@Override public List<CertifiedRole> getCertifiedSignerRoles() { final Attribute id_aa_ets_signerAttr = getSignedAttribute(PKCSObjectIdentifiers.id_aa_ets_signerAttr); if (id_aa_ets_signerAttr == null) { return null; } final ASN1Set attrValues = id_aa_ets_signerAttr.getAttrValues(); final ASN1Encodable asn1EncodableAttrValue = attrValues.getObjectAt(0); try { final SignerAttribute signerAttr = SignerAttribute.getInstance(asn1EncodableAttrValue); if (signerAttr == null) { return null; } List<CertifiedRole> roles = null; final Object[] signerAttrValues = signerAttr.getValues(); for (final Object signerAttrValue : signerAttrValues) { if (signerAttrValue instanceof AttributeCertificate) { if (roles == null) { roles = new ArrayList<CertifiedRole>(); } final AttributeCertificate attributeCertificate = (AttributeCertificate) signerAttrValue; final AttributeCertificateInfo acInfo = attributeCertificate.getAcinfo(); final AttCertValidityPeriod attrCertValidityPeriod = acInfo.getAttrCertValidityPeriod(); final ASN1Sequence attributes = acInfo.getAttributes(); for (int ii = 0; ii < attributes.size(); ii++) { final ASN1Encodable objectAt = attributes.getObjectAt(ii); final org.bouncycastle.asn1.x509.Attribute attribute = org.bouncycastle.asn1.x509.Attribute.getInstance(objectAt); final ASN1Set attrValues1 = attribute.getAttrValues(); DERSequence derSequence = (DERSequence) attrValues1.getObjectAt(0); RoleSyntax roleSyntax = RoleSyntax.getInstance(derSequence); CertifiedRole certifiedRole = new CertifiedRole(); certifiedRole.setRole(roleSyntax.getRoleNameAsString()); certifiedRole.setNotBefore(DSSASN1Utils.toDate(attrCertValidityPeriod.getNotBeforeTime())); certifiedRole.setNotAfter(DSSASN1Utils.toDate(attrCertValidityPeriod.getNotAfterTime())); roles.add(certifiedRole); } } } return roles; } catch (Exception e) { LOG.error("Error when dealing with certified signer roles: [" + asn1EncodableAttrValue.toString() + "]", e); return null; } }
