@Override public DigestAlgorithm getDigestAlgorithm() { final String digestAlgOID = signerInformation.getDigestAlgOID(); return DigestAlgorithm.forOID(digestAlgOID); }
/** * Returns the digest algorithm associated to the given OID. * * @param oid * @return */ public static DigestAlgorithm forOID(final String oid) { ASN1ObjectIdentifier asn1ObjectIdentifier = new ASN1ObjectIdentifier(oid); final DigestAlgorithm algorithm = forOID(asn1ObjectIdentifier); return algorithm; }
/** * Retrieves the {@code DigestAlgorithm} used to generate the digest value to timestamp. * * @return {@code DigestAlgorithm} */ public DigestAlgorithm getSignedDataDigestAlgo() { final ASN1ObjectIdentifier oid = timeStamp.getTimeStampInfo().getHashAlgorithm().getAlgorithm(); return DigestAlgorithm.forOID(oid); }
/** * The default constructor for OCSPRef. */ public OCSPRef(final OtherHash otherHash, final boolean matchOnlyBasicOCSPResponse) { if (otherHash != null) { // -444 this.digestAlgorithm = DigestAlgorithm.forOID(otherHash.getHashAlgorithm().getAlgorithm()); this.digestValue = otherHash.getHashValue(); } this.matchOnlyBasicOCSPResponse = matchOnlyBasicOCSPResponse; }
/** * Checks if the {@code TimeStampToken} matches the signed data. * * @param data the array of {@code byte} representing the timestamped data * @return true if the data is verified by the TimeStampToken */ public boolean matchData(final byte[] data) { try { messageImprintData = data != null; final TimeStampTokenInfo timeStampInfo = timeStamp.getTimeStampInfo(); final ASN1ObjectIdentifier hashAlgorithm = timeStampInfo.getHashAlgorithm().getAlgorithm(); final DigestAlgorithm digestAlgorithm = DigestAlgorithm.forOID(hashAlgorithm); final byte[] computedDigest = DSSUtils.digest(digestAlgorithm, data); final byte[] timestampDigest = timeStampInfo.getMessageImprintDigest(); messageImprintIntact = Arrays.equals(computedDigest, timestampDigest); if (!messageImprintIntact) { LOG.error("Extracted data from the document: {}", DSSUtils.encodeHexString(data, 200)); LOG.error("Computed digest ({}) on the extracted data from the document : {}", digestAlgorithm, DSSUtils.encodeHexString(computedDigest)); LOG.error("Digest present in TimestampToken: {}", DSSUtils.encodeHexString(timestampDigest)); LOG.error("Digest in TimestampToken matches digest of extracted data from document: {}", messageImprintIntact); } } catch (DSSException e) { messageImprintIntact = false; signedDataMessage = "Timestamp digest problem: " + e.getMessage(); } return messageImprintIntact; }
/** * Extract the Unsigned Attribute Archive Timestamp Cert Hash Index from a timestampToken * * @param timestampToken * @return */ private AlgorithmIdentifier getAlgorithmIdentifier(final TimestampToken timestampToken) { final ASN1Sequence timestampAttributeAtsHashIndexValue = getAtsHashIndex(timestampToken); if (timestampAttributeAtsHashIndexValue.size() > 3) { final int algorithmIndex = 0; final ASN1Encodable asn1Encodable = timestampAttributeAtsHashIndexValue.getObjectAt(algorithmIndex); if (asn1Encodable instanceof ASN1Sequence) { final ASN1Sequence asn1Sequence = (ASN1Sequence) asn1Encodable; final ASN1ObjectIdentifier asn1ObjectIdentifier = (ASN1ObjectIdentifier) asn1Sequence.getObjectAt(0); hashIndexDigestAlgorithm = DigestAlgorithm.forOID(asn1ObjectIdentifier); return AlgorithmIdentifier.getInstance(asn1Sequence); } else if (asn1Encodable instanceof DERObjectIdentifier) { // TODO (16/11/2014): The relevance and usefulness of the test case must be checked (do the signatures like this exist?) ASN1ObjectIdentifier derObjectIdentifier = ASN1ObjectIdentifier.getInstance(asn1Encodable); hashIndexDigestAlgorithm = DigestAlgorithm.forOID(derObjectIdentifier.getId()); return new AlgorithmIdentifier(derObjectIdentifier); } } hashIndexDigestAlgorithm = DEFAULT_ARCHIVE_TIMESTAMP_HASH_ALGO; return null; }
