From 5e23c5a189308c2e8fcf191643f81e625fc82e6d Mon Sep 17 00:00:00 2001
From: bschnalzer <bianca.schnalzer@egiz.gv.at>
Date: Mon, 28 Aug 2017 17:09:20 +0200
Subject: Added DigiCertServer-CA, Signature mime-type/signing time PAdES

---
 .../toBeAdded/DigiCertSHA2SecureServerCA.cer       | Bin 0 -> 1176 bytes
 .../trustStore/DigiCertSHA2SecureServerCA.cer      | Bin 0 -> 1176 bytes
 .../impl/CreateCMSSignatureCommandImpl.java        |  14 +++++++++-
 .../gv/egiz/bku/slcommands/impl/cms/Signature.java |  30 +++++++++++++++++++++
 4 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/certStore/toBeAdded/DigiCertSHA2SecureServerCA.cer
 create mode 100644 BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/trustStore/DigiCertSHA2SecureServerCA.cer

diff --git a/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/certStore/toBeAdded/DigiCertSHA2SecureServerCA.cer b/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/certStore/toBeAdded/DigiCertSHA2SecureServerCA.cer
new file mode 100644
index 00000000..24d1795f
Binary files /dev/null and b/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/certStore/toBeAdded/DigiCertSHA2SecureServerCA.cer differ
diff --git a/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/trustStore/DigiCertSHA2SecureServerCA.cer b/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/trustStore/DigiCertSHA2SecureServerCA.cer
new file mode 100644
index 00000000..24d1795f
Binary files /dev/null and b/BKUCertificates/src/main/resources/at/gv/egiz/bku/certs/trustStore/DigiCertSHA2SecureServerCA.cer differ
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java
index cbf0443f..eaf3e70a 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java
@@ -109,12 +109,24 @@ public class CreateCMSSignatureCommandImpl extends
 
     CreateCMSSignatureRequestType request = getRequestValue();
 
-    // DataObject, SigningCertificate, SigningTime
     try {
+    if (request.isPAdESCompatibility())
+    {
+    	//PAdES Compatibility Request
+    	 signature = new Signature(request.getDataObject(), request.getStructure(),
+    	          signingCertificate, commandContext.getURLDereferencer(),
+    	          configurationFacade.getUseStrongHash());
+    	
+    }
+    else
+    {	
+    // DataObject, SigningCertificate, SigningTime
+  
       Date signingTime = request.isPAdESCompatibility() ? null : new Date();
       signature = new Signature(request.getDataObject(), request.getStructure(),
           signingCertificate, signingTime, commandContext.getURLDereferencer(),
           configurationFacade.getUseStrongHash());
+    } 
     } catch (SLCommandException e) {
       log.error("Error creating CMS Signature.", e);
       throw e;
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java
index fc42dcb4..9c89906e 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java
@@ -114,8 +114,28 @@ public class Signature {
     createSignerInfo(signingCertificate);
     setSignerCertificate(signingCertificate);
     this.mimeType = dataObject.getMetaInfo().getMimeType();
+    
     setAttributes(this.mimeType, signingCertificate, signingTime);
   }
+  
+  public Signature(CMSDataObjectRequiredMetaType dataObject, String structure,
+	      X509Certificate signingCertificate, URLDereferencer urlDereferencer,
+	      boolean useStrongHash)
+	          throws NoSuchAlgorithmException, CertificateEncodingException,
+	          CertificateException, X509ExtensionException, InvalidParameterException,
+	          CodingException, SLCommandException, IOException {
+	    byte[] dataToBeSigned = getContent(dataObject, urlDereferencer);
+	    int mode = structure.equalsIgnoreCase("enveloping") ? SignedData.IMPLICIT : SignedData.EXPLICIT;
+	    this.signedData = new SignedData(dataToBeSigned, mode);
+	    setAlgorithmIDs(signingCertificate, useStrongHash);
+	    createSignerInfo(signingCertificate);
+	    setSignerCertificate(signingCertificate);
+	 
+	    
+	    setAttributes(signingCertificate);
+	  }
+  
+  
 
   private void createSignerInfo(X509Certificate signingCertificate) throws CertificateEncodingException, CertificateException {
     iaik.x509.X509Certificate sigcert =
@@ -142,6 +162,16 @@ public class Signature {
     Attribute[] attributeArray = attributes.toArray(new Attribute[attributes.size()]);
     signerInfo.setSignedAttributes(attributeArray);
   }
+  
+  private void setAttributes(X509Certificate signingCertificate) throws CertificateException, NoSuchAlgorithmException, CodingException {
+	    List<Attribute> attributes = new ArrayList<Attribute>();
+	    setContentTypeAttrib(attributes);
+	    setSigningCertificateAttrib(attributes, signingCertificate);
+	    Attribute[] attributeArray = attributes.toArray(new Attribute[attributes.size()]);
+	    signerInfo.setSignedAttributes(attributeArray);
+	  }
+  
+
 
   private void setMimeTypeAttrib(List<Attribute> attributes, String mimeType) {
     String oidStr = ID_AA_ETS_MIMETYPE;
-- 
cgit v1.2.3