTENT_TYPE);
// contentType will be null if we're trying to generate a counter signature.
if (contentType != null) {
signedAttributes = signedAttributes.add(CMSAttributes.contentType, contentType);
}//from ww w. ja v a 2 s .c o m
}
if (signedAttributes.get(CMSAttributes.messageDigest) == null) {
// byte[] messageDigest = (byte[]) params.get(CMSAttributeTableGenerator.DIGEST);
signedAttributes = signedAttributes.add(CMSAttributes.messageDigest, new DEROctetString(messageDigest));
}
return signedAttributes;
}
From source file:eu.europa.ec.markt.dss.signature.pades.PAdESProfileEPES.java
License:Open Source License
CMSSignedDataGenerator createCMSSignedDataGenerator(ContentSigner contentSigner,
DigestCalculatorProvider digestCalculatorProvider, final SignatureParameters parameters,
final byte[] messageDigest) throws IOException {
try {/*w ww .j av a 2 s. c om*/
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
X509Certificate signerCertificate = parameters.getSigningCertificate();
X509CertificateHolder certHolder = new X509CertificateHolder(signerCertificate.getEncoded());
SignerInfoGeneratorBuilder sigenb = new SignerInfoGeneratorBuilder(digestCalculatorProvider);
final CAdESProfileEPES profile = new CAdESProfileEPES(true);
sigenb = sigenb.setSignedAttributeGenerator(new CMSAttributeTableGenerator() {
@Override
public AttributeTable getAttributes(Map params) throws CMSAttributeTableGenerationException {
Hashtable clone = (Hashtable) profile.getSignedAttributes(parameters).clone();
if (!clone.containsKey(CMSAttributes.contentType)) {
DERObjectIdentifier contentType = (DERObjectIdentifier) params
.get(CMSAttributeTableGenerator.CONTENT_TYPE);
// contentType will be null if we're trying to generate a counter signature.
if (contentType != null) {
Attribute attr = new Attribute(CMSAttributes.contentType, new DERSet(contentType));
clone.put(attr.getAttrType(), attr);
}
}
if (!clone.containsKey(CMSAttributes.messageDigest)) {
System.out.println("Digest propos : "
+ org.apache.commons.codec.binary.Hex.encodeHexString(messageDigest));
// byte[] messageDigest = (byte[]) params.get(CMSAttributeTableGenerator.DIGEST);
Attribute attr = new Attribute(CMSAttributes.messageDigest,
new DERSet(new DEROctetString(messageDigest)));
clone.put(attr.getAttrType(), attr);
}
if (parameters.getCommitmentTypeIndication() != null
&& !parameters.getCommitmentTypeIndication().isEmpty()) {
ASN1EncodableVector vector = new ASN1EncodableVector();
for (String id : parameters.getCommitmentTypeIndication()) {
vector.add(new DERObjectIdentifier(id));
}
DERSet set = new DERSet(new DERSequence(vector));
Attribute attr = new Attribute(new DERObjectIdentifier("1.2.840.113549.1.9.16.2.16"), set);
clone.put(attr.getAttrType(), attr);
}
return new AttributeTable(clone);
}
});
// sigenb.setUnsignedAttributeGenerator(new SimpleAttributeTableGenerator(new AttributeTable(
// new Hashtable<ASN1ObjectIdentifier, ASN1Encodable>())));
/*
* We don't include a unsigned attribute table if not needed : a unsignedAttrs of signerInfo includes no
* Attribute, UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute(defined in RFC3852).
*/
SignerInfoGenerator sigen = sigenb.build(contentSigner, certHolder);
generator.addSignerInfoGenerator(sigen);
Collection<X509Certificate> certs = new ArrayList<X509Certificate>();
if (parameters.getCertificateChain() == null
|| !parameters.getCertificateChain().contains(parameters.getSigningCertificate())) {
certs.add(parameters.getSigningCertificate());
}
certs.addAll(parameters.getCertificateChain());
JcaCertStore certStore = new JcaCertStore(certs);
generator.addCertificates(certStore);
System.out.println("Gnrator cr");
return generator;
} catch (CertificateException e) {
throw new IOException(e);
} catch (OperatorCreationException e) {
throw new IOException(e);
} catch (CMSException e) {
throw new IOException(e);
}
}
From source file:eu.europa.ec.markt.dss.validation.ocsp.OCSPUtils.java
License:Open Source License
/** * Convert a BasicOCSPResp in OCSPResp (connection status is set to SUCCESSFUL). * //w w w. jav a 2 s . c o m * @param basicOCSPResp * @return */ public static final OCSPResp fromBasicToResp(byte[] basicOCSPResp) { OCSPResponse response = new OCSPResponse(new OCSPResponseStatus(OCSPResponseStatus.SUCCESSFUL), new ResponseBytes(OCSPObjectIdentifiers.id_pkix_ocsp_basic, new DEROctetString(basicOCSPResp))); OCSPResp resp = new OCSPResp(response); return resp; }