From 567b6e8f386b9b85e77beec16302c7afe37d041b Mon Sep 17 00:00:00 2001 From: netconomy Date: Mon, 27 Aug 2007 08:07:48 +0000 Subject: bigfix "add cert when signing" git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@203 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java | 2 ++ .../pdfas/impl/signator/binary/BinarySignator_1_0_0.java | 15 +++++++++++++++ .../wag/egov/egiz/pdf/IncrementalUpdateInformation.java | 5 +++++ .../at/knowcenter/wag/egov/egiz/sig/SignatureObject.java | 16 ++++++++++++++++ .../egiz/sig/signatureobject/SignatureObjectHelper.java | 14 +++++++++++--- 5 files changed, 49 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java b/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java index dda4919..332974b 100644 --- a/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java +++ b/src/main/java/at/gv/egiz/pdfas/exceptions/ErrorCode.java @@ -34,6 +34,7 @@ public final class ErrorCode public static final int COULDNT_VERIFY = 310; + public static final int CERTIFICATE_NOT_FOUND = 313; public static final int NOT_SEMANTICALLY_EQUAL = 314; public static final int WEB_EXCEPTION = 330; @@ -44,6 +45,7 @@ public final class ErrorCode public static final int SESSION_EXPIRED = 600; public static final int PLACEHOLDER_EXCEPTION = 700; + } diff --git a/src/main/java/at/gv/egiz/pdfas/impl/signator/binary/BinarySignator_1_0_0.java b/src/main/java/at/gv/egiz/pdfas/impl/signator/binary/BinarySignator_1_0_0.java index 6c6ba29..b1f1cea 100644 --- a/src/main/java/at/gv/egiz/pdfas/impl/signator/binary/BinarySignator_1_0_0.java +++ b/src/main/java/at/gv/egiz/pdfas/impl/signator/binary/BinarySignator_1_0_0.java @@ -38,6 +38,7 @@ import at.knowcenter.wag.egov.egiz.PdfAS; import at.knowcenter.wag.egov.egiz.PdfASID; import at.knowcenter.wag.egov.egiz.exceptions.PDFDocumentException; import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; +import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; import at.knowcenter.wag.egov.egiz.framework.SignatorFactory; import at.knowcenter.wag.egov.egiz.pdf.BinarySignature; import at.knowcenter.wag.egov.egiz.pdf.IncrementalUpdateInformation; @@ -51,6 +52,7 @@ import at.knowcenter.wag.egov.egiz.sig.SignatureFieldDefinition; import at.knowcenter.wag.egov.egiz.sig.SignatureObject; import at.knowcenter.wag.egov.egiz.sig.SignatureTypes; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObjectHelper; +import at.knowcenter.wag.egov.egiz.sig.signatureobject.SignatureObjectHelper; import at.knowcenter.wag.exactparser.ByteArrayUtils; import com.lowagie.text.pdf.PdfPTable; @@ -128,6 +130,8 @@ public class BinarySignator_1_0_0 implements Signator } IncrementalUpdateInformation iui = IncrementalUpdateHelper.writeIncrementalUpdate(pdfDataSource, pdf_table, pi, variable_field_definitions, all_field_definitions); + + iui.signProfile = profile; String temp_string = iui.temp_ir_number + " " + iui.temp_ir_generation + " obj"; //$NON-NLS-1$//$NON-NLS-2$ byte[] temp_bytes = temp_string.getBytes("US-ASCII"); //$NON-NLS-1$ @@ -194,6 +198,17 @@ public class BinarySignator_1_0_0 implements Signator // PdfAS.prefixID(iui.signed_signature_object, PdfAS.BINARY_ID); fillReplacesWithValues(iui); + + // This is needed so that certificates are stored + try + { + iui.signed_signature_object.kz = getMyId().toString(); + SignatureObject so = SignatureObjectHelper.convertSignSignatureObjectToSignatureObject(iui.signed_signature_object, iui.signProfile); + } + catch (PresentableException e) + { + throw new SignatorException(e); + } BinarySignature.replaceCertificate(iui); BinarySignature.replacePlaceholders(iui); diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/IncrementalUpdateInformation.java b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/IncrementalUpdateInformation.java index fc446f9..f818f59 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/IncrementalUpdateInformation.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/IncrementalUpdateInformation.java @@ -167,5 +167,10 @@ public class IncrementalUpdateInformation implements Serializable * The table position. */ public TablePos pos; + + /** + * For signing: the profile. + */ + public String signProfile; } diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java index 52c986a..fc58bd1 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java @@ -26,6 +26,8 @@ import java.io.FileOutputStream; import java.io.IOException; import java.io.Serializable; import java.io.UnsupportedEncodingException; +import java.security.cert.CertificateEncodingException; +import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Hashtable; import java.util.Iterator; @@ -689,6 +691,20 @@ public class SignatureObject implements Serializable setSigValue(SIG_CER, x509Certificate); storeCertificate(getSignationSerialNumber(), getSignationIssuer(), x509Certificate, getX509CertificateDigest()); } + + public void setX509Certificate(X509Certificate cert) + { + try + { + byte [] der = cert.getEncoded(); + String certStr = CodingHelper.encodeBase64(der); + setX509Certificate(certStr); + } + catch (CertificateEncodingException e) + { + logger_.error(e); + } + } /** * return the 509v3 certificate of the given serialNumber and the given issuer diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/signatureobject/SignatureObjectHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/signatureobject/SignatureObjectHelper.java index 1eb432e..bb5dc86 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/signatureobject/SignatureObjectHelper.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/signatureobject/SignatureObjectHelper.java @@ -3,11 +3,12 @@ */ package at.knowcenter.wag.egov.egiz.sig.signatureobject; +import at.gv.egiz.pdfas.exceptions.ErrorCode; import at.knowcenter.wag.egov.egiz.PdfASID; -import at.knowcenter.wag.egov.egiz.exceptions.InvalidIDException; import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; import at.knowcenter.wag.egov.egiz.exceptions.SignatureTypesException; import at.knowcenter.wag.egov.egiz.sig.SignatureObject; +import at.knowcenter.wag.egov.egiz.sig.X509Cert; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject; /** @@ -31,17 +32,24 @@ public final class SignatureObjectHelper so.setSignationIDs(sso.getSigID()); so.setKZ(new PdfASID(sso.getSigKZ())); so.setSignationName(sso.getName()); + + so.setX509Certificate(sso.getX509Certificate()); return so; } - public static SignSignatureObject convertSignatureObjectToSignSignatureObject (SignatureObject so) throws InvalidIDException + public static SignSignatureObject convertSignatureObjectToSignSignatureObject (SignatureObject so) throws SignatureException { SignSignatureObject sso = new SignSignatureObject(); sso.date = so.getSignationDate(); sso.signatureValue = so.getSignationValue(); sso.issuer = so.getSignationIssuer(); - sso.x509Certificate = so.getX509Cert().getX509Certificate(); + X509Cert cert = so.getX509Cert(); + if (cert == null) + { + throw new SignatureException(ErrorCode.CERTIFICATE_NOT_FOUND, "so.getX509Cert returned null. No cert found."); + } + sso.x509Certificate = cert.getX509Certificate(); sso.id = so.getSignationIds(); sso.kz = so.getKZ() == null ? null : so.getKZ().toString(); -- cgit v1.2.3