Package eu.europa.esig.dss.spi

Class DSSASN1Utils

java.lang.Object

eu.europa.esig.dss.spi.DSSASN1Utils

public final class DSSASN1Utils
extends Object

Utility class that contains some ASN1 related method.

Method Summary

Modifier and Type	Method	Description
static org.bouncycastle.asn1.ASN1Primitive	buildSPDocSpecificationId(String oidOrUri)	Builds SPDocSpecification attribute from the given oidOrUri SPDocSpecification ::= CHOICE { oid OBJECT IDENTIFIER, uri IA5String }
static byte[]	computeSkiFromCert(CertificateToken certificateToken)	Computes SHA-1 hash of the certificateToken's public key
static byte[]	computeSkiFromCertPublicKey(PublicKey publicKey)	Computes SHA-1 hash of the given publicKey's
static org.bouncycastle.asn1.cms.AttributeTable	emptyIfNull(org.bouncycastle.asn1.cms.AttributeTable originalAttributeTable)	Deprecated. since DSS 6.1.
static byte[]	ensurePlainSignatureValue(EncryptionAlgorithm algorithm, byte[] signatureValue)	Converts the ANS.1 binary signature value to the concatenated (plain) R || S format if required NOTE: used in XAdES and JAdES
static String	extractAttributeFromX500Principal(org.bouncycastle.asn1.ASN1ObjectIdentifier identifier, X500PrincipalHelper principal)	Extract attribute with the identifier from X500PrincipalHelper
static List<org.bouncycastle.tsp.TimeStampToken>	findArchiveTimeStampTokens(org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes)	Deprecated. since DSS 6.1.
static Map<String,String>	get(X500Principal x500Principal)	Gets a map of X500 attribute names and the values
static org.bouncycastle.asn1.x509.AlgorithmIdentifier	getAlgorithmIdentifier(DigestAlgorithm digestAlgorithm)	Gets the ASN.1 algorithm identifier structure corresponding to a digest algorithm
static org.bouncycastle.asn1.x509.AlgorithmIdentifier	getAlgorithmIdentifier(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)	Gets the ASN.1 algorithm identifier structure corresponding to the algorithm found in the provided Timestamp Hash Index Table, if such algorithm is present
static org.bouncycastle.asn1.cms.Attribute[]	getAsn1Attributes(org.bouncycastle.asn1.cms.AttributeTable attributeTable, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)	Returns an array of Attributes for a given oid found in the attributeTable
static org.bouncycastle.asn1.ASN1Set	getAsn1AttributeSet(org.bouncycastle.asn1.cms.AttributeTable attributeTable, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)	Deprecated. since DSS 6.1.
static org.bouncycastle.asn1.ASN1Encodable	getAsn1Encodable(org.bouncycastle.asn1.cms.Attribute attribute)	Deprecated. since DSS 6.1.
static org.bouncycastle.asn1.ASN1Encodable	getAsn1Encodable(org.bouncycastle.asn1.cms.AttributeTable attributeTable, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)	Deprecated. since DSS 6.1.
static org.bouncycastle.asn1.ASN1Integer	getAsn1IntegerFromDerOctetString(byte[] bytes)	This method returns the ASN1Integer encapsulated in DEROctetString.
static org.bouncycastle.asn1.ASN1Sequence	getAsn1SequenceFromDerOctetString(byte[] bytes)	This method returns the ASN1Sequence encapsulated in DEROctetString.
static byte[]	getAsn1SignaturePolicyDigest(DigestAlgorithm digestAlgorithm, byte[] policyBytes)	This method computes the digest of an ASN1 signature policy (used in CAdES) TS 101 733 5.8.1 : If the signature policy is defined using ASN.1, then the hash is calculated on the value without the outer type and length fields, and the hashing algorithm shall be as specified in the field sigPolicyHash.
static org.bouncycastle.asn1.ASN1Sequence	getAtsHashIndex(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes)	Deprecated. since DSS 6.1.
static org.bouncycastle.asn1.ASN1Sequence	getAtsHashIndexByVersion(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes, org.bouncycastle.asn1.ASN1ObjectIdentifier atsHashIndexVersionIdentifier)	Deprecated. since DSS 6.1.
static List<byte[]>	getATSHashIndexV3OctetString(org.bouncycastle.asn1.ASN1ObjectIdentifier attributeIdentifier, org.bouncycastle.asn1.ASN1Set attributeValues)	Deprecated. since DSS 6.1.
