/** * Returns the encoded form of this certificate. X.509 certificates would be encoded as ASN.1 DER. * * @return the encoded form of this certificate */ @Override public byte[] getEncoded() { final byte[] bytes = DSSUtils.getEncoded(x509Certificate); return bytes; }
@Override public byte[] getEncoded() { return DSSUtils.getEncoded(timeStamp); }
/** * Returns the encoded base 64 digest value of the certificate for a given algorithm. Can return null if the * algorithm is unknown. * * @param digestAlgorithm * @return */ public String getDigestValue(final DigestAlgorithm digestAlgorithm) { if (digests == null) { digests = new HashMap<DigestAlgorithm, String>(); } String encodedDigest = digests.get(digestAlgorithm); if (encodedDigest == null) { final byte[] digest = DSSUtils.digest(digestAlgorithm, DSSUtils.getEncoded(x509Certificate)); encodedDigest = DSSUtils.base64Encode(digest); digests.put(digestAlgorithm, encodedDigest); } return encodedDigest; }
private void addCertificate(final Element x509DataDom, final X509Certificate x509Certificate) { final byte[] encoded = DSSUtils.getEncoded(x509Certificate); final String base64Encoded = DSSUtils.base64Encode(encoded); // <ds:X509Certificate>...</ds:X509Certificate> DSSXMLUtils.addTextElement(documentDom, x509DataDom, XMLNS, DS_X509_CERTIFICATE, base64Encoded); }
private boolean extractSigningCertificateFromResponse(final CertificatePool certificatePool) { for (final X509CertificateHolder x509CertificateHolder : basicOCSPResp.getCerts()) { final byte[] encoded = DSSUtils.getEncoded(x509CertificateHolder); final X509Certificate x509Certificate = DSSUtils.loadCertificate(encoded); final CertificateToken certToken = certificatePool.getInstance(x509Certificate, CertificateSourceType.OCSP_RESPONSE); if (isSignedBy(certToken)) { return true; } } return false; }
private static void prepareCertificateChain(SignatureParameters parameters, WsParameters wsParameters) { final List<ChainCertificate> certificateChain = parameters.getCertificateChain(); if (!DSSUtils.isEmpty(certificateChain)) { final List<WsChainCertificate> wsChainCertificateList = wsParameters.getChainCertificateList(); for (final ChainCertificate chainCertificate : certificateChain) { final WsChainCertificate wsChainCertificate = new WsChainCertificate(); final X509Certificate x509Certificate = chainCertificate.getX509Certificate(); wsChainCertificate.setX509Certificate(DSSUtils.getEncoded(x509Certificate)); wsChainCertificate.setSignedAttribute(chainCertificate.isSignedAttribute()); wsChainCertificateList.add(wsChainCertificate); } } }
/** * Setup the time stamp request * * @param digestAlgorithm {@code DigestAlgorithm} used to generate the message imprint * @param digest digest value as byte array * @return array of bytes representing the {@code TimeStampRequest} * @throws DSSException */ private byte[] generateTimestampRequest(final DigestAlgorithm digestAlgorithm, final byte[] digest) throws DSSException { final TimeStampRequestGenerator tsqGenerator = new TimeStampRequestGenerator(); tsqGenerator.setCertReq(certReq); if (reqPolicyOid != null) { tsqGenerator.setReqPolicy(reqPolicyOid); } final ASN1ObjectIdentifier asn1ObjectIdentifier = digestAlgorithm.getOid(); final BigInteger nonce = getNonce(); final TimeStampRequest request = tsqGenerator.generate(asn1ObjectIdentifier, digest, nonce); return DSSUtils.getEncoded(request); }
