List of usage examples for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers pkcs_9_at_signingTime
ASN1ObjectIdentifier pkcs_9_at_signingTime
To view the source code for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers pkcs_9_at_signingTime.
Click Source Link
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESLevelBaselineB.java
License:Open Source License
private void addSigningTimeAttribute(final SignatureParameters parameters, final ASN1EncodableVector signedAttributes) { if (!padesUsage) { /*/* ww w . j ava2 s . c o m*/ * In PAdES, we don't include the signing time : ETSI TS 102 778-3 V1.2.1 (2010-07): 4.5.3 signing-time * Attribute */ final Date signingDate = parameters.bLevel().getSigningDate(); if (signingDate != null) { final DERSet attrValues = new DERSet(new Time(signingDate)); final Attribute attribute = new Attribute(PKCSObjectIdentifiers.pkcs_9_at_signingTime, attrValues); signedAttributes.add(attribute); } } }
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESProfileBES.java
License:Open Source License
private Attribute makeSigningTimeAttribute(SignatureParameters parameters) { return new Attribute(PKCSObjectIdentifiers.pkcs_9_at_signingTime, new DERSet(new Time(parameters.getSigningDate()))); }
From source file:eu.europa.ec.markt.dss.signature.cades.CAdESProfileBES.java
License:Open Source License
Hashtable<ASN1ObjectIdentifier, ASN1Encodable> getSignedAttributes(SignatureParameters parameters) {
Hashtable<ASN1ObjectIdentifier, ASN1Encodable> signedAttrs = new Hashtable<ASN1ObjectIdentifier, ASN1Encodable>();
Attribute signingCertificateReference = makeSigningCertificateAttribute(parameters);
signedAttrs.put((ASN1ObjectIdentifier) signingCertificateReference.getAttrType(),
signingCertificateReference);
/*// w w w .j ava 2 s.c om
* In PAdES, we don't include the signing time : ETSI TS 102 778-3 V1.2.1 (2010-07): 4.5.3 signing-time
* Attribute
*/
if (!padesUsage) {
signedAttrs.put(PKCSObjectIdentifiers.pkcs_9_at_signingTime, makeSigningTimeAttribute(parameters));
}
/*
* In PAdES, the role is in the signature dictionary
*/
if (!padesUsage && parameters.getClaimedSignerRole() != null) {
signedAttrs.put(PKCSObjectIdentifiers.id_aa_ets_signerAttr, makeSignerAttrAttribute(parameters));
}
return signedAttrs;
}
From source file:eu.europa.ec.markt.dss.validation.cades.CAdESSignature.java
License:Open Source License
@Override public Date getSigningTime() { if (signerInformation.getSignedAttributes() != null && signerInformation.getSignedAttributes() .get(PKCSObjectIdentifiers.pkcs_9_at_signingTime) != null) { ASN1Set set = signerInformation.getSignedAttributes().get(PKCSObjectIdentifiers.pkcs_9_at_signingTime) .getAttrValues();//from ww w.j a va 2s . c o m try { Object o = set.getObjectAt(0); if (o instanceof ASN1UTCTime) { return ((ASN1UTCTime) o).getDate(); } if (o instanceof Time) { return ((Time) o).getDate(); } LOG.log(Level.SEVERE, "Error when reading signing time. Unrecognized " + o.getClass()); } catch (Exception ex) { LOG.log(Level.SEVERE, "Error when reading signing time ", ex); return null; } } return null; }
From source file:eu.europa.ec.markt.dss.validation102853.cades.CAdESSignature.java
License:Open Source License
@Override public Date getSigningTime() { final AttributeTable attributes = signerInformation.getSignedAttributes(); if (attributes == null) { return null; }/* w w w . j av a 2 s .c o m*/ final Attribute attr = attributes.get(PKCSObjectIdentifiers.pkcs_9_at_signingTime); if (attr == null) { return null; } final ASN1Set attrValues = attr.getAttrValues(); final ASN1Encodable attrValue = attrValues.getObjectAt(0); final Date signingDate; if (attrValue instanceof ASN1UTCTime) { signingDate = DSSASN1Utils.toDate((ASN1UTCTime) attrValue); } else if (attrValue instanceof Time) { signingDate = ((Time) attrValue).getDate(); } else if (attrValue instanceof ASN1GeneralizedTime) { signingDate = DSSASN1Utils.toDate((ASN1GeneralizedTime) attrValue); } else { signingDate = null; } if (signingDate != null) { /* RFC 3852 [4] states that "dates between January 1, 1950 and December 31, 2049 (inclusive) must be encoded as UTCTime. Any dates with year values before 1950 or after 2049 must be encoded as GeneralizedTime". */ if (!(signingDate.before(JANUARY_1950) && signingDate.after(JANUARY_2050))) { // must be ASN1UTCTime if (!(attrValue instanceof ASN1UTCTime)) { LOG.error( "RFC 3852 states that dates between January 1, 1950 and December 31, 2049 (inclusive) must be encoded as UTCTime. Any dates with year values before 1950 or after 2049 must be encoded as GeneralizedTime. Date found is {} encoded as {}", signingDate.toString(), attrValue.getClass()); return null; } } return signingDate; } if (LOG.isErrorEnabled()) { LOG.error("Error when reading signing time. Unrecognized " + attrValue.getClass()); } return null; }
From source file:eu.europa.esig.dss.cades.validation.CAdESSignature.java