static org.bouncycastle.asn1.ASN1ObjectIdentifier	getAtsHashIndexVersionIdentifier(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes)	Deprecated. since DSS 6.1.
static byte[]	getBEREncoded(org.bouncycastle.asn1.ASN1Encodable asn1Encodable)	This method returns BER encoded ASN1 attribute.
static CertificateToken	getCertificate(org.bouncycastle.cert.X509CertificateHolder x509CertificateHolder)	Extract the certificate token from X509CertificateHolder
static CertificateRef	getCertificateRef(org.bouncycastle.asn1.ess.OtherCertID otherCertId)	Converts the OtherCertID to CertificateRef
static org.bouncycastle.asn1.ASN1Sequence	getCertificatesHashIndex(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)	Deprecated. since DSS 6.1.
static org.bouncycastle.cms.CMSSignedData	getCMSSignedData(org.bouncycastle.asn1.cms.Attribute attribute)	Deprecated. since DSS 6.1.
static org.bouncycastle.asn1.ASN1Sequence	getCRLHashIndex(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)	Deprecated. since DSS 6.1.
static Date	getDate(org.bouncycastle.asn1.ASN1Encodable encodable)	Reads the encodable and returns a Date
static byte[]	getDEREncoded(byte[] bytes)	Returns the ASN.1 encoded representation of byte array.
static byte[]	getDEREncoded(TimestampBinary timestampBinary)	Returns the ASN.1 encoded representation of TimestampBinary.
static byte[]	getDEREncoded(org.bouncycastle.asn1.ASN1Encodable asn1Encodable)	This method returns DER encoded ASN1 attribute.
static byte[]	getDEREncoded(org.bouncycastle.cms.CMSSignedData data)	Returns the ASN.1 encoded representation of CMSSignedData.
static byte[]	getDEREncoded(org.bouncycastle.tsp.TimeStampToken timeStampToken)	Gets the DER encoded binaries of TimeStampToken
static List<org.bouncycastle.asn1.DEROctetString>	getDEROctetStrings(org.bouncycastle.asn1.ASN1Sequence asn1Sequence)	Returns list of DEROctetString from an ASN1Sequence Useful when needed to get a list of hash values
static String	getDirectoryStringValue(org.bouncycastle.asn1.ASN1Encodable directoryStringInstance)	Returns a value of an ASN.1 DirectoryString instance Returns null if an error occurs during the transformation
static byte[]	getEncoded(org.bouncycastle.cert.ocsp.BasicOCSPResp basicOCSPResp)	Gets the DER-encoded binaries of the BasicOCSPResp
static byte[]	getEncoded(org.bouncycastle.cms.CMSSignedData cmsSignedData)	Returns an ASN.1 encoded bytes representing the CMSSignedData
static byte[]	getEncoded(org.bouncycastle.tsp.TimeStampToken timeStampToken)	Returns an ASN.1 encoded bytes representing the TimeStampToken
static List<String>	getExtendedKeyUsage(CertificateToken certToken)	Extracts all extended key usages for the certificate token
static org.bouncycastle.cms.SignerInformation	getFirstSignerInformation(org.bouncycastle.cms.CMSSignedData cms)	Returns the first SignerInformation extracted from CMSSignedData.
static String	getHumanReadableName(CertificateToken cert)	Extracts the pretty printed name of the certificate token
static String	getHumanReadableName(X500PrincipalHelper x500PrincipalHelper)	Extracts the pretty printed name from the X500PrincipalHelper
static org.bouncycastle.asn1.x509.IssuerSerial	getIssuerSerial(byte[] binaries)	Gets the IssuerSerial object
static org.bouncycastle.asn1.x509.IssuerSerial	getIssuerSerial(CertificateToken certToken)	This method returns a new IssuerSerial based on the certificate token
static List<byte[]>	getOctetStringForAtsHashIndex(org.bouncycastle.asn1.cms.Attribute attribute, org.bouncycastle.asn1.ASN1ObjectIdentifier atsHashIndexVersionIdentifier)	Deprecated. since DSS 6.1.
static BigInteger	getOrderFromSignatureValue(byte[] signatureValue)	Gets the order parameter corresponding the given signatureValue
static org.bouncycastle.asn1.esf.RevocationValues	getRevocationValues(org.bouncycastle.asn1.ASN1Encodable encodable)	Returns RevocationValues from the given encodable
static int	getSignatureValueBitLength(byte[] signatureValue)	This method returns a bit length of the provided signature value
static String	getString(org.bouncycastle.asn1.ASN1Encodable attributeValue)	Converts ASN1Encodable to a String value.
