List of usage examples for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers id_aa_ets_signerAttr
ASN1ObjectIdentifier id_aa_ets_signerAttr
To view the source code for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers id_aa_ets_signerAttr.
Click Source Link
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESLevelBaselineB.java
License:Open Source License
/** * ETSI TS 101 733 V2.2.1 (2013-04)/*from w w w . j av a 2s.c om*/ * 5.11.3 signer-attributes Attribute * NOTE 1: Only a single signer-attributes can be used. * <p/> * The signer-attributes attribute specifies additional attributes of the signer (e.g. role). * It may be either: * claimed attributes of the signer; or * certified attributes of the signer. * The signer-attributes attribute shall be a signed attribute. * * @param parameters * @param signedAttributes * @return */ private void addSignerAttribute(final SignatureParameters parameters, final ASN1EncodableVector signedAttributes) { // In PAdES, the role is in the signature dictionary if (!padesUsage) { final List<String> claimedSignerRoles = parameters.bLevel().getClaimedSignerRoles(); if (claimedSignerRoles != null) { List<org.bouncycastle.asn1.x509.Attribute> claimedAttributes = new ArrayList<org.bouncycastle.asn1.x509.Attribute>( claimedSignerRoles.size()); for (final String claimedSignerRole : claimedSignerRoles) { final DERUTF8String roles = new DERUTF8String(claimedSignerRole); //TODO: role attribute key (id_at_name) should be customizable final org.bouncycastle.asn1.x509.Attribute id_aa_ets_signerAttr = new org.bouncycastle.asn1.x509.Attribute( X509ObjectIdentifiers.id_at_name, new DERSet(roles)); claimedAttributes.add(id_aa_ets_signerAttr); } final org.bouncycastle.asn1.cms.Attribute attribute = new org.bouncycastle.asn1.cms.Attribute( PKCSObjectIdentifiers.id_aa_ets_signerAttr, new DERSet(new SignerAttribute(claimedAttributes .toArray(new org.bouncycastle.asn1.x509.Attribute[claimedAttributes.size()])))); signedAttributes.add(attribute); } //TODO: handle CertifiedAttributes ::= AttributeCertificate -- as defined in RFC 3281: see clause 4.1. // final List<String> certifiedSignerRoles = parameters.bLevel().getCertifiedSignerRoles(); } }
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESProfileBES.java
License:Open Source License
private Attribute makeSignerAttrAttribute(SignatureParameters parameters) { DEROctetString[] roles = new DEROctetString[1]; roles[0] = new DEROctetString(parameters.getClaimedSignerRole().getBytes()); return new Attribute(PKCSObjectIdentifiers.id_aa_ets_signerAttr, new DERSet(new SignerAttribute(new DERSequence(roles)))); }
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESProfileBES.java
License:Open Source License
Hashtable<ASN1ObjectIdentifier, ASN1Encodable> getSignedAttributes(SignatureParameters parameters) {
Hashtable<ASN1ObjectIdentifier, ASN1Encodable> signedAttrs = new Hashtable<ASN1ObjectIdentifier, ASN1Encodable>();
Attribute signingCertificateReference = makeSigningCertificateAttribute(parameters);
signedAttrs.put((ASN1ObjectIdentifier) signingCertificateReference.getAttrType(),
signingCertificateReference);
/*/*www.j ava 2s . c o m*/
* In PAdES, we don't include the signing time : ETSI TS 102 778-3 V1.2.1 (2010-07): 4.5.3 signing-time
* Attribute
*/
if (!padesUsage) {
signedAttrs.put(PKCSObjectIdentifiers.pkcs_9_at_signingTime, makeSigningTimeAttribute(parameters));
}
/*
* In PAdES, the role is in the signature dictionary
*/
if (!padesUsage && parameters.getClaimedSignerRole() != null) {
signedAttrs.put(PKCSObjectIdentifiers.id_aa_ets_signerAttr, makeSignerAttrAttribute(parameters));
}
return signedAttrs;
}
From source file:eu.europa.ec.markt.dss.validation.cades.CAdESSignature.java
License:Open Source License
@Override public String[] getClaimedSignerRoles() { if (signerInformation.getSignedAttributes() == null) { return null; }/* w ww .jav a2 s . c o m*/ Attribute signerAttrAttr = signerInformation.getSignedAttributes() .get(PKCSObjectIdentifiers.id_aa_ets_signerAttr); if (signerAttrAttr == null) { return null; } SignerAttribute signerAttr = null; signerAttr = SignerAttribute.getInstance(signerAttrAttr.getAttrValues().getObjectAt(0)); if (signerAttr == null) { return null; } String[] ret = new String[signerAttr.getClaimedAttributes().size()]; for (int i = 0; i < signerAttr.getClaimedAttributes().size(); i++) { if (signerAttr.getClaimedAttributes().getObjectAt(i) instanceof DEROctetString) { ret[i] = new String( ((DEROctetString) signerAttr.getClaimedAttributes().getObjectAt(i)).getOctets()); } else { ret[i] = signerAttr.getClaimedAttributes().getObjectAt(i).toString(); } } return ret; }
