List of usage examples for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers id_aa_ets_signerLocation
ASN1ObjectIdentifier id_aa_ets_signerLocation
To view the source code for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers id_aa_ets_signerLocation.
Click Source Link
From source file:es.gob.afirma.signers.cades.CAdESUtils.java
License:Open Source License
/** Genera la parte que contiene la información del Usuario. * Se generan los atributos que se necesitan para generar la firma. * * <pre>/*w w w .j ava 2 s. c om*/ * SignerInfo ::= SEQUENCE { * version CMSVersion, * sid SignerIdentifier, * digestAlgorithm DigestAlgorithmIdentifier, * signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL, * signatureAlgorithm SignatureAlgorithmIdentifier, * signature SignatureValue, * unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL * } * * SignerIdentifier ::= CHOICE { * issuerAndSerialNumber IssuerAndSerialNumber, * subjectKeyIdentifier [0] SubjectKeyIdentifier * } * * SignedAttributes ::= SET SIZE (1..MAX) OF Attribute * * UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute * * Attribute ::= SEQUENCE { * attrType OBJECT IDENTIFIER, * attrValues SET OF AttributeValue * } * * AttributeValue ::= ANY * * SignatureValue ::= OCTET STRING * </pre> * * @param cert Certificado del firmante * @param digestAlgorithmName Nombre del algoritmo de huella digital a usar * @param data Datos firmados * @param policy Política de firma * @param signingCertificateV2 {@code true} para utilizar la versión 2 del campo * signingCertificate, {@code false} para utilizar la versión 1. * @param dataDigest Huella digital de los datos firmados * @param signDate Fecha de la firma (debe establecerse externamente para evitar desincronismos en la firma trifásica) * @param padesMode <code>true</code> para generar una firma CAdES compatible PAdES, <code>false</code> para generar una firma CAdES normal * @param contentType Tipo de contenido definido por su OID. * @param contentDescription Descripción textual del tipo de contenido firmado. * @param ctis Lista de compromisos adquiridos con esta firma * @param csm Metadatos sobre el firmante * @return Los datos necesarios para generar la firma referente a los datos del usuario. * @throws java.security.NoSuchAlgorithmException Cuando se introduce un algoritmo no válido. * @throws java.io.IOException Cuando se produce un error de entrada/salida. * @throws CertificateEncodingException Error de codificación en el certificado. */ public static ASN1EncodableVector generateSignerInfo(final Certificate cert, final String digestAlgorithmName, final byte[] data, final AdESPolicy policy, final boolean signingCertificateV2, final byte[] dataDigest, final Date signDate, final boolean padesMode, final String contentType, final String contentDescription, final List<CommitmentTypeIndicationBean> ctis, final CAdESSignerMetadata csm) throws NoSuchAlgorithmException, IOException, CertificateEncodingException { // // ATRIBUTOS // authenticatedAttributes (http://tools.ietf.org/html/rfc3852#section-11) final ASN1EncodableVector contexExpecific = initContexExpecific(digestAlgorithmName, data, dataDigest, signDate, padesMode); if (signingCertificateV2) { contexExpecific.add(getSigningCertificateV2((X509Certificate) cert, digestAlgorithmName, policy)); } else { contexExpecific.add(getSigningCertificateV1((X509Certificate) cert, digestAlgorithmName, policy)); } // SIGPOLICYID ATTRIBUTE if (policy != null && policy.getPolicyIdentifier() != null) { contexExpecific.add(getSigPolicyId(digestAlgorithmName, policy)); } /** Secuencia con el tipo de contenido firmado. No se agrega en firmas PAdES. * * ContentHints ::= SEQUENCE { * contentDescription UTF8String (SIZE (1..MAX)) OPTIONAL, * contentType ContentType * } */ if (contentType != null && !padesMode) { final ContentHints contentHints; if (contentDescription != null) { contentHints = new ContentHints(new ASN1ObjectIdentifier(contentType), new DERUTF8String(contentDescription)); } else { contentHints = new ContentHints(new ASN1ObjectIdentifier(contentType)); } contexExpecific.add(new