Package eu.europa.esig.dss.spi

Class DSSASN1Utils

  • public final class DSSASN1Utils
extends Object
    Utility class that contains some ASN1 related method.

    • Method Summary

      Modifier and Type Method Description
      static byte[] computeSkiFromCert​(CertificateToken certificateToken)
      Computes SHA-1 hash of the certificateToken's public key
      static byte[] computeSkiFromCertPublicKey​(PublicKey publicKey)
      Computes SHA-1 hash of the given publicKey's
      static org.bouncycastle.asn1.cms.AttributeTable emptyIfNull​(org.bouncycastle.asn1.cms.AttributeTable original)  
      static String extractAttributeFromX500Principal​(org.bouncycastle.asn1.ASN1ObjectIdentifier identifier, X500Principal x500PrincipalName)  
      static List<org.bouncycastle.tsp.TimeStampToken> findTimeStampTokens​(org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
      Finds TimeStampTokens with a given oid
      static Map<String,​String> get​(X500Principal x500Principal)  
      static org.bouncycastle.asn1.x509.AlgorithmIdentifier getAlgorithmIdentifier​(DigestAlgorithm digestAlgorithm)
      Gets the ASN.1 algorithm identifier structure corresponding to a digest algorithm
      static org.bouncycastle.asn1.x509.AlgorithmIdentifier getAlgorithmIdentifier​(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
      Gets the ASN.1 algorithm identifier structure corresponding to the algorithm found in the provided Timestamp Hash Index Table, if such algorithm is present
      static org.bouncycastle.asn1.cms.Attribute[] getAsn1Attributes​(org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
      Returns an array of Attributes for a given oid found in the unsignedAttributes
      static org.bouncycastle.asn1.ASN1Set getAsn1AttributeSet​(org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
      Returns an Attribute values for a given oid found in the unsignedAttributes
      static org.bouncycastle.asn1.ASN1Encodable getAsn1Encodable​(org.bouncycastle.asn1.cms.Attribute attribute)
      Returns ASN1Encodable of the attribute
      static org.bouncycastle.asn1.ASN1Encodable getAsn1Encodable​(org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
      Returns ASN1Encodable for a given oid found in the unsignedAttributes
      static org.bouncycastle.asn1.ASN1Sequence getAsn1SequenceFromDerOctetString​(byte[] bytes)
      This method returns the ASN1Sequence encapsulated in DEROctetString.
      static byte[] getAsn1SignaturePolicyDigest​(DigestAlgorithm digestAlgorithm, byte[] policyBytes)
      This method computes the digest of an ASN1 signature policy (used in CAdES) TS 101 733 5.8.1 : If the signature policy is defined using ASN.1, then the hash is calculated on the value without the outer type and length fields, and the hashing algorithm shall be as specified in the field sigPolicyHash.
      static org.bouncycastle.asn1.ASN1Sequence getAtsHashIndex​(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes)
      Returns ats-hash-index table from timestamp's unsigned properties
      static byte[] getAuthorityKeyIdentifier​(CertificateToken certificateToken)
      This method returns authority key identifier as binaries from the certificate extension (SHA-1 of the public key of the issuer certificate).
      static byte[] getBEREncoded​(org.bouncycastle.asn1.ASN1Encodable asn1Encodable)
      This method returns BER encoded ASN1 attribute.
      static List<String> getCAAccessLocations​(CertificateToken certificate)
      Gives back the CA URIs meta-data found within the given certificate.
      static String getCanonicalizedName​(org.bouncycastle.asn1.x509.GeneralNames generalNames)
      This method can be removed the simple IssuerSerial verification can be performed.
      static CertificateToken getCertificate​(org.bouncycastle.cert.X509CertificateHolder x509CertificateHolder)  
      static List<CertificatePolicy> getCertificatePolicies​(CertificateToken certToken)  
      static org.bouncycastle.asn1.ASN1Sequence getCertificatesHashIndex​(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
      Extract the Unsigned Attribute Archive Timestamp Cert Hash Index from a timestampToken
      static org.bouncycastle.cms.CMSSignedData getCMSSignedData​(org.bouncycastle.asn1.cms.Attribute attribute)
      Creates a CMSSignedData from the provided attribute
      static org.bouncycastle.asn1.ASN1Sequence getCRLHashIndex​(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
      Extract the Unsigned Attribute Archive Timestamp Crl Hash Index from a timestampToken
      static List<String> getCrlUrls​(CertificateToken certificateToken)
      Gives back the List of CRL URI meta-data found within the given X509 certificate.
      static Date getDate​(org.bouncycastle.asn1.ASN1Encodable encodable)  
      static byte[] getDEREncoded​(org.bouncycastle.asn1.ASN1Encodable asn1Encodable)
      This method returns DER encoded ASN1 attribute.
