本文整理汇总了Java中org.bouncycastle.asn1.cms.Attribute.getAttrValues方法的典型用法代码示例。如果您正苦于以下问题:Java Attribute.getAttrValues方法的具体用法?Java Attribute.getAttrValues怎么用?Java Attribute.getAttrValues使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.asn1.cms.Attribute的用法示例。
在下文中一共展示了Attribute.getAttrValues方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getSingleValuedSignedAttribute
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
private ASN1Primitive getSingleValuedSignedAttribute(
ASN1ObjectIdentifier attrOID, String printableName)
throws CMSException
{
AttributeTable unsignedAttrTable = this.getUnsignedAttributes();
if (unsignedAttrTable != null
&& unsignedAttrTable.getAll(attrOID).size() > 0)
{
throw new CMSException("The " + printableName
+ " attribute MUST NOT be an unsigned attribute");
}
AttributeTable signedAttrTable = this.getSignedAttributes();
if (signedAttrTable == null)
{
return null;
}
ASN1EncodableVector v = signedAttrTable.getAll(attrOID);
switch (v.size())
{
case 0:
return null;
case 1:
{
Attribute t = (Attribute)v.get(0);
ASN1Set attrValues = t.getAttrValues();
if (attrValues.size() != 1)
{
throw new CMSException("A " + printableName
+ " attribute MUST have a single attribute value");
}
return attrValues.getObjectAt(0).toASN1Primitive();
}
default:
throw new CMSException("The SignedAttributes in a signerInfo MUST NOT include multiple instances of the "
+ printableName + " attribute");
}
}
示例2: verifySigningCertificateV1
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
private void verifySigningCertificateV1(final BigInteger signingTokenSerialNumber, final GeneralNames signingTokenIssuerName,
final Attribute signingCertificateAttributeV1) {
final DigestAlgorithm digestAlgorithm = DigestAlgorithm.SHA1;
final byte[] signingTokenCertHash = signingCertificateValidity.getCertificateToken().getDigest(digestAlgorithm);
if (LOG.isDebugEnabled()) {
LOG.debug("Candidate Certificate Hash {} with algorithm {}", Utils.toHex(signingTokenCertHash), digestAlgorithm.getName());
}
final ASN1Set attrValues = signingCertificateAttributeV1.getAttrValues();
for (int ii = 0; ii < attrValues.size(); ii++) {
final ASN1Encodable asn1Encodable = attrValues.getObjectAt(ii);
final SigningCertificate signingCertificate = SigningCertificate.getInstance(asn1Encodable);
final ESSCertID[] essCertIDs = signingCertificate.getCerts();
for (final ESSCertID essCertID : essCertIDs) {
final byte[] certHash = essCertID.getCertHash();
signingCertificateValidity.setDigestPresent(true);
if (LOG.isDebugEnabled()) {
LOG.debug("Found Certificate Hash in signingCertificateAttributeV1 {} with algorithm {}", Utils.toHex(certHash), digestAlgorithm.getName());
}
final IssuerSerial issuerSerial = essCertID.getIssuerSerial();
final boolean match = verifySigningCertificateReferences(signingTokenSerialNumber, signingTokenIssuerName, signingTokenCertHash, certHash,
issuerSerial);
if (match) {
return;
}
LOG.warn(
"RFC 2634: The first certificate identified in the sequence of certificate identifiers MUST be the certificate used to verify the signature.");
}
}
}
示例3: getSigningTime
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
@Override
public Date getSigningTime() {
final Attribute attr = getSignedAttribute(PKCSObjectIdentifiers.pkcs_9_at_signingTime);
if (attr == null) {
return null;
}
final ASN1Set attrValues = attr.getAttrValues();
final ASN1Encodable attrValue = attrValues.getObjectAt(0);
final Date signingDate = DSSASN1Utils.getDate(attrValue);
if (signingDate != null) {
/*
* RFC 3852 [4] states that "dates between January 1, 1950 and
* December 31, 2049 (inclusive) must be encoded as UTCTime. Any
* dates with year values before 1950 or after 2049 must be encoded
* as GeneralizedTime".
