aboutsummaryrefslogtreecommitdiff
path: root/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
diff options
context:
space:
mode:
Diffstat (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java')
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java67
1 files changed, 25 insertions, 42 deletions
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
index 8e9380e..4050ebc 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
@@ -154,6 +154,7 @@ public class CMSSignatureCreationInvoker {
CreateCMSSignatureResponse response = new CreateCMSSignatureResponseImpl();
boolean isSecurityLayerConform = false;
+ boolean isPAdESConformRequired = false;
String structure = null;
String mimetype = null;
@@ -164,6 +165,14 @@ public class CMSSignatureCreationInvoker {
while (singleSignatureInfoIter.hasNext()) {
SingleSignatureInfo singleSignatureInfo = (SingleSignatureInfo) singleSignatureInfoIter.next();
isSecurityLayerConform = singleSignatureInfo.isSecurityLayerConform();
+ isPAdESConformRequired = singleSignatureInfo.isPAdESConform();
+
+ //PAdES conformity always requires SecurityLayer conformity, because certificates must be included
+ if (isPAdESConformRequired && !isSecurityLayerConform) {
+ isSecurityLayerConform = isPAdESConformRequired;
+ Logger.debug("Set SecurityLayerConformity to 'true' because PAdES conformity is requested");
+
+ }
DataObjectInfo dataObjectInfo = singleSignatureInfo.getDataObjectInfo();
@@ -171,7 +180,17 @@ public class CMSSignatureCreationInvoker {
CMSDataObject dataobject = dataObjectInfo.getDataObject();
MetaInfo metainfo = dataobject.getMetaInfo();
- mimetype = metainfo.getMimeType();
+
+ /*TODO: do not set SigningTime in IAIK-MOA request or any other
+ * API method/parameter when IAIK-MOA API is updated.
+ * Maybe also update mimetype solution below
+ */
+ //does not set mimetype if PAdES conformity is requested
+ if (!isPAdESConformRequired) {
+ mimetype = metainfo.getMimeType();
+
+ } else
+ Logger.debug("PAdES conformity requested. Does not set mimetype into CAdES signature");
CMSContent content = dataobject.getContent();
InputStream contentIs = null;
@@ -218,7 +237,7 @@ public class CMSSignatureCreationInvoker {
// get digest algorithm
String digestAlgorithm = getDigestAlgorithm(config, keyGroupID);
-
+
// create CMSSignatureCreation profile:
CMSSignatureCreationProfile profile = new CMSSignatureCreationProfileImpl(
keySet,
@@ -226,7 +245,8 @@ public class CMSSignatureCreationInvoker {
signedProperties,
isSecurityLayerConform,
includeData,
- mimetype);
+ mimetype,
+ isPAdESConformRequired);
// create CMSSignature from the CMSSignatureCreationModule
// build the additionalSignedProperties
@@ -239,39 +259,7 @@ public class CMSSignatureCreationInvoker {
boolean base64 = true;
OutputStream signedDataStream = signature.getSignature(out, base64);
- // now write the data to be signed to the signedDataStream
-
- //
- int byteRead;
- /*
- BigDecimal counter = new BigDecimal("0");
- BigDecimal one = new BigDecimal("1");
-
- ByteArrayOutputStream filteredStream = new ByteArrayOutputStream();
-
- while ((byteRead=contentIs.read()) >= 0) {
- //System.out.println("counterXX: " + counter);
-
- // Wrong behaviour < 3
- // excluded bytes should not be part of the signature as 0 bytes
- // they should be not part of the signature at all!
-
-// if (inRange(counter, dataobject))
-// filteredStream.write(0);
-// else
-// filteredStream.write(byteRead);
-//
-
- // correct behaviour
- if (!inRange(counter, dataobject)) {
- filteredStream.write(byteRead);
- }
-
- counter = counter.add(one);
- }
- byte[] data = filteredStream.toByteArray();
- signedDataStream.write(data, 0, data.length);
- */
+ // now write the data to be signed to the signedDataStream
// Stream based, this should have a better performance
FilteredOutputStream filteredOuputStream = new FilteredOutputStream(
signedDataStream, 4096, dataobject.getExcludeByteRangeFrom(),
@@ -279,12 +267,7 @@ public class CMSSignatureCreationInvoker {
IOUtils.copyLarge(contentIs, filteredOuputStream);
filteredOuputStream.flush();
-// byte[] buf = new byte[4096];
-// int bytesRead;
-// while ((bytesRead = contentIs.read(buf)) >= 0) {
-// signedDataStream.write(buf, 0, bytesRead);
-// }
-//
+
// finish SignedData processing by closing signedDataStream
signedDataStream.close();
String base64value = out.toString();
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-28 19:40:54 +0000