@Override public List<TimestampReference> getTimestampedReferences() { final List<TimestampReference> references = new ArrayList<TimestampReference>(); final List<CertificateRef> certRefs = getCertificateRefs(); for (final CertificateRef certificateRef : certRefs) { final String digestValue = DSSUtils.base64Encode(certificateRef.getDigestValue()); final DigestAlgorithm digestAlgorithm = DigestAlgorithm.forOID(certificateRef.getDigestAlgorithm()); usedCertificatesDigestAlgorithms.add(digestAlgorithm); final TimestampReference reference = new TimestampReference(digestAlgorithm.name(), digestValue); references.add(reference); } final List<OCSPRef> ocspRefs = getOCSPRefs(); for (final OCSPRef ocspRef : ocspRefs) { final DigestAlgorithm digestAlgorithm = ocspRef.getDigestAlgorithm(); if (digestAlgorithm == null) { // -444 continue; } final String digestValue = DSSUtils.base64Encode(ocspRef.getDigestValue()); TimestampReference reference = new TimestampReference(digestAlgorithm.getName(), digestValue, TimestampReferenceCategory.REVOCATION); references.add(reference); } final List<CRLRef> crlRefs = getCRLRefs(); for (final CRLRef crlRef : crlRefs) { final String digestValue = DSSUtils.base64Encode(crlRef.getDigestValue()); TimestampReference reference = new TimestampReference(crlRef.getDigestAlgorithm().getName(), digestValue, TimestampReferenceCategory.REVOCATION); references.add(reference); } return references; }
final DigestAlgorithm digestAlgorithm = DigestAlgorithm.forOID(algorithmId); signingCertificateValidity.setDigestAlgorithm(digestAlgorithm); if (digestAlgorithm != lastDigestAlgorithm) {
@Override public boolean isSignedBy(final CertificateToken issuerToken) { if (this.issuerToken != null) { return this.issuerToken.equals(issuerToken); } final TimestampValidation timestampValidation = validateTimestampToken(timeStamp, issuerToken); final TimestampValidity timestampValidity = timestampValidation.getValidity(); signatureInvalidityReason = timestampValidity.name(); signatureValid = timestampValidation.isValid(); if (signatureValid) { this.issuerToken = issuerToken; issuerX500Principal = issuerToken.getSubjectX500Principal(); final String algorithm = issuerToken.getPublicKey().getAlgorithm(); final EncryptionAlgorithm encryptionAlgorithm = EncryptionAlgorithm.forName(algorithm); final AlgorithmIdentifier hashAlgorithm = timeStamp.getTimeStampInfo().getHashAlgorithm(); final DigestAlgorithm digestAlgorithm = DigestAlgorithm.forOID(hashAlgorithm.getAlgorithm()); algorithmUsedToSignToken = SignatureAlgorithm.getAlgorithm(encryptionAlgorithm, digestAlgorithm); } return signatureValid; }
final DigestAlgorithm digestAlgorithm = DigestAlgorithm.forOID(algorithmId); usedCertificatesDigestAlgorithms.add(digestAlgorithm); final byte[] certHash = essCertIDv2.getCertHash();
/** * The default constructor for CRLRef. * * @param cmsRef * @throws ParseException */ public CRLRef(CrlValidatedID cmsRef) { try { final CrlIdentifier crlIdentifier = cmsRef.getCrlIdentifier(); if (crlIdentifier != null) { crlIssuer = crlIdentifier.getCrlIssuer(); crlIssuedTime = crlIdentifier.getCrlIssuedTime().getDate(); crlNumber = crlIdentifier.getCrlNumber(); } final OtherHash crlHash = cmsRef.getCrlHash(); digestAlgorithm = DigestAlgorithm.forOID(crlHash.getHashAlgorithm().getAlgorithm()); digestValue = crlHash.getHashValue(); } catch (ParseException ex) { throw new DSSException(ex); } }
final AlgorithmIdentifier signPolicyHashAlgIdentifier = AlgorithmIdentifier.getInstance(signPolicyHashAlgObject); final String signPolicyHashAlgOID = signPolicyHashAlgIdentifier.getAlgorithm().getId(); signPolicyHashAlgFromPolicy = DigestAlgorithm.forOID(signPolicyHashAlgOID);
final DigestAlgorithm digestAlgorithm = DigestAlgorithm.forOID(digestAlgorithmOID); signaturePolicy.setDigestAlgorithm(digestAlgorithm);