*/
if (!(signingDate.before(JANUARY_1950) && signingDate.after(JANUARY_2050))) {
// must be ASN1UTCTime
if (!(attrValue instanceof ASN1UTCTime)) {
LOG.error(
"RFC 3852 states that dates between January 1, 1950 and December 31, 2049 (inclusive) must be encoded as UTCTime. Any dates with year values before 1950 or after 2049 must be encoded as GeneralizedTime. Date found is {} encoded as {}",
signingDate.toString(), attrValue.getClass());
return null;
}
}
return signingDate;
}
if (LOG.isErrorEnabled()) {
LOG.error("Error when reading signing time. Unrecognized " + attrValue.getClass());
}
return null;
}
示例4: getCommitmentTypeIndication
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
@Override
public CommitmentType getCommitmentTypeIndication() {
final Attribute commitmentTypeIndicationAttribute = getSignedAttribute(PKCSObjectIdentifiers.id_aa_ets_commitmentType);
if (commitmentTypeIndicationAttribute == null) {
return null;
}
try {
CommitmentType commitmentType = null;
final ASN1Set attrValues = commitmentTypeIndicationAttribute.getAttrValues();
final int size = attrValues.size();
if (size > 0) {
commitmentType = new CommitmentType();
for (int ii = 0; ii < size; ii++) {
if (attrValues.getObjectAt(ii) instanceof DERSequence) {
final DERSequence derSequence = (DERSequence) attrValues.getObjectAt(ii);
final CommitmentTypeIndication commitmentTypeIndication = CommitmentTypeIndication.getInstance(derSequence);
final ASN1ObjectIdentifier commitmentTypeId = commitmentTypeIndication.getCommitmentTypeId();
commitmentType.addIdentifier(commitmentTypeId.getId());
} else {
LOG.warn("Unsupported type for CommitmentType : " + attrValues.getObjectAt(ii).getClass());
}
}
}
return commitmentType;
} catch (Exception e) {
throw new DSSException("Error when dealing with CommitmentTypeIndication!", e);
}
}
示例5: createTimestamps
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
private List<TimestampToken> createTimestamps(final ASN1ObjectIdentifier attrType, final TimestampType timestampType,
final ArchiveTimestampType archiveTimestampType) {
final List<TimestampToken> timestampTokenList = new ArrayList<TimestampToken>();
final AttributeTable attributes = attrType.equals(id_aa_ets_contentTimestamp) ? signerInformation.getSignedAttributes()
: signerInformation.getUnsignedAttributes();
if (attributes != null) {
final ASN1EncodableVector allAttributes = attributes.getAll(attrType);
for (int ii = 0; ii < allAttributes.size(); ii++) {
final Attribute attribute = (Attribute) allAttributes.get(ii);
final ASN1Set attrValues = attribute.getAttrValues();
for (final ASN1Encodable value : attrValues.toArray()) {
if (value instanceof DEROctetString) {
LOG.warn("Illegal content for timestamp (OID : " + attrType + ") : OCTET STRING is not allowed !");
} else {
try {
byte[] encoded = value.toASN1Primitive().getEncoded();
final TimestampToken timestampToken = new TimestampToken(encoded, timestampType, certPool);
timestampToken.setArchiveTimestampType(archiveTimestampType);
timestampTokenList.add(timestampToken);
} catch (Exception e) {
throw new DSSException(e);
}
}
}
}
}
return timestampTokenList;
}
示例6: getCertificateRefs
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
@Override
public List<CertificateRef> getCertificateRefs() {
final List<CertificateRef> list = new ArrayList<CertificateRef>();
final Attribute attribute = getUnsignedAttribute(id_aa_ets_certificateRefs);
if (attribute == null) {
return list;
}
final ASN1Set attrValues = attribute.getAttrValues();
if (attrValues.size() <= 0) {
return list;
}
final ASN1Encodable attrValue = attrValues.getObjectAt(0);
final ASN1Sequence completeCertificateRefs = (ASN1Sequence) attrValue;
for (int i = 0; i < completeCertificateRefs.size(); i++) {
final OtherCertID otherCertId = OtherCertID.getInstance(completeCertificateRefs.getObjectAt(i));
