summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbschnalzer <bianca.schnalzer@egiz.gv.at>2017-08-28 17:09:20 +0200
committerbschnalzer <bianca.schnalzer@egiz.gv.at>2017-08-28 17:09:20 +0200
commit5e23c5a189308c2e8fcf191643f81e625fc82e6d (patch)
tree350354c044fb636526a68e82e3b1afcad405b23a
parentfec942b852f03167f411f0fe24306c8dcfd5042b (diff)
downloadmocca-5e23c5a189308c2e8fcf191643f81e625fc82e6d.tar.gz
mocca-5e23c5a189308c2e8fcf191643f81e625fc82e6d.tar.bz2
mocca-5e23c5a189308c2e8fcf191643f81e625fc82e6d.zip
Added DigiCertServer-CA, Signature mime-type/signing time PAdES
-rw-r--r--BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/certStore/toBeAdded/DigiCertSHA2SecureServerCA.cerbin0 -> 1176 bytes
-rw-r--r--BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/trustStore/DigiCertSHA2SecureServerCA.cerbin0 -> 1176 bytes
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java14
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java30
4 files changed, 43 insertions, 1 deletions
diff --git a/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/certStore/toBeAdded/DigiCertSHA2SecureServerCA.cer b/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/certStore/toBeAdded/DigiCertSHA2SecureServerCA.cer
new file mode 100644
index 00000000..24d1795f
--- /dev/null
+++ b/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/certStore/toBeAdded/DigiCertSHA2SecureServerCA.cer
Binary files differ
diff --git a/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/trustStore/DigiCertSHA2SecureServerCA.cer b/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/trustStore/DigiCertSHA2SecureServerCA.cer
new file mode 100644
index 00000000..24d1795f
--- /dev/null
+++ b/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/trustStore/DigiCertSHA2SecureServerCA.cer
Binary files differ
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java
index cbf0443f..eaf3e70a 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java
@@ -109,12 +109,24 @@ public class CreateCMSSignatureCommandImpl extends
CreateCMSSignatureRequestType request = getRequestValue();
- // DataObject, SigningCertificate, SigningTime
try {
+ if (request.isPAdESCompatibility())
+ {
+ //PAdES Compatibility Request
+ signature = new Signature(request.getDataObject(), request.getStructure(),
+ signingCertificate, commandContext.getURLDereferencer(),
+ configurationFacade.getUseStrongHash());
+
+ }
+ else
+ {
+ // DataObject, SigningCertificate, SigningTime
+
Date signingTime = request.isPAdESCompatibility() ? null : new Date();
signature = new Signature(request.getDataObject(), request.getStructure(),
signingCertificate, signingTime, commandContext.getURLDereferencer(),
configurationFacade.getUseStrongHash());
+ }
} catch (SLCommandException e) {
log.error("Error creating CMS Signature.", e);
throw e;
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java
index fc42dcb4..9c89906e 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java
@@ -114,8 +114,28 @@ public class Signature {
createSignerInfo(signingCertificate);
setSignerCertificate(signingCertificate);
this.mimeType = dataObject.getMetaInfo().getMimeType();
+
setAttributes(this.mimeType, signingCertificate, signingTime);
}
+
+ public Signature(CMSDataObjectRequiredMetaType dataObject, String structure,
+ X509Certificate signingCertificate, URLDereferencer urlDereferencer,
+ boolean useStrongHash)
+ throws NoSuchAlgorithmException, CertificateEncodingException,
+ CertificateException, X509ExtensionException, InvalidParameterException,
+ CodingException, SLCommandException, IOException {
+ byte[] dataToBeSigned = getContent(dataObject, urlDereferencer);
+ int mode = structure.equalsIgnoreCase("enveloping") ? SignedData.IMPLICIT : SignedData.EXPLICIT;
+ this.signedData = new SignedData(dataToBeSigned, mode);
+ setAlgorithmIDs(signingCertificate, useStrongHash);
+ createSignerInfo(signingCertificate);
+ setSignerCertificate(signingCertificate);
+
+
+ setAttributes(signingCertificate);
+ }
+
+
private void createSignerInfo(X509Certificate signingCertificate) throws CertificateEncodingException, CertificateException {
iaik.x509.X509Certificate sigcert =
@@ -142,6 +162,16 @@ public class Signature {
Attribute[] attributeArray = attributes.toArray(new Attribute[attributes.size()]);
signerInfo.setSignedAttributes(attributeArray);
}
+
+ private void setAttributes(X509Certificate signingCertificate) throws CertificateException, NoSuchAlgorithmException, CodingException {
+ List<Attribute> attributes = new ArrayList<Attribute>();
+ setContentTypeAttrib(attributes);
+ setSigningCertificateAttrib(attributes, signingCertificate);
+ Attribute[] attributeArray = attributes.toArray(new Attribute[attributes.size()]);
+ signerInfo.setSignedAttributes(attributeArray);
+ }
+
+
private void setMimeTypeAttrib(List<Attribute> attributes, String mimeType) {
String oidStr = ID_AA_ETS_MIMETYPE;