List of usage examples for org.bouncycastle.asn1.ess ContentHints ContentHints
public ContentHints(ASN1ObjectIdentifier contentType, DERUTF8String contentDescription)
From source file:es.gob.afirma.signers.cades.CAdESUtils.java
License:Open Source License
/** Genera la parte que contiene la información del Usuario. * Se generan los atributos que se necesitan para generar la firma. * * <pre>//from ww w . j a v a2s .com * SignerInfo ::= SEQUENCE { * version CMSVersion, * sid SignerIdentifier, * digestAlgorithm DigestAlgorithmIdentifier, * signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL, * signatureAlgorithm SignatureAlgorithmIdentifier, * signature SignatureValue, * unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL * } * * SignerIdentifier ::= CHOICE { * issuerAndSerialNumber IssuerAndSerialNumber, * subjectKeyIdentifier [0] SubjectKeyIdentifier * } * * SignedAttributes ::= SET SIZE (1..MAX) OF Attribute * * UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute * * Attribute ::= SEQUENCE { * attrType OBJECT IDENTIFIER, * attrValues SET OF AttributeValue * } * * AttributeValue ::= ANY * * SignatureValue ::= OCTET STRING * </pre> * * @param cert Certificado del firmante * @param digestAlgorithmName Nombre del algoritmo de huella digital a usar * @param data Datos firmados * @param policy Política de firma * @param signingCertificateV2 {@code true} para utilizar la versión 2 del campo * signingCertificate, {@code false} para utilizar la versión 1. * @param dataDigest Huella digital de los datos firmados * @param signDate Fecha de la firma (debe establecerse externamente para evitar desincronismos en la firma trifásica) * @param padesMode <code>true</code> para generar una firma CAdES compatible PAdES, <code>false</code> para generar una firma CAdES normal * @param contentType Tipo de contenido definido por su OID. * @param contentDescription Descripción textual del tipo de contenido firmado. * @param ctis Lista de compromisos adquiridos con esta firma * @param csm Metadatos sobre el firmante * @return Los datos necesarios para generar la firma referente a los datos del usuario. * @throws java.security.NoSuchAlgorithmException Cuando se introduce un algoritmo no válido. * @throws java.io.IOException Cuando se produce un error de entrada/salida. * @throws CertificateEncodingException Error de codificación en el certificado. */ public static ASN1EncodableVector generateSignerInfo(final Certificate cert, final String digestAlgorithmName, final byte[] data, final AdESPolicy policy, final boolean signingCertificateV2, final byte[] dataDigest, final Date signDate, final boolean padesMode, final String contentType, final String contentDescription, final List<CommitmentTypeIndicationBean> ctis, final CAdESSignerMetadata csm) throws NoSuchAlgorithmException, IOException, CertificateEncodingException { // // ATRIBUTOS // authenticatedAttributes (http://tools.ietf.org/html/rfc3852#section-11) final ASN1EncodableVector contexExpecific = initContexExpecific(digestAlgorithmName, data, dataDigest, signDate, padesMode); if (signingCertificateV2) { contexExpecific.add(getSigningCertificateV2((X509Certificate) cert, digestAlgorithmName, policy)); } else { contexExpecific.add(getSigningCertificateV1((X509Certificate) cert, digestAlgorithmName, policy)); } // SIGPOLICYID ATTRIBUTE if (policy != null && policy.getPolicyIdentifier() != null) { contexExpecific.add(getSigPolicyId(digestAlgorithmName, policy)); } /** Secuencia con el tipo de contenido firmado. No se agrega en firmas PAdES. * * ContentHints ::= SEQUENCE { * contentDescription UTF8String (SIZE (1..MAX)) OPTIONAL, * contentType ContentType * } */ if (contentType != null && !padesMode) { final ContentHints contentHints; if (contentDescription != null) { contentHints = new ContentHints(new ASN1ObjectIdentifier(contentType), new DERUTF8String(contentDescription)); } else { contentHints = new ContentHints(new ASN1ObjectIdentifier(contentType)); } contexExpecific.add(new Attribute(PKCSObjectIdentifiers.id_aa_contentHint, new DERSet(contentHints.toASN1Primitive()))); } // Atributos adicionales segun seccion 5.11 de RFC 5126 // commitment-type-indication if (ctis != null && ctis.size() > 0) { for (final CommitmentTypeIndicationBean ctib : ctis) { contexExpecific.add(new Attribute(PKCSObjectIdentifiers.id_aa_ets_commitmentType, new DERSet( CommitmentTypeIndicationsHelper.generateCommitmentTypeIndication(ctib).toASN1Primitive()))); } } // id-aa-ets-signerLocation if (csm != null && CAdESSignerMetadataHelper.getSignerLocation(csm.getSignerLocation()) != null) { contexExpecific.add(new Attribute(PKCSObjectIdentifiers.id_aa_ets_signerLocation, new DERSet(CAdESSignerMetadataHelper.getSignerLocation(csm.getSignerLocation())))); } return contexExpecific; }
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESLevelBaselineB.java