static String	getSubjectCommonName(CertificateToken cert)	Extracts the Subject Common name from the certificate token
static List<org.bouncycastle.asn1.ASN1ObjectIdentifier>	getTimestampOids()	Deprecated. since DSS 6.1.
static org.bouncycastle.tsp.TimeStampToken	getTimeStampToken(org.bouncycastle.asn1.cms.Attribute attribute)	Deprecated. since DSS 6.1.
static Date	getTimeStampTokenGenerationTime(org.bouncycastle.tsp.TimeStampToken timeStampToken)	Returns generation time for the provided timeStampToken
static org.bouncycastle.asn1.ASN1Sequence	getUnsignedAttributesHashIndex(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)	Deprecated. since DSS 6.1.
static org.bouncycastle.cert.X509CertificateHolder	getX509CertificateHolder(CertificateToken certToken)	Returns a X509CertificateHolder encapsulating the given X509Certificate.
static boolean	isArchiveTimeStampToken(org.bouncycastle.asn1.cms.Attribute attribute)	Deprecated. since DSS 6.1.
static boolean	isAsn1Encoded(byte[] binaries)	Checks if the binaries are ASN.1 encoded.
static boolean	isAsn1EncodedSignatureValue(byte[] binaries)	Checks if the SignatureValue binaries are ASN.1 encoded.
static boolean	isASN1SequenceTag(byte tagByte)	Checks if the byte defines an ASN1 Sequence
static boolean	isAttributeOfType(org.bouncycastle.asn1.cms.Attribute attribute, org.bouncycastle.asn1.ASN1ObjectIdentifier asn1ObjectIdentifier)	Deprecated. since DSS 6.1.
static boolean	isDEROctetStringNull(org.bouncycastle.asn1.DEROctetString derOctetString)	This method checks if a given DEROctetString is null.
static boolean	isEmpty(org.bouncycastle.asn1.cms.AttributeTable attributeTable)	Deprecated. since DSS 6.1.
static boolean	isSkiEqual(byte[] ski, CertificateToken certificateToken)	Checks if the provided ski matches to a ski computed from a certificateToken's public key
static <T extends org.bouncycastle.asn1.ASN1Primitive> T	toASN1Primitive(byte[] bytes)	This method returns T extends ASN1Primitive created from array of bytes.
static org.bouncycastle.cert.ocsp.BasicOCSPResp	toBasicOCSPResp(org.bouncycastle.asn1.ocsp.OCSPResponse ocspResponse)	Converts an object of OCSPResponse class to BasicOCSPResp
static org.bouncycastle.cert.ocsp.BasicOCSPResp[]	toBasicOCSPResps(org.bouncycastle.asn1.ocsp.BasicOCSPResponse[] basicOCSPResponses)	Converts an array of BasicOCSPResponses to an array of BasicOCSPResps
static org.bouncycastle.cert.ocsp.BasicOCSPResp[]	toBasicOCSPResps(org.bouncycastle.asn1.ocsp.OCSPResponse[] ocspResponses)	Converts an array of OCSPResponses to an array of BasicOCSPResps
static Date	toDate(org.bouncycastle.asn1.ASN1GeneralizedTime asn1Date)	Converts ASN1GeneralizedTime to Date
static byte[]	toPlainDSASignatureValue(byte[] asn1SignatureValue)	Converts an ASN.1 value to a concatenation string of R and S from ECDSA/DSA encryption algorithm The JAVA JCE ECDSA/DSA Signature algorithm creates ASN.1 encoded (r,s) value pairs.
static SignerIdentifier	toSignerIdentifier(X500Principal issuerX500Principal, BigInteger serialNumber, byte[] ski)	This method transforms token's issuer and serial number information into a CertificateIdentifier object
static SignerIdentifier	toSignerIdentifier(org.bouncycastle.asn1.x509.IssuerSerial issuerAndSerial)	Transforms an object of class IssuerSerial into instance of CertificateIdentifier
static SignerIdentifier	toSignerIdentifier(org.bouncycastle.cms.SignerId signerId)	This method transforms token's signerId into a SignerIdentifier object
static byte[]	toStandardDSASignatureValue(byte[] signatureValue)	Converts a plain signatureValue to its corresponding ASN.1 format
static String	toString(org.bouncycastle.asn1.ASN1OctetString value)	Reads ASN1OctetString value and returns
static X500Principal	toX500Principal(org.bouncycastle.asn1.x500.X500Name x500Name)	Transforms x500Name to X500Principal
static boolean	x500PrincipalAreEquals(X500Principal firstX500Principal, X500Principal secondX500Principal)	This method compares two X500Principals.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