      static byte[] getDEREncoded​(org.bouncycastle.cms.CMSSignedData data)
      Returns the ASN.1 encoded representation of CMSSignedData.
      static byte[] getDEREncoded​(org.bouncycastle.tsp.TimeStampToken timeStampToken)  
      static List<org.bouncycastle.asn1.DEROctetString> getDEROctetStrings​(org.bouncycastle.asn1.ASN1Sequence asn1Sequence)
      Returns list of DEROctetString from an ASN1Sequence Useful when needed to get a list of hash values
      static byte[] getEncoded​(org.bouncycastle.cert.ocsp.BasicOCSPResp basicOCSPResp)  
      static byte[] getEncoded​(org.bouncycastle.cms.CMSSignedData cmsSignedData)
      Returns an ASN.1 encoded bytes representing the CMSSignedData
      static byte[] getEncoded​(org.bouncycastle.tsp.TimeStampToken timeStampToken)
      Returns an ASN.1 encoded bytes representing the TimeStampToken
      static List<String> getExtendedKeyUsage​(CertificateToken certToken)  
      static org.bouncycastle.cms.SignerInformation getFirstSignerInformation​(org.bouncycastle.cms.CMSSignedData cms)
      Returns the first SignerInformation extracted from CMSSignedData.
      static String getHumanReadableName​(CertificateToken cert)  
      static org.bouncycastle.asn1.x509.IssuerSerial getIssuerSerial​(byte[] binaries)  
      static org.bouncycastle.asn1.x509.IssuerSerial getIssuerSerial​(CertificateToken certToken)
      This method returns a new IssuerSerial based on the certificate token
      static org.bouncycastle.asn1.x509.IssuerSerial getIssuerSerial​(X500Principal issuerX500Principal, BigInteger serialNumber)
      This method returns a new IssuerSerial based on x500Principal of issuer and serial number
      static List<String> getOCSPAccessLocations​(CertificateToken certificate)
      Gives back the OCSP URIs meta-data found within the given X509 cert.
      static List<String> getQCStatementsIdList​(CertificateToken certToken)
      Get the list of all QCStatement Ids that are present in the certificate.
      static List<String> getQCTypesIdList​(CertificateToken certToken)
      Get the list of all QCType Ids that are present in the certificate.
      static org.bouncycastle.asn1.esf.RevocationValues getRevocationValues​(org.bouncycastle.asn1.ASN1Encodable encodable)
      Returns RevocationValues from the given encodable
      static byte[] getSki​(CertificateToken certificateToken)
      This method returns the Subject Key Identifier (SKI) bytes from the certificate extension (SHA-1 of the public key of the current certificate).
      static byte[] getSki​(CertificateToken certificateToken, boolean computeIfMissing)
      This method returns SKI bytes from certificate.
      static String getString​(org.bouncycastle.asn1.ASN1Encodable attributeValue)  
      static String getSubjectCommonName​(CertificateToken cert)  
      static org.bouncycastle.tsp.TimeStampToken getTimeStampToken​(org.bouncycastle.asn1.cms.Attribute attribute)
      Creates a TimeStampToken from the provided attribute
      static Date getTimeStampTokenGenerationTime​(org.bouncycastle.tsp.TimeStampToken timeStampToken)
      Returns generation time for the provided timeStampToken
      static org.bouncycastle.asn1.ASN1Sequence getUnsignedAttributesHashIndex​(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
      Extract the Unsigned Attribute Archive Timestamp Attribute Hash Index from a timestampToken
      static String getUtf8String​(X500Principal x500Principal)  
      static org.bouncycastle.cert.X509CertificateHolder getX509CertificateHolder​(CertificateToken certToken)
      Returns a X509CertificateHolder encapsulating the given X509Certificate.
      static boolean hasIdPkixOcspNoCheckExtension​(CertificateToken token)
      Indicates if the revocation data should be checked for an OCSP signing certificate.
      http://www.ietf.org/rfc/rfc2560.txt?number=2560
      A CA may specify that an OCSP client can trust a responder for the lifetime of the responder's certificate.
      static boolean isASN1SequenceTag​(byte tagByte)  
      static boolean isEmpty​(org.bouncycastle.asn1.cms.AttributeTable attributeTable)  
      static boolean isExtendedKeyUsagePresent​(CertificateToken certToken, org.bouncycastle.asn1.ASN1ObjectIdentifier oid)  
      static boolean isOCSPSigning​(CertificateToken certToken)
      Indicates that a X509Certificates corresponding private key is used by an authority to sign OCSP-Responses.
      http://www.ietf.org/rfc/rfc3280.txt
      http://tools.ietf.org/pdf/rfc6960.pdf 4.2.2.2
      {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) keyPurpose(3) ocspSigning(9)}
      OID: 1.3.6.1.5.5.7.3.9
      static <T extends org.bouncycastle.asn1.ASN1Primitive>
      T      		 toASN1Primitive​(byte[] bytes)
      This method returns T extends ASN1Primitive created from array of bytes.
      static Date toDate​(org.bouncycastle.asn1.ASN1GeneralizedTime asn1Date)  
      static String toString​(org.bouncycastle.asn1.ASN1OctetString value)  

