Package eu.europa.esig.dss.cades

Class CAdESUtils

java.lang.Object
eu.europa.esig.dss.cades.CAdESUtils
public final class CAdESUtils extends Object
The utils for dealing with CMS and related objects

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final DigestAlgorithm
    DEFAULT_ARCHIVE_TIMESTAMP_HASH_ALGO
    The default DigestAlgorithm for ArchiveTimestamp
    static final InMemoryResourcesHandlerBuilder
    DEFAULT_RESOURCES_HANDLER_BUILDER
    The default resources handler builder to be used across the code

  • Method Summary

    Modifier and Type
    Method
    Description
    static org.bouncycastle.cms.CMSSignedData
    addDigestAlgorithm(org.bouncycastle.cms.CMSSignedData cmsSignedData, org.bouncycastle.asn1.x509.AlgorithmIdentifier algorithmIdentifier)
    Deprecated.
    since DSS 6.3.
    static void
    addSigningCertificateAttribute(org.bouncycastle.asn1.ASN1EncodableVector signedAttributes, DigestAlgorithm digestAlgorithm, CertificateToken signingToken)
    Method to add signing certificate to ASN.1 DER encoded signed attributes.
    static boolean
    containsATSTv2(org.bouncycastle.cms.SignerInformation signerInformation)
    Checks if the given SignerInformation's unsignedProperties contain an archive-time-stamp (ATSv2) element
    static boolean
    containsEvidenceRecord(org.bouncycastle.cms.SignerInformation signerInformation)
    Checks if the given signer contains an evidence record unsigned attribute
    static org.bouncycastle.asn1.cms.AttributeTable
    emptyIfNull(org.bouncycastle.asn1.cms.AttributeTable originalAttributeTable)
    Returns the current originalAttributeTable if instantiated, an empty AttributeTable if null
    static List<org.bouncycastle.tsp.TimeStampToken>
    findArchiveTimeStampTokens(org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes)
    Finds archive TimeStampTokens
    static org.bouncycastle.cms.CMSSignedData
    generateCMSSignedData(org.bouncycastle.cms.CMSSignedDataGenerator generator, org.bouncycastle.cms.CMSTypedData content, boolean encapsulate)
    Deprecated.
    since DSS 6.3.
    static org.bouncycastle.cms.SignerInformationStore
    generateCounterSigners(org.bouncycastle.cms.CMSSignedDataGenerator cmsSignedDataGenerator, org.bouncycastle.cms.SignerInformation signerInfoToSign)
    Deprecated.
    since DSS 6.3.
    static org.bouncycastle.cms.CMSSignedData
    generateDetachedCMSSignedData(org.bouncycastle.cms.CMSSignedDataGenerator generator, org.bouncycastle.cms.CMSProcessableByteArray content)
    Deprecated.
    since DSS 6.3.
    static org.bouncycastle.asn1.ASN1Encodable
    getAsn1Encodable(org.bouncycastle.asn1.cms.Attribute attribute)
    Deprecated.
    since DSS 6.3.
    static org.bouncycastle.asn1.ASN1Sequence
    getAtsHashIndex(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes)
    Returns ats-hash-index table, with a related version present in from timestamp's unsigned properties
    static org.bouncycastle.asn1.ASN1Sequence
    getAtsHashIndexByVersion(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes, org.bouncycastle.asn1.ASN1ObjectIdentifier atsHashIndexVersionIdentifier)
    Returns ats-hash-index table, with a specified version present in from timestamp's unsigned properties
    static List<byte[]>
    getATSHashIndexV3OctetString(org.bouncycastle.asn1.ASN1ObjectIdentifier attributeIdentifier, org.bouncycastle.asn1.ASN1Set attributeValues)