final CertificateRef certId = new CertificateRef();
certId.setDigestAlgorithm(DigestAlgorithm.forOID(otherCertId.getAlgorithmHash().getAlgorithm().getId()));
certId.setDigestValue(otherCertId.getCertHash());
final IssuerSerial issuer = otherCertId.getIssuerSerial();
if (issuer != null) {
final GeneralNames issuerName = issuer.getIssuer();
if (issuerName != null) {
certId.setIssuerName(issuerName.toString());
}
final ASN1Integer issuerSerial = issuer.getSerial();
if (issuerSerial != null) {
certId.setIssuerSerial(issuerSerial.toString());
}
}
list.add(certId);
}
return list;
}
示例7: getCRLRefs
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
@Override
public List<CRLRef> getCRLRefs() {
final List<CRLRef> list = new ArrayList<CRLRef>();
try {
final Attribute attribute = getUnsignedAttribute(PKCSObjectIdentifiers.id_aa_ets_revocationRefs);
if (attribute == null) {
return list;
}
final ASN1Set attrValues = attribute.getAttrValues();
if (attrValues.size() <= 0) {
return list;
}
final ASN1Encodable attrValue = attrValues.getObjectAt(0);
final ASN1Sequence completeCertificateRefs = (ASN1Sequence) attrValue;
for (int ii = 0; ii < completeCertificateRefs.size(); ii++) {
final ASN1Encodable completeCertificateRef = completeCertificateRefs.getObjectAt(ii);
final CrlOcspRef otherCertId = CrlOcspRef.getInstance(completeCertificateRef);
final CrlListID otherCertIds = otherCertId.getCrlids();
if (otherCertIds != null) {
for (final CrlValidatedID id : otherCertIds.getCrls()) {
final CRLRef crlRef = new CRLRef(id);
list.add(crlRef);
}
}
}
} catch (Exception e) {
// When error in computing or in format, the algorithm just
// continues.
LOG.warn("When error in computing or in format the algorithm just continue...", e);
}
return list;
}
示例8: getOCSPRefs
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
@Override
public List<OCSPRef> getOCSPRefs() {
final List<OCSPRef> list = new ArrayList<OCSPRef>();
final Attribute attribute = getUnsignedAttribute(PKCSObjectIdentifiers.id_aa_ets_revocationRefs);
if (attribute == null) {
return list;
}
final ASN1Set attrValues = attribute.getAttrValues();
if (attrValues.size() <= 0) {
return list;
}
final ASN1Encodable attrValue = attrValues.getObjectAt(0);
final ASN1Sequence completeRevocationRefs = (ASN1Sequence) attrValue;
for (int i = 0; i < completeRevocationRefs.size(); i++) {
final CrlOcspRef otherCertId = CrlOcspRef.getInstance(completeRevocationRefs.getObjectAt(i));
final OcspListID ocspListID = otherCertId.getOcspids();
if (ocspListID != null) {
for (final OcspResponsesID ocspResponsesID : ocspListID.getOcspResponses()) {
final OtherHash otherHash = ocspResponsesID.getOcspRepHash();
final OCSPRef ocspRef = new OCSPRef(otherHash, true);
list.add(ocspRef);
}
}
}
return list;
}
示例9: getAtsHashIndex
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
/**
* @param timestampToken
* @return the content of SignedAttribute: ATS-hash-index unsigned attribute {itu-t(0) identified-organization(4)
* etsi(0) electronic-signature-standard(1733) attributes(2) 5}
*/
private ASN1Sequence getAtsHashIndex(TimestampToken timestampToken) {
final AttributeTable timestampTokenUnsignedAttributes = timestampToken.getUnsignedAttributes();
final Attribute atsHashIndexAttribute = timestampTokenUnsignedAttributes.get(id_aa_ATSHashIndex);
if (atsHashIndexAttribute != null) {
final ASN1Set attrValues = atsHashIndexAttribute.getAttrValues();
if (attrValues != null && attrValues.size() > 0) {
return (ASN1Sequence) attrValues.getObjectAt(0).toASN1Primitive();
}
}
return null;
}
示例10: getCounterSignatures
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
/**
* Return a SignerInformationStore containing the counter signatures attached to this
* signer. If no counter signatures are present an empty store is returned.