    • Method Detail

      • toASN1Primitive

        public static <T extends org.bouncycastle.asn1.ASN1Primitive> T toASN1Primitive​(byte[] bytes)
        This method returns T extends ASN1Primitive created from array of bytes. The IOException is transformed in DSSException.
        Type Parameters:
        T - the expected return type
        Parameters:
        bytes - array of bytes to be transformed to ASN1Primitive
        Returns:
        new T extends ASN1Primitive

      • getDEREncoded

        public static byte[] getDEREncoded​(org.bouncycastle.asn1.ASN1Encodable asn1Encodable)
        This method returns DER encoded ASN1 attribute. The IOException is transformed in DSSException.
        Parameters:
        asn1Encodable - asn1Encodable to be DER encoded
        Returns:
        array of bytes representing the DER encoded asn1Encodable

      • getBEREncoded

        public static byte[] getBEREncoded​(org.bouncycastle.asn1.ASN1Encodable asn1Encodable)
        This method returns BER encoded ASN1 attribute. The IOException is transformed in DSSException.
        Parameters:
        asn1Encodable - asn1Encodable to be BER encoded
        Returns:
        array of bytes representing the BER encoded asn1Encodable

      • getEncoded

        public static byte[] getEncoded​(org.bouncycastle.cert.ocsp.BasicOCSPResp basicOCSPResp)

      • toDate

        public static Date toDate​(org.bouncycastle.asn1.ASN1GeneralizedTime asn1Date)

      • toString

        public static String toString​(org.bouncycastle.asn1.ASN1OctetString value)

      • getEncoded

        public static byte[] getEncoded​(org.bouncycastle.tsp.TimeStampToken timeStampToken)
        Returns an ASN.1 encoded bytes representing the TimeStampToken
        Parameters:
        timeStampToken - TimeStampToken
        Returns:
        the DER encoded TimeStampToken