Attribute(PKCSObjectIdentifiers.id_aa_contentHint, new DERSet(contentHints.toASN1Primitive()))); } // Atributos adicionales segun seccion 5.11 de RFC 5126 // commitment-type-indication if (ctis != null && ctis.size() > 0) { for (final CommitmentTypeIndicationBean ctib : ctis) { contexExpecific.add(new Attribute(PKCSObjectIdentifiers.id_aa_ets_commitmentType, new DERSet( CommitmentTypeIndicationsHelper.generateCommitmentTypeIndication(ctib).toASN1Primitive()))); } } // id-aa-ets-signerLocation if (csm != null && CAdESSignerMetadataHelper.getSignerLocation(csm.getSignerLocation()) != null) { contexExpecific.add(new Attribute(PKCSObjectIdentifiers.id_aa_ets_signerLocation, new DERSet(CAdESSignerMetadataHelper.getSignerLocation(csm.getSignerLocation())))); } return contexExpecific; }
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESLevelBaselineB.java
License:Open Source License
/** * ETSI TS 101 733 V2.2.1 (2013-04)/*w w w .j ava 2 s . c om*/ * 5.11.2 signer-location Attribute * The signer-location attribute specifies a mnemonic for an address associated with the signer at a particular * geographical (e.g. city) location. The mnemonic is registered in the country in which the signer is located and is used in * the provision of the Public Telegram Service (according to Recommendation ITU-T F.1 [11]). * The signer-location attribute shall be a signed attribute. * * @param parameters * @param signedAttributes * @return */ private void addSignerLocation(final SignatureParameters parameters, final ASN1EncodableVector signedAttributes) { if (!padesUsage) { /* * In PAdES, the role is in the signature dictionary */ final BLevelParameters.SignerLocation signerLocationParameter = parameters.bLevel().getSignerLocation(); if (signerLocationParameter != null) { final DERUTF8String country = signerLocationParameter.getCountry() == null ? null : new DERUTF8String(signerLocationParameter.getCountry()); final DERUTF8String locality = signerLocationParameter.getLocality() == null ? null : new DERUTF8String(signerLocationParameter.getLocality()); final ASN1EncodableVector postalAddress = new ASN1EncodableVector(); final List<String> postalAddressParameter = signerLocationParameter.getPostalAddress(); if (postalAddressParameter != null) { for (final String addressLine : postalAddressParameter) { postalAddress.add(new DERUTF8String(addressLine)); } } final DERSequence derSequencePostalAddress = new DERSequence(postalAddress); final SignerLocation signerLocation = new SignerLocation(country, locality, derSequencePostalAddress); final DERSet attrValues = new DERSet(signerLocation); final Attribute attribute = new Attribute(PKCSObjectIdentifiers.id_aa_ets_signerLocation, attrValues); signedAttributes.add(attribute); } } }
From source file:eu.europa.ec.markt.dss.validation102853.cades.CAdESSignature.java
License:Open Source License
@Override public SignatureProductionPlace getSignatureProductionPlace() { final AttributeTable attributes = signerInformation.getSignedAttributes(); if (attributes == null) { return null; }//from w w w . j av a 2s .co m Attribute signatureProductionPlaceAttr = attributes.get(PKCSObjectIdentifiers.id_aa_ets_signerLocation); if (signatureProductionPlaceAttr == null) { return null; } final ASN1Encodable asn1Encodable = signatureProductionPlaceAttr.getAttrValues().getObjectAt(0); SignerLocation signerLocation = null; try { signerLocation = SignerLocation.getInstance(asn1Encodable); } catch (Exception e) { /* // TODO: (Bob: 2013 Dec 11) ---> Validation: /C:/ws_trunk/apps/dss/core/dss-document/target/test-classes/cades2013/CAdES-EPES.SCOK/BULL/Signature-C-EPES-2.p7s WARN SignedDocumentValidator.java:557 - org.bouncycastle.asn1.DERUTF8String cannot be cast to org.bouncycastle.asn1.DERTaggedObject java.lang.ClassCastException: org.bouncycastle.asn1.DERUTF8String cannot be cast to org.bouncycastle.asn1.DERTaggedObject at org.bouncycastle.asn1.esf.SignerLocation.