[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bouncycastle-crypto-dev
Subject:    Re: [dev-crypto] Skip signing-time for PAdES Part 3 conformity
From:       Peter Dettman <pkd () lockboxlabs ! com>
Date:       2010-07-05 11:33:38
Message-ID: 4C31C042.9010509 () lockboxlabs ! com
[Download RAW message or body]

Hi Thomas,

You can control the attributes added for each signature by passing a 
CMSAttributeTableGenerator in the addSigner call.

In your case, simply subclass DefaultSignedAttributeTableGenerator and 
override createStandardAttributeTable e.g.

     protected Hashtable createStandardAttributeTable(Map parameters)
     {
         Hashtable result = super.createStandardAttributeTable(parameters);
         result.remove(CMSAttributes.signingTime);
         return result;
     }

Cheers,
Pete.


On 05/07/10 19:02, Thomas Chojecki wrote:
> Hi,
> i'm trying to implement PAdES using BC and got some problems.
>
> The PAdES Part 3 specification say:
> ,---
> | 4.5.3 signing-time Attribute
> | For all profiles covered in the present document the
> | signing-time attribute shall not be used.
>  ´---
>
> I found the way using the boolean flag "addDefaultAttributes" in the 
> CMSSignedDataGenerator. But it's a bit hard to set all the attributes
> self for a simple cms signature without signing-time. Is there a 
> easier way to remove the signing-time?
>
> The follow code sadly don't work:
> Hashtable signedData = new Hashtable();
> signedData.put(CMSAttributes.signingTime, null);
> new AttributeTable(signedData);
>
> Regards
>
> Thomas
>
>


[prev in list] [next in list] [prev in thread] [next in thread]