    Returns octets from the given attribute for ATS-Hash-Index-v3 table
    static org.bouncycastle.asn1.ASN1ObjectIdentifier
    getAtsHashIndexVersionIdentifier(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes)
    Returns ASN1ObjectIdentifier of the found AtsHashIndex
    static org.bouncycastle.asn1.cms.AttributeTable
    getAttributesFromByteArray(byte[] encodedAttributes)
    This method returns an AttributeTable parsed from ASN.1 encoded representation
    static org.bouncycastle.asn1.ASN1Sequence
    getCertificatesHashIndex(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
    Extract the Unsigned Attribute Archive Timestamp Cert Hash Index from a timestampToken
    static org.bouncycastle.cms.CMSSignedData
    getCMSSignedData(org.bouncycastle.asn1.cms.Attribute attribute)
    Creates a CMSSignedData from the provided attribute
    static org.bouncycastle.cms.CMSTypedData
    getContentToBeSigned(DSSDocument toSignData)
    Deprecated.
    since DSS 6.3.
    static org.bouncycastle.asn1.ASN1Sequence
    getCRLHashIndex(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
    Extract the Unsigned Attribute Archive Timestamp Crl Hash Index from a timestampToken
    static org.bouncycastle.asn1.DERTaggedObject
    getDERSignedAttributes(org.bouncycastle.cms.SignerInformation signerInformation)
    Gets the DER SignedAttributes table from the given SignerInformation
    static org.bouncycastle.operator.DigestCalculatorProvider
    getDigestCalculatorProvider(DSSDocument toSignDocument, DigestAlgorithm digestAlgorithm)
    Returns a DigestCalculatorProvider
    static org.bouncycastle.asn1.ASN1ObjectIdentifier
    getEncapsulatedContentType(org.bouncycastle.cms.CMSSignedData cmsSignedData)
    Deprecated.
    since DSS 6.3.
    static byte[]
    getEncodedValue(org.bouncycastle.asn1.cms.Attribute attribute)
    Gets encoded value of the Attribute
    static Date
    getEvidenceRecordGenerationTime(org.bouncycastle.asn1.tsp.EvidenceRecord evidenceRecord)
    Gets a generation time of the evidence record as indicated by the first timestamp's generation time
    static EvidenceRecordIncorporationType
    getEvidenceRecordIncorporationType(org.bouncycastle.asn1.ASN1ObjectIdentifier unsignedAttributeOID)
    Gets the evidence record incorporation type based on the unsignedAttributeOID
    static List<org.bouncycastle.asn1.ASN1ObjectIdentifier>
    getEvidenceRecordOids()
    Returns a list of all CMS evidence record identifiers
    static List<byte[]>
    getOctetStringForAtsHashIndex(org.bouncycastle.asn1.cms.Attribute attribute, org.bouncycastle.asn1.ASN1ObjectIdentifier atsHashIndexVersionIdentifier)
    Returns octets from the given attribute by defined atsh-hash-index type
    static DSSDocument
    getOriginalDocument(CMS cms, List<DSSDocument> detachedDocuments)
    Returns the original document from the provided CMS
    static org.bouncycastle.asn1.cms.Attribute
    getSignedAttribute(org.bouncycastle.cms.SignerInformation signerInformation, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
    Returns a signed attribute with the given oid from signerInformation if present and unique.
    static org.bouncycastle.asn1.cms.AttributeTable
    getSignedAttributes(org.bouncycastle.cms.SignerInformation signerInformation)
    This method returns the existing signed attributes or a new empty attributes hashtable
