Java 类org.bouncycastle.asn1.cms.AttributeTable 实例源码

public void close()
    throws IOException
{
    _out.close();
    _eiGen.close();

    if (unprotectedAttributeGenerator != null)
    {
        AttributeTable attrTable = unprotectedAttributeGenerator.getAttributes(new HashMap());

        ASN1Set unprotectedAttrs = new BERSet(attrTable.toASN1EncodableVector());

        _envGen.addObject(new DERTaggedObject(false, 1, unprotectedAttrs));
    }

    _envGen.close();
    _cGen.close();
}

SignerInf(
    PrivateKey                 key,
    Object                     signerIdentifier,
    String                     digestOID,
    String                     encOID,
    CMSAttributeTableGenerator sAttr,
    CMSAttributeTableGenerator unsAttr,
    AttributeTable             baseSignedTable)
{
    this.key = key;
    this.signerIdentifier = signerIdentifier;
    this.digestOID = digestOID;
    this.encOID = encOID;
    this.sAttr = sAttr;
    this.unsAttr = unsAttr;
    this.baseSignedTable = baseSignedTable;
}

public void close()
    throws IOException
{
    _out.close();
    _eiGen.close();

    if (unprotectedAttributeGenerator != null)
    {
        AttributeTable attrTable = unprotectedAttributeGenerator.getAttributes(new HashMap());

        ASN1Set unprotectedAttrs = new BERSet(attrTable.toASN1EncodableVector());

        _envGen.addObject(new DERTaggedObject(false, 1, unprotectedAttrs));
    }

    _envGen.close();
    _cGen.close();
}

public void close()
    throws IOException
{
    _out.close();
    _eiGen.close();

    if (unprotectedAttributeGenerator != null)
    {
        AttributeTable attrTable = unprotectedAttributeGenerator.getAttributes(new HashMap());

        ASN1Set unprotectedAttrs = new BERSet(attrTable.toASN1EncodableVector());

        _envGen.addObject(new DERTaggedObject(false, 1, unprotectedAttrs));
    }

    _envGen.close();
    _cGen.close();
}

private static CMSSignedData addTimestamp(String tsaUrl, CMSSignedData signedData) throws IOException {

        Collection<SignerInformation> signerInfos = signedData.getSignerInfos().getSigners();

        // get signature of first signer (should be the only one)
        SignerInformation si = signerInfos.iterator().next();
        byte[] signature = si.getSignature();

        // send request to TSA
        byte[] token = TimeStampingClient.getTimeStampToken(tsaUrl, signature, DigestType.SHA1);

        // create new SignerInformation with TS attribute
        Attribute tokenAttr = new Attribute(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken,
                new DERSet(ASN1Primitive.fromByteArray(token)));
        ASN1EncodableVector timestampVector = new ASN1EncodableVector();
        timestampVector.add(tokenAttr);
        AttributeTable at = new AttributeTable(timestampVector);
        si = SignerInformation.replaceUnsignedAttributes(si, at);
        signerInfos.clear();
        signerInfos.add(si);
        SignerInformationStore newSignerStore = new SignerInformationStore(signerInfos);

        // create new signed data
        CMSSignedData newSignedData = CMSSignedData.replaceSigners(signedData, newSignerStore);
        return newSignedData;
    }

/**
 * We are extending CMS Signature
 *
 * @param signer
 *            information about signer
 * @return information about SignerInformation
 */
private SignerInformation signTimeStamp(SignerInformation signer) throws IOException, TSPException {
    AttributeTable unsignedAttributes = signer.getUnsignedAttributes();

    ASN1EncodableVector vector = new ASN1EncodableVector();
    if (unsignedAttributes != null) {
        vector = unsignedAttributes.toASN1EncodableVector();
    }

    byte[] token = tsaClient.getTimeStampToken(signer.getSignature());
    ASN1ObjectIdentifier oid = PKCSObjectIdentifiers.id_aa_signatureTimeStampToken;
    ASN1Encodable signatureTimeStamp = new Attribute(oid, new DERSet(ASN1Primitive.fromByteArray(token)));

    vector.add(signatureTimeStamp);
    Attributes signedAttributes = new Attributes(vector);

