Java Code Examples for org.bouncycastle.asn1.cms.AttributeTable#toASN1EncodableVector()
The following examples show how to use
org.bouncycastle.asn1.cms.AttributeTable#toASN1EncodableVector() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: CadesLevelBaselineLTATimestampExtractor.java From dss with GNU Lesser General Public License v2.1 | 6 votes |
/** * The field unsignedAttrsHashIndex is a sequence of octet strings. Each one contains the hash value of one * instance of Attribute within unsignedAttrs field of the SignerInfo. A hash value for every instance of * Attribute, as present at the time when the corresponding archive time-stamp is requested, shall be included in * unsignedAttrsHashIndex. No other hash values shall be included in this field. * * @param signerInformation {@link SignerInformation} * @param atsHashIndexVersionIdentifier {@link ASN1ObjectIdentifier} of the ats-hash-index table version to create * @return */ private ASN1Sequence getUnsignedAttributesHashIndex(SignerInformation signerInformation, ASN1ObjectIdentifier atsHashIndexVersionIdentifier) { final ASN1EncodableVector unsignedAttributesHashIndex = new ASN1EncodableVector(); AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes(); final ASN1EncodableVector asn1EncodableVector = unsignedAttributes.toASN1EncodableVector(); for (int i = 0; i < asn1EncodableVector.size(); i++) { final Attribute attribute = (Attribute) asn1EncodableVector.get(i); if (!excludedAttributesFromAtsHashIndex.contains(attribute.getAttrType())) { List<DEROctetString> attributeDerOctetStringHashes = getAttributeDerOctetStringHashes(attribute, atsHashIndexVersionIdentifier); for (DEROctetString derOctetStringDigest : attributeDerOctetStringHashes) { unsignedAttributesHashIndex.add(derOctetStringDigest); } } } return new DERSequence(unsignedAttributesHashIndex); }
Example 2
Source File: CadesLevelBaselineLTATimestampExtractor.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
/** * The field unsignedAttrsHashIndex is a sequence of octet strings. Each one contains the hash value of one * instance of Attribute within unsignedAttrs field of the SignerInfo. A hash value for every instance of * Attribute, as present at the time when the corresponding archive time-stamp is requested, shall be included in * unsignedAttrsHashIndex. No other hash values shall be included in this field. * * We check that every hash attribute found in the timestamp token is found if the signerInformation. * * If there is more unsigned attributes in the signerInformation than present in the hash attributes list * (and there is at least the archiveTimestampAttributeV3), we don't report any error nor which attributes are * signed by the timestamp. * If there is some attributes that are not present or altered in the signerInformation, we just return some empty * sequence to make * sure that the timestamped data will not match. We do not report which attributes hash are present if any. * * If there is not attribute at all in the archive timestamp hash index, that would means we didn't check anything. * * @param signerInformation * @param timestampHashIndex * @return */ @SuppressWarnings("unchecked") private ASN1Sequence getVerifiedUnsignedAttributesHashIndex(SignerInformation signerInformation, final ASN1Sequence timestampHashIndex, ASN1ObjectIdentifier atsHashIndexVersionIdentifier) { final ASN1Sequence unsignedAttributesHashes = DSSASN1Utils.getUnsignedAttributesHashIndex(timestampHashIndex); final List<DEROctetString> timestampUnsignedAttributesHashesList = new ArrayList<>(); if (unsignedAttributesHashes != null) { timestampUnsignedAttributesHashesList.addAll(Collections.list(unsignedAttributesHashes.getObjects())); } AttributeTable unsignedAttributes = CMSUtils.getUnsignedAttributes(signerInformation); final ASN1EncodableVector asn1EncodableVector = unsignedAttributes.toASN1EncodableVector(); for (int i = 0; i < asn1EncodableVector.size(); i++) { final Attribute attribute = (Attribute) asn1EncodableVector.get(i); List<DEROctetString> attributeDerOctetStringHashes = getAttributeDerOctetStringHashes(attribute, atsHashIndexVersionIdentifier); for (DEROctetString derOctetStringDigest : attributeDerOctetStringHashes) { final ASN1ObjectIdentifier attrType = attribute.getAttrType(); if (timestampUnsignedAttributesHashesList.remove(derOctetStringDigest)) { // attribute present in signature and in timestamp LOG.debug("Attribute {} present in timestamp", attrType.getId()); } else { LOG.debug("Attribute {} not present in timestamp", attrType.getId()); } } } if (!timestampUnsignedAttributesHashesList.isEmpty()) { LOG.error("{} attribute(s) hash in Timestamp has not been found in document attributes: {}", timestampUnsignedAttributesHashesList.size(), timestampUnsignedAttributesHashesList); // return a empty DERSequence to screw up the hash return new DERSequence(); } // return the original DERSequence return unsignedAttributesHashes; }
Example 3
Source File: CAdESLevelBExternalSignatureTest.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
private ExternalSignatureResult simulateExternalSignature(ToBeSigned toBeSigned) { ExternalSignatureResult externalSignatureResult = new ExternalSignatureResult(); // Get hold of signature certificate. CertificateToken signingCertificate = getSigningCert(); externalSignatureResult.setSigningCertificate(signingCertificate); DigestAlgorithm digestAlgo = signatureParameters.getDigestAlgorithm(); // Add the signing-certificate/signing-certificate-v2 attribute to DER encoded SignedAttributes. try (ASN1InputStream asn1InputStream = new ASN1InputStream(toBeSigned.getBytes())) { DLSet dlSet = (DLSet) asn1InputStream.readObject(); AttributeTable signedAttribute = new AttributeTable(dlSet); ASN1EncodableVector signedAttributeEncodableVector = signedAttribute.toASN1EncodableVector(); CMSUtils.addSigningCertificateAttribute(signedAttributeEncodableVector, digestAlgo, signingCertificate); DERSet signedAttributesData = new DERSet(signedAttributeEncodableVector); // Update toBeSigned toBeSigned.setBytes(signedAttributesData.getEncoded()); externalSignatureResult.setSignedData(toBeSigned.getBytes()); } catch (Exception e) { LOG.error("Error while simulating external CAdES signature", e); } SignatureValue signatureValue = getToken().sign(toBeSigned, getSignatureParameters().getDigestAlgorithm(), getSignatureParameters().getMaskGenerationFunction(), getPrivateKeyEntry()); externalSignatureResult.setSignatureValue(signatureValue); return externalSignatureResult; }
Example 4
Source File: PAdESLevelBExternalSignatureTest.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
private ExternalSignatureResult simulateExternalSignature(ToBeSigned toBeSigned) { ExternalSignatureResult externalSignatureResult = new ExternalSignatureResult(); // Get hold of signature certificate. CertificateToken signingCertificate = getSigningCert(); externalSignatureResult.setSigningCertificate(signingCertificate); DigestAlgorithm digestAlgo = signatureParameters.getDigestAlgorithm(); // Add the signing-certificate/signing-certificate-v2 attribute to DER encoded SignedAttributes. try (ASN1InputStream asn1InputStream = new ASN1InputStream(toBeSigned.getBytes())) { DLSet dlSet = (DLSet) asn1InputStream.readObject(); AttributeTable signedAttribute = new AttributeTable(dlSet); ASN1EncodableVector signedAttributeEncodableVector = signedAttribute.toASN1EncodableVector(); CMSUtils.addSigningCertificateAttribute(signedAttributeEncodableVector, digestAlgo, signingCertificate); DERSet signedAttributesData = new DERSet(signedAttributeEncodableVector); // Update toBeSigned toBeSigned.setBytes(signedAttributesData.getEncoded()); externalSignatureResult.setSignedData(toBeSigned.getBytes()); } catch (Exception e) { LOG.error("Error while simulating external PAdES signature", e); } SignatureValue signatureValue = getToken().sign(toBeSigned, digestAlgo, getSignatureParameters().getMaskGenerationFunction(), getPrivateKeyEntry()); externalSignatureResult.setSignatureValue(signatureValue); return externalSignatureResult; }