if (unsignedAttributes != null) vector = unsignedAttributes.toASN1EncodableVector();
public Attributes toASN1Structure() { return new Attributes(this.toASN1EncodableVector()); }
public Attributes toASN1Structure() { return new Attributes(this.toASN1EncodableVector()); }
/* Construct signed attributes */ ASN1EncodableVector signedAttributes = new ASN1EncodableVector(); signedAttributes.add(new Attribute(CMSAttributes.contentType, new DERSet(new ASN1ObjectIdentifier("1.2.840.113549.1.7.1")))); signedAttributes.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(digestBytes)))); signedAttributes.add(new Attribute(CMSAttributes.signingTime, new DERSet(new DERUTCTime(signingDate)))); AttributeTable signedAttributesTable = new AttributeTable(signedAttributes); signedAttributesTable.toASN1EncodableVector(); DefaultSignedAttributeTableGenerator signedAttributeGenerator = new DefaultSignedAttributeTableGenerator(signedAttributesTable); /* Build the SignerInfo generator builder, that will build the generator... that will generate the SignerInformation... */ SignerInfoGeneratorBuilder signerInfoBuilder = new SignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()); signerInfoBuilder.setSignedAttributeGenerator(signedAttributeGenerator); CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); JcaContentSignerBuilder contentSigner = new JcaContentSignerBuilder("SHA1withRSA"); contentSigner.setProvider("BC"); generator.addSignerInfoGenerator(signerInfoBuilder.build(contentSigner.build(this.signingKey), new X509CertificateHolder(this.signingCert.getEncoded()))); ArrayList<X509CertificateHolder> signingChainHolder = new ArrayList<X509CertificateHolder>(); Iterator i = this.signingChain.iterator(); while (i.hasNext()) { X509CertificateObject cert = (X509CertificateObject)i.next(); signingChainHolder.add(new X509CertificateHolder(cert.getEncoded())); } generator.addCertificates(new JcaCertStore(signingChainHolder)); generator.generate(new CMSAbsentContent(), "BC").getEncoded();
return new DERSet(); return new DERSet(authenticatedAttributes.toASN1EncodableVector()); } else { Hashtable<DERObjectIdentifier, Attribute> hashtable; return new DERSet(new AttributeTable(hashtable).toASN1EncodableVector());
final ASN1EncodableVector asn1EncodableVector = unsignedAttributes.toASN1EncodableVector(); for (int i = 0; i < asn1EncodableVector.size(); i++) { final Attribute attribute = (Attribute) asn1EncodableVector.get(i);
final ASN1Set signedAttr = new DERSet(signed.toASN1EncodableVector()); final ByteArrayOutputStream bOut = new ByteArrayOutputStream(); final DEROutputStream dOut = new DEROutputStream(bOut);
/** * The field unsignedAttrsHashIndex is a sequence of octet strings. Each one contains the hash value of one * instance of Attribute within unsignedAttrs field of the SignerInfo. A hash value for every instance of * Attribute, as present at the time when the corresponding archive time-stamp is requested, shall be included in * unsignedAttrsHashIndex. No other hash values shall be included in this field. * * @param signerInformation * @return */ @SuppressWarnings("unchecked") private ASN1Sequence getUnsignedAttributesHashIndex(SignerInformation signerInformation) throws DSSException { final ASN1EncodableVector unsignedAttributesHashIndex = new ASN1EncodableVector(); AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes(); final ASN1EncodableVector asn1EncodableVector = unsignedAttributes.toASN1EncodableVector(); for (int i = 0; i < asn1EncodableVector.size(); i++) { final Attribute attribute = (Attribute) asn1EncodableVector.get(i); if (!excludedAttributesFromAtsHashIndex.contains(attribute.getAttrType())) { final DEROctetString derOctetStringDigest = getAttributeDerOctetStringHash(attribute); unsignedAttributesHashIndex.add(derOctetStringDigest); } } return new DERSequence(unsignedAttributesHashIndex); }