      • getEncoded

        public static byte[] getEncoded​(org.bouncycastle.cms.CMSSignedData cmsSignedData)
        Returns an ASN.1 encoded bytes representing the CMSSignedData
        Parameters:
        cmsSignedData - CMSSignedData
        Returns:
        the binary of the CMSSignedData @ if the CMSSignedData encoding fails

      • getDEREncoded

        public static byte[] getDEREncoded​(org.bouncycastle.tsp.TimeStampToken timeStampToken)

      • getDEREncoded

        public static byte[] getDEREncoded​(org.bouncycastle.cms.CMSSignedData data)
        Returns the ASN.1 encoded representation of CMSSignedData.
        Parameters:
        data - the CMSSignedData to be encoded
        Returns:
        the DER encoded CMSSignedData

      • getAsn1SequenceFromDerOctetString

        public static org.bouncycastle.asn1.ASN1Sequence getAsn1SequenceFromDerOctetString​(byte[] bytes)
        This method returns the ASN1Sequence encapsulated in DEROctetString. The DEROctetString is represented as byte array.
        Parameters:
        bytes - byte representation of DEROctetString
        Returns:
        encapsulated ASN1Sequence @ in case of a decoding problem

      • getAsn1SignaturePolicyDigest

        public static byte[] getAsn1SignaturePolicyDigest​(DigestAlgorithm digestAlgorithm,
                                                  byte[] policyBytes)
        This method computes the digest of an ASN1 signature policy (used in CAdES) TS 101 733 5.8.1 : If the signature policy is defined using ASN.1, then the hash is calculated on the value without the outer type and length fields, and the hashing algorithm shall be as specified in the field sigPolicyHash.
        Parameters:
        digestAlgorithm - the digest algorithm to be used
        policyBytes - the ASN.1 policy content
        Returns:
        the expected digest value

      • getCanonicalizedName

        public static String getCanonicalizedName​(org.bouncycastle.asn1.x509.GeneralNames generalNames)
        This method can be removed the simple IssuerSerial verification can be performed. In fact the hash verification is sufficient.
        Parameters:
        generalNames - the generalNames
        Returns:
        the canonicalized name

      • getAlgorithmIdentifier

        public static org.bouncycastle.asn1.x509.AlgorithmIdentifier getAlgorithmIdentifier​(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
        Gets the ASN.1 algorithm identifier structure corresponding to the algorithm found in the provided Timestamp Hash Index Table, if such algorithm is present
        Parameters:
        atsHashIndexValue - ats-hash-index table from a timestamp
        Returns:
        the ASN.1 algorithm identifier structure

      • getAlgorithmIdentifier

        public static org.bouncycastle.asn1.x509.AlgorithmIdentifier getAlgorithmIdentifier​(DigestAlgorithm digestAlgorithm)
        Gets the ASN.1 algorithm identifier structure corresponding to a digest algorithm
        Parameters:
        digestAlgorithm - the digest algorithm to encode
        Returns:
        the ASN.1 algorithm identifier structure

      • getCertificatesHashIndex

        public static org.bouncycastle.asn1.ASN1Sequence getCertificatesHashIndex​(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
        Extract the Unsigned Attribute Archive Timestamp Cert Hash Index from a timestampToken
        Parameters:
        atsHashIndexValue -
        Returns:

      • getCRLHashIndex

        public static org.bouncycastle.asn1.ASN1Sequence getCRLHashIndex​(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
        Extract the Unsigned Attribute Archive Timestamp Crl Hash Index from a timestampToken
        Parameters:
        atsHashIndexValue -
        Returns:

      • getUnsignedAttributesHashIndex

        public static org.bouncycastle.asn1.ASN1Sequence getUnsignedAttributesHashIndex​(org.bouncycastle.asn1.ASN1Sequence atsHashIndexValue)
        Extract the Unsigned Attribute Archive Timestamp Attribute Hash Index from a timestampToken
        Parameters:
        atsHashIndexValue -
        Returns:

      • getDEROctetStrings

        public static List<org.bouncycastle.asn1.DEROctetString> getDEROctetStrings​(org.bouncycastle.asn1.ASN1Sequence asn1Sequence)
        Returns list of DEROctetString from an ASN1Sequence Useful when needed to get a list of hash values
        Parameters:
        asn1Sequence - ASN1Sequence to get list from
        Returns:
        list of DEROctetStrings

      • hasIdPkixOcspNoCheckExtension

        public static boolean hasIdPkixOcspNoCheckExtension​(CertificateToken token)
        Indicates if the revocation data should be checked for an OCSP signing certificate.
        http://www.ietf.org/rfc/rfc2560.txt?number=2560
        A CA may specify that an OCSP client can trust a responder for the lifetime of the responder's certificate. The CA does so by including the extension id-pkix-ocsp-nocheck. This SHOULD be a non-critical extension. The value of the extension should be NULL.
        Parameters:
        token - the certificate to be checked
        Returns:
        true if the certificate has the id_pkix_ocsp_nocheck extension

      • getQCStatementsIdList

        public static List<String> getQCStatementsIdList​(CertificateToken certToken)
        Get the list of all QCStatement Ids that are present in the certificate. (As per ETSI EN 319 412-5 V2.1.1)
        Parameters:
        certToken - the certificate
        Returns:
        the list of QC Statements oids

      • getQCTypesIdList

        public static List<String> getQCTypesIdList​(CertificateToken certToken)
        Get the list of all QCType Ids that are present in the certificate. (As per ETSI EN 319 412-5 V2.1.1)
        Parameters:
        certToken - the certificate
        Returns:
        the list of QCTypes oids

      • getSki

        public static byte[] getSki​(CertificateToken certificateToken)
        This method returns the Subject Key Identifier (SKI) bytes from the certificate extension (SHA-1 of the public key of the current certificate).
        Parameters:
        certificateToken - the CertificateToken
        Returns:
        ski bytes from the given certificate or null if missing

      • getSki

        public static byte[] getSki​(CertificateToken certificateToken,
                            boolean computeIfMissing)
        This method returns SKI bytes from certificate.
        Parameters:
        certificateToken - CertificateToken
        computeIfMissing - if the extension is missing and computeIfMissing = true, it will compute the SKI value from the Public Key
        Returns:
        ski bytes from the given certificate

      • getAuthorityKeyIdentifier

        public static byte[] getAuthorityKeyIdentifier​(CertificateToken certificateToken)
        This method returns authority key identifier as binaries from the certificate extension (SHA-1 of the public key of the issuer certificate).
        Parameters:
        certificateToken - the CertificateToken
        Returns:
        authority key identifier bytes from the given certificate (can be null if the certificate is self signed)

      • computeSkiFromCert

        public static byte[] computeSkiFromCert​(CertificateToken certificateToken)
        Computes SHA-1 hash of the certificateToken's public key
        Parameters:
        certificateToken - CertificateToken to compute digest for
        Returns:
        byte array of public key's SHA-1 hash

      • computeSkiFromCertPublicKey

        public static byte[] computeSkiFromCertPublicKey​(PublicKey publicKey)
        Computes SHA-1 hash of the given publicKey's
        Parameters:
        publicKey - PublicKey to compute digest for
        Returns:
        byte array of public key's SHA-1 hash

      • getCAAccessLocations

        public static List<String> getCAAccessLocations​(CertificateToken certificate)
        Gives back the CA URIs meta-data found within the given certificate.
        Parameters:
        certificate - the certificate token.
        Returns:
        a list of CA URIs, or empty list if the extension is not present.