private void addSigningCertificateAttribute(final SignatureParameters parameters, final ASN1EncodableVector signedAttributes) throws DSSException { final DigestAlgorithm digestAlgorithm = parameters.getDigestAlgorithm(); final List<ChainCertificate> chainCertificateList = parameters.getCertificateChain(); final List<ASN1Encodable> signingCertificates = new ArrayList<ASN1Encodable>(); for (final ChainCertificate chainCertificate : chainCertificateList) { if (!chainCertificate.isSignedAttribute()) { continue; } final X509Certificate signingCertificate = chainCertificate.getX509Certificate(); final byte[] encoded = DSSUtils.getEncoded(signingCertificate); final byte[] certHash = DSSUtils.digest(digestAlgorithm, encoded); if (LOG.isDebugEnabled()) { LOG.debug("Adding Certificate Hash {} with algorithm {}", DSSUtils.encodeHexString(certHash), digestAlgorithm.getName()); } final IssuerSerial issuerSerial = DSSUtils.getIssuerSerial(signingCertificate); ASN1Encodable asn1Encodable; if (digestAlgorithm == SHA1) { final ESSCertID essCertID = new ESSCertID(certHash, issuerSerial); asn1Encodable = new SigningCertificate(essCertID); } else { asn1Encodable = new ESSCertIDv2(digestAlgorithm.getAlgorithmIdentifier(), certHash, issuerSerial); } signingCertificates.add(asn1Encodable); } final Attribute attribute = createSigningCertificateAttributes(digestAlgorithm, signingCertificates); signedAttributes.add(attribute); }
incorporateDigestMethod(certDigestDom, signingCertificateDigestMethod); final InMemoryDocument inMemoryCertificate = new InMemoryDocument(DSSUtils.getEncoded(certificate)); incorporateDigestValue(certDigestDom, signingCertificateDigestMethod, inMemoryCertificate);
for (final OCSPToken ocspToken : revocationDataForInclusion.ocspTokens) { final BasicOCSPResp basicOCSPResp = ocspToken.getBasicOCSPResp(); newOtherRevocationInfoFormatStore.add(DSSASN1Utils.toASN1Primitive(DSSUtils.getEncoded(basicOCSPResp)));
/** * Constructor with an indication of the timestamp type. The default constructor for {@code TimestampToken}. * * @param timeStamp {@code TimeStampToken} * @param type {@code TimestampType} * @param certPool {@code CertificatePool} which is used to identify the signing certificate of the timestamp */ public TimestampToken(final TimeStampToken timeStamp, final TimestampType type, final CertificatePool certPool) { this.timeStamp = timeStamp; this.timeStampType = type; this.extraInfo = new TokenValidationExtraInfo(); wrappedSource = new CAdESCertificateSource(timeStamp, certPool); final Collection<CertificateToken> certs = wrappedSource.getCertificates(); for (final CertificateToken certificateToken : certs) { final byte[] encoded = certificateToken.getEncoded(); final Certificate certificate = Certificate.getInstance(encoded); final X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(certificate); if (timeStamp.getSID().match(x509CertificateHolder)) { boolean valid = isSignedBy(certificateToken); if (valid) { break; } } } final byte[] digest = DSSUtils.digest(DigestAlgorithm.MD5, DSSUtils.getEncoded(timeStamp)); final String base64Encoded = DSSUtils.base64Encode(digest); dssId = base64Encoded.hashCode(); }
private static void prepareKeyParameters(SignatureParameters parameters, WsParameters wsParameters) { final String signatureLevelString = parameters.getSignatureLevel().name(); final SignatureLevel signatureLevel = SignatureLevel.fromValue(signatureLevelString); wsParameters.setSignatureLevel(signatureLevel); final String signaturePackagingString = parameters.getSignaturePackaging().name(); final SignaturePackaging signaturePackaging = SignaturePackaging.valueOf(signaturePackagingString); wsParameters.setSignaturePackaging(signaturePackaging); final String encryptionAlgorithmString = parameters.getEncryptionAlgorithm().name(); final EncryptionAlgorithm encryptionAlgorithm = EncryptionAlgorithm.fromValue(encryptionAlgorithmString); wsParameters.setEncryptionAlgorithm(encryptionAlgorithm); // System.out.println("####>: " + parameters.getDigestAlgorithm()); final String digestAlgorithmString = parameters.getDigestAlgorithm().name(); final DigestAlgorithm digestAlgorithm = DigestAlgorithm.fromValue(digestAlgorithmString); wsParameters.setDigestAlgorithm(digestAlgorithm); final XMLGregorianCalendar xmlGregorianCalendar = DSSXMLUtils.createXMLGregorianCalendar(new Date()); wsParameters.setSigningDate(xmlGregorianCalendar); final byte[] encoded = DSSUtils.getEncoded(parameters.getSigningCertificate()); wsParameters.setSigningCertificateBytes(encoded); }