    static org.bouncycastle.asn1.cms.Attribute[]
    getSignedAttributes(org.bouncycastle.cms.SignerInformation signerInformation, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
    Returns signed attributes matching the given oid from signerInformation if present.
    static byte[]
    getSignedContent(org.bouncycastle.cms.CMSTypedData cmsTypedData)
    Deprecated.
    since DSS 6.3.
    static byte[]
    getSignedDataEncodedOCSPResponse(byte[] binaries, org.bouncycastle.asn1.ASN1ObjectIdentifier objectIdentifier)
    This method returns encoded binaries used for OCSP token incorporation within a SignedData.crls attribute
    static List<org.bouncycastle.asn1.ASN1ObjectIdentifier>
    getTimestampOids()
    Returns a list of all CMS timestamp identifiers
    static org.bouncycastle.tsp.TimeStampToken
    getTimeStampToken(org.bouncycastle.asn1.cms.Attribute attribute)
    Creates a TimeStampToken from the provided attribute
    static TimestampType
    getTimestampTypeByOid(org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
    This method returns a corresponding TimestampType for the given CMS oid
    static org.bouncycastle.asn1.cms.Attribute
    getUnsignedAttribute(org.bouncycastle.cms.SignerInformation signerInformation, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
    Returns an unsigned attribute with the given oid from signerInformation if present and unique.
    static org.bouncycastle.asn1.cms.AttributeTable
    getUnsignedAttributes(org.bouncycastle.cms.SignerInformation signerInformation)
    This method returns the existing unsigned attributes or a new empty attributes hashtable
    static org.bouncycastle.asn1.cms.Attribute[]
    getUnsignedAttributes(org.bouncycastle.cms.SignerInformation signerInformation, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
    Returns unsigned attributes matching the given oid from signerInformation if present.
    static org.bouncycastle.asn1.ASN1Sequence
    getUnsignedAttributesHashIndex(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
    Extract the Unsigned Attribute Archive Timestamp Attribute Hash Index from a timestampToken
    static boolean
    isArchiveTimeStampToken(org.bouncycastle.asn1.cms.Attribute attribute)
    Checks if the attribute is of an allowed archive timestamp type
    static boolean
    isAttributeOfType(org.bouncycastle.asn1.cms.Attribute attribute, org.bouncycastle.asn1.ASN1ObjectIdentifier asn1ObjectIdentifier)
    Checks if the given attribute is an instance of the expected asn1ObjectIdentifier type
    static boolean
    isCMSSignedDataEqual(org.bouncycastle.cms.CMSSignedData signedData, org.bouncycastle.cms.CMSSignedData signedDataToCompare)
    Compares two CMSSignedData objects by their encoded binaries
    static boolean
    isDetachedSignature(org.bouncycastle.cms.CMSSignedData cmsSignedData)
    Deprecated.
    since DSS 6.3.
    static boolean
    isEmpty(org.bouncycastle.asn1.cms.AttributeTable attributeTable)
    Checks if the attributeTable is empty
    static org.bouncycastle.cms.CMSSignedData
    populateDigestAlgorithmSet(org.bouncycastle.cms.CMSSignedData newCmsSignedData, org.bouncycastle.cms.CMSSignedData oldCmsSignedData)
    Deprecated.
    since DSS 6.3.
    static Date
    readSigningDate(org.bouncycastle.asn1.ASN1Encodable attrValue)
    Reads the SigningDate with respect to the RFC 3852