      • getOCSPAccessLocations

        public static List<String> getOCSPAccessLocations​(CertificateToken certificate)
        Gives back the OCSP URIs meta-data found within the given X509 cert.
        Parameters:
        certificate - the cert token.
        Returns:
        a list of OCSP URIs, or empty list if the extension is not present.

      • getCrlUrls

        public static List<String> getCrlUrls​(CertificateToken certificateToken)
        Gives back the List of CRL URI meta-data found within the given X509 certificate.
        Parameters:
        certificateToken - the cert token certificate
        Returns:
        the List of CRL URI, or empty list if the extension is not present

      • isOCSPSigning

        public static boolean isOCSPSigning​(CertificateToken certToken)
        Indicates that a X509Certificates corresponding private key is used by an authority to sign OCSP-Responses.
        http://www.ietf.org/rfc/rfc3280.txt
        http://tools.ietf.org/pdf/rfc6960.pdf 4.2.2.2
        {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) keyPurpose(3) ocspSigning(9)}
        OID: 1.3.6.1.5.5.7.3.9
        Parameters:
        certToken - the certificate token
        Returns:
        true if the certificate has the id_kp_OCSPSigning ExtendedKeyUsage

      • isExtendedKeyUsagePresent

        public static boolean isExtendedKeyUsagePresent​(CertificateToken certToken,
                                                org.bouncycastle.asn1.ASN1ObjectIdentifier oid)

      • getX509CertificateHolder

        public static org.bouncycastle.cert.X509CertificateHolder getX509CertificateHolder​(CertificateToken certToken)
        Returns a X509CertificateHolder encapsulating the given X509Certificate.
        Parameters:
        certToken - the certificate to be encapsulated
        Returns:
        a X509CertificateHolder holding this certificate

      • getCertificate

        public static CertificateToken getCertificate​(org.bouncycastle.cert.X509CertificateHolder x509CertificateHolder)

      • getIssuerSerial

        public static org.bouncycastle.asn1.x509.IssuerSerial getIssuerSerial​(X500Principal issuerX500Principal,
                                                                      BigInteger serialNumber)
        This method returns a new IssuerSerial based on x500Principal of issuer and serial number
        Parameters:
        issuerX500Principal - the X500Principal of certificate token's issuer
        serialNumber - serial number of certificate token
        Returns:
        a IssuerSerial

      • getIssuerSerial

        public static org.bouncycastle.asn1.x509.IssuerSerial getIssuerSerial​(CertificateToken certToken)
        This method returns a new IssuerSerial based on the certificate token
        Parameters:
        certToken - the certificate token
        Returns:
        a IssuerSerial

      • getString

        public static String getString​(org.bouncycastle.asn1.ASN1Encodable attributeValue)

      • extractAttributeFromX500Principal

        public static String extractAttributeFromX500Principal​(org.bouncycastle.asn1.ASN1ObjectIdentifier identifier,
                                                       X500Principal x500PrincipalName)

      • getFirstSignerInformation

        public static org.bouncycastle.cms.SignerInformation getFirstSignerInformation​(org.bouncycastle.cms.CMSSignedData cms)
        Returns the first SignerInformation extracted from CMSSignedData.
        Parameters:
        cms - CMSSignedData
        Returns:
        returns SignerInformation

      • isASN1SequenceTag

        public static boolean isASN1SequenceTag​(byte tagByte)

      • getDate

        public static Date getDate​(org.bouncycastle.asn1.ASN1Encodable encodable)

      • isEmpty

        public static boolean isEmpty​(org.bouncycastle.asn1.cms.AttributeTable attributeTable)

      • emptyIfNull

        public static org.bouncycastle.asn1.cms.AttributeTable emptyIfNull​(org.bouncycastle.asn1.cms.AttributeTable original)

      • getIssuerSerial

        public static org.bouncycastle.asn1.x509.IssuerSerial getIssuerSerial​(byte[] binaries)

