Package eu.europa.esig.dss.cades

Class CMSUtils

java.lang.Object
eu.europa.esig.dss.cades.CMSUtils
public final class CMSUtils
extends Object
The utils for dealing with CMS object

  • Field Summary

    Fields
    Modifier and Type Field Description
    static DigestAlgorithm DEFAULT_ARCHIVE_TIMESTAMP_HASH_ALGO
    The default DigestAlgorithm for ArchiveTimestamp

  • Method Summary

    Modifier and Type Method Description
    static void addSigningCertificateAttribute​(org.bouncycastle.asn1.ASN1EncodableVector signedAttributes, DigestAlgorithm digestAlgorithm, CertificateToken signingToken)
    Method to add signing certificate to ASN.1 DER encoded signed attributes.
    static boolean containsATSTv2​(org.bouncycastle.cms.SignerInformation signerInformation)
    Checks if the given SignerInformation's unsignedProperties contain an archive-time-stamp (ATSv2) element
    static org.bouncycastle.cms.CMSSignedData generateCMSSignedData​(org.bouncycastle.cms.CMSSignedDataGenerator generator, org.bouncycastle.cms.CMSTypedData content, boolean encapsulate)
    This method generate CMSSignedData using the provided #CMSSignedDataGenerator, the content and the indication if the content should be encapsulated.
    static org.bouncycastle.cms.SignerInformationStore generateCounterSigners​(org.bouncycastle.cms.CMSSignedDataGenerator cmsSignedDataGenerator, org.bouncycastle.cms.SignerInformation signerInfoToSign)
    Generates a counter signature
    static org.bouncycastle.cms.CMSSignedData generateDetachedCMSSignedData​(org.bouncycastle.cms.CMSSignedDataGenerator generator, org.bouncycastle.cms.CMSProcessableByteArray content)
    Generates a detached CMS SignedData
    static org.bouncycastle.asn1.cms.AttributeTable getAttributesFromByteArray​(byte[] encodedAttributes)
    This method returns an AttributeTable parsed from ASN.1 encoded representation
    static org.bouncycastle.cms.CMSTypedData getContentToBeSigned​(DSSDocument toSignData)
    Returns the content to be signed
    static org.bouncycastle.asn1.DERTaggedObject getDERSignedAttributes​(org.bouncycastle.cms.SignerInformation signerInformation)  
    static org.bouncycastle.operator.DigestCalculatorProvider getDigestCalculatorProvider​(DSSDocument toSignDocument, DigestAlgorithm digestAlgorithm)
    Returns a DigestCalculatorProvider
    static DSSDocument getOriginalDocument​(org.bouncycastle.cms.CMSSignedData cmsSignedData, List<DSSDocument> detachedDocuments)
    Returns the original document from the provided cmsSignedData
    static org.bouncycastle.asn1.cms.AttributeTable getSignedAttributes​(org.bouncycastle.cms.SignerInformation signerInformation)
    This method returns the existing signed attributes or a new empty attributes hashtable
    static byte[] getSignedContent​(org.bouncycastle.cms.CMSTypedData cmsTypedData)
    This method returns the signed content extracted from a CMSTypedData
    static org.bouncycastle.asn1.cms.Attribute getUnsignedAttribute​(org.bouncycastle.cms.SignerInformation signerInformation, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
    Returns an unsigned attribute by its given oid
    static org.bouncycastle.asn1.cms.AttributeTable getUnsignedAttributes​(org.bouncycastle.cms.SignerInformation signerInformation)
    This method returns the existing unsigned attributes or a new empty attributes hashtable
    static boolean isCMSSignedDataEqual​(org.bouncycastle.cms.CMSSignedData signedData, org.bouncycastle.cms.CMSSignedData signedDataToCompare)
    Compares two CMSSignedData objects by their encoded binaries
    static boolean isDetachedSignature​(org.bouncycastle.cms.CMSSignedData cmsSignedData)
    Checks if the signature is detached
    static Date readSigningDate​(org.bouncycastle.asn1.ASN1Encodable attrValue)
    Reads the SigningDate with respect to the RFC 3852

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • DEFAULT_ARCHIVE_TIMESTAMP_HASH_ALGO

      public static final DigestAlgorithm DEFAULT_ARCHIVE_TIMESTAMP_HASH_ALGO
      The default DigestAlgorithm for ArchiveTimestamp

  • Method Details

    • generateCMSSignedData

      public static org.bouncycastle.cms.CMSSignedData generateCMSSignedData​(org.bouncycastle.cms.CMSSignedDataGenerator generator, org.bouncycastle.cms.CMSTypedData content, boolean encapsulate)
      This method generate CMSSignedData using the provided #CMSSignedDataGenerator, the content and the indication if the content should be encapsulated.
      Parameters:
      generator - CMSSignedDataGenerator
      content - CMSTypedData
      encapsulate - true if the content should be encapsulated in the signature, false otherwise
      Returns:
      CMSSignedData

    • generateCounterSigners

      public static org.bouncycastle.cms.SignerInformationStore generateCounterSigners​(org.bouncycastle.cms.CMSSignedDataGenerator cmsSignedDataGenerator, org.bouncycastle.cms.SignerInformation signerInfoToSign)
      Generates a counter signature
      Parameters:
      cmsSignedDataGenerator - CMSSignedDataGenerator to extend the CMS SignedData
      signerInfoToSign - SignerInformation to be counter signed
      Returns:
      SignerInformationStore with a counter signature