License:Open Source License
/** * ETSI TS 101 733 V2.2.1 (2013-04)//w ww. j a v a 2 s . c om * <p/> * 5.10.3 content-hints Attribute * The content-hints attribute provides information on the innermost signed content of a multi-layer message where * one content is encapsulated in another. * The syntax of the content-hints attribute type of the ES is as defined in ESS (RFC 2634 [5]). * When used to indicate the precise format of the data to be presented to the user, the following rules apply: * the contentType indicates the type of the associated content. It is an object identifier (i.e. a unique string of * integers) assigned by an authority that defines the content type; and * when the contentType is id-data the contentDescription shall define the presentation format; the * format may be defined by MIME types. * When the format of the content is defined by MIME types, the following rules apply: * the contentType shall be id-data as defined in CMS (RFC 3852 [4]); * the contentDescription shall be used to indicate the encoding of the data, in accordance with the rules * defined RFC 2045 [6]; see annex F for an example of structured contents and MIME. * NOTE 1: id-data OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs7(7) 1 }. * NOTE 2: contentDescription is optional in ESS (RFC 2634 [5]). It may be used to complement * contentTypes defined elsewhere; such definitions are outside the scope of the present document. * * @param parameters * @param signedAttributes * @return */ private void addContentHints(final SignatureParameters parameters, final ASN1EncodableVector signedAttributes) { final BLevelParameters bLevelParameters = parameters.bLevel(); if (DSSUtils.isNotBlank(bLevelParameters.getContentHintsType())) { final ASN1ObjectIdentifier contentHintsType = new ASN1ObjectIdentifier( bLevelParameters.getContentHintsType()); final String contentHintsDescriptionString = bLevelParameters.getContentHintsDescription(); final DERUTF8String contentHintsDescription = DSSUtils.isBlank(contentHintsDescriptionString) ? null : new DERUTF8String(contentHintsDescriptionString); // "text/plain"; // "1.2.840.113549.1.7.1"; final ContentHints contentHints = new ContentHints(contentHintsType, contentHintsDescription); final DERSet attrValues = new DERSet(contentHints); final Attribute attribute = new Attribute(PKCSObjectIdentifiers.id_aa_contentHint, attrValues); signedAttributes.add(attribute); } }
From source file:eu.europa.esig.dss.cades.signature.CAdESLevelBaselineB.java
License:Open Source License
/** * ETSI TS 101 733 V2.2.1 (2013-04)//from w ww.j a v a2s . co m * * 5.10.3 content-hints Attribute * The content-hints attribute provides information on the innermost signed content of a multi-layer message where * one content is encapsulated in another. * The syntax of the content-hints attribute type of the ES is as defined in ESS (RFC 2634 [5]). * When used to indicate the precise format of the data to be presented to the user, the following rules apply: * the contentType indicates the type of the associated content. It is an object identifier (i.e. a unique string * of * integers) assigned by an authority that defines the content type; and * when the contentType is id-data the contentDescription shall define the presentation format; the * format may be defined by MIME types. * When the format of the content is defined by MIME types, the following rules apply: * the contentType shall be id-data as defined in CMS (RFC 3852 [4]); * the contentDescription shall be used to indicate the encoding of the data, in accordance with the rules * defined RFC 2045 [6]; see annex F for an example of structured contents and MIME. * NOTE 1: id-data OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs7(7) 1 }. * NOTE 2: contentDescription is optional in ESS (RFC 2634 [5]). It may be used to complement * contentTypes defined elsewhere; such definitions are outside the scope of the present document. * * @param parameters * @param signedAttributes * @return */ private void addContentHints(final CAdESSignatureParameters parameters, final ASN1EncodableVector signedAttributes) { if (StringUtils.isNotBlank(parameters.getContentHintsType())) { final ASN1ObjectIdentifier contentHintsType = new ASN1ObjectIdentifier( parameters.getContentHintsType()); final String contentHintsDescriptionString = parameters.getContentHintsDescription(); final DERUTF8String contentHintsDescription = StringUtils.isBlank(contentHintsDescriptionString) ? null : new DERUTF8String(contentHintsDescriptionString); // "text/plain"; // "1.2.840.113549.1.7.1"; final ContentHints contentHints = new ContentHints(contentHintsType, contentHintsDescription); final DERSet attrValues = new DERSet(contentHints); final Attribute attribute = new Attribute(id_aa_contentHint, attrValues); signedAttributes.add(attribute); } }