public final class CAdESUtils
extends java.lang.Object
id-aa-signingCertificateV2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) id-aa(2) 47 } SigningCertificateV2 ::= SEQUENCE { certs SEQUENCE OF ESSCertIDv2, policies SEQUENCE OF PolicyInformation OPTIONAL } ESSCertIDv2 ::= SEQUENCE { hashAlgorithm AlgorithmIdentifier DEFAULT { algorithm id-sha256 }, certHash Hash, issuerSerial IssuerSerial OPTIONAL } Hash ::= OCTET STRING+ IssuerSerial ::= SEQUENCE { issuer GeneralNames, serialNumber CertificateSerialNumber issuerUID UniqueIdentifier OPTIONAL } PolicyInformation ::= SEQUENCE { policyIdentifier CertPolicyId, policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL } CertPolicyId ::= OBJECT IDENTIFIER PolicyQualifierInfo ::= SEQUENCE { policyQualifierId PolicyQualifierId, qualifier ANY DEFINED BY policyQualifierId } SigningCertificateV2 ::= SEQUENCE { certs SEQUENCE OF ESSCertIDv2, policies SEQUENCE OF PolicyInformation OPTIONAL } id-aa-signingCertificate OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) id-aa(2) 12 } SigningCertificate ::= SEQUENCE { certs SEQUENCE OF ESSCertID, policies SEQUENCE OF PolicyInformation OPTIONAL } IssuerSerial ::= SEQUENCE { issuer GeneralNames, serialNumber CertificateSerialNumber } ESSCertID ::= SEQUENCE { certHash Hash, issuerSerial IssuerSerial OPTIONAL } Hash ::= OCTET STRING -- SHA1 hash of entire certificate PolicyInformation ::= SEQUENCE { policyIdentifier CertPolicyId, policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL } CertPolicyId ::= OBJECT IDENTIFIER PolicyQualifierInfo ::= SEQUENCE { policyQualifierId PolicyQualifierId, qualifier ANY DEFINED BY policyQualifierId } SigningCertificateV2 ::= SEQUENCE { certs SEQUENCE OF ESSCertIDv2, policies SEQUENCE OF PolicyInformation OPTIONAL } id-aa-signingCertificate OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) id-aa(2) 12 } SigPolicyId ::= OBJECT IDENTIFIER (Politica de firma) OtherHashAlgAndValue ::= SEQUENCE { hashAlgorithm AlgorithmIdentifier, hashValue OCTET STRING } AOSigPolicyQualifierInfo ::= SEQUENCE { SigPolicyQualifierId SigPolicyQualifierId, SigQualifier ANY DEFINED BY policyQualifierId } SignaturePolicyId ::= SEQUENCE { sigPolicyId SigPolicyId, sigPolicyHash SigPolicyHash, sigPolicyQualifiers SEQUENCE SIZE (1..MAX) OF AOSigPolicyQualifierInfo OPTIONAL }
Modifier and Type | Method and Description |
---|---|
static org.bouncycastle.asn1.ASN1EncodableVector |
generateSignerInfo(java.security.cert.Certificate cert,
java.lang.String digestAlgorithmName,
byte[] data,
AdESPolicy policy,
boolean signingCertificateV2,
byte[] dataDigest,
java.util.Date signDate,
boolean padesMode,
java.lang.String contentType,
java.lang.String contentDescription,
java.util.List<CommitmentTypeIndicationBean> ctis,
CAdESSignerMetadata csm,
boolean isCountersign)
Genera la parte que contiene la información del Usuario.
|
public static org.bouncycastle.asn1.ASN1EncodableVector generateSignerInfo(java.security.cert.Certificate cert, java.lang.String digestAlgorithmName, byte[] data, AdESPolicy policy, boolean signingCertificateV2, byte[] dataDigest, java.util.Date signDate, boolean padesMode, java.lang.String contentType, java.lang.String contentDescription, java.util.List<CommitmentTypeIndicationBean> ctis, CAdESSignerMetadata csm, boolean isCountersign) throws java.security.NoSuchAlgorithmException, java.io.IOException, java.security.cert.CertificateEncodingException
SignerInfo ::= SEQUENCE { version CMSVersion, sid SignerIdentifier, digestAlgorithm DigestAlgorithmIdentifier, signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL, signatureAlgorithm SignatureAlgorithmIdentifier, signature SignatureValue, unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL } SignerIdentifier ::= CHOICE { issuerAndSerialNumber IssuerAndSerialNumber, subjectKeyIdentifier [0] SubjectKeyIdentifier } SignedAttributes ::= SET SIZE (1..MAX) OF Attribute UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute Attribute ::= SEQUENCE { attrType OBJECT IDENTIFIER, attrValues SET OF AttributeValue } AttributeValue ::= ANY SignatureValue ::= OCTET STRING ContentHints ::= SEQUENCE { (esta secuencia con el tipo de contenido firmado. No se agrega en firmas PAdES) contentDescription UTF8String (SIZE (1..MAX)) OPTIONAL, contentType ContentType }
cert
- Certificado del firmantedigestAlgorithmName
- Nombre del algoritmo de huella digital a usardata
- Datos firmadospolicy
- Política de firmasigningCertificateV2
- true
para utilizar la versión 2 del campo
signingCertificate, false
para utilizar la versión 1.dataDigest
- Huella digital de los datos firmadossignDate
- Fecha de la firma (debe establecerse externamente para evitar desincronismos en la firma trifásica)padesMode
- true
para generar una firma CAdES compatible PAdES, false
para generar una firma CAdES normalcontentType
- Tipo de contenido definido por su OID.contentDescription
- Descripción textual del tipo de contenido firmado.ctis
- Lista de compromisos adquiridos con esta firmacsm
- Metadatos sobre el firmanteisCountersign
- true
si desea generarse el SignerInfo
de una
contrafirma, false
en caso contrario.java.security.NoSuchAlgorithmException
- Cuando se introduce un algoritmo no válido.java.io.IOException
- Cuando se produce un error de entrada/salida.java.security.cert.CertificateEncodingException
- Error de codificación en el certificado.