    • generateDetachedCMSSignedData

      public static org.bouncycastle.cms.CMSSignedData generateDetachedCMSSignedData​(org.bouncycastle.cms.CMSSignedDataGenerator generator, org.bouncycastle.cms.CMSProcessableByteArray content)
      Generates a detached CMS SignedData
      Parameters:
      generator - CMSSignedDataGenerator
      content - CMSProcessableByteArray to sign
      Returns:
      CMSSignedData

    • getDERSignedAttributes

      public static org.bouncycastle.asn1.DERTaggedObject getDERSignedAttributes​(org.bouncycastle.cms.SignerInformation signerInformation)
      Parameters:
      signerInformation - SignerInformation
      Returns:
      DERTaggedObject representing the signed attributes

    • getSignedContent

      public static byte[] getSignedContent​(org.bouncycastle.cms.CMSTypedData cmsTypedData)
      This method returns the signed content extracted from a CMSTypedData
      Parameters:
      cmsTypedData - CMSTypedData cannot be null
      Returns:
      the signed content extracted from CMSTypedData

    • getUnsignedAttributes

      public static org.bouncycastle.asn1.cms.AttributeTable getUnsignedAttributes​(org.bouncycastle.cms.SignerInformation signerInformation)
      This method returns the existing unsigned attributes or a new empty attributes hashtable
      Parameters:
      signerInformation - the signer information
      Returns:
      the existing unsigned attributes or an empty attributes hashtable

    • getSignedAttributes

      public static org.bouncycastle.asn1.cms.AttributeTable getSignedAttributes​(org.bouncycastle.cms.SignerInformation signerInformation)
      This method returns the existing signed attributes or a new empty attributes hashtable
      Parameters:
      signerInformation - the signer information
      Returns:
      the existing signed attributes or an empty attributes Hashtable

    • getAttributesFromByteArray

      public static org.bouncycastle.asn1.cms.AttributeTable getAttributesFromByteArray​(byte[] encodedAttributes)
      This method returns an AttributeTable parsed from ASN.1 encoded representation
      Parameters:
      encodedAttributes - ASN.1 encoded AttributesTable
      Returns:
      AttributeTable created from given encodedAttributes

    • addSigningCertificateAttribute

      public static void addSigningCertificateAttribute​(org.bouncycastle.asn1.ASN1EncodableVector signedAttributes, DigestAlgorithm digestAlgorithm, CertificateToken signingToken)
      Method to add signing certificate to ASN.1 DER encoded signed attributes. Certificate will be added as either signing-certificate or signing-certificate-v2 attribute depending on digest algorithm being used.
      Parameters:
      signedAttributes - Signed attributes to append signing certificate to
      digestAlgorithm - the digest algorithm to be used
      signingToken - The signing certificate to be append

    • isCMSSignedDataEqual

      public static boolean isCMSSignedDataEqual​(org.bouncycastle.cms.CMSSignedData signedData, org.bouncycastle.cms.CMSSignedData signedDataToCompare) throws IOException
      Compares two CMSSignedData objects by their encoded binaries
      Parameters:
      signedData - CMSSignedData object to compare
      signedDataToCompare - CMSSignedData object to compare with
      Returns:
      true if binaries of two CMSSignedData are equal, false otherwise
      Throws:
      IOException - if an exception occurs

    • getUnsignedAttribute

      public static org.bouncycastle.asn1.cms.Attribute getUnsignedAttribute​(org.bouncycastle.cms.SignerInformation signerInformation, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
      Returns an unsigned attribute by its given oid
      Parameters:
      signerInformation - SignerInformation to get attribute from
      oid - ASN1ObjectIdentifier of the target attribute
      Returns:
      Attribute

    • isDetachedSignature

      public static boolean isDetachedSignature​(org.bouncycastle.cms.CMSSignedData cmsSignedData)
      Checks if the signature is detached
      Parameters:
      cmsSignedData - CMSSignedData
      Returns:
      TRUE if the signature is detached, FALSE otherwise

    • getOriginalDocument

      public static DSSDocument getOriginalDocument​(org.bouncycastle.cms.CMSSignedData cmsSignedData, List<DSSDocument> detachedDocuments)
      Returns the original document from the provided cmsSignedData
      Parameters:
      cmsSignedData - CMSSignedData to get original document from
      detachedDocuments - list of DSSDocuments
      Returns:
      original DSSDocument

    • getContentToBeSigned

      public static org.bouncycastle.cms.CMSTypedData getContentToBeSigned​(DSSDocument toSignData)
      Returns the content to be signed
      Parameters:
      toSignData - DSSDocument to sign
      Returns:
      CMSTypedData

    • getDigestCalculatorProvider

      public static org.bouncycastle.operator.DigestCalculatorProvider getDigestCalculatorProvider​(DSSDocument toSignDocument, DigestAlgorithm digestAlgorithm)
      Returns a DigestCalculatorProvider
      Parameters:
      toSignDocument - DSSDocument to sign
      digestAlgorithm - DigestAlgorithm to use
      Returns:
      DigestCalculatorProvider

    • containsATSTv2

      public static boolean containsATSTv2​(org.bouncycastle.cms.SignerInformation signerInformation)
      Checks if the given SignerInformation's unsignedProperties contain an archive-time-stamp (ATSv2) element
      Parameters:
      signerInformation - SignerInformation to check
      Returns:
      TRUE if the signerInformation contains an ATSv2, FALSE otherwise

    • readSigningDate

      public static Date readSigningDate​(org.bouncycastle.asn1.ASN1Encodable attrValue)
      Reads the SigningDate with respect to the RFC 3852
      Parameters:
      attrValue - ASN1Encodable containing the signingDate
      Returns:
      Date if its format is correct, null otherwise