Java Code Examples for org.bouncycastle.cms.SignerInformation#getUnsignedAttributes()

The following examples show how to use org.bouncycastle.cms.SignerInformation#getUnsignedAttributes() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: CadesLevelBaselineLTATimestampExtractor.java    From dss with GNU Lesser General Public License v2.1 6 votes vote down vote up
/**
 * The field unsignedAttrsHashIndex is a sequence of octet strings. Each one contains the hash value of one
 * instance of Attribute within unsignedAttrs field of the SignerInfo. A hash value for every instance of
 * Attribute, as present at the time when the corresponding archive time-stamp is requested, shall be included in
 * unsignedAttrsHashIndex. No other hash values shall be included in this field.
 *
 * @param signerInformation {@link SignerInformation}
 * @param atsHashIndexVersionIdentifier {@link ASN1ObjectIdentifier} of the ats-hash-index table version to create
 * @return
 */
private ASN1Sequence getUnsignedAttributesHashIndex(SignerInformation signerInformation, ASN1ObjectIdentifier atsHashIndexVersionIdentifier) {

	final ASN1EncodableVector unsignedAttributesHashIndex = new ASN1EncodableVector();
	AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
	final ASN1EncodableVector asn1EncodableVector = unsignedAttributes.toASN1EncodableVector();
	for (int i = 0; i < asn1EncodableVector.size(); i++) {
		final Attribute attribute = (Attribute) asn1EncodableVector.get(i);
		if (!excludedAttributesFromAtsHashIndex.contains(attribute.getAttrType())) {
			List<DEROctetString> attributeDerOctetStringHashes = getAttributeDerOctetStringHashes(attribute, atsHashIndexVersionIdentifier);
			for (DEROctetString derOctetStringDigest : attributeDerOctetStringHashes) {
				unsignedAttributesHashIndex.add(derOctetStringDigest);
			}
		}
	}
	return new DERSequence(unsignedAttributesHashIndex);
}
 
Example 2
Source File: CAdESTimeStampSigner.java    From signer with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
public List<Timestamp> checkTimeStampOnSignature(byte[] signature) {
	try {
		Security.addProvider(new BouncyCastleProvider());
		List<Timestamp> listOfTimeStamp = new ArrayList<Timestamp>();
		CMSSignedData cmsSignedData = new CMSSignedData(signature);
		SignerInformationStore signers = cmsSignedData.getSignerInfos();
		Iterator<?> it = signers.getSigners().iterator();
		while (it.hasNext()) {
			SignerInformation signer = (SignerInformation) it.next();
			AttributeTable unsignedAttributes = signer
					.getUnsignedAttributes();
			Attribute attributeTimeStamp = unsignedAttributes
					.get(new ASN1ObjectIdentifier(
							PKCSObjectIdentifiers.id_aa_signatureTimeStampToken
									.getId()));
			if (attributeTimeStamp != null) {
				TimeStampOperator timeStampOperator = new TimeStampOperator();
				byte[] varTimeStamp = attributeTimeStamp.getAttrValues()
						.getObjectAt(0).toASN1Primitive().getEncoded();
				TimeStampToken timeStampToken = new TimeStampToken(
						new CMSSignedData(varTimeStamp));
				Timestamp timeStampSigner = new Timestamp(timeStampToken);
				timeStampOperator.validate(signer.getSignature(),
						varTimeStamp, null);
				listOfTimeStamp.add(timeStampSigner);
			}
		}
		return listOfTimeStamp;
	} catch (CertificateCoreException | IOException | TSPException
			| CMSException e) {
		throw new SignerException(e);
	}		
}
 
Example 3
Source File: CMSUtils.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
/**
 * Returns an unsigned attribute by its given {@code oid}
 * @param signerInformation {@link SignerInformation} to get attribute from
 * @param oid {@link ASN1ObjectIdentifier} of the target attribute
 * @return {@link Attribute}
 */
public static Attribute getUnsignedAttribute(SignerInformation signerInformation, ASN1ObjectIdentifier oid) {
	final AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
	if (unsignedAttributes == null) {
		return null;
	}
	return unsignedAttributes.get(oid);
}
 
