List of usage examples for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers id_aa_ets_escTimeStamp
ASN1ObjectIdentifier id_aa_ets_escTimeStamp
To view the source code for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers id_aa_ets_escTimeStamp.
Click Source Link
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESLevelBaselineT.java
License:Open Source License
/** * @param cadesSignature//from w ww. j a va2 s . c o m */ protected void assertExtendSignaturePossible(CAdESSignature cadesSignature) throws DSSException { final String exceptionMessage = "Cannot extend signature. The signedData is already extended with [%s]."; if (cadesSignature.isDataForSignatureLevelPresent(SignatureLevel.CAdES_BASELINE_LTA)) { throw new DSSException(String.format(exceptionMessage, "CAdES LTA")); } AttributeTable unsignedAttributes = CAdESSignature .getUnsignedAttributes(cadesSignature.getSignerInformation()); if (unsignedAttributes.get(PKCSObjectIdentifiers.id_aa_ets_escTimeStamp) != null) { throw new DSSException( String.format(exceptionMessage, PKCSObjectIdentifiers.id_aa_ets_escTimeStamp.getId())); } }
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESProfileX.java
License:Open Source License
@Override protected SignerInformation extendCMSSignature(CMSSignedData signedData, SignerInformation si, SignatureParameters parameters, Document originalData) throws IOException { si = super.extendCMSSignature(signedData, si, parameters, originalData); ASN1ObjectIdentifier attributeId = null; ByteArrayOutputStream toTimestamp = new ByteArrayOutputStream(); switch (getExtendedValidationType()) { case 1:/*from w w w. j ava 2s . co m*/ attributeId = PKCSObjectIdentifiers.id_aa_ets_escTimeStamp; toTimestamp.write(si.getSignature()); // We don't include the outer SEQUENCE, only the attrType and attrValues as stated by the TS 6.3.5, // NOTE 2) toTimestamp.write(si.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken) .getAttrType().getDEREncoded()); toTimestamp.write(si.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken) .getAttrValues().getDEREncoded()); break; case 2: attributeId = PKCSObjectIdentifiers.id_aa_ets_certCRLTimestamp; break; default: throw new IllegalStateException( "CAdES-X Profile: Extended validation is set but no valid type (1 or 2)"); } /* Those are common to Type 1 and Type 2 */ toTimestamp.write(si.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_ets_certificateRefs) .getAttrType().getDEREncoded()); toTimestamp.write(si.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_ets_certificateRefs) .getAttrValues().getDEREncoded()); toTimestamp.write(si.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_ets_revocationRefs) .getAttrType().getDEREncoded()); toTimestamp.write(si.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_ets_revocationRefs) .getAttrValues().getDEREncoded()); @SuppressWarnings("unchecked") Hashtable<ASN1ObjectIdentifier, Attribute> unsignedAttrHash = si.getUnsignedAttributes().toHashtable(); Attribute extendedTimeStamp = getTimeStampAttribute(attributeId, getSignatureTsa(), digestAlgorithm, toTimestamp.toByteArray()); unsignedAttrHash.put(attributeId, extendedTimeStamp); return SignerInformation.replaceUnsignedAttributes(si, new AttributeTable(unsignedAttrHash)); }
From source file:eu.europa.ec.markt.dss.validation.cades.CAdESSignature.java
License:Open Source License
@Override public List<TimestampToken> getTimestampsX1() { return getTimestampList(PKCSObjectIdentifiers.id_aa_ets_escTimeStamp, TimestampToken.TimestampType.VALIDATION_DATA_TIMESTAMP); }
From source file:eu.europa.ec.markt.dss.validation102853.cades.CAdESSignature.java
License:Open Source License
@Override public List<TimestampToken> getTimestampsX1() { if (sigAndRefsTimestamps == null) { sigAndRefsTimestamps = getTimestampList(PKCSObjectIdentifiers.id_aa_ets_escTimeStamp, TimestampType.VALIDATION_DATA_TIMESTAMP, null); }//w w w . j a v a2 s . c o m return sigAndRefsTimestamps; }