      • getAtsHashIndex

        public static org.bouncycastle.asn1.ASN1Sequence getAtsHashIndex​(org.bouncycastle.asn1.cms.AttributeTable timestampUnsignedAttributes)
        Returns ats-hash-index table from timestamp's unsigned properties
        Parameters:
        timestampUnsignedAttributes - AttributeTable unsigned properties of the timestamp
        Returns:
        the content of SignedAttribute: ATS-hash-index unsigned attribute {itu-t(0) identified-organization(4) etsi(0) electronic-signature-standard(1733) attributes(2) 5}

      • getAsn1Encodable

        public static org.bouncycastle.asn1.ASN1Encodable getAsn1Encodable​(org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes,
                                                                   org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
        Returns ASN1Encodable for a given oid found in the unsignedAttributes
        Parameters:
        unsignedAttributes - AttributeTable of a signature
        oid - target ASN1ObjectIdentifier
        Returns:
        ASN1Encodable

      • getAsn1AttributeSet

        public static org.bouncycastle.asn1.ASN1Set getAsn1AttributeSet​(org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes,
                                                                org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
        Returns an Attribute values for a given oid found in the unsignedAttributes
        Parameters:
        unsignedAttributes - AttributeTable of a signature
        oid - target ASN1ObjectIdentifier
        Returns:
        ASN1Set

      • getAsn1Attributes

        public static org.bouncycastle.asn1.cms.Attribute[] getAsn1Attributes​(org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes,
                                                                      org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
        Returns an array of Attributes for a given oid found in the unsignedAttributes
        Parameters:
        unsignedAttributes - AttributeTable of a signature
        oid - target ASN1ObjectIdentifier
        Returns:
        Attributes array

      • findTimeStampTokens

        public static List<org.bouncycastle.tsp.TimeStampToken> findTimeStampTokens​(org.bouncycastle.asn1.cms.AttributeTable unsignedAttributes,
                                                                            org.bouncycastle.asn1.ASN1ObjectIdentifier oid)
        Finds TimeStampTokens with a given oid
        Parameters:
        unsignedAttributes - AttributeTable to obtain timestamps from
        oid - ASN1ObjectIdentifier to collect

      • getTimeStampToken

        public static org.bouncycastle.tsp.TimeStampToken getTimeStampToken​(org.bouncycastle.asn1.cms.Attribute attribute)
        Creates a TimeStampToken from the provided attribute
        Parameters:
        attribute - Attribute to generate TimeStampToken from
        Returns:
        TimeStampToken

      • getCMSSignedData

        public static org.bouncycastle.cms.CMSSignedData getCMSSignedData​(org.bouncycastle.asn1.cms.Attribute attribute)
                                                           throws org.bouncycastle.cms.CMSException,
                                                                  IOException
        Creates a CMSSignedData from the provided attribute
        Parameters:
        attribute - Attribute to generate CMSSignedData from
        Returns:
        CMSSignedData
        Throws:
        IOException - in case of encoding exception
        org.bouncycastle.cms.CMSException - in case if the provided attribute cannot be converted to CMSSignedData

      • getAsn1Encodable

        public static org.bouncycastle.asn1.ASN1Encodable getAsn1Encodable​(org.bouncycastle.asn1.cms.Attribute attribute)
        Returns ASN1Encodable of the attribute
        Parameters:
        attribute - Attribute

      • getTimeStampTokenGenerationTime

        public static Date getTimeStampTokenGenerationTime​(org.bouncycastle.tsp.TimeStampToken timeStampToken)
        Returns generation time for the provided timeStampToken
        Parameters:
        timeStampToken - TimeStampToken to get generation time for
        Returns:
        Date timestamp generation time

      • getRevocationValues

        public static org.bouncycastle.asn1.esf.RevocationValues getRevocationValues​(org.bouncycastle.asn1.ASN1Encodable encodable)
        Returns RevocationValues from the given encodable
        Parameters:
        encodable - the encoded data to be parsed
        Returns:
        an instance of RevocationValues or null if the parsing failled