toASN1Primitive

public static <T extends org.bouncycastle.asn1.ASN1Primitive>
T toASN1Primitive(byte[] bytes)

This method returns T extends ASN1Primitive created from array of bytes. The IOException is transformed in DSSException.

Type Parameters:

T - the expected return type

Parameters:

bytes - array of bytes to be transformed to ASN1Primitive

Returns:

new T extends ASN1Primitive

isDEROctetStringNull

public static boolean isDEROctetStringNull(org.bouncycastle.asn1.DEROctetString derOctetString)

This method checks if a given DEROctetString is null.

Parameters:

derOctetString - the DEROctetString to check

Returns:

true if the DEROctetString contains DERNull

getDEREncoded

public static byte[] getDEREncoded(org.bouncycastle.asn1.ASN1Encodable asn1Encodable)

This method returns DER encoded ASN1 attribute. The IOException is transformed in DSSException.

Parameters:

asn1Encodable - asn1Encodable to be DER encoded

Returns:

array of bytes representing the DER encoded asn1Encodable

getBEREncoded

public static byte[] getBEREncoded(org.bouncycastle.asn1.ASN1Encodable asn1Encodable)

This method returns BER encoded ASN1 attribute. The IOException is transformed in DSSException.

Parameters:

asn1Encodable - asn1Encodable to be BER encoded

Returns:

array of bytes representing the BER encoded asn1Encodable

getEncoded

public static byte[] getEncoded(org.bouncycastle.cert.ocsp.BasicOCSPResp basicOCSPResp)

Gets the DER-encoded binaries of the BasicOCSPResp

Parameters:

basicOCSPResp - BasicOCSPResp

Returns:

DER-encoded binaries

toDate

public static Date toDate(org.bouncycastle.asn1.ASN1GeneralizedTime asn1Date)

Converts ASN1GeneralizedTime to Date

Parameters:

asn1Date - ASN1GeneralizedTime

Returns:

Date

toString

public static String toString(org.bouncycastle.asn1.ASN1OctetString value)

Reads ASN1OctetString value and returns

Parameters:

value - ASN1OctetString

Returns:

String

getEncoded

public static byte[] getEncoded(org.bouncycastle.tsp.TimeStampToken timeStampToken)

Returns an ASN.1 encoded bytes representing the TimeStampToken

Parameters:

timeStampToken - TimeStampToken

Returns:

the DER encoded TimeStampToken

getEncoded

public static byte[] getEncoded(org.bouncycastle.cms.CMSSignedData cmsSignedData)

Returns an ASN.1 encoded bytes representing the CMSSignedData

Parameters:

cmsSignedData - CMSSignedData

Returns:

the binary of the CMSSignedData @ if the CMSSignedData encoding fails

getDEREncoded

public static byte[] getDEREncoded(org.bouncycastle.tsp.TimeStampToken timeStampToken)

Gets the DER encoded binaries of TimeStampToken

Parameters:

timeStampToken - TimeStampToken

Returns:

DER encoded binaries

getDEREncoded

public static byte[] getDEREncoded(org.bouncycastle.cms.CMSSignedData data)

Returns the ASN.1 encoded representation of CMSSignedData.

Parameters:

data - the CMSSignedData to be encoded

Returns:

the DER encoded CMSSignedData

getDEREncoded

public static byte[] getDEREncoded(TimestampBinary timestampBinary)

Returns the ASN.1 encoded representation of TimestampBinary.

Parameters:

timestampBinary - the TimestampBinary to be encoded

Returns:

the DER encoded timestampBinary

getDEREncoded

public static byte[] getDEREncoded(byte[] bytes)

Returns the ASN.1 encoded representation of byte array.

Parameters:

bytes - the binary array to encode

Returns:

the DER encoded bytes

getAsn1SequenceFromDerOctetString

public static org.bouncycastle.asn1.ASN1Sequence getAsn1SequenceFromDerOctetString(byte[] bytes)

This method returns the ASN1Sequence encapsulated in DEROctetString. The DEROctetString is represented as byte array.

Parameters:

bytes - byte representation of DEROctetString

Returns:

encapsulated ASN1Sequence or exception in case of a decoding problem

getAsn1IntegerFromDerOctetString

public static org.bouncycastle.asn1.ASN1Integer getAsn1IntegerFromDerOctetString(byte[] bytes)

This method returns the ASN1Integer encapsulated in DEROctetString. The DEROctetString is represented as byte array.

Parameters:

bytes - byte representation of DEROctetString

Returns:

encapsulated ASN1Integer or exception in case of a decoding problem

getAsn1SignaturePolicyDigest

public static byte[] getAsn1SignaturePolicyDigest(DigestAlgorithm digestAlgorithm,
 byte[] policyBytes)

This method computes the digest of an ASN1 signature policy (used in CAdES) TS 101 733 5.8.1 : If the signature policy is defined using ASN.1, then the hash is calculated on the value without the outer type and length fields, and the hashing algorithm shall be as specified in the field sigPolicyHash.

Parameters:

digestAlgorithm - the digest algorithm to be used

policyBytes - the ASN.1 policy content

Returns:

the expected digest value

getAlgorithmIdentifier

public static org.bouncycastle.asn1.x509.AlgorithmIdentifier getAlgorithmIdentifier(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)

Gets the ASN.1 algorithm identifier structure corresponding to the algorithm found in the provided Timestamp Hash Index Table, if such algorithm is present

Parameters:

atsHashIndexValue - ats-hash-index table from a timestamp

Returns:

the ASN.1 algorithm identifier structure

getAlgorithmIdentifier

public static org.bouncycastle.asn1.x509.AlgorithmIdentifier getAlgorithmIdentifier(DigestAlgorithm digestAlgorithm)

Gets the ASN.1 algorithm identifier structure corresponding to a digest algorithm

Parameters:

digestAlgorithm - the digest algorithm to encode

Returns:

the ASN.1 algorithm identifier structure

getCertificatesHashIndex

@Deprecated
public static org.bouncycastle.asn1.ASN1Sequence getCertificatesHashIndex(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)

Deprecated.

since DSS 6.1. Please use CMSUtils#getCertificatesHashIndex method instead

Extract the Unsigned Attribute Archive Timestamp Cert Hash Index from a timestampToken

Parameters:

atsHashIndexValue - ASN1Sequence

Returns:

ASN1Sequence

getCRLHashIndex

@Deprecated
public static org.bouncycastle.asn1.ASN1Sequence getCRLHashIndex(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)

Deprecated.

since DSS 6.1. Please use CMSUtils#getCRLHashIndex method instead

Extract the Unsigned Attribute Archive Timestamp Crl Hash Index from a timestampToken

Parameters:

atsHashIndexValue - ASN1Sequence

Returns:

ASN1Sequence

getUnsignedAttributesHashIndex

@Deprecated
public static org.bouncycastle.asn1.ASN1Sequence getUnsignedAttributesHashIndex(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)

Deprecated.

since DSS 6.1. Please use CMSUtils#getUnsignedAttributesHashIndex method instead

Extract the Unsigned Attribute Archive Timestamp Attribute Hash Index from a timestampToken