    SignerInformation newSigner = SignerInformation.replaceUnsignedAttributes(signer,
            new AttributeTable(signedAttributes));

    return newSigner;
}

private boolean verifySignedReferencesToSigningCertificate() {

        final IssuerSerial signingTokenIssuerSerial = DSSASN1Utils.getIssuerSerial(signingCertificateValidity.getCertificateToken());
        final BigInteger signingTokenSerialNumber = signingTokenIssuerSerial.getSerial().getValue();
        final GeneralNames signingTokenIssuerName = signingTokenIssuerSerial.getIssuer();

        final AttributeTable signedAttributes = CMSUtils.getSignedAttributes(signerInformation);
        final Attribute signingCertificateAttributeV1 = signedAttributes.get(id_aa_signingCertificate);
        if (signingCertificateAttributeV1 != null) {

            signingCertificateValidity.setAttributePresent(true);
            verifySigningCertificateV1(signingTokenSerialNumber, signingTokenIssuerName, signingCertificateAttributeV1);
            return true;
        }
        final Attribute signingCertificateAttributeV2 = signedAttributes.get(id_aa_signingCertificateV2);
        if (signingCertificateAttributeV2 != null) {

            signingCertificateValidity.setAttributePresent(true);
            verifySigningCertificateV2(signingTokenSerialNumber, signingTokenIssuerName, signingCertificateAttributeV2);
            return true;
        }
        return false;
    }

public AttributeTable getSignedAttributes(final CAdESSignatureParameters parameters) {

        ASN1EncodableVector signedAttributes = new ASN1EncodableVector();

        addSigningCertificateAttribute(parameters, signedAttributes);
        addSigningTimeAttribute(parameters, signedAttributes);
        addSignerAttribute(parameters, signedAttributes);
        addSignaturePolicyId(parameters, signedAttributes);
        addContentHints(parameters, signedAttributes);
        addContentIdentifier(parameters, signedAttributes);
        addCommitmentType(parameters, signedAttributes);
        addSignerLocation(parameters, signedAttributes);
        addContentTimestamps(parameters, signedAttributes);

        // mime-type attribute breaks parallel signatures by adding PKCS7 as a mime-type for subsequent signers.
        // This attribute is not mandatory, so it has been disabled.

        final AttributeTable signedAttributesTable = new AttributeTable(signedAttributes);
        return signedAttributesTable;
    }

/**
 * 
 * @param key
 * @param cert
 * @param digestOID
 * @param encOID
 * @param sAttr
 * @param unsAttr
 * @param baseSigneTable
 */
SignerInf(
    PrivateKey                 key,
    X509Certificate            cert,
    String                     digestOID,
    String                     encOID,
    CMSAttributeTableGenerator sAttr,
    CMSAttributeTableGenerator unsAttr,
    AttributeTable             baseSigneTable)
{
    this.key = key;
    this.cert = cert;
    this.digestOID = digestOID;
    this.encOID = encOID;
    this.sAttr = sAttr;
    this.unsAttr = unsAttr;
    this.baseSignedTable = baseSigneTable;
}

/**
 * Retorna a data da criacao da assinatura
 * NAO EH CARIMBO DE TEMPO 
 * @return Date
 * @see Date
 */
public Date getDataAssinatura(){

    try {
        getCertificadoAssinante();
    } catch (Exception e) {
        return null;
    }
       AttributeTable attr = signerInfo.getSignedAttributes();

       if (attr != null)
       {
           Attribute t = attr.get(CMSAttributes.signingTime);
           if (t != null)
           {
               Time   time = Time.getInstance(
                                   t.getAttrValues().getObjectAt(0).getDERObject());
               return time.getDate();
           }
       }
       return null;
}

private MimeBodyPart generateEncapsulatedRsa(String digestOid, MimeBodyPart msg) 
    throws Exception
{
    List certList = new ArrayList();

    certList.add(_signCert);
    certList.add(_origCert);

    CertStore certs = CertStore.getInstance("Collection",
                    new CollectionCertStoreParameters(certList), "BC");

    ASN1EncodableVector signedAttrs = generateSignedAttributes();