From source file:eu.europa.ec.markt.dss.validation102853.cades.CAdESSignature.java
License:Open Source License
public boolean isDataForSignatureLevelPresent(final SignatureLevel signatureLevel) { /**//from w w w . ja v a2 s .com * This list contains the detail information collected during the check. It is reset for each call. */ info = new ArrayList<String>(); final AttributeTable unsignedAttributes = getUnsignedAttributes(signerInformation); final AttributeTable signedAttributes = getSignedAttributes(signerInformation); boolean dataForProfilePresent = true; switch (signatureLevel) { case CAdES_BASELINE_LTA: dataForProfilePresent = unsignedAttributes.get(OID.id_aa_ets_archiveTimestampV3) != null; // break omitted purposely case CAdES_101733_A: if (signatureLevel != SignatureLevel.CAdES_BASELINE_LTA) { dataForProfilePresent &= unsignedAttributes.get(OID.id_aa_ets_archiveTimestampV2) != null; } // break omitted purposely case CAdES_BASELINE_LT: final Store certificateStore = cmsSignedData.getCertificates(); final Store crlStore = cmsSignedData.getCRLs(); final Store ocspStore = cmsSignedData.getOtherRevocationInfo(CMSObjectIdentifiers.id_ri_ocsp_response); final Store ocspBasicStore = cmsSignedData .getOtherRevocationInfo(OCSPObjectIdentifiers.id_pkix_ocsp_basic); final int certificateStoreSize = certificateStore.getMatches(null).size(); final int crlStoreSize = crlStore.getMatches(null).size(); info.add("CRL founds: " + crlStoreSize); final int ocspStoreSize = ocspStore.getMatches(null).size(); info.add("OCSP founds: " + ocspStoreSize); final int basicOcspStoreSize = ocspBasicStore.getMatches(null).size(); info.add("BasicOCSP founds: " + basicOcspStoreSize); final int ltInfoSize = crlStoreSize + ocspStoreSize + basicOcspStoreSize; dataForProfilePresent &= (ltInfoSize > 0); // break omitted purposely case CAdES_101733_X: if (!signatureLevel.toString().contains("BASELINE")) { dataForProfilePresent &= (unsignedAttributes .get(PKCSObjectIdentifiers.id_aa_ets_certCRLTimestamp) != null || unsignedAttributes.get(PKCSObjectIdentifiers.id_aa_ets_escTimeStamp) != null); } // break omitted purposely case CAdES_101733_C: if (!signatureLevel.toString().contains("BASELINE")) { dataForProfilePresent &= unsignedAttributes .get(PKCSObjectIdentifiers.id_aa_ets_certificateRefs) != null; dataForProfilePresent &= isDataForSignatureLevelPresent(SignatureLevel.CAdES_BASELINE_T); } // break omitted purposely case CAdES_BASELINE_T: dataForProfilePresent &= unsignedAttributes .get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken) != null; // break omitted purposely case CAdES_BASELINE_B: dataForProfilePresent &= ((signedAttributes.get(PKCSObjectIdentifiers.id_aa_signingCertificate) != null) || (signedAttributes.get(PKCSObjectIdentifiers.id_aa_signingCertificateV2) != null)); break; // break placed purposely case CMS: dataForProfilePresent = true; break; default: throw new IllegalArgumentException("Unknown level " + signatureLevel); } return dataForProfilePresent; }
From source file:eu.europa.esig.dss.cades.signature.CAdESLevelBaselineT.java
License:Open Source License
/** * @param cadesSignature/*from ww w . j a v a 2s . com*/ */ protected void assertExtendSignaturePossible(CAdESSignature cadesSignature) throws DSSException { final String exceptionMessage = "Cannot extend signature. The signedData is already extended with [%s]."; if (cadesSignature.isDataForSignatureLevelPresent(SignatureLevel.CAdES_BASELINE_LTA)) { throw new DSSException(String.format(exceptionMessage, "CAdES LTA")); } AttributeTable unsignedAttributes = CMSUtils.getUnsignedAttributes(cadesSignature.getSignerInformation()); if (unsignedAttributes.get(PKCSObjectIdentifiers.id_aa_ets_escTimeStamp) != null) { throw new DSSException( String.format(exceptionMessage, PKCSObjectIdentifiers.id_aa_ets_escTimeStamp.getId())); } }