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • DEFAULT_ARCHIVE_TIMESTAMP_HASH_ALGO

      public static final DigestAlgorithm DEFAULT_ARCHIVE_TIMESTAMP_HASH_ALGO
      The default DigestAlgorithm for ArchiveTimestamp

    • DEFAULT_RESOURCES_HANDLER_BUILDER

      public static final InMemoryResourcesHandlerBuilder DEFAULT_RESOURCES_HANDLER_BUILDER
      The default resources handler builder to be used across the code

  • Method Details

    • generateCMSSignedData

      @Deprecated public static org.bouncycastle.cms.CMSSignedData generateCMSSignedData(org.bouncycastle.cms.CMSSignedDataGenerator generator, org.bouncycastle.cms.CMSTypedData content, boolean encapsulate)
      Deprecated.
      since DSS 6.3. To be removed.
      This method generate CMSSignedData using the provided #CMSSignedDataGenerator, the content and the indication if the content should be encapsulated.
      Parameters:
      generator - CMSSignedDataGenerator
      content - CMSTypedData
      encapsulate - true if the content should be encapsulated in the signature, false otherwise
      Returns:
      CMSSignedData

    • generateCounterSigners

      @Deprecated public static org.bouncycastle.cms.SignerInformationStore generateCounterSigners(org.bouncycastle.cms.CMSSignedDataGenerator cmsSignedDataGenerator, org.bouncycastle.cms.SignerInformation signerInfoToSign)
      Deprecated.
      since DSS 6.3. To be removed.
      Generates a counter signature
      Parameters:
      cmsSignedDataGenerator - CMSSignedDataGenerator to extend the CMS SignedData
      signerInfoToSign - SignerInformation to be counter-signed
      Returns:
      SignerInformationStore with a counter signature

    • generateDetachedCMSSignedData

      @Deprecated public static org.bouncycastle.cms.CMSSignedData generateDetachedCMSSignedData(org.bouncycastle.cms.CMSSignedDataGenerator generator, org.bouncycastle.cms.CMSProcessableByteArray content)
      Deprecated.
      since DSS 6.3. To be removed.
      Generates a detached CMS SignedData
      Parameters:
      generator - CMSSignedDataGenerator
      content - CMSProcessableByteArray to sign
      Returns:
      CMSSignedData

    • populateDigestAlgorithmSet

      @Deprecated public static org.bouncycastle.cms.CMSSignedData populateDigestAlgorithmSet(org.bouncycastle.cms.CMSSignedData newCmsSignedData, org.bouncycastle.cms.CMSSignedData oldCmsSignedData)
      Deprecated.
      since DSS 6.3. See CMSUtils#populateDigestAlgorithmSet
      This method is used to ensure the presence of all items from SignedData.digestAlgorithm set from oldCmsSignedData within newCmsSignedData
      Parameters:
      newCmsSignedData - CMSSignedData to be extended with digest algorithms, if required
      oldCmsSignedData - CMSSignedData to copy digest algorithms set from
      Returns:
      extended CMSSignedData

    • addDigestAlgorithm

      @Deprecated public static org.bouncycastle.cms.CMSSignedData addDigestAlgorithm(org.bouncycastle.cms.CMSSignedData cmsSignedData, org.bouncycastle.asn1.x509.AlgorithmIdentifier algorithmIdentifier)
      Deprecated.
      since DSS 6.3. See CMSUtils#populateDigestAlgorithmSet
      This method adds a DigestAlgorithm used by an Archive TimeStamp to the SignedData.digestAlgorithms set, when required.

      See ETSI EN 319 122-1, ch. "5.5.3 The archive-time-stamp-v3 attribute"

      Parameters:
      cmsSignedData - CMSSignedData to extend
      algorithmIdentifier - AlgorithmIdentifier to add
      Returns:
      CMSSignedData

    • getDERSignedAttributes

      public static org.bouncycastle.asn1.DERTaggedObject getDERSignedAttributes(org.bouncycastle.cms.SignerInformation signerInformation)
      Gets the DER SignedAttributes table from the given SignerInformation
      Parameters:
      signerInformation - SignerInformation
      Returns:
      DERTaggedObject representing the signed attributes

    • getSignedContent

      @Deprecated public static byte[] getSignedContent(org.bouncycastle.cms.CMSTypedData cmsTypedData)
      Deprecated.
      since DSS 6.3. To be removed.
      This method returns the signed content extracted from a CMSTypedData
      Parameters:
      cmsTypedData - CMSTypedData cannot be null
      Returns:
      the signed content extracted from CMSTypedData

    • getUnsignedAttributes

      public static org.bouncycastle.asn1.cms.AttributeTable getUnsignedAttributes(org.bouncycastle.cms.SignerInformation signerInformation)
      This method returns the existing unsigned attributes or a new empty attributes hashtable
      Parameters:
      signerInformation - the signer information
      Returns:
      the existing unsigned attributes or an empty attributes hashtable

    • getSignedAttributes

      public static org.bouncycastle.asn1.cms.AttributeTable getSignedAttributes(org.bouncycastle.cms.SignerInformation signerInformation)
      This method returns the existing signed attributes or a new empty attributes hashtable
      Parameters:
      signerInformation - the signer information
      Returns:
      the existing signed attributes or an empty attributes Hashtable

