diff options
author | bschnalzer <bianca.schnalzer@egiz.gv.at> | 2017-08-28 17:09:20 +0200 |
---|---|---|
committer | bschnalzer <bianca.schnalzer@egiz.gv.at> | 2017-08-28 17:09:20 +0200 |
commit | 5e23c5a189308c2e8fcf191643f81e625fc82e6d (patch) | |
tree | 350354c044fb636526a68e82e3b1afcad405b23a | |
parent | fec942b852f03167f411f0fe24306c8dcfd5042b (diff) | |
download | mocca-5e23c5a189308c2e8fcf191643f81e625fc82e6d.tar.gz mocca-5e23c5a189308c2e8fcf191643f81e625fc82e6d.tar.bz2 mocca-5e23c5a189308c2e8fcf191643f81e625fc82e6d.zip |
Added DigiCertServer-CA, Signature mime-type/signing time PAdES
4 files changed, 43 insertions, 1 deletions
diff --git a/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/certStore/toBeAdded/DigiCertSHA2SecureServerCA.cer b/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/certStore/toBeAdded/DigiCertSHA2SecureServerCA.cer Binary files differnew file mode 100644 index 00000000..24d1795f --- /dev/null +++ b/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/certStore/toBeAdded/DigiCertSHA2SecureServerCA.cer diff --git a/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/trustStore/DigiCertSHA2SecureServerCA.cer b/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/trustStore/DigiCertSHA2SecureServerCA.cer Binary files differnew file mode 100644 index 00000000..24d1795f --- /dev/null +++ b/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/trustStore/DigiCertSHA2SecureServerCA.cer diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java index cbf0443f..eaf3e70a 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java @@ -109,12 +109,24 @@ public class CreateCMSSignatureCommandImpl extends CreateCMSSignatureRequestType request = getRequestValue(); - // DataObject, SigningCertificate, SigningTime try { + if (request.isPAdESCompatibility()) + { + //PAdES Compatibility Request + signature = new Signature(request.getDataObject(), request.getStructure(), + signingCertificate, commandContext.getURLDereferencer(), + configurationFacade.getUseStrongHash()); + + } + else + { + // DataObject, SigningCertificate, SigningTime + Date signingTime = request.isPAdESCompatibility() ? null : new Date(); signature = new Signature(request.getDataObject(), request.getStructure(), signingCertificate, signingTime, commandContext.getURLDereferencer(), configurationFacade.getUseStrongHash()); + } } catch (SLCommandException e) { log.error("Error creating CMS Signature.", e); throw e; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java index fc42dcb4..9c89906e 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java @@ -114,8 +114,28 @@ public class Signature { createSignerInfo(signingCertificate); setSignerCertificate(signingCertificate); this.mimeType = dataObject.getMetaInfo().getMimeType(); + setAttributes(this.mimeType, signingCertificate, signingTime); } + + public Signature(CMSDataObjectRequiredMetaType dataObject, String structure, + X509Certificate signingCertificate, URLDereferencer urlDereferencer, + boolean useStrongHash) + throws NoSuchAlgorithmException, CertificateEncodingException, + CertificateException, X509ExtensionException, InvalidParameterException, + CodingException, SLCommandException, IOException { + byte[] dataToBeSigned = getContent(dataObject, urlDereferencer); + int mode = structure.equalsIgnoreCase("enveloping") ? SignedData.IMPLICIT : SignedData.EXPLICIT; + this.signedData = new SignedData(dataToBeSigned, mode); + setAlgorithmIDs(signingCertificate, useStrongHash); + createSignerInfo(signingCertificate); + setSignerCertificate(signingCertificate); + + + setAttributes(signingCertificate); + } + + private void createSignerInfo(X509Certificate signingCertificate) throws CertificateEncodingException, CertificateException { iaik.x509.X509Certificate sigcert = @@ -142,6 +162,16 @@ public class Signature { Attribute[] attributeArray = attributes.toArray(new Attribute[attributes.size()]); signerInfo.setSignedAttributes(attributeArray); } + + private void setAttributes(X509Certificate signingCertificate) throws CertificateException, NoSuchAlgorithmException, CodingException { + List<Attribute> attributes = new ArrayList<Attribute>(); + setContentTypeAttrib(attributes); + setSigningCertificateAttrib(attributes, signingCertificate); + Attribute[] attributeArray = attributes.toArray(new Attribute[attributes.size()]); + signerInfo.setSignedAttributes(attributeArray); + } + + private void setMimeTypeAttrib(List<Attribute> attributes, String mimeType) { String oidStr = ID_AA_ETS_MIMETYPE; |