aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java')
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java61
1 files changed, 53 insertions, 8 deletions
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
index 66daf57..0b39a5b 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
@@ -570,7 +570,7 @@ public class SignatureObject implements Serializable
{
setSigValue(SignatureTypes.SIG_ISSUER, cert.getIssuerName());
setSigValue(SIG_CER, cert.getCertString());
- setSigValue(SIG_CER_DIG, cert.getCertDigest());
+ // setSigValue(SIG_CER_DIG, cert.getCertDigest());
x509Cert_ = cert;
}
issuer = getSigValue(SignatureTypes.SIG_ISSUER);
@@ -670,13 +670,13 @@ public class SignatureObject implements Serializable
{
setSigValue(SignatureTypes.SIG_ISSUER, cert.getIssuerName());
setSigValue(SIG_CER, cert.getCertString());
- setSigValue(SIG_CER_DIG, cert.getCertDigest());
+ // setSigValue(SIG_CER_DIG, cert.getCertDigest());
x509Cert_ = cert;
}
}
/**
- * @return the current X509CertificateDigest value.
+ * @return the current X509CertificateDigest value (as SHA1 digest).
*/
public String getX509CertificateDigest()
{
@@ -684,7 +684,10 @@ public class SignatureObject implements Serializable
if (dig == null)
{
loadCurrentCert();
- dig = getSigValue(SIG_CER_DIG);
+ byte[] cert_b64 = CodingHelper.decodeBase64(x509Cert_.getCertString());
+ byte[] cert_hash = CodingHelper.buildDigest(cert_b64, "SHA");
+ dig = new String(CodingHelper.encodeBase64(cert_hash));
+ setSigValue(SIG_CER_DIG, dig);
}
return dig;
}
@@ -710,7 +713,7 @@ public class SignatureObject implements Serializable
public void setX509Certificate(String x509Certificate)
{
setSigValue(SIG_CER, x509Certificate);
- storeCertificate(getSignationSerialNumber(), getSignationIssuer(), x509Certificate, getX509CertificateDigest());
+ storeCertificate(getSignationSerialNumber(), getSignationIssuer(), x509Certificate);
}
public void setX509Certificate(X509Certificate cert)
@@ -722,7 +725,7 @@ public class SignatureObject implements Serializable
// setX509Certificate(certStr);
X509Cert knowcenterCert = X509Cert.initByX509Certificate(cert);
setSigValue(SIG_CER, knowcenterCert.getCertString());
- storeCertificate(cert.getSerialNumber().toString(), knowcenterCert.getIssuerName(), knowcenterCert.getCertString(), knowcenterCert.getCertDigest());
+ storeCertificate(cert.getSerialNumber().toString(), knowcenterCert.getIssuerName(), knowcenterCert.getCertString());
}
catch (CertificateEncodingException e)
{
@@ -1339,9 +1342,51 @@ public class SignatureObject implements Serializable
* @param x509Digest
* the digest value of the given x509Certificate
* @return true the certificate is stored completely, false otherwise
+ * @deprecated Use {@link #storeCertificate(String, String, String)} instead.
*/
private boolean storeCertificate(String serialNumber, String issuer,
- String x509Certificate, String x509Digest)
+ String x509Certificate, String x509Digest)
+ {
+ return storeCertificate(serialNumber, issuer, x509Certificate);
+ }
+
+ /**
+ * This method stores a X509v3 certificate to the filesystem. The reference to
+ * the stored certificate is build by the serialNumber and the issuer string.
+ * The issuer string is normalized because if getting this value from a pdf
+ * extraction it can be splited into more sections or necessary spaces are
+ * removed. The real issuer value is stored in the certificates meta file. The
+ * certficate is devided into two files: certificate.der (the binary value)
+ * and the meta information used in SignatureObjects as well in
+ * SignatureImages of a signed pdf-document. The storing path of the
+ * certificate is build by:
+ * <ol>
+ * <li>normalize the issuer string</li>
+ * <li>reduce all white spaces in the normalized issuer string</li>
+ * <li>build a hash value of this reduced string</li>
+ * <li>code this hash value as base64 value</li>
+ * <li>add the base64 normalized issuer hash value to the certificate base
+ * store path</li>
+ * <li>add the serialNumber to the cert path</li>
+ * <li>add the <code>.der</code> extension to get the certificate binary</li>
+ * <li>add the <code>.txt</code> extension to get the meta information of
+ * the certificate</li>
+ * </ol>
+ *
+ * The certificate meta file is build by the base64 coded issuer string and
+ * the cert digest value devided by the <code>@</code> char.
+ *
+ * @param serialNumber
+ * the file name of the certificate .der|.txt
+ * @param issuer
+ * the issuer string for the file path value of the certificate and
+ * for metainformation
+ * @param x509Certificate
+ * the x509v3 binary string
+ * @return true the certificate is stored completely, false otherwise
+ */
+ private boolean storeCertificate(String serialNumber, String issuer,
+ String x509Certificate)
{
boolean store_complete = false;
if (issuer != null && serialNumber != null)
@@ -1377,7 +1422,7 @@ public class SignatureObject implements Serializable
}
return store_complete;
}
-
+
/**
* @return Returns the AbstractTable.
* @see at.knowcenter.wag.egov.egiz.table.Table
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 14:59:10 +0000