    • getAttributesFromByteArray

      public static org.bouncycastle.asn1.cms.AttributeTable getAttributesFromByteArray(byte[] encodedAttributes)
      This method returns an AttributeTable parsed from ASN.1 encoded representation
      Parameters:
      encodedAttributes - ASN.1 encoded AttributesTable
      Returns:
      AttributeTable created from given encodedAttributes

    • addSigningCertificateAttribute

      public static void addSigningCertificateAttribute(org.bouncycastle.asn1.ASN1EncodableVector signedAttributes, DigestAlgorithm digestAlgorithm, CertificateToken signingToken)
      Method to add signing certificate to ASN.1 DER encoded signed attributes. Certificate will be added as either signing-certificate or signing-certificate-v2 attribute depending on digest algorithm being used.
      Parameters:
      signedAttributes - Signed attributes to append signing certificate to
      digestAlgorithm - the digest algorithm to be used
      signingToken - The signing certificate to be appended

    • isCMSSignedDataEqual

      public static boolean isCMSSignedDataEqual(org.bouncycastle.cms.CMSSignedData signedData, org.bouncycastle.cms.CMSSignedData signedDataToCompare) throws IOException
      Compares two CMSSignedData objects by their encoded binaries
      Parameters:
      signedData - CMSSignedData object to compare
      signedDataToCompare - CMSSignedData object to compare with
      Returns:
      true if binaries of two CMSSignedData are equal, false otherwise
      Throws:
      IOException - if an exception occurs

    • getSignedAttribute

      public static org.bouncycastle.asn1.cms.Attribute getSignedAttribute(org.bouncycastle.cms.SignerInformation signerInformation, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
      Returns a signed attribute with the given oid from signerInformation if present and unique. If multiple Attributes extraction is expected, please use #getSignedAttributes(signerInformation, oid) method.
      Parameters:
      signerInformation - SignerInformation containing signed attributes
      oid - ASN1ObjectIdentifier oid of the element to extract
      Returns:
      Attribute with the given OID

    • getSignedAttributes

      public static org.bouncycastle.asn1.cms.Attribute[] getSignedAttributes(org.bouncycastle.cms.SignerInformation signerInformation, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
      Returns signed attributes matching the given oid from signerInformation if present. Otherwise, returns an empty array.
      Parameters:
      signerInformation - SignerInformation containing signed attributes
      oid - ASN1ObjectIdentifier oid of the elements to extract
      Returns:
      an array of Attributes with the given OID

    • getUnsignedAttribute

      public static org.bouncycastle.asn1.cms.Attribute getUnsignedAttribute(org.bouncycastle.cms.SignerInformation signerInformation, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
      Returns an unsigned attribute with the given oid from signerInformation if present and unique. If multiple Attributes extraction is expected, please use #getUnsignedAttributes(signerInformation, oid) method.
      Parameters:
      signerInformation - SignerInformation to get attribute from
      oid - ASN1ObjectIdentifier of the target attribute
      Returns:
      Attribute

    • getUnsignedAttributes

      public static org.bouncycastle.asn1.cms.Attribute[] getUnsignedAttributes(org.bouncycastle.cms.SignerInformation signerInformation, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
      Returns unsigned attributes matching the given oid from signerInformation if present. Otherwise, returns an empty array.
      Parameters:
      signerInformation - SignerInformation containing unsigned attributes
      oid - ASN1ObjectIdentifier oid of the elements to extract
      Returns:
      an array of Attributes with the given OID

    • isDetachedSignature

      @Deprecated public static boolean isDetachedSignature(org.bouncycastle.cms.CMSSignedData cmsSignedData)
      Deprecated.
      since DSS 6.3. See cmsSignedData.isDetachedSignature()
      Checks if the signature is detached
      Parameters:
      cmsSignedData - CMSSignedData
      Returns:
      TRUE if the signature is detached, FALSE otherwise

