Example usage for org.bouncycastle.asn1.esf SignerAttribute SignerAttribute

List of usage examples for org.bouncycastle.asn1.esf SignerAttribute SignerAttribute

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.esf.*
  5. SignerAttribute
  6. SignerAttribute

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.esf SignerAttribute SignerAttribute.

Prototype

public SignerAttribute(AttributeCertificate certifiedAttributes)

Source Link

Usage

From source file:eu.europa.ec.markt.dss.signature.cades.CAdESLevelBaselineB.java

License:Open Source License

/**
 * ETSI TS 101 733 V2.2.1 (2013-04)//from ww w.j  a v  a  2 s . c  o m
 * 5.11.3 signer-attributes Attribute
 * NOTE 1: Only a single signer-attributes can be used.
 * <p/>
 * The signer-attributes attribute specifies additional attributes of the signer (e.g. role).
 * It may be either:
 *  claimed attributes of the signer; or
 *  certified attributes of the signer.
 * The signer-attributes attribute shall be a signed attribute.
 *
 * @param parameters
 * @param signedAttributes
 * @return
 */
private void addSignerAttribute(final SignatureParameters parameters,
        final ASN1EncodableVector signedAttributes) {

    // In PAdES, the role is in the signature dictionary
    if (!padesUsage) {

        final List<String> claimedSignerRoles = parameters.bLevel().getClaimedSignerRoles();
        if (claimedSignerRoles != null) {

            List<org.bouncycastle.asn1.x509.Attribute> claimedAttributes = new ArrayList<org.bouncycastle.asn1.x509.Attribute>(
                    claimedSignerRoles.size());
            for (final String claimedSignerRole : claimedSignerRoles) {

                final DERUTF8String roles = new DERUTF8String(claimedSignerRole);

                //TODO: role attribute key (id_at_name) should be customizable
                final org.bouncycastle.asn1.x509.Attribute id_aa_ets_signerAttr = new org.bouncycastle.asn1.x509.Attribute(
                        X509ObjectIdentifiers.id_at_name, new DERSet(roles));
                claimedAttributes.add(id_aa_ets_signerAttr);
            }
            final org.bouncycastle.asn1.cms.Attribute attribute = new org.bouncycastle.asn1.cms.Attribute(
                    PKCSObjectIdentifiers.id_aa_ets_signerAttr, new DERSet(new SignerAttribute(claimedAttributes
                            .toArray(new org.bouncycastle.asn1.x509.Attribute[claimedAttributes.size()]))));
            signedAttributes.add(attribute);
        }
        //TODO: handle CertifiedAttributes ::= AttributeCertificate -- as defined in RFC 3281: see clause 4.1.
        // final List<String> certifiedSignerRoles = parameters.bLevel().getCertifiedSignerRoles();
    }
}

From source file:eu.europa.ec.markt.dss.signature.cades.CAdESProfileBES.java

License:Open Source License

private Attribute makeSignerAttrAttribute(SignatureParameters parameters) {
    DEROctetString[] roles = new DEROctetString[1];
    roles[0] = new DEROctetString(parameters.getClaimedSignerRole().getBytes());
    return new Attribute(PKCSObjectIdentifiers.id_aa_ets_signerAttr,
            new DERSet(new SignerAttribute(new DERSequence(roles))));

}

From source file:eu.europa.esig.dss.cades.signature.CAdESLevelBaselineB.java

License:Open Source License

/**
 * ETSI TS 101 733 V2.2.1 (2013-04)//from  ww  w. j av a  2 s.c o  m
 * 5.11.3 signer-attributes Attribute
 * NOTE 1: Only a single signer-attributes can be used.
 *
 * The signer-attributes attribute specifies additional attributes of the signer (e.g. role).
 * It may be either:
 *  claimed attributes of the signer; or
 *  certified attributes of the signer.
 * The signer-attributes attribute shall be a signed attribute.
 *
 * @param parameters
 * @param signedAttributes
 * @return
 */
private void addSignerAttribute(final CAdESSignatureParameters parameters,
        final ASN1EncodableVector signedAttributes) {

    // In PAdES, the role is in the signature dictionary
    if (!padesUsage) {

        final List<String> claimedSignerRoles = parameters.bLevel().getClaimedSignerRoles();
        if (claimedSignerRoles != null) {

            List<org.bouncycastle.asn1.x509.Attribute> claimedAttributes = new ArrayList<org.bouncycastle.asn1.x509.Attribute>(
                    claimedSignerRoles.size());
            for (final String claimedSignerRole : claimedSignerRoles) {

                final DERUTF8String roles = new DERUTF8String(claimedSignerRole);

                // TODO: role attribute key (id_at_name) should be customizable
                final org.bouncycastle.asn1.x509.Attribute id_aa_ets_signerAttr = new org.bouncycastle.asn1.x509.Attribute(
                        X509ObjectIdentifiers.id_at_name, new DERSet(roles));
                claimedAttributes.add(id_aa_ets_signerAttr);
            }
            final org.bouncycastle.asn1.cms.Attribute attribute = new org.bouncycastle.asn1.cms.Attribute(
                    id_aa_ets_signerAttr, new DERSet(new SignerAttribute(claimedAttributes
                            .toArray(new org.bouncycastle.asn1.x509.Attribute[claimedAttributes.size()]))));
            signedAttributes.add(attribute);
        }
        // TODO: handle CertifiedAttributes ::= AttributeCertificate -- as defined in RFC 3281: see clause 4.1.
        // final List<String> certifiedSignerRoles = parameters.bLevel().getCertifiedSignerRoles();
    }
}