// controlla che nel firmatario sia presente l'attributo ESSCertIDv2 e che esso sia valido
// in questo caso la busta crittografica è espressa correttamente nel formato CADES-BES secondo
// la DELIBERAZIONE ministeriale del N . 45 DEL 21 MAGGIO 2009
private boolean isLegallySigned(SignerInformation signer, X509CertificateHolder cert)
throws FirmapiuException, NoSuchAlgorithmException, IOException {
AttributeTable signAttr = signer.getSignedAttributes();
if (signAttr == null) throw new FirmapiuException(VERIFY_SIGNER_SIGNINGATTRIBUTE_NOTFOUND);
Attribute attr = signAttr.get(PKCSObjectIdentifiers.id_aa_signingCertificateV2);
if (attr == null) throw new FirmapiuException(VERIFY_SIGNER_SIGNINGATTRIBUTE_NOTFOUND);
ASN1Sequence sequence = ASN1Sequence.getInstance(attr.getAttrValues().getObjectAt(0));
SigningCertificateV2 scv2 = SigningCertificateV2.getInstance(sequence);
ESSCertIDv2[] essCert = scv2.getCerts();
if (essCert == null || essCert.length < 1)
throw new FirmapiuException(VERIFY_SIGNER_SIGNINGATTRIBUTE_NOTFOUND);
// controlla l'hash del certificato se si restituisce true se no restituisce no
// aggiungere hash del certificato di sottoscrizione
String digestAlgorithm = "SHA-256";
MessageDigest sha = null;
sha = MessageDigest.getInstance(digestAlgorithm);
byte[] digestedCert = sha.digest(cert.getEncoded());
byte[] essCertHash = essCert[0].getCertHash();
// affinché la firma sia valida digestCert e essCertHash devono essere uguali
if (digestedCert.length != essCertHash.length) return false;
else {
for (int i = 0; i < digestedCert.length; i++)
if (digestedCert[i] != essCertHash[i]) {
return false;
}
return true;
} // fine if
} // fine metodo
// recupera il signing time di un firmatario
private static Date getSigningTime(SignerInformation signer) throws FirmapiuException {
AttributeTable signedAttr = signer.getSignedAttributes();
Attribute signingTimeAttr = signedAttr.get(CMSAttributes.signingTime);
if (signingTimeAttr != null) {
Enumeration<?> en = signingTimeAttr.getAttrValues().getObjects();
Date signingTime = null;
Object obj = en.nextElement();
try {
if (obj instanceof ASN1UTCTime) {
ASN1UTCTime asn1Time = (ASN1UTCTime) obj;
signingTime = asn1Time.getDate();
} else if (obj instanceof DERUTCTime) {
DERUTCTime derTime = (DERUTCTime) obj;
signingTime = derTime.getDate();
}
return signingTime;
} catch (ParseException e) {
// TODO eccezioni ammodo
throw new FirmapiuException();
}
} else {
// non ha trovato il signing time come attributo
// TODO eccezioni ammodo
throw new FirmapiuException();
}
} // fine metodo
public TimestampToken getContentTimestamp() {
try {
return SignedAttributesHelper.getContentTimestamp(firstSignerInfo.getSignedAttributes());
} catch (Exception e) {
ExceptionHandlerTyped.<SPISignatureException>handle(SPISignatureException.class, e);
}
return null;
}
// OCSP responses found as signed ID_ADBE_REVOCATION attribute
public Set<OCSPResponse> getSignedOCSPResponses() {
try {
AttributeTable table = firstSignerInfo.getSignedAttributes();
return SignedAttributesHelper.getSignedOCSPResponses(table);
} catch (Exception e) {
ExceptionHandlerTyped.<SPISignatureException>handle(SPISignatureException.class, e);
}
return null;
}
// CRLS found as signed ID_ADBE_REVOCATION attribute
public Collection<CRL> getSignedCRLs() {
try {
AttributeTable table = firstSignerInfo.getSignedAttributes();
return SignedAttributesHelper.getSignedCRLs(table);
} catch (Exception e) {
ExceptionHandlerTyped.<SPISignatureException>handle(SPISignatureException.class, e);
}
return null;
}
private Date findTimestamp(CMSSignedData cmsSignedData) {
Iterator iterator = cmsSignedData.getSignerInfos().getSigners().iterator();
while (iterator.hasNext()) {
SignerInformation signerInformation = (SignerInformation) iterator.next();
AttributeTable signedAttrTable = signerInformation.getSignedAttributes();
if (signedAttrTable == null) {
continue;
}
ASN1EncodableVector v = signedAttrTable.getAll(CMSAttributes.signingTime);
switch (v.size()) {
case 0:
continue;
case 1:
Attribute t = (Attribute) v.get(0);
ASN1Set attrValues = t.getAttrValues();
if (attrValues.size() != 1) {
continue;
}
// found it
try {
return ((ASN1UTCTime) attrValues.getObjectAt(0).getDERObject()).getDate();
} catch (ParseException e) {
e.printStackTrace();
}
continue;
default:
continue;
}
}
// no timestamp found
return null;
}
public Date getSigningTime() {
return SignedAttributesHelper.getSigningTime(firstSignerInfo.getSignedAttributes());
}
public DEREncodable getContentReferenceAttribute() {
return SignedAttributesHelper.getContentReferenceAttribute(
firstSignerInfo.getSignedAttributes());
}
public SignerAttribute getSignerAttributesAttribute() {
return SignedAttributesHelper.getSignerAttributesAttribute(
firstSignerInfo.getSignedAttributes());
}
public byte[] getDigestAttribute() {
return SignedAttributesHelper.getDigestAttribute(firstSignerInfo.getSignedAttributes());
}
public CommitmentTypeIndication getCommitmentTypeIndicationAttribute() {
return SignedAttributesHelper.getCommitmentTypeIndicationAttribute(
firstSignerInfo.getSignedAttributes());
}
public SignerLocation getSignerLocationAttribute() {
return SignedAttributesHelper.getSignerLocationAttribute(firstSignerInfo.getSignedAttributes());
}
public ContentHints getContentHintsAttribute() {
return SignedAttributesHelper.getContentHintsAttribute(firstSignerInfo.getSignedAttributes());
}
public ContentIdentifier getContentIdentifierAttribute() {
return SignedAttributesHelper.getContentIdentifierAttribute(
firstSignerInfo.getSignedAttributes());
}
public ASN1ObjectIdentifier getContentTypeAttribute() {
return SignedAttributesHelper.getContentTypeAttribute(firstSignerInfo.getSignedAttributes());
}
public SignaturePolicyIdentifier getSignaturePolicyIdentifierAttribute() {
return SignedAttributesHelper.getSignaturePolicyIdentifierAttribute(
firstSignerInfo.getSignedAttributes());
}
public ESSCertIDv2 getSigningCertificateV2Attribute() {
return SignedAttributesHelper.getSigningCertificateV2Attribute(
firstSignerInfo.getSignedAttributes());
}
