Search in sources :

Example 21 with SignerException

use of org.demoiselle.signer.policy.impl.cades.SignerException in project signer by demoiselle.

the class CAdESTimeStampSigner method checkTimeStampOnSignature.

@Override
public List<Timestamp> checkTimeStampOnSignature(byte[] signature) {
    try {
        Security.addProvider(new BouncyCastleProvider());
        List<Timestamp> listOfTimeStamp = new ArrayList<Timestamp>();
        CMSSignedData cmsSignedData = new CMSSignedData(signature);
        SignerInformationStore signers = cmsSignedData.getSignerInfos();
        Iterator<?> it = signers.getSigners().iterator();
        while (it.hasNext()) {
            SignerInformation signer = (SignerInformation) it.next();
            AttributeTable unsignedAttributes = signer.getUnsignedAttributes();
            Attribute attributeTimeStamp = unsignedAttributes.get(new ASN1ObjectIdentifier(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken.getId()));
            if (attributeTimeStamp != null) {
                TimeStampOperator timeStampOperator = new TimeStampOperator();
                byte[] varTimeStamp = attributeTimeStamp.getAttrValues().getObjectAt(0).toASN1Primitive().getEncoded();
                TimeStampToken timeStampToken = new TimeStampToken(new CMSSignedData(varTimeStamp));
                Timestamp timeStampSigner = new Timestamp(timeStampToken);
                timeStampOperator.validate(signer.getSignature(), varTimeStamp, null);
                listOfTimeStamp.add(timeStampSigner);
            }
        }
        return listOfTimeStamp;
    } catch (CertificateCoreException | IOException | TSPException | CMSException e) {
        throw new SignerException(e);
    }
}
Also used : TimeStampOperator(org.demoiselle.signer.timestamp.connector.TimeStampOperator) SignedOrUnsignedAttribute(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.SignedOrUnsignedAttribute) Timestamp(org.demoiselle.signer.timestamp.Timestamp) CertificateCoreException(org.demoiselle.signer.core.exception.CertificateCoreException) SignerException(org.demoiselle.signer.policy.impl.cades.SignerException) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Example 22 with SignerException

use of org.demoiselle.signer.policy.impl.cades.SignerException in project signer by demoiselle.

the class CAdESTimeStampSigner method doTimeStamp.

private byte[] doTimeStamp(byte[] content, byte[] hash) {
    try {
        AttributeFactory attributeFactory = AttributeFactory.getInstance();
        SignedOrUnsignedAttribute signedOrUnsignedAttribute = attributeFactory.factory(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken.getId());
        if (content != null) {
            signedOrUnsignedAttribute.initialize(this.pkcs1.getPrivateKey(), this.getCertificateChain(), content, signaturePolicy, null);
        } else {
            signedOrUnsignedAttribute.initialize(this.pkcs1.getPrivateKey(), this.getCertificateChain(), null, signaturePolicy, hash);
        }
        byte[] result = signedOrUnsignedAttribute.getValue().getEncoded();
        return result;
    } catch (IOException ex) {
        throw new SignerException(cadesMessagesBundle.getString("error.invalid.bytes.pkcs7"), ex);
    }
}
Also used : SignedOrUnsignedAttribute(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.SignedOrUnsignedAttribute) AttributeFactory(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.factory.AttributeFactory) SignerException(org.demoiselle.signer.policy.impl.cades.SignerException)

Example 23 with SignerException

use of org.demoiselle.signer.policy.impl.cades.SignerException in project signer by demoiselle.

the class CAdESTimeStampSigner method checkTimeStamp.