Parameters:

atsHashIndexValue - ASN1Sequence

Returns:

ASN1Sequence

getDEROctetStrings

public static List<org.bouncycastle.asn1.DEROctetString> getDEROctetStrings(org.bouncycastle.asn1.ASN1Sequence asn1Sequence)

Returns list of DEROctetString from an ASN1Sequence Useful when needed to get a list of hash values

Parameters:

asn1Sequence - ASN1Sequence to get list from

Returns:

list of DEROctetStrings

computeSkiFromCert

public static byte[] computeSkiFromCert(CertificateToken certificateToken)

Computes SHA-1 hash of the certificateToken's public key

Parameters:

certificateToken - CertificateToken to compute digest for

Returns:

byte array of public key's SHA-1 hash

computeSkiFromCertPublicKey

public static byte[] computeSkiFromCertPublicKey(PublicKey publicKey)

Computes SHA-1 hash of the given publicKey's

Parameters:

publicKey - PublicKey to compute digest for

Returns:

byte array of public key's SHA-1 hash

isSkiEqual

public static boolean isSkiEqual(byte[] ski,
 CertificateToken certificateToken)

Checks if the provided ski matches to a ski computed from a certificateToken's public key

Parameters:

ski - a byte array representing ski value (SHA-1 of the public key)

certificateToken - CertificateToken to check

Returns:

TRUE if the SKI equals, FALSE otherwise

getX509CertificateHolder

public static org.bouncycastle.cert.X509CertificateHolder getX509CertificateHolder(CertificateToken certToken)

Returns a X509CertificateHolder encapsulating the given X509Certificate.

Parameters:

certToken - the certificate to be encapsulated

Returns:

a X509CertificateHolder holding this certificate

getCertificate

public static CertificateToken getCertificate(org.bouncycastle.cert.X509CertificateHolder x509CertificateHolder)

Extract the certificate token from X509CertificateHolder

Parameters:

x509CertificateHolder - X509CertificateHolder

Returns:

CertificateToken

toSignerIdentifier

public static SignerIdentifier toSignerIdentifier(org.bouncycastle.cms.SignerId signerId)

This method transforms token's signerId into a SignerIdentifier object

Parameters:

signerId - SignerId to be transformed

Returns:

SignerIdentifier

toX500Principal

public static X500Principal toX500Principal(org.bouncycastle.asn1.x500.X500Name x500Name)

Transforms x500Name to X500Principal

Parameters:

x500Name - X500Name

Returns:

X500Principal

toSignerIdentifier

public static SignerIdentifier toSignerIdentifier(X500Principal issuerX500Principal,
 BigInteger serialNumber,
 byte[] ski)

This method transforms token's issuer and serial number information into a CertificateIdentifier object

Parameters:

issuerX500Principal - X500Principal of the issuer

serialNumber - BigInteger of the token

ski - a byte array representing a SubjectKeyIdentifier (SHA-1 digest of the public key)

Returns:

SignerIdentifier

getIssuerSerial

public static org.bouncycastle.asn1.x509.IssuerSerial getIssuerSerial(CertificateToken certToken)

This method returns a new IssuerSerial based on the certificate token

Parameters:

certToken - the certificate token

Returns:

a IssuerSerial

x500PrincipalAreEquals

public static boolean x500PrincipalAreEquals(X500Principal firstX500Principal,
 X500Principal secondX500Principal)

This method compares two X500Principals. X500Principal.CANONICAL and X500Principal.RFC2253 forms are compared.

Parameters:

firstX500Principal - the first X500Principal object to be compared

secondX500Principal - the second X500Principal object to be compared

Returns:

true if the two parameters contain the same key/values

get

public static Map<String,String> get(X500Principal x500Principal)

Gets a map of X500 attribute names and the values

Parameters:

x500Principal - X500Principal

Returns:

a map of X500 attribute names and the values

getString

public static String getString(org.bouncycastle.asn1.ASN1Encodable attributeValue)

Converts ASN1Encodable to a String value. The method preserves the object class and structure and returns hash-encoded String value, unless the object is an instance of ASN1String.

Parameters:

attributeValue - ASN1Encodable to read

Returns:

String value

extractAttributeFromX500Principal

public static String extractAttributeFromX500Principal(org.bouncycastle.asn1.ASN1ObjectIdentifier identifier,
 X500PrincipalHelper principal)

Extract attribute with the identifier from X500PrincipalHelper

Parameters:

identifier - ASN1ObjectIdentifier oid of the attribute to get value

principal - X500PrincipalHelper to extract the attribute value from

Returns:

String value

getSubjectCommonName

public static String getSubjectCommonName(CertificateToken cert)

Extracts the Subject Common name from the certificate token

Parameters:

cert - CertificateToken

Returns:

String

getHumanReadableName

public static String getHumanReadableName(CertificateToken cert)

Extracts the pretty printed name of the certificate token

Parameters:

cert - CertificateToken

Returns:

String

getHumanReadableName

public static String getHumanReadableName(X500PrincipalHelper x500PrincipalHelper)

Extracts the pretty printed name from the X500PrincipalHelper

Parameters:

x500PrincipalHelper - X500PrincipalHelper

Returns:

String

getFirstSignerInformation

public static org.bouncycastle.cms.SignerInformation getFirstSignerInformation(org.bouncycastle.cms.CMSSignedData cms)

Returns the first SignerInformation extracted from CMSSignedData.

