use of org.demoiselle.signer.policy.impl.cades.SignerException in project signer by demoiselle.
the class CAdESTimeStampSigner method checkTimeStampOnSignature.
@Override
public List<Timestamp> checkTimeStampOnSignature(byte[] signature) {
try {
Security.addProvider(new BouncyCastleProvider());
List<Timestamp> listOfTimeStamp = new ArrayList<Timestamp>();
CMSSignedData cmsSignedData = new CMSSignedData(signature);
SignerInformationStore signers = cmsSignedData.getSignerInfos();
Iterator<?> it = signers.getSigners().iterator();
while (it.hasNext()) {
SignerInformation signer = (SignerInformation) it.next();
AttributeTable unsignedAttributes = signer.getUnsignedAttributes();
Attribute attributeTimeStamp = unsignedAttributes.get(new ASN1ObjectIdentifier(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken.getId()));
if (attributeTimeStamp != null) {
TimeStampOperator timeStampOperator = new TimeStampOperator();
byte[] varTimeStamp = attributeTimeStamp.getAttrValues().getObjectAt(0).toASN1Primitive().getEncoded();
TimeStampToken timeStampToken = new TimeStampToken(new CMSSignedData(varTimeStamp));
Timestamp timeStampSigner = new Timestamp(timeStampToken);
timeStampOperator.validate(signer.getSignature(), varTimeStamp, null);
listOfTimeStamp.add(timeStampSigner);
}
}
return listOfTimeStamp;
} catch (CertificateCoreException | IOException | TSPException | CMSException e) {
throw new SignerException(e);
}
}
use of org.demoiselle.signer.policy.impl.cades.SignerException in project signer by demoiselle.
the class CAdESTimeStampSigner method doTimeStamp.
private byte[] doTimeStamp(byte[] content, byte[] hash) {
try {
AttributeFactory attributeFactory = AttributeFactory.getInstance();
SignedOrUnsignedAttribute signedOrUnsignedAttribute = attributeFactory.factory(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken.getId());
if (content != null) {
signedOrUnsignedAttribute.initialize(this.pkcs1.getPrivateKey(), this.getCertificateChain(), content, signaturePolicy, null);
} else {
signedOrUnsignedAttribute.initialize(this.pkcs1.getPrivateKey(), this.getCertificateChain(), null, signaturePolicy, hash);
}
byte[] result = signedOrUnsignedAttribute.getValue().getEncoded();
return result;
} catch (IOException ex) {
throw new SignerException(cadesMessagesBundle.getString("error.invalid.bytes.pkcs7"), ex);
}
}
use of org.demoiselle.signer.policy.impl.cades.SignerException in project signer by demoiselle.
the class CAdESTimeStampSigner method checkTimeStamp.
private Timestamp checkTimeStamp(byte[] timeStamp, byte[] content, byte[] hash) {
try {
Security.addProvider(new BouncyCastleProvider());
ais = new ASN1InputStream(new ByteArrayInputStream(timeStamp));
ASN1Sequence seq = (ASN1Sequence) ais.readObject();
Attribute attributeTimeStamp = new Attribute((ASN1ObjectIdentifier) seq.getObjectAt(0), (ASN1Set) seq.getObjectAt(1));
byte[] varTimeStamp = attributeTimeStamp.getAttrValues().getObjectAt(0).toASN1Primitive().getEncoded();
TimeStampOperator timeStampOperator = new TimeStampOperator();
if (content != null) {
timeStampOperator.validate(content, varTimeStamp, null);
} else {
timeStampOperator.validate(null, varTimeStamp, hash);
}
TimeStampToken timeStampToken = new TimeStampToken(new CMSSignedData(varTimeStamp));
Timestamp timeStampSigner = new Timestamp(timeStampToken);
return timeStampSigner;
} catch (CertificateCoreException | IOException | TSPException | CMSException e) {
throw new SignerException(e);
}
}
use of org.demoiselle.signer.policy.impl.cades.SignerException in project signer by demoiselle.
the class CAdESTimeStampSigner method doTimeStampForSignature.
@Override
public byte[] doTimeStampForSignature(byte[] signature) throws SignerException {
try {
Security.addProvider(new BouncyCastleProvider());
CMSSignedData cmsSignedData = new CMSSignedData(signature);
SignerInformationStore signers = cmsSignedData.getSignerInfos();
Iterator<?> it = signers.getSigners().iterator();
SignerInformation signer = (SignerInformation) it.next();
AttributeFactory attributeFactory = AttributeFactory.getInstance();
ASN1EncodableVector unsignedAttributes = new ASN1EncodableVector();
SignedOrUnsignedAttribute signedOrUnsignedAttribute = attributeFactory.factory(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken.getId());
signedOrUnsignedAttribute.initialize(this.pkcs1.getPrivateKey(), this.getCertificateChain(), signer.getSignature(), signaturePolicy, null);
unsignedAttributes.add(signedOrUnsignedAttribute.getValue());
AttributeTable unsignedAttributesTable = new AttributeTable(unsignedAttributes);
List<SignerInformation> vNewSigners = new ArrayList<SignerInformation>();
vNewSigners.add(SignerInformation.replaceUnsignedAttributes(signer, unsignedAttributesTable));
SignerInformationStore oNewSignerInformationStore = new SignerInformationStore(vNewSigners);
CMSSignedData oSignedData = cmsSignedData;
cmsSignedData = CMSSignedData.replaceSigners(oSignedData, oNewSignerInformationStore);
byte[] result = cmsSignedData.getEncoded();
return result;
} catch (CMSException ex) {
throw new SignerException(cadesMessagesBundle.getString("error.invalid.bytes.pkcs7"), ex);
} catch (IOException ex) {
throw new SignerException(cadesMessagesBundle.getString("error.invalid.bytes.pkcs7"), ex);
}
}
Aggregations