Package eu.europa.esig.dss.cms.object

Class CMSObjectUtils

java.lang.Object
eu.europa.esig.dss.cms.object.CMSObjectUtils
All Implemented Interfaces:
ICMSUtils
public class CMSObjectUtils extends Object implements ICMSUtils
Implements ICMSUtils using a eu.europa.esig.dss.cms.bc.CMSSignedDataWrapper processing

  • Constructor Summary

    Constructors
    Constructor
    Description
    CMSObjectUtils()
    Default constructor

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    assertATSv2AugmentationSupported()
    This method checks whether the augmentation of signatures with an archive-time-stamp-v2 is supported by the current implementation
    void
    assertEvidenceRecordEmbeddingSupported()
    This method checks whether the embedding of existing Evidence Records within CMS is supported by the current implementation
    String
    getContentInfoEncoding(CMS cms)
    Gets encoding of the ContentInfo of CMS
    DSSResourcesHandlerBuilder
    getDSSResourcesHandlerBuilder(DSSResourcesHandlerBuilder dssResourcesHandlerBuilder)
    This method is used to verify whether the provided DSSResourcesHandlerBuilder is supported by the current implementation.
    static org.bouncycastle.asn1.cms.SignedData
    getSignedData(CMS cms)
    Gets SignedData element of the CMS
    CMS
    parseToCMS(byte[] binaries)
    Parses the given byte array to a CMS object
    CMS
    parseToCMS(DSSDocument document)
    Parses the given DSSDocument to a CMS object
    CMS
    populateDigestAlgorithmSet(CMS cms, Collection<org.bouncycastle.asn1.x509.AlgorithmIdentifier> digestAlgorithmsToAdd)
    Adds digest algorithms to CMSSignedData
    org.bouncycastle.cms.SignerInformation
    recomputeSignerInformation(CMS cms, org.bouncycastle.cms.SignerId signerId, org.bouncycastle.operator.DigestCalculatorProvider digestCalculatorProvider, DSSResourcesHandlerBuilder resourcesHandlerBuilder)
    This method re-created the SignerInformation with a given signerId from CMS by providing the digestCalculatorProvider to the validation.
    CMS
    replaceCertificatesAndCRLs(CMS cms, org.bouncycastle.util.Store<org.bouncycastle.cert.X509CertificateHolder> certificates, org.bouncycastle.util.Store<org.bouncycastle.cert.X509AttributeCertificateHolder> attributeCertificates, org.bouncycastle.util.Store<org.bouncycastle.cert.X509CRLHolder> crls, org.bouncycastle.util.Store<?> ocspResponsesStore, org.bouncycastle.util.Store<?> ocspBasicStore)
    Replaces SignedData content within the CMS with the provided values
    CMS
    replaceSigners(CMS cms, org.bouncycastle.cms.SignerInformationStore newSignerStore)
    Replaces the signers within cms with the newSignerStore
    org.bouncycastle.cms.SignerInformation
    replaceUnsignedAttributes(org.bouncycastle.cms.SignerInformation signerInformation, org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes)
    This method replaces unsignedAttributes within the given signerInformation
    CMS
    toCMS(org.bouncycastle.tsp.TimeStampToken timeStampToken)
    Converts a TimeStampToken to a CMS
    org.bouncycastle.cms.CMSTypedData
    toCMSEncapsulatedContent(DSSDocument document)
    Converts a DSSDocument to the corresponding CMSTypedData object type
    static org.bouncycastle.util.Store<org.bouncycastle.util.Encodable>
    toCRLsStore(org.bouncycastle.util.Store<org.bouncycastle.cert.X509CRLHolder> crls, org.bouncycastle.util.Store<?> ocspResponses, org.bouncycastle.util.Store<?> ocspBasicResponses)
    Creates a new combined SignedData.crls store containing CRLs, OCSP responses and OCSP Basic responses
    void
    writeContentInfoEncoded(CMS cms, OutputStream os)
    Writes the encoded binaries of the ContentInfo element to the given OutputStream NOTE: This method is used for archive-time-stamp-v2 message-imprint computation.
    void
    writeSignedDataCertificatesEncoded(CMS cms, OutputStream os)
    Writes the encoded binaries of the SignedData.certificates field to the given OutputStream NOTE: This method is used for archive-time-stamp-v2 message-imprint computation.
    void
    writeSignedDataCRLsEncoded(CMS cms, OutputStream os)
    Writes the encoded binaries of the SignedData.crls field to the given OutputStream NOTE: This method is used for archive-time-stamp-v2 message-imprint computation.
    void
    writeSignedDataDigestAlgorithmsEncoded(CMS cms, OutputStream os)
    Writes the encoded binaries of the SignedData.digestAlgorithms field to the given OutputStream NOTE: This method is used for evidence record hash computation
    void
    writeSignedDataSignerInfosEncoded(CMS cms, OutputStream os)
    Writes the encoded binaries of the SignedData.signerInfos field to the given OutputStream NOTE: This method is used for evidence record hash computation
    DSSDocument
    writeToDSSDocument(CMS cms, DSSResourcesHandlerBuilder resourcesHandlerBuilder)
    Creates a DSSDocument from the given CMS using the implementation based coding.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • CMSObjectUtils