public static byte[] createSignature(byte[] digest, SMimeDigestMethod digestMethod, PrivateKey privateKey, X509Certificate certificate) throws OxalisSecurityException { try { ASN1EncodableVector signedAttributes = new ASN1EncodableVector(); signedAttributes.add(new Attribute(CMSAttributes.contentType, new DERSet(digestMethod.getOid()))); signedAttributes.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(digest)))); signedAttributes.add(new Attribute(CMSAttributes.signingTime, new DERSet(new DERUTCTime(new Date())))); AttributeTable signedAttributesTable = new AttributeTable(signedAttributes); signedAttributesTable.toASN1EncodableVector(); DefaultSignedAttributeTableGenerator signedAttributeGenerator = new DefaultSignedAttributeTableGenerator(signedAttributesTable); /* Build the SignerInfo generator builder, that will build the generator... that will generate the SignerInformation... */ SignerInfoGeneratorBuilder signerInfoBuilder = new SignerInfoGeneratorBuilder( new JcaDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build()); signerInfoBuilder.setSignedAttributeGenerator(signedAttributeGenerator); CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); JcaContentSignerBuilder contentSigner = new JcaContentSignerBuilder(digestMethod.getMethod()).setProvider(BouncyCastleProvider.PROVIDER_NAME); generator.addSignerInfoGenerator(signerInfoBuilder.build( contentSigner.build(privateKey), new X509CertificateHolder(certificate.getEncoded()))); generator.addCertificates(new JcaCertStore(Collections.singletonList(certificate))); return generator.generate(new CMSAbsentContent()).getEncoded(); } catch (CMSException | IOException | CertificateEncodingException | OperatorCreationException e) { throw new OxalisSecurityException(e.getMessage(), e); } } }
public static byte[] createSignature(byte[] digest, SMimeDigestMethod digestMethod, PrivateKey privateKey, X509Certificate certificate) throws OxalisSecurityException { try { ASN1EncodableVector signedAttributes = new ASN1EncodableVector(); signedAttributes.add(new Attribute(CMSAttributes.contentType, new DERSet(digestMethod.getOid()))); signedAttributes.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(digest)))); signedAttributes.add(new Attribute(CMSAttributes.signingTime, new DERSet(new DERUTCTime(new Date())))); AttributeTable signedAttributesTable = new AttributeTable(signedAttributes); signedAttributesTable.toASN1EncodableVector(); DefaultSignedAttributeTableGenerator signedAttributeGenerator = new DefaultSignedAttributeTableGenerator(signedAttributesTable); /* Build the SignerInfo generator builder, that will build the generator... that will generate the SignerInformation... */ SignerInfoGeneratorBuilder signerInfoBuilder = new SignerInfoGeneratorBuilder( new JcaDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build()); signerInfoBuilder.setSignedAttributeGenerator(signedAttributeGenerator); CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); JcaContentSignerBuilder contentSigner = new JcaContentSignerBuilder(digestMethod.getMethod()).setProvider(BouncyCastleProvider.PROVIDER_NAME); generator.addSignerInfoGenerator(signerInfoBuilder.build( contentSigner.build(privateKey), new X509CertificateHolder(certificate.getEncoded()))); generator.addCertificates(new JcaCertStore(Collections.singletonList(certificate))); return generator.generate(new CMSAbsentContent()).getEncoded(); } catch (CMSException | IOException | CertificateEncodingException | OperatorCreationException e) { throw new OxalisSecurityException(e.getMessage(), e); } } }
private CMSSignedData addNestedSignature(CMSSignedData primary, CMSSignedData secondary) throws CMSException { SignerInformation signerInformation = primary.getSignerInfos().getSigners().iterator().next(); AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes(); if (unsignedAttributes == null) { unsignedAttributes = new AttributeTable(new DERSet()); } Attribute nestedSignaturesAttribute = unsignedAttributes.get(AuthenticodeObjectIdentifiers.SPC_NESTED_SIGNATURE_OBJID); if (nestedSignaturesAttribute == null) { // first nested signature unsignedAttributes = unsignedAttributes.add(AuthenticodeObjectIdentifiers.SPC_NESTED_SIGNATURE_OBJID, secondary.toASN1Structure()); } else { // append the signature to the previous nested signatures ASN1EncodableVector nestedSignatures = new ASN1EncodableVector(); for (ASN1Encodable nestedSignature : nestedSignaturesAttribute.getAttrValues()) { nestedSignatures.add(nestedSignature); } nestedSignatures.add(secondary.toASN1Structure()); ASN1EncodableVector attributes = unsignedAttributes.remove(AuthenticodeObjectIdentifiers.SPC_NESTED_SIGNATURE_OBJID).toASN1EncodableVector(); attributes.add(new Attribute(AuthenticodeObjectIdentifiers.SPC_NESTED_SIGNATURE_OBJID, new DERSet(nestedSignatures))); unsignedAttributes = new AttributeTable(attributes); } signerInformation = SignerInformation.replaceUnsignedAttributes(signerInformation, unsignedAttributes); return CMSSignedData.replaceSigners(primary, new SignerInformationStore(signerInformation)); }
if (unsignedAttributes != null) vector = unsignedAttributes.toASN1EncodableVector();