    SMIMESignedGenerator gen = new SMIMESignedGenerator();

    gen.addSigner(_signKP.getPrivate(), _signCert, digestOid, new AttributeTable(signedAttrs), null);
    gen.addCertificatesAndCRLs(certs);

    return gen.generateEncapsulated(msg, "BC");
}

public void close()
    throws IOException
{
    _out.close();
    _eiGen.close();

    if (unprotectedAttributeGenerator != null)
    {
        AttributeTable attrTable = unprotectedAttributeGenerator.getAttributes(new HashMap());

        ASN1Set unprotectedAttrs = new BERSet(attrTable.toASN1EncodableVector());

        _envGen.addObject(new DERTaggedObject(false, 1, unprotectedAttrs));
    }

    _envGen.close();
    _cGen.close();
}

SignerInf(
    PrivateKey                 key,
    Object                     signerIdentifier,
    String                     digestOID,
    String                     encOID,
    CMSAttributeTableGenerator sAttr,
    CMSAttributeTableGenerator unsAttr,
    AttributeTable             baseSignedTable)
{
    this.key = key;
    this.signerIdentifier = signerIdentifier;
    this.digestOID = digestOID;
    this.encOID = encOID;
    this.sAttr = sAttr;
    this.unsAttr = unsAttr;
    this.baseSignedTable = baseSignedTable;
}

public void close()
    throws IOException
{
    _out.close();
    _eiGen.close();

    if (unprotectedAttributeGenerator != null)
    {
        AttributeTable attrTable = unprotectedAttributeGenerator.getAttributes(new HashMap());

        ASN1Set unprotectedAttrs = new BERSet(attrTable.toASN1EncodableVector());

        _envGen.addObject(new DERTaggedObject(false, 1, unprotectedAttrs));
    }

    _envGen.close();
    _cGen.close();
}

public static Date getSignatureTime(SignerInformation signer)
{
    AttributeTable atab = signer.getSignedAttributes();
    Date result = null;
    if (atab != null)
    {
        Attribute attr = atab.get(CMSAttributes.signingTime);
        if (attr != null)
        {
            Time t = Time.getInstance(attr.getAttrValues().getObjectAt(0)
                    .toASN1Primitive());
            result = t.getDate();
        }
    }
    return result;
}

/**
 * return a table of the digested attributes indexed by
 * the OID of the attribute.
 */
public AttributeTable getAuthAttrs()
{
    if (authAttrs == null)
    {
        return null;
    }

    return new AttributeTable(authAttrs);
}

/**
 * return a table of the undigested attributes indexed by
 * the OID of the attribute.
 */
public AttributeTable getUnauthAttrs()
{
    if (unauthAttrs == null)
    {
        return null;
    }

    return new AttributeTable(unauthAttrs);
}

private ASN1Primitive getSingleValuedSignedAttribute(
    ASN1ObjectIdentifier attrOID, String printableName)
    throws CMSException
{
    AttributeTable unsignedAttrTable = this.getUnsignedAttributes();
    if (unsignedAttrTable != null
        && unsignedAttrTable.getAll(attrOID).size() > 0)
    {
        throw new CMSException("The " + printableName
            + " attribute MUST NOT be an unsigned attribute");
    }

    AttributeTable signedAttrTable = this.getSignedAttributes();
    if (signedAttrTable == null)
    {
        return null;
    }

    ASN1EncodableVector v = signedAttrTable.getAll(attrOID);
    switch (v.size())
    {
        case 0:
            return null;
        case 1:
        {
            Attribute t = (Attribute)v.get(0);
            ASN1Set attrValues = t.getAttrValues();
            if (attrValues.size() != 1)
            {
                throw new CMSException("A " + printableName
                    + " attribute MUST have a single attribute value");
            }

            return attrValues.getObjectAt(0).toASN1Primitive();
        }
        default:
            throw new CMSException("The SignedAttributes in a signerInfo MUST NOT include multiple instances of the "
                + printableName + " attribute");
    }
}

private ASN1Set getAttributeSet(
    AttributeTable attr)
{
    if (attr != null)
    {
        return new DERSet(attr.toASN1EncodableVector());
    }

    return null;
}

/**
 * add a signer with extra signed/unsigned attributes.
 * @throws NoSuchProviderException 
 * @throws NoSuchAlgorithmException 
 * @throws InvalidKeyException
 * @deprecated use addSignedInfoGenerator
 */
public void addSigner(
    PrivateKey      key,
    X509Certificate cert,
    String          digestOID,
    AttributeTable  signedAttr,
    AttributeTable  unsignedAttr,
    String          sigProvider)
    throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException
{
    addSigner(key, cert, digestOID, signedAttr, unsignedAttr,
        CMSUtils.getProvider(sigProvider));
}