Parameters:

cms - CMSSignedData

Returns:

returns SignerInformation

isASN1SequenceTag

public static boolean isASN1SequenceTag(byte tagByte)

Checks if the byte defines an ASN1 Sequence

Parameters:

tagByte - byte to check

Returns:

TRUE if the byte defines an ASN1 Sequence, FALSE otherwise

getDate

public static Date getDate(org.bouncycastle.asn1.ASN1Encodable encodable)

Reads the encodable and returns a Date

Parameters:

encodable - ASN1Encodable to read

Returns:

Date

isEmpty

@Deprecated
public static boolean isEmpty(org.bouncycastle.asn1.cms.AttributeTable attributeTable)

Deprecated.

since DSS 6.1. Please use CMSUtils#isEmpty method instead

Checks if the attributeTable is empty

Parameters:

attributeTable - AttributeTable

Returns:

TRUE if the attribute table is empty, FALSE otherwise

emptyIfNull

@Deprecated
public static org.bouncycastle.asn1.cms.AttributeTable emptyIfNull(org.bouncycastle.asn1.cms.AttributeTable originalAttributeTable)

Deprecated.

since DSS 6.1. Please use CMSUtils#emptyIfNull method instead

Returns the current originalAttributeTable if instantiated, an empty AttributeTable if null

Parameters:

originalAttributeTable - AttributeTable

Returns:

AttributeTable

getExtendedKeyUsage

public static List<String> getExtendedKeyUsage(CertificateToken certToken)

Extracts all extended key usages for the certificate token

Parameters:

certToken - CertificateToken

Returns:

a list of Strings

getIssuerSerial

public static org.bouncycastle.asn1.x509.IssuerSerial getIssuerSerial(byte[] binaries)

Gets the IssuerSerial object

Parameters:

binaries - representing the IssuerSerial

Returns:

IssuerSerial if able to parse, null otherwise

toSignerIdentifier

public static SignerIdentifier toSignerIdentifier(org.bouncycastle.asn1.x509.IssuerSerial issuerAndSerial)

Transforms an object of class IssuerSerial into instance of CertificateIdentifier

Parameters:

issuerAndSerial - IssuerSerial to transform

Returns:

SignerIdentifier

getAtsHashIndex

@Deprecated
public static org.bouncycastle.asn1.ASN1Sequence getAtsHashIndex(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes)

Deprecated.

since DSS 6.1. Please use CMSUtils#getAtsHashIndex method instead

Returns ats-hash-index table, with a related version present in from timestamp's unsigned properties

Parameters:

timestampUnsignedAttributes - AttributeTable unsigned properties of the timestamp

Returns:

the content of SignedAttribute: ATS-hash-index unsigned attribute with a present version

getAtsHashIndexByVersion

@Deprecated
public static org.bouncycastle.asn1.ASN1Sequence getAtsHashIndexByVersion(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes,
 org.bouncycastle.asn1.ASN1ObjectIdentifier atsHashIndexVersionIdentifier)

Deprecated.

since DSS 6.1. Please use CMSUtils#getAtsHashIndexByVersion method instead

Returns ats-hash-index table, with a specified version present in from timestamp's unsigned properties

Parameters:

timestampUnsignedAttributes - AttributeTable unsigned properties of the timestamp

atsHashIndexVersionIdentifier - ASN1ObjectIdentifier identifier of ats-hash-index table to get

Returns:

the content of SignedAttribute: ATS-hash-index unsigned attribute with a requested version if present

getAtsHashIndexVersionIdentifier

@Deprecated
public static org.bouncycastle.asn1.ASN1ObjectIdentifier getAtsHashIndexVersionIdentifier(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes)

Deprecated.

since DSS 6.1. Please use CMSUtils#getAtsHashIndexVersionIdentifier method instead

Returns ASN1ObjectIdentifier of the found AtsHashIndex

Parameters:

timestampUnsignedAttributes - AttributeTable of the timestamp's unsignedAttributes

Returns:

ASN1ObjectIdentifier of the AtsHashIndex element version

getOctetStringForAtsHashIndex

@Deprecated
public static List<byte[]> getOctetStringForAtsHashIndex(org.bouncycastle.asn1.cms.Attribute attribute,
 org.bouncycastle.asn1.ASN1ObjectIdentifier atsHashIndexVersionIdentifier)

Deprecated.

since DSS 6.1. Please use CMSUtils#getOctetStringForAtsHashIndex method instead

Returns octets from the given attribute by defined atsh-hash-index type

Parameters:

attribute - Attribute to get byte array from

atsHashIndexVersionIdentifier - ASN1ObjectIdentifier to specify rules

Returns:

byte array

getATSHashIndexV3OctetString

@Deprecated
public static List<byte[]> getATSHashIndexV3OctetString(org.bouncycastle.asn1.ASN1ObjectIdentifier attributeIdentifier,
 org.bouncycastle.asn1.ASN1Set attributeValues)

Deprecated.