      public CMSObjectUtils()
      Default constructor

  • Method Details

    • parseToCMS

      public CMS parseToCMS(DSSDocument document)
      Description copied from interface: ICMSUtils
      Parses the given DSSDocument to a CMS object
      Specified by:
      parseToCMS in interface ICMSUtils
      Parameters:
      document - DSSDocument to parse
      Returns:
      CMS

    • parseToCMS

      public CMS parseToCMS(byte[] binaries)
      Description copied from interface: ICMSUtils
      Parses the given byte array to a CMS object
      Specified by:
      parseToCMS in interface ICMSUtils
      Parameters:
      binaries - byte array to parse
      Returns:
      CMS

    • writeToDSSDocument

      public DSSDocument writeToDSSDocument(CMS cms, DSSResourcesHandlerBuilder resourcesHandlerBuilder)
      Description copied from interface: ICMSUtils
      Creates a DSSDocument from the given CMS using the implementation based coding. This method uses a resourcesHandlerBuilder which defines the final document's implementation (e.g. in-memory document or a temporary document in a filesystem). NOTE: When used, the dss-cms-object implementation stores document using a DL coding, and dss-cms-stream stores documents using BER coding.
      Specified by:
      writeToDSSDocument in interface ICMSUtils
      Parameters:
      cms - CMS to create a document from
      resourcesHandlerBuilder - DSSResourcesHandlerBuilder
      Returns:
      DSSDocument

    • recomputeSignerInformation

      public org.bouncycastle.cms.SignerInformation recomputeSignerInformation(CMS cms, org.bouncycastle.cms.SignerId signerId, org.bouncycastle.operator.DigestCalculatorProvider digestCalculatorProvider, DSSResourcesHandlerBuilder resourcesHandlerBuilder) throws org.bouncycastle.cms.CMSException
      Description copied from interface: ICMSUtils
      This method re-created the SignerInformation with a given signerId from CMS by providing the digestCalculatorProvider to the validation. The returned SignerInformation contains validated digest according to the provided document.
      Specified by:
      recomputeSignerInformation in interface ICMSUtils
      Parameters:
      cms - CMS containing a SignerInformation to be validated
      signerId - SignerId to re-compute
      digestCalculatorProvider - DigestCalculatorProvider containing digest of the original signed document
      resourcesHandlerBuilder - DSSResourcesHandlerBuilder
      Returns:
      SignerInformation
      Throws:
      org.bouncycastle.cms.CMSException - if an exception occurs on SignerInformation re-creation

    • replaceSigners

      public CMS replaceSigners(CMS cms, org.bouncycastle.cms.SignerInformationStore newSignerStore)
      Description copied from interface: ICMSUtils
      Replaces the signers within cms with the newSignerStore
      Specified by:
      replaceSigners in interface ICMSUtils
      Parameters:
      cms - CMS to replace signers in
      newSignerStore - SignerInformationStore representing the new signers to be replaced with
      Returns:
      CMS containing the new signers store