/**
 * add a signer with extra signed/unsigned attributes.
 * @throws NoSuchAlgorithmException
 * @throws InvalidKeyException
 * @deprecated use addSignedInfoGenerator
 */
public void addSigner(
    PrivateKey      key,
    X509Certificate cert,
    String          digestOID,
    AttributeTable  signedAttr,
    AttributeTable  unsignedAttr,
    Provider        sigProvider)
    throws NoSuchAlgorithmException, InvalidKeyException
{
    addSigner(key, cert, digestOID, new DefaultSignedAttributeTableGenerator(signedAttr),
        new SimpleAttributeTableGenerator(unsignedAttr), sigProvider);
}

/**
 * add a signer with extra signed/unsigned attributes - specifying digest
 * encryption algorithm.
 * @throws NoSuchProviderException
 * @throws NoSuchAlgorithmException
 * @throws InvalidKeyException
 * @deprecated use addSignedInfoGenerator
 */
public void addSigner(
    PrivateKey      key,
    X509Certificate cert,
    String          encryptionOID,
    String          digestOID,
    AttributeTable  signedAttr,
    AttributeTable  unsignedAttr,
    String          sigProvider)
    throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException
{
    addSigner(key, cert, encryptionOID, digestOID, signedAttr, unsignedAttr,
        CMSUtils.getProvider(sigProvider));
}

/**
 * add a signer with extra signed/unsigned attributes and the digest encryption algorithm.
 * @throws NoSuchAlgorithmException
 * @throws InvalidKeyException
 * @deprecated use addSignedInfoGenerator
 */
public void addSigner(
    PrivateKey      key,
    X509Certificate cert,
    String          encryptionOID,
    String          digestOID,
    AttributeTable  signedAttr,
    AttributeTable  unsignedAttr,
    Provider        sigProvider)
    throws NoSuchAlgorithmException, InvalidKeyException
{
    addSigner(key, cert, encryptionOID, digestOID,
        new DefaultSignedAttributeTableGenerator(signedAttr),
        new SimpleAttributeTableGenerator(unsignedAttr), sigProvider);
}

/**
 * add a signer with extra signed/unsigned attributes.
 * @throws NoSuchProviderException
 * @throws NoSuchAlgorithmException
 * @throws InvalidKeyException
 * @deprecated use addSignerInfoGenerator
 */
public void addSigner(
    PrivateKey      key,
    byte[]          subjectKeyID,
    String          digestOID,
    AttributeTable  signedAttr,
    AttributeTable  unsignedAttr,
    String          sigProvider)
    throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException
{
    addSigner(key, subjectKeyID, digestOID, signedAttr, unsignedAttr,
        CMSUtils.getProvider(sigProvider));
}

/**
 * add a signer with extra signed/unsigned attributes.
 * @throws NoSuchAlgorithmException
 * @throws InvalidKeyException
 * @deprecated use addSignerInfoGenerator
 */
public void addSigner(
    PrivateKey      key,
    byte[]          subjectKeyID,
    String          digestOID,
    AttributeTable  signedAttr,
    AttributeTable  unsignedAttr,
    Provider        sigProvider)
    throws NoSuchAlgorithmException, InvalidKeyException
{
    addSigner(key, subjectKeyID, digestOID,
        new DefaultSignedAttributeTableGenerator(signedAttr),
        new SimpleAttributeTableGenerator(unsignedAttr), sigProvider);
}