Example 4
Source File: CAdESUnsignedAttributes.java    From dss with GNU Lesser General Public License v2.1 4 votes vote down vote up
public static CAdESUnsignedAttributes build(SignerInformation signerInformation) {
	return new CAdESUnsignedAttributes(signerInformation.getUnsignedAttributes());
}
 
Example 5
Source File: CAdESLevelLTATS101733Test.java    From dss with GNU Lesser General Public License v2.1 4 votes vote down vote up
@Test
public void test() throws Exception {
	DSSDocument documentToSign = new InMemoryDocument("Hello World !".getBytes(), "test.text");

	CAdESSignatureParameters signatureParameters = new CAdESSignatureParameters();
	signatureParameters.bLevel().setSigningDate(new Date());
	signatureParameters.setSigningCertificate(getSigningCert());
	signatureParameters.setCertificateChain(getCertificateChain());
	signatureParameters.setSignaturePackaging(SignaturePackaging.ENVELOPING);
	signatureParameters.setSignatureLevel(SignatureLevel.CAdES_BASELINE_LTA);
	signatureParameters.setEn319122(false);

	CAdESService service = new CAdESService(getCompleteCertificateVerifier());
	service.setTspSource(getGoodTsa());

	ToBeSigned dataToSign = service.getDataToSign(documentToSign, signatureParameters);
	SignatureValue signatureValue = getToken().sign(dataToSign, signatureParameters.getDigestAlgorithm(), getPrivateKeyEntry());
	DSSDocument signedDocument = service.signDocument(documentToSign, signatureParameters, signatureValue);
	
	SignedDocumentValidator validator = SignedDocumentValidator.fromDocument(signedDocument);
	validator.setCertificateVerifier(getOfflineCertificateVerifier());

	Reports reports = validator.validateDocument();

	DiagnosticData diagnosticData = reports.getDiagnosticData();
	
	List<TimestampWrapper> timestampList = diagnosticData.getTimestampList();
	assertEquals(2, timestampList.size());
	int archiveTimestampCounter = 0;
	for (TimestampWrapper timestamp : timestampList) {
		assertTrue(timestamp.isMessageImprintDataFound());
		assertTrue(timestamp.isMessageImprintDataIntact());
		if (timestamp.getType().isArchivalTimestamp()) {
			++archiveTimestampCounter;
		}
	}
	assertEquals(1, archiveTimestampCounter);
	
	try (InputStream is = signedDocument.openStream()) {
		CMSSignedData cmsSignedData = new CMSSignedData(is);
		Collection<SignerInformation> signers = cmsSignedData.getSignerInfos().getSigners();
		assertEquals(1, signers.size());
		for (SignerInformation signerInformation : signers) {
			AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
			Attribute[] attributes = DSSASN1Utils.getAsn1Attributes(unsignedAttributes, OID.id_aa_ets_archiveTimestampV3);
			assertEquals(1, attributes.length);
			Attribute archiveTimestamp = attributes[0];
			
			TimeStampToken timeStampToken = DSSASN1Utils.getTimeStampToken(archiveTimestamp);
			AttributeTable unsignedAttributes2 = timeStampToken.getUnsignedAttributes();
			Attribute[] asn1Attributes = DSSASN1Utils.getAsn1Attributes(unsignedAttributes2, OID.id_aa_ATSHashIndex);
			assertEquals(1, asn1Attributes.length);
		}
	}
	
}
 
Example 6
Source File: CMSUtils.java    From dss with GNU Lesser General Public License v2.1 2 votes vote down vote up
/**
 * This method returns the existing unsigned attributes or a new empty attributes hashtable
 *
 * @param signerInformation
 *            the signer information
 * @return the existing unsigned attributes or an empty attributes hashtable
 */
public static AttributeTable getUnsignedAttributes(final SignerInformation signerInformation) {
	final AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
	return DSSASN1Utils.emptyIfNull(unsignedAttributes);
}