    • getOriginalDocument

      public static DSSDocument getOriginalDocument(CMS cms, List<DSSDocument> detachedDocuments)
      Returns the original document from the provided CMS
      Parameters:
      cms - CMS to get original document from
      detachedDocuments - list of DSSDocuments
      Returns:
      original DSSDocument

    • getContentToBeSigned

      @Deprecated public static org.bouncycastle.cms.CMSTypedData getContentToBeSigned(DSSDocument toSignData)
      Deprecated.
      since DSS 6.3. See CMSUtils#toCMSEncapsulatedContent(DSSDocument document)
      Returns the content to be signed
      Parameters:
      toSignData - DSSDocument to sign
      Returns:
      CMSTypedData

    • getDigestCalculatorProvider

      public static org.bouncycastle.operator.DigestCalculatorProvider getDigestCalculatorProvider(DSSDocument toSignDocument, DigestAlgorithm digestAlgorithm)
      Returns a DigestCalculatorProvider
      Parameters:
      toSignDocument - DSSDocument to sign
      digestAlgorithm - DigestAlgorithm to use
      Returns:
      DigestCalculatorProvider

    • containsATSTv2

      public static boolean containsATSTv2(org.bouncycastle.cms.SignerInformation signerInformation)
      Checks if the given SignerInformation's unsignedProperties contain an archive-time-stamp (ATSv2) element
      Parameters:
      signerInformation - SignerInformation to check
      Returns:
      TRUE if the signerInformation contains an ATSv2, FALSE otherwise

    • readSigningDate

      public static Date readSigningDate(org.bouncycastle.asn1.ASN1Encodable attrValue)
      Reads the SigningDate with respect to the RFC 3852
      Parameters:
      attrValue - ASN1Encodable containing the signingDate
      Returns:
      Date if its format is correct, null otherwise

    • findArchiveTimeStampTokens

      public static List<org.bouncycastle.tsp.TimeStampToken> findArchiveTimeStampTokens(org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes)
      Finds archive TimeStampTokens
      Parameters:
      unsignedAttributes - AttributeTable to obtain timestamps from
      Returns:
      a list of TimeStampTokens

    • getTimestampOids

      public static List<org.bouncycastle.asn1.ASN1ObjectIdentifier> getTimestampOids()
      Returns a list of all CMS timestamp identifiers
      Returns:
      a list of ASN1ObjectIdentifiers

    • isArchiveTimeStampToken

      public static boolean isArchiveTimeStampToken(org.bouncycastle.asn1.cms.Attribute attribute)
      Checks if the attribute is of an allowed archive timestamp type
      Parameters:
      attribute - Attribute to check
      Returns:
      true if the attribute represents an archive timestamp element, false otherwise

    • getTimestampTypeByOid

      public static TimestampType getTimestampTypeByOid(org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
      This method returns a corresponding TimestampType for the given CMS oid
      Parameters:
      oid - ASN1ObjectIdentifier of the timestamp attribute
      Returns:
      TimestampType, null when OID is not recognized

    • getAtsHashIndex

      public static org.bouncycastle.asn1.ASN1Sequence getAtsHashIndex(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes)
      Returns ats-hash-index table, with a related version present in from timestamp's unsigned properties
      Parameters:
      timestampUnsignedAttributes - AttributeTable unsigned properties of the timestamp
      Returns:
      the content of SignedAttribute: ATS-hash-index unsigned attribute with a present version

    • getCertificatesHashIndex

      public static org.bouncycastle.asn1.ASN1Sequence getCertificatesHashIndex(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
      Extract the Unsigned Attribute Archive Timestamp Cert Hash Index from a timestampToken
      Parameters:
      atsHashIndexValue - ASN1Sequence
      Returns:
      ASN1Sequence