    • replaceCertificatesAndCRLs

      public CMS replaceCertificatesAndCRLs(CMS cms, org.bouncycastle.util.Store<org.bouncycastle.cert.X509CertificateHolder> certificates, org.bouncycastle.util.Store<org.bouncycastle.cert.X509AttributeCertificateHolder> attributeCertificates, org.bouncycastle.util.Store<org.bouncycastle.cert.X509CRLHolder> crls, org.bouncycastle.util.Store<?> ocspResponsesStore, org.bouncycastle.util.Store<?> ocspBasicStore)
      Description copied from interface: ICMSUtils
      Replaces SignedData content within the CMS with the provided values
      Specified by:
      replaceCertificatesAndCRLs in interface ICMSUtils
      Parameters:
      cms - CMS to replace content in
      certificates - Store
      attributeCertificates - Store
      crls - Store
      ocspResponsesStore - Store
      ocspBasicStore - Store
      Returns:
      CMS

    • toCRLsStore

      public static org.bouncycastle.util.Store<org.bouncycastle.util.Encodable> toCRLsStore(org.bouncycastle.util.Store<org.bouncycastle.cert.X509CRLHolder> crls, org.bouncycastle.util.Store<?> ocspResponses, org.bouncycastle.util.Store<?> ocspBasicResponses)
      Creates a new combined SignedData.crls store containing CRLs, OCSP responses and OCSP Basic responses
      Parameters:
      crls - Store containing CRLs
      ocspResponses - Store containing OCSP responses
      ocspBasicResponses - Store containing OCSP Basic responses
      Returns:
      Store

    • populateDigestAlgorithmSet

      public CMS populateDigestAlgorithmSet(CMS cms, Collection<org.bouncycastle.asn1.x509.AlgorithmIdentifier> digestAlgorithmsToAdd)
      Description copied from interface: ICMSUtils
      Adds digest algorithms to CMSSignedData
      Specified by:
      populateDigestAlgorithmSet in interface ICMSUtils
      Parameters:
      cms - CMS to extend
      digestAlgorithmsToAdd - a collection of digest AlgorithmIdentifiers to be included
      Returns:
      CMS

    • toCMS

      public CMS toCMS(org.bouncycastle.tsp.TimeStampToken timeStampToken)
      Description copied from interface: ICMSUtils
      Converts a TimeStampToken to a CMS
      Specified by:
      toCMS in interface ICMSUtils
      Parameters:
      timeStampToken - TimeStampToken
      Returns:
      CMS

    • getContentInfoEncoding

      public String getContentInfoEncoding(CMS cms)
      Description copied from interface: ICMSUtils
      Gets encoding of the ContentInfo of CMS
      Specified by:
      getContentInfoEncoding in interface ICMSUtils
      Parameters:
      cms - CMS to check
      Returns:
      String encoding, e.g. 'DER' or 'BER'

    • writeSignedDataDigestAlgorithmsEncoded

      public void writeSignedDataDigestAlgorithmsEncoded(CMS cms, OutputStream os) throws IOException
      Description copied from interface: ICMSUtils
      Writes the encoded binaries of the SignedData.digestAlgorithms field to the given OutputStream NOTE: This method is used for evidence record hash computation
      Specified by:
      writeSignedDataDigestAlgorithmsEncoded in interface ICMSUtils
      Parameters:
      cms - CMS
      os - OutputStream
      Throws:
      IOException - if an exception occurs on bytes writing

    • writeContentInfoEncoded

      public void writeContentInfoEncoded(CMS cms, OutputStream os) throws IOException
      Description copied from interface: ICMSUtils
      Writes the encoded binaries of the ContentInfo element to the given OutputStream NOTE: This method is used for archive-time-stamp-v2 message-imprint computation.
      Specified by:
      writeContentInfoEncoded in interface ICMSUtils
      Parameters:
      cms - CMS
      os - OutputStream
      Throws:
      IOException - if an exception occurs on bytes writing