*/
public SignerInformationStore getCounterSignatures()
{
// TODO There are several checks implied by the RFC3852 comments that are missing
/*
The countersignature attribute MUST be an unsigned attribute; it MUST
NOT be a signed attribute, an authenticated attribute, an
unauthenticated attribute, or an unprotected attribute.
*/
AttributeTable unsignedAttributeTable = getUnsignedAttributes();
if (unsignedAttributeTable == null)
{
return new SignerInformationStore(new ArrayList(0));
}
List counterSignatures = new ArrayList();
/*
The UnsignedAttributes syntax is defined as a SET OF Attributes. The
UnsignedAttributes in a signerInfo may include multiple instances of
the countersignature attribute.
*/
ASN1EncodableVector allCSAttrs = unsignedAttributeTable.getAll(CMSAttributes.counterSignature);
for (int i = 0; i < allCSAttrs.size(); ++i)
{
Attribute counterSignatureAttribute = (Attribute)allCSAttrs.get(i);
/*
A countersignature attribute can have multiple attribute values. The
syntax is defined as a SET OF AttributeValue, and there MUST be one
or more instances of AttributeValue present.
*/
ASN1Set values = counterSignatureAttribute.getAttrValues();
if (values.size() < 1)
{
// TODO Throw an appropriate exception?
}
for (Enumeration en = values.getObjects(); en.hasMoreElements();)
{
/*
Countersignature values have the same meaning as SignerInfo values
for ordinary signatures, except that:
1. The signedAttributes field MUST NOT contain a content-type
attribute; there is no content type for countersignatures.
2. The signedAttributes field MUST contain a message-digest
attribute if it contains any other attributes.
3. The input to the message-digesting process is the contents
octets of the DER encoding of the signatureValue field of the
SignerInfo value with which the attribute is associated.
*/
SignerInfo si = SignerInfo.getInstance(en.nextElement());
counterSignatures.add(new SignerInformation(si, null, new CMSProcessableByteArray(getSignature()), null));
}
}
return new SignerInformationStore(counterSignatures);
}
示例11: getContainedOCSPResponses
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
@Override
public List<BasicOCSPResp> getContainedOCSPResponses() {
final List<BasicOCSPResp> basicOCSPResps = new ArrayList<BasicOCSPResp>();
// Add OCSPs from SignedData
addBasicOcspRespFrom_id_pkix_ocsp_basic(basicOCSPResps);
addBasicOcspRespFrom_id_ri_ocsp_response(basicOCSPResps);
// Adds OCSP responses in -XL id_aa_ets_revocationValues inside SignerInfo attribute if present
if (signerInformation != null) {
final AttributeTable attributes = signerInformation.getUnsignedAttributes();
if (attributes != null) {
final Attribute attribute = attributes.get(PKCSObjectIdentifiers.id_aa_ets_revocationValues);
/*
ETSI TS 101 733 V2.2.1 (2013-04) page 43
6.3.4 revocation-values Attribute Definition
This attribute is used to contain the revocation information required for the following forms of extended electronic
signature: CAdES-X Long, ES X-Long Type 1, and CAdES-X Long Type 2, see clause B.1.1 for an illustration of
this form of electronic signature.
The revocation-values attribute is an unsigned attribute. Only a single instance of this attribute shall occur with
an electronic signature. It holds the values of CRLs and OCSP referenced in the
complete-revocation-references attribute.