since DSS 6.1. Please use CMSUtils#getATSHashIndexV3OctetString method instead

Returns octets from the given attribute for ATS-Hash-Index-v3 table

Parameters:

attributeIdentifier - ASN1ObjectIdentifier of the corresponding Attribute

attributeValues - ASN1Set of the corresponding Attribute

Returns:

byte array representing an octet string

getAsn1Encodable

@Deprecated
public static org.bouncycastle.asn1.ASN1Encodable getAsn1Encodable(org.bouncycastle.asn1.cms.AttributeTable attributeTable,
 org.bouncycastle.asn1.ASN1ObjectIdentifier oid)

Deprecated.

since DSS 6.1. Please use DSSASN1Utils.getAsn1Attributes(attributeTable, oid)

Returns ASN1Encodable for a given oid found in the unsignedAttributes

Parameters:

attributeTable - AttributeTable

oid - target ASN1ObjectIdentifier

Returns:

ASN1Encodable

getAsn1AttributeSet

@Deprecated
public static org.bouncycastle.asn1.ASN1Set getAsn1AttributeSet(org.bouncycastle.asn1.cms.AttributeTable attributeTable,
 org.bouncycastle.asn1.ASN1ObjectIdentifier oid)

Deprecated.

since DSS 6.1. Please use DSSASN1Utils.getAsn1Attributes(attributeTable, oid)

Returns an Attribute values for a given oid found in the unsignedAttributes

Parameters:

attributeTable - AttributeTable

oid - target ASN1ObjectIdentifier

Returns:

ASN1Set

getAsn1Attributes

public static org.bouncycastle.asn1.cms.Attribute[] getAsn1Attributes(org.bouncycastle.asn1.cms.AttributeTable attributeTable,
 org.bouncycastle.asn1.ASN1ObjectIdentifier oid)

Returns an array of Attributes for a given oid found in the attributeTable

Parameters:

attributeTable - AttributeTable

oid - target ASN1ObjectIdentifier

Returns:

Attributes array

findArchiveTimeStampTokens

@Deprecated
public static List<org.bouncycastle.tsp.TimeStampToken> findArchiveTimeStampTokens(org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes)

Deprecated.

since DSS 6.1. Please use CMSUtils#findArchiveTimeStampTokens method instead

Finds archive TimeStampTokens

Parameters:

unsignedAttributes - AttributeTable to obtain timestamps from

Returns:

a list of TimeStampTokens

getTimestampOids

@Deprecated
public static List<org.bouncycastle.asn1.ASN1ObjectIdentifier> getTimestampOids()

Deprecated.

since DSS 6.1. Please use CMSUtils#getTimestampOids method instead

Returns a list of all CMS timestamp identifiers

Returns:

a list of ASN1ObjectIdentifiers

isArchiveTimeStampToken

@Deprecated
public static boolean isArchiveTimeStampToken(org.bouncycastle.asn1.cms.Attribute attribute)

Deprecated.

since DSS 6.1. Please use CMSUtils#isArchiveTimeStampToken method instead

Checks if the attribute is of an allowed archive timestamp type

Parameters:

attribute - Attribute to check

Returns:

true if the attribute represents an archive timestamp element, false otherwise

isAttributeOfType

@Deprecated
public static boolean isAttributeOfType(org.bouncycastle.asn1.cms.Attribute attribute,
 org.bouncycastle.asn1.ASN1ObjectIdentifier asn1ObjectIdentifier)

Deprecated.

since DSS 6.1. Please use CMSUtils#isAttributeOfType method instead

Checks if the given attribute is an instance of the expected asn1ObjectIdentifier type

Parameters:

attribute - Attribute to check

asn1ObjectIdentifier - ASN1ObjectIdentifier type to check against

Returns:

TRUE if the attribute is of type asn1ObjectIdentifier, FALSE otherwise

getTimeStampToken

@Deprecated
public static org.bouncycastle.tsp.TimeStampToken getTimeStampToken(org.bouncycastle.asn1.cms.Attribute attribute)

Deprecated.

since DSS 6.1. Please use CMSUtils#getTimeStampToken method instead

Creates a TimeStampToken from the provided attribute

Parameters:

attribute - Attribute to generate TimeStampToken from

Returns:

TimeStampToken

getCMSSignedData

@Deprecated
public static org.bouncycastle.cms.CMSSignedData getCMSSignedData(org.bouncycastle.asn1.cms.Attribute attribute)
                                                           throws org.bouncycastle.cms.CMSException,
IOException

Deprecated.

since DSS 6.1. Please use CMSUtils#getCMSSignedData method instead

Creates a CMSSignedData from the provided attribute

Parameters:

attribute - Attribute to generate CMSSignedData from

Returns:

CMSSignedData

Throws:

IOException - in case of encoding exception

org.bouncycastle.cms.CMSException - in case if the provided attribute cannot be converted to CMSSignedData

getAsn1Encodable

@Deprecated
public static org.bouncycastle.asn1.ASN1Encodable getAsn1Encodable(org.bouncycastle.asn1.cms.Attribute attribute)

Deprecated.

since DSS 6.1. Please use CMSUtils#getAsn1Encodable method instead

Returns ASN1Encodable of the attribute

Parameters:

attribute - Attribute

Returns:

ASN1Encodable

getTimeStampTokenGenerationTime

public static Date getTimeStampTokenGenerationTime(org.bouncycastle.tsp.TimeStampToken timeStampToken)

Returns generation time for the provided timeStampToken

Parameters:

timeStampToken - TimeStampToken to get generation time for

Returns:

Date timestamp generation time

getRevocationValues

public static org.bouncycastle.asn1.esf.RevocationValues getRevocationValues(org.bouncycastle.asn1.ASN1Encodable encodable)

Returns RevocationValues from the given encodable

Parameters:

encodable - the encoded data to be parsed

Returns:

an instance of RevocationValues or null if the parsing failed

getCertificateRef

public static CertificateRef getCertificateRef(org.bouncycastle.asn1.ess.OtherCertID otherCertId)

Converts the OtherCertID to CertificateRef

Parameters:

otherCertId - OtherCertID

Returns:

CertificateRef

isAsn1Encoded

public static boolean isAsn1Encoded(byte[] binaries)

Checks if the binaries are ASN.1 encoded.

Parameters:

binaries - byte array to check.

Returns:

if the SignatureValue binaries are ASN.1 encoded.

isAsn1EncodedSignatureValue

public static boolean isAsn1EncodedSignatureValue(byte[] binaries)

Checks if the SignatureValue binaries are ASN.1 encoded.

Parameters:

binaries - byte array to check.

Returns:

if the SignatureValue binaries are ASN.1 encoded.

ensurePlainSignatureValue

public static byte[] ensurePlainSignatureValue(EncryptionAlgorithm algorithm,
 byte[] signatureValue)

Converts the ANS.1 binary signature value to the concatenated (plain) R || S format if required NOTE: used in XAdES and JAdES

Parameters:

algorithm - Encryption algorithm used to create the signatureValue

signatureValue - the originally computed signature value

Returns:

the converted signature value

toPlainDSASignatureValue

public static byte[] toPlainDSASignatureValue(byte[] asn1SignatureValue)

Converts an ASN.1 value to a concatenation string of R and S from ECDSA/DSA encryption algorithm The JAVA JCE ECDSA/DSA Signature algorithm creates ASN.1 encoded (r,s) value pairs.

Parameters:

asn1SignatureValue - the ASN1 signature value

Returns:

the decoded bytes

See Also:

• 6.4.1 DSA
• 3.3. ECDSA Signatures

toStandardDSASignatureValue

public static byte[] toStandardDSASignatureValue(byte[] signatureValue)

Converts a plain signatureValue to its corresponding ASN.1 format

Parameters:

signatureValue - the plain signature value

Returns:

the encoded bytes

See Also:

• 6.4.1 DSA
• 3.3. ECDSA Signatures

getOrderFromSignatureValue

public static BigInteger getOrderFromSignatureValue(byte[] signatureValue)

Gets the order parameter corresponding the given signatureValue

Parameters:

signatureValue - byte array

Returns:

BigInteger

getSignatureValueBitLength

public static int getSignatureValueBitLength(byte[] signatureValue)

This method returns a bit length of the provided signature value

Parameters:

signatureValue - byte array representing the signature value

Returns:

bit length of the signature value

getDirectoryStringValue

public static String getDirectoryStringValue(org.bouncycastle.asn1.ASN1Encodable directoryStringInstance)

Returns a value of an ASN.1 DirectoryString instance Returns null if an error occurs during the transformation

Parameters:

directoryStringInstance - ASN1Encodable to get DirectoryString value from

Returns:

String value

toBasicOCSPResp

public static org.bouncycastle.cert.ocsp.BasicOCSPResp toBasicOCSPResp(org.bouncycastle.asn1.ocsp.OCSPResponse ocspResponse)
                                                                throws org.bouncycastle.cert.ocsp.OCSPException

Converts an object of OCSPResponse class to BasicOCSPResp

Parameters:

ocspResponse - OCSPResponse to convert

Returns:

BasicOCSPResp

Throws:

org.bouncycastle.cert.ocsp.OCSPException - in case of a conversion error

toBasicOCSPResps

public static org.bouncycastle.cert.ocsp.BasicOCSPResp[] toBasicOCSPResps(org.bouncycastle.asn1.ocsp.OCSPResponse[] ocspResponses)

Converts an array of OCSPResponses to an array of BasicOCSPResps

Parameters:

ocspResponses - an array of OCSPResponses to convert

Returns:

an array of BasicOCSPResp

toBasicOCSPResps

public static org.bouncycastle.cert.ocsp.BasicOCSPResp[] toBasicOCSPResps(org.bouncycastle.asn1.ocsp.BasicOCSPResponse[] basicOCSPResponses)

Converts an array of BasicOCSPResponses to an array of BasicOCSPResps

Parameters:

basicOCSPResponses - an array of BasicOCSPResponses to convert

Returns:

an array of BasicOCSPResp

buildSPDocSpecificationId

public static org.bouncycastle.asn1.ASN1Primitive buildSPDocSpecificationId(String oidOrUri)

Builds SPDocSpecification attribute from the given oidOrUri SPDocSpecification ::= CHOICE { oid OBJECT IDENTIFIER, uri IA5String }

Parameters:

oidOrUri - String represents OID or URI

Returns:

ASN1Primitive