    • getCRLHashIndex

      public static org.bouncycastle.asn1.ASN1Sequence getCRLHashIndex(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
      Extract the Unsigned Attribute Archive Timestamp Crl Hash Index from a timestampToken
      Parameters:
      atsHashIndexValue - ASN1Sequence
      Returns:
      ASN1Sequence

    • getUnsignedAttributesHashIndex

      public static org.bouncycastle.asn1.ASN1Sequence getUnsignedAttributesHashIndex(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
      Extract the Unsigned Attribute Archive Timestamp Attribute Hash Index from a timestampToken
      Parameters:
      atsHashIndexValue - ASN1Sequence
      Returns:
      ASN1Sequence

    • getAtsHashIndexByVersion

      public static org.bouncycastle.asn1.ASN1Sequence getAtsHashIndexByVersion(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes, org.bouncycastle.asn1.ASN1ObjectIdentifier atsHashIndexVersionIdentifier)
      Returns ats-hash-index table, with a specified version present in from timestamp's unsigned properties
      Parameters:
      timestampUnsignedAttributes - AttributeTable unsigned properties of the timestamp
      atsHashIndexVersionIdentifier - ASN1ObjectIdentifier identifier of ats-hash-index table to get
      Returns:
      the content of SignedAttribute: ATS-hash-index unsigned attribute with a requested version if present

    • getAtsHashIndexVersionIdentifier

      public static org.bouncycastle.asn1.ASN1ObjectIdentifier getAtsHashIndexVersionIdentifier(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes)
      Returns ASN1ObjectIdentifier of the found AtsHashIndex
      Parameters:
      timestampUnsignedAttributes - AttributeTable of the timestamp's unsignedAttributes
      Returns:
      ASN1ObjectIdentifier of the AtsHashIndex element version

    • getOctetStringForAtsHashIndex

      public static List<byte[]> getOctetStringForAtsHashIndex(org.bouncycastle.asn1.cms.Attribute attribute, org.bouncycastle.asn1.ASN1ObjectIdentifier atsHashIndexVersionIdentifier)
      Returns octets from the given attribute by defined atsh-hash-index type
      Parameters:
      attribute - Attribute to get byte array from
      atsHashIndexVersionIdentifier - ASN1ObjectIdentifier to specify rules
      Returns:
      byte array

    • getATSHashIndexV3OctetString

      public static List<byte[]> getATSHashIndexV3OctetString(org.bouncycastle.asn1.ASN1ObjectIdentifier attributeIdentifier, org.bouncycastle.asn1.ASN1Set attributeValues)
      Returns octets from the given attribute for ATS-Hash-Index-v3 table
      Parameters:
      attributeIdentifier - ASN1ObjectIdentifier of the corresponding Attribute
      attributeValues - ASN1Set of the corresponding Attribute
      Returns:
      byte array representing an octet string

    • getEvidenceRecordOids

      public static List<org.bouncycastle.asn1.ASN1ObjectIdentifier> getEvidenceRecordOids()
      Returns a list of all CMS evidence record identifiers
      Returns:
      a list of ASN1ObjectIdentifiers

    • getEvidenceRecordIncorporationType

      public static EvidenceRecordIncorporationType getEvidenceRecordIncorporationType(org.bouncycastle.asn1.ASN1ObjectIdentifier unsignedAttributeOID)
      Gets the evidence record incorporation type based on the unsignedAttributeOID
      Parameters:
      unsignedAttributeOID - ASN1ObjectIdentifier
      Returns:
      EvidenceRecordIncorporationType

    • containsEvidenceRecord

      public static boolean containsEvidenceRecord(org.bouncycastle.cms.SignerInformation signerInformation)
      Checks if the given signer contains an evidence record unsigned attribute
      Parameters:
      signerInformation - SignerInformation
      Returns:
      TRUE if an evidence record attribute is present within unsigned attributes table, FALSE otherwise

    • getEvidenceRecordGenerationTime

      public static Date getEvidenceRecordGenerationTime(org.bouncycastle.asn1.tsp.EvidenceRecord evidenceRecord)
      Gets a generation time of the evidence record as indicated by the first timestamp's generation time
      Parameters:
      evidenceRecord - EvidenceRecord to get a generation time for
      Returns:
      Date generation time