RevocationValues ::= SEQUENCE {
crlVals [0] SEQUENCE OF CertificateList OPTIONAL,
ocspVals [1] SEQUENCE OF BasicOCSPResponse OPTIONAL,
otherRevVals [2] OtherRevVals OPTIONAL}
*/
if (attribute != null) {
final ASN1Set attrValues = attribute.getAttrValues();
final ASN1Encodable attValue = attrValues.getObjectAt(0);
final RevocationValues revocationValues = RevocationValues.getInstance(attValue);
for (final BasicOCSPResponse basicOCSPResponse : revocationValues.getOcspVals()) {
final BasicOCSPResp basicOCSPResp = new BasicOCSPResp(basicOCSPResponse);
addBasicOcspResp(basicOCSPResps, basicOCSPResp);
}
/* TODO: should add also OtherRevVals, but:
"The syntax and semantics of the other revocation values (OtherRevVals) are outside the scope of the present
document. The definition of the syntax of the other form of revocation information is as identified by
OtherRevRefType."
*/
}
}
}
/* TODO (pades): Read revocation data from from unsigned attribute 1.2.840.113583.1.1.8
In the PKCS #7 object of a digital signature in a PDF file, identifies a signed attribute
that "can include all the revocation information that is necessary to carry out revocation
checks for the signer's certificate and its issuer certificates."
Defined as adbe-revocationInfoArchival { adbe(1.2.840.113583) acrobat(1) security(1) 8 } in "PDF Reference, fifth edition: Adobe® Portable Document Format, Version 1.6" Adobe Systems Incorporated, 2004.
http://partners.adobe.com/public/developer/en/pdf/PDFReference16.pdf page 698
RevocationInfoArchival ::= SEQUENCE {
crl [0] EXPLICIT SEQUENCE of CRLs, OPTIONAL
ocsp [1] EXPLICIT SEQUENCE of OCSP Responses, OPTIONAL
otherRevInfo [2] EXPLICIT SEQUENCE of OtherRevInfo, OPTIONAL
}
OtherRevInfo ::= SEQUENCE {
Type OBJECT IDENTIFIER
Value OCTET STRING
}
*/
return basicOCSPResps;
}
示例12: extract
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
private void extract() {
// Adds CRLs contained in SignedData
final Store<X509CRLHolder> crLs = cmsSignedData.getCRLs();
final Collection<X509CRLHolder> collection = crLs.getMatches(null);
for (final X509CRLHolder x509CRLHolder : collection) {
addX509CRLHolder(x509CRLHolder);
}
// Adds CRLs in -XL ... inside SignerInfo attribute if present
if (signerInformation != null) {
final AttributeTable attributes = signerInformation.getUnsignedAttributes();
if (attributes != null) {
/*
* ETSI TS 101 733 V2.2.1 (2013-04) page 43
* 6.3.4 revocation-values Attribute Definition
* This attribute is used to contain the revocation information required for the following forms of
* extended electronic
* signature: CAdES-X Long, ES X-Long Type 1, and CAdES-X Long Type 2, see clause B.1.1 for an
* illustration of
* this form of electronic signature.
* The revocation-values attribute is an unsigned attribute. Only a single instance of this attribute
* shall occur with
* an electronic signature. It holds the values of CRLs and OCSP referenced in the
* complete-revocation-references attribute.
*
* RevocationValues ::= SEQUENCE {
* crlVals [0] SEQUENCE OF CertificateList OPTIONAL,
* ocspVals [1] SEQUENCE OF BasicOCSPResponse OPTIONAL,
* otherRevVals [2] OtherRevVals OPTIONAL}
*/
final Attribute attribute = attributes.get(PKCSObjectIdentifiers.id_aa_ets_revocationValues);
if (attribute != null) {
final ASN1Set attrValues = attribute.getAttrValues();
final ASN1Encodable attValue = attrValues.getObjectAt(0);
final RevocationValues revValues = RevocationValues.getInstance(attValue);
for (final CertificateList revValue : revValues.getCrlVals()) {
addX509CRLHolder(new X509CRLHolder(revValue));
}
}
}
/*
* TODO (pades): Read revocation data from from unsigned attribute 1.2.840.113583.1.1.8
* In the PKCS #7 object of a digital signature in a PDF file, identifies a signed attribute
* that "can include all the revocation information that is necessary to carry out revocation
* checks for the signer's certificate and its issuer certificates."