<init>(Unknown Source) ~[bcprov-ext-jdk15on-1.49.jar:1.49.0] at org.bouncycastle.asn1.esf.SignerLocation.getInstance(Unknown Source) ~[bcprov-ext-jdk15on-1.49.jar:1.49.0] at eu.europa.ec.markt.dss.validation102853.cades.CAdESSignature.getSignatureProductionPlace(CAdESSignature.java:663) ~[classes/:na] at eu.europa.ec.markt.dss.validation102853.SignedDocumentValidator.dealSignature(SignedDocumentValidator.java:1209) [classes/:na] at eu.europa.ec.markt.dss.validation102853.SignedDocumentValidator.validateSignature(SignedDocumentValidator.java:535) [classes/:na] at eu.europa.ec.markt.dss.validation102853.SignedDocumentValidator.generateDiagnosticData(SignedDocumentValidator.java:510) [classes/:na] at eu.europa.ec.markt.dss.validation102853.SignedDocumentValidator.validateDocument(SignedDocumentValidator.java:469) [classes/:na] at eu.europa.ec.markt.dss.validation102853.SignedDocumentValidator.validateDocument(SignedDocumentValidator.java:450) [classes/:na] */ LOG.error(e.getMessage(), e); } if (signerLocation == null) { return null; } final SignatureProductionPlace signatureProductionPlace = new SignatureProductionPlace(); final DERUTF8String countryName = signerLocation.getCountryName(); if (countryName != null) { signatureProductionPlace.setCountryName(countryName.getString()); } final DERUTF8String localityName = signerLocation.getLocalityName(); if (localityName != null) { signatureProductionPlace.setCity(localityName.getString()); } final StringBuilder address = new StringBuilder(); final ASN1Sequence seq = signerLocation.getPostalAddress(); if (seq != null) { for (int ii = 0; ii < seq.size(); ii++) { if (seq.getObjectAt(ii) instanceof DEROctetString) { if (address.length() > 0) { address.append(" / "); } // TODO: getOctets returns an array address.append(new String(((DEROctetString) seq.getObjectAt(ii)).getOctets())); } else if (seq.getObjectAt(ii) instanceof DERUTF8String) { if (address.length() > 0) { address.append(" / "); } final DERUTF8String derutf8String = (DERUTF8String) seq.getObjectAt(ii); address.append(derutf8String.getString()); } } } signatureProductionPlace.setAddress(address.toString()); // This property is not used in CAdES version of signature // signatureProductionPlace.setStateOrProvince(stateOrProvince); return signatureProductionPlace; }
From source file:eu.europa.esig.dss.cades.validation.CAdESSignature.java
License:Open Source License
@Override public SignatureProductionPlace getSignatureProductionPlace() { final AttributeTable attributes = signerInformation.getSignedAttributes(); if (attributes == null) { return null; }// w ww . j ava 2 s . c o m Attribute signatureProductionPlaceAttr = attributes.get(PKCSObjectIdentifiers.id_aa_ets_signerLocation); if (signatureProductionPlaceAttr == null) { return null; } final ASN1Encodable asn1Encodable = signatureProductionPlaceAttr.getAttrValues().getObjectAt(0); SignerLocation signerLocation = null; try { signerLocation = SignerLocation.getInstance(asn1Encodable); } catch (Exception e) { LOG.error(e.getMessage(), e); } if (signerLocation == null) { return null; } final SignatureProductionPlace signatureProductionPlace = new SignatureProductionPlace(); final DERUTF8String countryName = signerLocation.getCountryName(); if (countryName != null) { signatureProductionPlace.setCountryName(countryName.getString()); } final DERUTF8String localityName = signerLocation.getLocalityName(); if (localityName != null) { signatureProductionPlace.setCity(localityName.getString()); } final StringBuilder address = new StringBuilder(); final ASN1Sequence seq = signerLocation.getPostalAddress(); if (seq != null) { for (int ii = 0; ii < seq.size(); ii++) { if (seq.getObjectAt(ii) instanceof DEROctetString) { if (address.length() > 0) { address.append(" / "); } // TODO: getOctets returns an array address.append(new String(((DEROctetString) seq.getObjectAt(ii)).getOctets())); } else if (seq.getObjectAt(ii) instanceof DERUTF8String) { if (address.length() > 0) { address.append(" / "); } final DERUTF8String derutf8String = (DERUTF8String) seq.getObjectAt(ii); address.append(derutf8String.getString()); } } } signatureProductionPlace.setStreetAddress(address.toString()); // This property is not used in CAdES version of signature // signatureProductionPlace.setStateOrProvince(stateOrProvince); return signatureProductionPlace; }