/**
 * add a signer with extra signed/unsigned attributes.
 *
 * @param key signing key to use
 * @param cert certificate containing corresponding public key
 * @param digestOID digest algorithm OID
 * @param signedAttr table of attributes to be included in signature
 * @param unsignedAttr table of attributes to be included as unsigned
 * @deprecated use addSignerInfoGenerator
 */
public void addSigner(
    PrivateKey      key,
    X509Certificate cert,
    String          digestOID,
    AttributeTable  signedAttr,
    AttributeTable  unsignedAttr)
    throws IllegalArgumentException
{
    addSigner(key, cert, getEncOID(key, digestOID), digestOID, signedAttr, unsignedAttr);
}

/**
 * add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes.
 *
 * @param key signing key to use
 * @param cert certificate containing corresponding public key
 * @param encryptionOID digest encryption algorithm OID
 * @param digestOID digest algorithm OID
 * @param signedAttr table of attributes to be included in signature
 * @param unsignedAttr table of attributes to be included as unsigned
 * @deprecated use addSignerInfoGenerator
 */
public void addSigner(
    PrivateKey      key,
    X509Certificate cert,
    String          encryptionOID,
    String          digestOID,
    AttributeTable  signedAttr,
    AttributeTable  unsignedAttr)
    throws IllegalArgumentException
{
    doAddSigner(key, cert, encryptionOID, digestOID,
      new DefaultSignedAttributeTableGenerator(signedAttr),
      new SimpleAttributeTableGenerator(unsignedAttr), signedAttr);
}

/**
 * add a signer with extra signed/unsigned attributes.
 *
 * @param key signing key to use
 * @param subjectKeyID subjectKeyID of corresponding public key
 * @param digestOID digest algorithm OID
 * @param signedAttr table of attributes to be included in signature
 * @param unsignedAttr table of attributes to be included as unsigned
 * @deprecated use addSignerInfoGenerator
 */
public void addSigner(
    PrivateKey      key,
    byte[]          subjectKeyID,
    String          digestOID,
    AttributeTable  signedAttr,
    AttributeTable  unsignedAttr)
    throws IllegalArgumentException
{
    addSigner(key, subjectKeyID, getEncOID(key, digestOID), digestOID, signedAttr,
        unsignedAttr); 
}

/**
 * add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes.
 *
 * @param key signing key to use
 * @param subjectKeyID subjectKeyID of corresponding public key
 * @param encryptionOID digest encryption algorithm OID
 * @param digestOID digest algorithm OID
 * @param signedAttr table of attributes to be included in signature
 * @param unsignedAttr table of attributes to be included as unsigned
 * @deprecated use addSignerInfoGenerator
 */
public void addSigner(
    PrivateKey      key,
    byte[]          subjectKeyID,
    String          encryptionOID,
    String          digestOID,
    AttributeTable  signedAttr,
    AttributeTable  unsignedAttr)
    throws IllegalArgumentException
{
    doAddSigner(key, subjectKeyID, encryptionOID, digestOID,
        new DefaultSignedAttributeTableGenerator(signedAttr),
        new SimpleAttributeTableGenerator(unsignedAttr), signedAttr);
}

private void doAddSigner(
    PrivateKey                  key,
    Object                      signerIdentifier,
    String                      encryptionOID,
    String                      digestOID,
    CMSAttributeTableGenerator  signedAttrGen,
    CMSAttributeTableGenerator  unsignedAttrGen,
    AttributeTable              baseSignedTable)
    throws IllegalArgumentException
{
    signerInfs.add(new SignerInf(key, signerIdentifier, digestOID, encryptionOID,
        signedAttrGen, unsignedAttrGen, baseSignedTable));
}

/**
 * set up a DefaultSignedAttributeTableGenerator primed with the passed in AttributeTable.
 *
 * @param attrTable table of attributes for priming generator
 * @return this.
 */
public JcaSimpleSignerInfoGeneratorBuilder setSignedAttributeGenerator(AttributeTable attrTable)
{
    this.signedGen = new DefaultSignedAttributeTableGenerator(attrTable);

    return this;
}

/**
 * return a table of the unprotected attributes indexed by
 * the OID of the attribute.
 */
public AttributeTable getUnprotectedAttributes()
{
    if (unprotectedAttributes == null)
    {
        return null;
    }

    return new AttributeTable(unprotectedAttributes);
}

protected ASN1Set getAttributeSet(
    AttributeTable attr)
{
    if (attr != null)
    {
        return new DERSet(attr.toASN1EncodableVector());
    }