    • isEmpty

      public static boolean isEmpty(org.bouncycastle.asn1.cms.AttributeTable attributeTable)
      Checks if the attributeTable is empty
      Parameters:
      attributeTable - AttributeTable
      Returns:
      TRUE if the attribute table is empty, FALSE otherwise

    • emptyIfNull

      public static org.bouncycastle.asn1.cms.AttributeTable emptyIfNull(org.bouncycastle.asn1.cms.AttributeTable originalAttributeTable)
      Returns the current originalAttributeTable if instantiated, an empty AttributeTable if null
      Parameters:
      originalAttributeTable - AttributeTable
      Returns:
      AttributeTable

    • isAttributeOfType

      public static boolean isAttributeOfType(org.bouncycastle.asn1.cms.Attribute attribute, org.bouncycastle.asn1.ASN1ObjectIdentifier asn1ObjectIdentifier)
      Checks if the given attribute is an instance of the expected asn1ObjectIdentifier type
      Parameters:
      attribute - Attribute to check
      asn1ObjectIdentifier - ASN1ObjectIdentifier type to check against
      Returns:
      TRUE if the attribute is of type asn1ObjectIdentifier, FALSE otherwise

    • getTimeStampToken

      public static org.bouncycastle.tsp.TimeStampToken getTimeStampToken(org.bouncycastle.asn1.cms.Attribute attribute)
      Creates a TimeStampToken from the provided attribute
      Parameters:
      attribute - Attribute to generate TimeStampToken from
      Returns:
      TimeStampToken

    • getCMSSignedData

      public static org.bouncycastle.cms.CMSSignedData getCMSSignedData(org.bouncycastle.asn1.cms.Attribute attribute) throws org.bouncycastle.cms.CMSException, IOException
      Creates a CMSSignedData from the provided attribute
      Parameters:
      attribute - Attribute to generate CMSSignedData from
      Returns:
      CMSSignedData
      Throws:
      IOException - in case of encoding exception
      org.bouncycastle.cms.CMSException - in case if the provided attribute cannot be converted to CMSSignedData

    • getEncodedValue

      public static byte[] getEncodedValue(org.bouncycastle.asn1.cms.Attribute attribute) throws IOException
      Gets encoded value of the Attribute
      Parameters:
      attribute - Attribute to get encoded binaries for
      Returns:
      byte array
      Throws:
      IOException - if an exception on data reading occurs

    • getEncapsulatedContentType

      @Deprecated public static org.bouncycastle.asn1.ASN1ObjectIdentifier getEncapsulatedContentType(org.bouncycastle.cms.CMSSignedData cmsSignedData)
      Deprecated.
      since DSS 6.3. To be removed.
      Gets the SignedData.encapContentInfo.eContentType identifier value
      Parameters:
      cmsSignedData - CMSSignedData
      Returns:
      ASN1ObjectIdentifier cmsSignedData.getSignedContentTypeOID()

    • getSignedDataEncodedOCSPResponse

      public static byte[] getSignedDataEncodedOCSPResponse(byte[] binaries, org.bouncycastle.asn1.ASN1ObjectIdentifier objectIdentifier)
      This method returns encoded binaries used for OCSP token incorporation within a SignedData.crls attribute
      Parameters:
      binaries - byte array containing OCSP token
      objectIdentifier - ASN1ObjectIdentifier
      Returns:
      encoded binaries

    • getAsn1Encodable

      @Deprecated public static org.bouncycastle.asn1.ASN1Encodable getAsn1Encodable(org.bouncycastle.asn1.cms.Attribute attribute)
      Deprecated.
      since DSS 6.3. See DSSASN1Utils#getAsn1Encodable(Attribute)
      Returns ASN1Encodable of the attribute
      Parameters:
      attribute - Attribute
      Returns:
      ASN1Encodable