From source file:eu.europa.ec.markt.dss.validation102853.cades.CAdESSignature.java
License:Open Source License
@Override public String[] getClaimedSignerRoles() { final AttributeTable attributes = signerInformation.getSignedAttributes(); if (attributes == null) { return null; }/*from ww w. jav a2 s. com*/ final Attribute id_aa_ets_signerAttr = attributes.get(PKCSObjectIdentifiers.id_aa_ets_signerAttr); if (id_aa_ets_signerAttr == null) { return null; } final ASN1Set attrValues = id_aa_ets_signerAttr.getAttrValues(); final ASN1Encodable attrValue = attrValues.getObjectAt(0); try { final SignerAttribute signerAttr = SignerAttribute.getInstance(attrValue); if (signerAttr == null) { return null; } final List<String> claimedRoles = new ArrayList<String>(); final Object[] signerAttrValues = signerAttr.getValues(); for (final Object signerAttrValue : signerAttrValues) { if (!(signerAttrValue instanceof org.bouncycastle.asn1.x509.Attribute[])) { continue; } final org.bouncycastle.asn1.x509.Attribute[] signerAttrValueArray = (org.bouncycastle.asn1.x509.Attribute[]) signerAttrValue; for (final org.bouncycastle.asn1.x509.Attribute claimedRole : signerAttrValueArray) { final ASN1Encodable[] attrValues1 = claimedRole.getAttrValues().toArray(); for (final ASN1Encodable asn1Encodable : attrValues1) { if (asn1Encodable instanceof ASN1String) { ASN1String asn1String = (ASN1String) asn1Encodable; final String s = asn1String.getString(); claimedRoles.add(s); } } } } final String[] strings = claimedRoles.toArray(new String[claimedRoles.size()]); return strings; } catch (Exception e) { throw new DSSException("Error when dealing with claimed signer roles: [" + attrValue.toString() + "]", e); } }
From source file:eu.europa.ec.markt.dss.validation102853.cades.CAdESSignature.java
License:Open Source License
@Override public List<CertifiedRole> getCertifiedSignerRoles() { final AttributeTable signedAttributes = signerInformation.getSignedAttributes(); if (signedAttributes == null) { return null; }//from w w w . j a v a 2 s . co m final Attribute id_aa_ets_signerAttr = signedAttributes.get(PKCSObjectIdentifiers.id_aa_ets_signerAttr); if (id_aa_ets_signerAttr == null) { return null; } final ASN1Set attrValues = id_aa_ets_signerAttr.getAttrValues(); final ASN1Encodable asn1EncodableAttrValue = attrValues.getObjectAt(0); try { final SignerAttribute signerAttr = SignerAttribute.getInstance(asn1EncodableAttrValue); if (signerAttr == null) { return null; } List<CertifiedRole> roles = null; final Object[] signerAttrValues = signerAttr.getValues(); for (final Object signerAttrValue : signerAttrValues) { if (signerAttrValue instanceof AttributeCertificate) { if (roles == null) { roles = new ArrayList<CertifiedRole>(); } final AttributeCertificate attributeCertificate = (AttributeCertificate) signerAttrValue; final AttributeCertificateInfo acInfo = attributeCertificate.getAcinfo(); final AttCertValidityPeriod attrCertValidityPeriod = acInfo.getAttrCertValidityPeriod(); final ASN1Sequence attributes = acInfo.getAttributes(); for (int ii = 0; ii < attributes.size(); ii++) { final ASN1Encodable objectAt = attributes.getObjectAt(ii); final org.bouncycastle.asn1.x509.Attribute attribute = org.bouncycastle.asn1.x509.Attribute .getInstance(objectAt); final ASN1Set attrValues1 = attribute.getAttrValues(); DERSequence derSequence = (DERSequence) attrValues1.getObjectAt(0); RoleSyntax roleSyntax = RoleSyntax.getInstance(derSequence); CertifiedRole certifiedRole = new CertifiedRole(); certifiedRole.setRole(roleSyntax.getRoleNameAsString()); certifiedRole.setNotBefore(DSSASN1Utils.toDate(attrCertValidityPeriod.getNotBeforeTime())); certifiedRole.setNotAfter(DSSASN1Utils.toDate(attrCertValidityPeriod.getNotAfterTime())); roles.add(certifiedRole); } } } return roles; } catch (Exception e) { throw new DSSException( "Error when dealing with certified signer roles: [" + asn1EncodableAttrValue.toString() + "]", e); } }