    • writeSignedDataCertificatesEncoded

      public void writeSignedDataCertificatesEncoded(CMS cms, OutputStream os) throws IOException
      Description copied from interface: ICMSUtils
      Writes the encoded binaries of the SignedData.certificates field to the given OutputStream NOTE: This method is used for archive-time-stamp-v2 message-imprint computation.
      Specified by:
      writeSignedDataCertificatesEncoded in interface ICMSUtils
      Parameters:
      cms - CMS
      os - OutputStream
      Throws:
      IOException - if an exception occurs on bytes writing

    • writeSignedDataCRLsEncoded

      public void writeSignedDataCRLsEncoded(CMS cms, OutputStream os) throws IOException
      Description copied from interface: ICMSUtils
      Writes the encoded binaries of the SignedData.crls field to the given OutputStream NOTE: This method is used for archive-time-stamp-v2 message-imprint computation.
      Specified by:
      writeSignedDataCRLsEncoded in interface ICMSUtils
      Parameters:
      cms - CMS
      os - OutputStream
      Throws:
      IOException - if an exception occurs on bytes writing

    • writeSignedDataSignerInfosEncoded

      public void writeSignedDataSignerInfosEncoded(CMS cms, OutputStream os) throws IOException
      Description copied from interface: ICMSUtils
      Writes the encoded binaries of the SignedData.signerInfos field to the given OutputStream NOTE: This method is used for evidence record hash computation
      Specified by:
      writeSignedDataSignerInfosEncoded in interface ICMSUtils
      Parameters:
      cms - CMS
      os - OutputStream
      Throws:
      IOException - if an exception occurs on bytes writing

    • getSignedData

      public static org.bouncycastle.asn1.cms.SignedData getSignedData(CMS cms)
      Gets SignedData element of the CMS
      Parameters:
      cms - CMS
      Returns:
      SignedData

    • toCMSEncapsulatedContent

      public org.bouncycastle.cms.CMSTypedData toCMSEncapsulatedContent(DSSDocument document)
      Description copied from interface: ICMSUtils
      Converts a DSSDocument to the corresponding CMSTypedData object type
      Specified by:
      toCMSEncapsulatedContent in interface ICMSUtils
      Parameters:
      document - DSSDocument
      Returns:
      CMSTypedData

    • getDSSResourcesHandlerBuilder

      public DSSResourcesHandlerBuilder getDSSResourcesHandlerBuilder(DSSResourcesHandlerBuilder dssResourcesHandlerBuilder)
      Description copied from interface: ICMSUtils
      This method is used to verify whether the provided DSSResourcesHandlerBuilder is supported by the current implementation. Returns the given value in case of success.
      Specified by:
      getDSSResourcesHandlerBuilder in interface ICMSUtils
      Parameters:
      dssResourcesHandlerBuilder - DSSResourcesHandlerBuilder
      Returns:
      DSSResourcesHandlerBuilder

    • replaceUnsignedAttributes

      public org.bouncycastle.cms.SignerInformation replaceUnsignedAttributes(org.bouncycastle.cms.SignerInformation signerInformation, org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes)
      Description copied from interface: ICMSUtils
      This method replaces unsignedAttributes within the given signerInformation
      Specified by:
      replaceUnsignedAttributes in interface ICMSUtils
      Parameters:
      signerInformation - SignerInformation to replace unsigned attributes table into
      unsignedAttributes - AttributeTable containing the unsigned properties to be replaced with
      Returns:
      SignerInformation updated

    • assertATSv2AugmentationSupported

      public void assertATSv2AugmentationSupported()
      Description copied from interface: ICMSUtils
      This method checks whether the augmentation of signatures with an archive-time-stamp-v2 is supported by the current implementation
      Specified by:
      assertATSv2AugmentationSupported in interface ICMSUtils

    • assertEvidenceRecordEmbeddingSupported

      public void assertEvidenceRecordEmbeddingSupported()
      Description copied from interface: ICMSUtils
      This method checks whether the embedding of existing Evidence Records within CMS is supported by the current implementation
      Specified by:
      assertEvidenceRecordEmbeddingSupported in interface ICMSUtils