License:Open Source License
@Override public Date getSigningTime() { final AttributeTable attributes = signerInformation.getSignedAttributes(); if (attributes == null) { return null; }//from w w w . j a va2 s . co m final Attribute attr = attributes.get(PKCSObjectIdentifiers.pkcs_9_at_signingTime); if (attr == null) { return null; } final ASN1Set attrValues = attr.getAttrValues(); final ASN1Encodable attrValue = attrValues.getObjectAt(0); final Date signingDate; if (attrValue instanceof ASN1UTCTime) { signingDate = DSSASN1Utils.toDate((ASN1UTCTime) attrValue); } else if (attrValue instanceof Time) { signingDate = ((Time) attrValue).getDate(); } else if (attrValue instanceof ASN1GeneralizedTime) { signingDate = DSSASN1Utils.toDate((ASN1GeneralizedTime) attrValue); } else { signingDate = null; } if (signingDate != null) { /* * RFC 3852 [4] states that "dates between January 1, 1950 and * December 31, 2049 (inclusive) must be encoded as UTCTime. Any * dates with year values before 1950 or after 2049 must be encoded * as GeneralizedTime". */ if (!(signingDate.before(JANUARY_1950) && signingDate.after(JANUARY_2050))) { // must be ASN1UTCTime if (!(attrValue instanceof ASN1UTCTime)) { LOG.error( "RFC 3852 states that dates between January 1, 1950 and December 31, 2049 (inclusive) must be encoded as UTCTime. Any dates with year values before 1950 or after 2049 must be encoded as GeneralizedTime. Date found is {} encoded as {}", signingDate.toString(), attrValue.getClass()); return null; } } return signingDate; } if (LOG.isErrorEnabled()) { LOG.error("Error when reading signing time. Unrecognized " + attrValue.getClass()); } return null; }
From source file:eu.europa.esig.dss.cookbook.mock.MockTSPSource.java
License:Open Source License
@Override public TimeStampToken getTimeStampResponse(final DigestAlgorithm digestAlgorithm, final byte[] digest) throws DSSException { final String signatureAlgorithm = getSignatureAlgorithm(digestAlgorithm, digest); final TimeStampRequestGenerator tsqGenerator = new TimeStampRequestGenerator(); tsqGenerator.setCertReq(true);/*from w ww . j a v a 2 s.c om*/ /** * The code below guarantee that the dates of the two successive * timestamps are different. This is activated only if timestampDate is provided at * construction time */ Date timestampDate_ = new Date(); if (policyOid != null) { tsqGenerator.setReqPolicy(policyOid); } TimeStampRequest tsRequest = null; if (useNonce) { final BigInteger nonce = BigInteger.valueOf(random.nextLong()); tsRequest = tsqGenerator.generate(new ASN1ObjectIdentifier(digestAlgorithm.getOid()), digest, nonce); } else { tsRequest = tsqGenerator.generate(new ASN1ObjectIdentifier(digestAlgorithm.getOid()), digest); } try { final ContentSigner sigGen = new JcaContentSignerBuilder(signatureAlgorithm).build(key); final JcaX509CertificateHolder certHolder = new JcaX509CertificateHolder(cert.getCertificate()); // that to make sure we generate the same timestamp data for the // same timestamp date AttributeTable signedAttributes = new AttributeTable(new Hashtable<ASN1ObjectIdentifier, Object>()); signedAttributes = signedAttributes.add(PKCSObjectIdentifiers.pkcs_9_at_signingTime, new Time(timestampDate_)); final DefaultSignedAttributeTableGenerator signedAttributeGenerator = new DefaultSignedAttributeTableGenerator( signedAttributes); AttributeTable unsignedAttributes = new AttributeTable(new Hashtable<ASN1ObjectIdentifier, Object>()); final SimpleAttributeTableGenerator unsignedAttributeGenerator = new SimpleAttributeTableGenerator( unsignedAttributes); final DigestCalculatorProvider digestCalculatorProvider = new BcDigestCalculatorProvider(); SignerInfoGeneratorBuilder sigInfoGeneratorBuilder = new SignerInfoGeneratorBuilder( digestCalculatorProvider); sigInfoGeneratorBuilder.setSignedAttributeGenerator(signedAttributeGenerator); sigInfoGeneratorBuilder.setUnsignedAttributeGenerator(unsignedAttributeGenerator); final SignerInfoGenerator sig = sigInfoGeneratorBuilder.build(sigGen, certHolder); final DigestCalculator sha1DigestCalculator = DSSRevocationUtils.getSHA1DigestCalculator(); final TimeStampTokenGenerator tokenGenerator = new TimeStampTokenGenerator(sig, sha1DigestCalculator, policyOid); final Set<X509Certificate> singleton = new HashSet<X509Certificate>(); singleton.add(cert.getCertificate()); tokenGenerator.addCertificates(new JcaCertStore(singleton)); final TimeStampResponseGenerator generator = new TimeStampResponseGenerator(tokenGenerator, TSPAlgorithms.ALLOWED); Date responseDate = new Date(); TimeStampResponse tsResponse = generator.generate(tsRequest, BigInteger.ONE, responseDate); final TimeStampToken timeStampToken = tsResponse.getTimeStampToken(); return timeStampToken; } catch (OperatorCreationException e) { throw new DSSException(e); } catch (CertificateEncodingException e) { throw new DSSException(e); } catch (TSPException e) { throw new DSSException(e); } }