* Defined as adbe-revocationInfoArchival { adbe(1.2.840.113583) acrobat(1) security(1) 8 } in
* "PDF Reference, fifth edition: Adobe® Portable Document Format, Version 1.6" Adobe Systems Incorporated,
* 2004.
* http://partners.adobe.com/public/developer/en/pdf/PDFReference16.pdf page 698
*
* RevocationInfoArchival ::= SEQUENCE {
* crl [0] EXPLICIT SEQUENCE of CRLs, OPTIONAL
* ocsp [1] EXPLICIT SEQUENCE of OCSP Responses, OPTIONAL
* otherRevInfo [2] EXPLICIT SEQUENCE of OtherRevInfo, OPTIONAL
* }
* OtherRevInfo ::= SEQUENCE {
* Type OBJECT IDENTIFIER
* Value OCTET STRING
* }
*/
// TODO: (Bob: 2013 Dec 03) --> NICOLAS: Is there any other container within the CAdES signature with
// revocation data? (ie: timestamp)
}
}
示例13: verifySigningCertificateV2
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
private void verifySigningCertificateV2(final BigInteger signingTokenSerialNumber, final GeneralNames signingTokenIssuerName,
final Attribute signingCertificateAttributeV2) {
final ASN1Set attrValues = signingCertificateAttributeV2.getAttrValues();
DigestAlgorithm lastDigestAlgorithm = null;
byte[] signingTokenCertHash = null;
for (int ii = 0; ii < attrValues.size(); ii++) {
final ASN1Encodable asn1Encodable = attrValues.getObjectAt(ii);
final SigningCertificateV2 signingCertificateAttribute = SigningCertificateV2.getInstance(asn1Encodable);
if (signingCertificateAttribute == null) {
LOG.warn("SigningCertificateV2 attribute is not well defined!");
continue;
}
final ESSCertIDv2[] essCertIDv2s = signingCertificateAttribute.getCerts();
for (final ESSCertIDv2 essCertIDv2 : essCertIDv2s) {
final String algorithmId = essCertIDv2.getHashAlgorithm().getAlgorithm().getId();
final DigestAlgorithm digestAlgorithm = DigestAlgorithm.forOID(algorithmId);
signingCertificateValidity.setDigestAlgorithm(digestAlgorithm);
if (digestAlgorithm != lastDigestAlgorithm) {
signingTokenCertHash = signingCertificateValidity.getCertificateToken().getDigest(digestAlgorithm);
if (LOG.isDebugEnabled()) {
LOG.debug("Candidate Certificate Hash {} with algorithm {}", Utils.toHex(signingTokenCertHash), digestAlgorithm.getName());
}
lastDigestAlgorithm = digestAlgorithm;
}
final byte[] certHash = essCertIDv2.getCertHash();
signingCertificateValidity.setDigestPresent(true);
if (LOG.isDebugEnabled()) {
LOG.debug("Found Certificate Hash in SigningCertificateV2 {} with algorithm {}", Utils.toHex(certHash), digestAlgorithm.getName());
}
final IssuerSerial issuerSerial = essCertIDv2.getIssuerSerial();
final boolean match = verifySigningCertificateReferences(signingTokenSerialNumber, signingTokenIssuerName, signingTokenCertHash, certHash,
issuerSerial);
if (match) {
return;
}
LOG.warn(
"RFC 5035: The first certificate identified in the sequence of certificate identifiers MUST be the certificate used to verify the signature.");
}
}
}
示例14: getClaimedSignerRoles
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
@Override
public String[] getClaimedSignerRoles() {
final Attribute id_aa_ets_signerAttr = getSignedAttribute(PKCSObjectIdentifiers.id_aa_ets_signerAttr);
if (id_aa_ets_signerAttr == null) {
return null;
}
final ASN1Set attrValues = id_aa_ets_signerAttr.getAttrValues();