private Timestamp checkTimeStamp(byte[] timeStamp, byte[] content, byte[] hash) {
    try {
        Security.addProvider(new BouncyCastleProvider());
        ais = new ASN1InputStream(new ByteArrayInputStream(timeStamp));
        ASN1Sequence seq = (ASN1Sequence) ais.readObject();
        Attribute attributeTimeStamp = new Attribute((ASN1ObjectIdentifier) seq.getObjectAt(0), (ASN1Set) seq.getObjectAt(1));
        byte[] varTimeStamp = attributeTimeStamp.getAttrValues().getObjectAt(0).toASN1Primitive().getEncoded();
        TimeStampOperator timeStampOperator = new TimeStampOperator();
        if (content != null) {
            timeStampOperator.validate(content, varTimeStamp, null);
        } else {
            timeStampOperator.validate(null, varTimeStamp, hash);
        }
        TimeStampToken timeStampToken = new TimeStampToken(new CMSSignedData(varTimeStamp));
        Timestamp timeStampSigner = new Timestamp(timeStampToken);
        return timeStampSigner;
    } catch (CertificateCoreException | IOException | TSPException | CMSException e) {
        throw new SignerException(e);
    }
}
Also used : TimeStampOperator(org.demoiselle.signer.timestamp.connector.TimeStampOperator) SignedOrUnsignedAttribute(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.SignedOrUnsignedAttribute) Timestamp(org.demoiselle.signer.timestamp.Timestamp) CertificateCoreException(org.demoiselle.signer.core.exception.CertificateCoreException) SignerException(org.demoiselle.signer.policy.impl.cades.SignerException) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Example 24 with SignerException

use of org.demoiselle.signer.policy.impl.cades.SignerException in project signer by demoiselle.

the class CAdESTimeStampSigner method doTimeStampForSignature.

@Override
public byte[] doTimeStampForSignature(byte[] signature) throws SignerException {
    try {
        Security.addProvider(new BouncyCastleProvider());
        CMSSignedData cmsSignedData = new CMSSignedData(signature);
        SignerInformationStore signers = cmsSignedData.getSignerInfos();
        Iterator<?> it = signers.getSigners().iterator();
        SignerInformation signer = (SignerInformation) it.next();
        AttributeFactory attributeFactory = AttributeFactory.getInstance();
        ASN1EncodableVector unsignedAttributes = new ASN1EncodableVector();
        SignedOrUnsignedAttribute signedOrUnsignedAttribute = attributeFactory.factory(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken.getId());
        signedOrUnsignedAttribute.initialize(this.pkcs1.getPrivateKey(), this.getCertificateChain(), signer.getSignature(), signaturePolicy, null);
        unsignedAttributes.add(signedOrUnsignedAttribute.getValue());
        AttributeTable unsignedAttributesTable = new AttributeTable(unsignedAttributes);
        List<SignerInformation> vNewSigners = new ArrayList<SignerInformation>();
        vNewSigners.add(SignerInformation.replaceUnsignedAttributes(signer, unsignedAttributesTable));
        SignerInformationStore oNewSignerInformationStore = new SignerInformationStore(vNewSigners);
        CMSSignedData oSignedData = cmsSignedData;
        cmsSignedData = CMSSignedData.replaceSigners(oSignedData, oNewSignerInformationStore);
        byte[] result = cmsSignedData.getEncoded();
        return result;
    } catch (CMSException ex) {
        throw new SignerException(cadesMessagesBundle.getString("error.invalid.bytes.pkcs7"), ex);
    } catch (IOException ex) {
        throw new SignerException(cadesMessagesBundle.getString("error.invalid.bytes.pkcs7"), ex);
    }
}
Also used : SignedOrUnsignedAttribute(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.SignedOrUnsignedAttribute) AttributeFactory(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.factory.AttributeFactory) SignerException(org.demoiselle.signer.policy.impl.cades.SignerException) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Aggregations

SignerException (org.demoiselle.signer.policy.impl.cades.SignerException)24 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)11 Attribute (org.bouncycastle.asn1.cms.Attribute)11 X509Certificate (java.security.cert.X509Certificate)10 IOException (java.io.IOException)9 CertificateEncodingException (java.security.cert.CertificateEncodingException)9 DERSet (org.bouncycastle.asn1.DERSet)8 CMSSignedData (org.bouncycastle.cms.CMSSignedData)8 CertificateCoreException (org.demoiselle.signer.core.exception.CertificateCoreException)8 CMSException (org.bouncycastle.cms.CMSException)7 BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)7 DERSequence (org.bouncycastle.asn1.DERSequence)6 TSPException (org.bouncycastle.tsp.TSPException)6 Timestamp (org.demoiselle.signer.timestamp.Timestamp)6 ArrayList (java.util.ArrayList)5 SignedOrUnsignedAttribute (org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.SignedOrUnsignedAttribute)5 UnsignedAttribute (org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.UnsignedAttribute)5 ParseException (java.text.ParseException)4 CMSSignerDigestMismatchException (org.bouncycastle.cms.CMSSignerDigestMismatchException)4 SignerInformation (org.bouncycastle.cms.SignerInformation)4