    return null;
}

/**
 * return a table of the digested attributes indexed by
 * the OID of the attribute.
 */
public AttributeTable getAuthAttrs()
{
    if (authAttrs == null)
    {
        return null;
    }

    return new AttributeTable(authAttrs);
}

/**
 * return a table of the undigested attributes indexed by
 * the OID of the attribute.
 */
public AttributeTable getUnauthAttrs()
{
    if (unauthAttrs == null)
    {
        return null;
    }

    return new AttributeTable(unauthAttrs);
}

private ASN1Primitive getSingleValuedSignedAttribute(
    ASN1ObjectIdentifier attrOID, String printableName)
    throws CMSException
{
    AttributeTable unsignedAttrTable = this.getUnsignedAttributes();
    if (unsignedAttrTable != null
        && unsignedAttrTable.getAll(attrOID).size() > 0)
    {
        throw new CMSException("The " + printableName
            + " attribute MUST NOT be an unsigned attribute");
    }

    AttributeTable signedAttrTable = this.getSignedAttributes();
    if (signedAttrTable == null)
    {
        return null;
    }

    ASN1EncodableVector v = signedAttrTable.getAll(attrOID);
    switch (v.size())
    {
        case 0:
            return null;
        case 1:
        {
            Attribute t = (Attribute)v.get(0);
            ASN1Set attrValues = t.getAttrValues();
            if (attrValues.size() != 1)
            {
                throw new CMSException("A " + printableName
                    + " attribute MUST have a single attribute value");
            }

            return attrValues.getObjectAt(0).toASN1Primitive();
        }
        default:
            throw new CMSException("The SignedAttributes in a signerInfo MUST NOT include multiple instances of the "
                + printableName + " attribute");
    }
}

/**
 * Return a signer information object with passed in SignerInformationStore representing counter
 * signatures attached as an unsigned attribute.
 *
 * @param signerInformation the signerInfo to be used as the basis.
 * @param counterSigners signer info objects carrying counter signature.
 * @return a copy of the original SignerInformationObject with the changed attributes.
 */
public static SignerInformation addCounterSigners(
    SignerInformation        signerInformation,
    SignerInformationStore   counterSigners)
{
    // TODO Perform checks from RFC 3852 11.4

    SignerInfo          sInfo = signerInformation.info;
    AttributeTable      unsignedAttr = signerInformation.getUnsignedAttributes();
    ASN1EncodableVector v;

    if (unsignedAttr != null)
    {
        v = unsignedAttr.toASN1EncodableVector();
    }
    else
    {
        v = new ASN1EncodableVector();
    }

    ASN1EncodableVector sigs = new ASN1EncodableVector();

    for (Iterator it = counterSigners.getSigners().iterator(); it.hasNext();)
    {
        sigs.add(((SignerInformation)it.next()).toASN1Structure());
    }

    v.add(new Attribute(CMSAttributes.counterSignature, new DERSet(sigs)));

    return new SignerInformation(
            new SignerInfo(sInfo.getSID(), sInfo.getDigestAlgorithm(),
                sInfo.getAuthenticatedAttributes(), sInfo.getDigestEncryptionAlgorithm(), sInfo.getEncryptedDigest(), new DERSet(v)),
                signerInformation.contentType, signerInformation.content, null);
}

/**
 * Initialise with some extra attributes or overrides.
 *
 * @param attributeTable initial attribute table to use.
 */
public DefaultAuthenticatedAttributeTableGenerator(
    AttributeTable attributeTable)
{
    if (attributeTable != null)
    {
        table = attributeTable.toHashtable();
    }
    else
    {
        table = new Hashtable();
    }
}

private ASN1Set getAttributeSet(
    AttributeTable attr)
{
    if (attr != null)
    {
        return new DERSet(attr.toASN1EncodableVector());
    }

    return null;
}

/**
 * return a table of the unprotected attributes indexed by
 * the OID of the attribute.
 */
public AttributeTable getUnprotectedAttributes()
{
    if (unprotectedAttributes == null)
    {
        return null;
    }

    return new AttributeTable(unprotectedAttributes);
}