final ASN1Encodable attrValue = attrValues.getObjectAt(0);
try {
final SignerAttribute signerAttr = SignerAttribute.getInstance(attrValue);
if (signerAttr == null) {
return null;
}
final List<String> claimedRoles = new ArrayList<String>();
final Object[] signerAttrValues = signerAttr.getValues();
for (final Object signerAttrValue : signerAttrValues) {
if (!(signerAttrValue instanceof org.bouncycastle.asn1.x509.Attribute[])) {
continue;
}
final org.bouncycastle.asn1.x509.Attribute[] signerAttrValueArray = (org.bouncycastle.asn1.x509.Attribute[]) signerAttrValue;
for (final org.bouncycastle.asn1.x509.Attribute claimedRole : signerAttrValueArray) {
final ASN1Encodable[] attrValues1 = claimedRole.getAttrValues().toArray();
for (final ASN1Encodable asn1Encodable : attrValues1) {
if (asn1Encodable instanceof ASN1String) {
ASN1String asn1String = (ASN1String) asn1Encodable;
final String s = asn1String.getString();
claimedRoles.add(s);
}
}
}
}
final String[] strings = claimedRoles.toArray(new String[claimedRoles.size()]);
return strings;
} catch (Exception e) {
LOG.error("Error when dealing with claimed signer roles: [" + attrValue.toString() + "]", e);
return null;
}
}
示例15: getCertifiedSignerRoles
import org.bouncycastle.asn1.cms.Attribute; //导入方法依赖的package包/类
@Override
public List<CertifiedRole> getCertifiedSignerRoles() {
final Attribute id_aa_ets_signerAttr = getSignedAttribute(PKCSObjectIdentifiers.id_aa_ets_signerAttr);
if (id_aa_ets_signerAttr == null) {
return null;
}
final ASN1Set attrValues = id_aa_ets_signerAttr.getAttrValues();
final ASN1Encodable asn1EncodableAttrValue = attrValues.getObjectAt(0);
try {
final SignerAttribute signerAttr = SignerAttribute.getInstance(asn1EncodableAttrValue);
if (signerAttr == null) {
return null;
}
List<CertifiedRole> roles = null;
final Object[] signerAttrValues = signerAttr.getValues();
for (final Object signerAttrValue : signerAttrValues) {
if (signerAttrValue instanceof AttributeCertificate) {
if (roles == null) {
roles = new ArrayList<CertifiedRole>();
}
final AttributeCertificate attributeCertificate = (AttributeCertificate) signerAttrValue;
final AttributeCertificateInfo acInfo = attributeCertificate.getAcinfo();
final AttCertValidityPeriod attrCertValidityPeriod = acInfo.getAttrCertValidityPeriod();
final ASN1Sequence attributes = acInfo.getAttributes();
for (int ii = 0; ii < attributes.size(); ii++) {
final ASN1Encodable objectAt = attributes.getObjectAt(ii);
final org.bouncycastle.asn1.x509.Attribute attribute = org.bouncycastle.asn1.x509.Attribute.getInstance(objectAt);
final ASN1Set attrValues1 = attribute.getAttrValues();
DERSequence derSequence = (DERSequence) attrValues1.getObjectAt(0);
RoleSyntax roleSyntax = RoleSyntax.getInstance(derSequence);
CertifiedRole certifiedRole = new CertifiedRole();
certifiedRole.setRole(roleSyntax.getRoleNameAsString());
certifiedRole.setNotBefore(DSSASN1Utils.toDate(attrCertValidityPeriod.getNotBeforeTime()));
certifiedRole.setNotAfter(DSSASN1Utils.toDate(attrCertValidityPeriod.getNotAfterTime()));
roles.add(certifiedRole);
}
}
}
return roles;
} catch (Exception e) {
LOG.error("Error when dealing with certified signer roles: [" + asn1EncodableAttrValue.toString() + "]", e);
return null;
}
}