diff options
| author | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2013-10-02 10:28:30 +0200 |
|---|---|---|
| committer | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2013-10-02 10:28:30 +0200 |
| commit | 0876981fd70fdab07f7c3e1666cf77071b5fe03d (patch) | |
| tree | 0661571d1d757383fee936d1c4648d2c31b43ddb /pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing | |
| parent | add4460d9619f3586a02ae0d8c028f01903494bc (diff) | |
| download | pdf-as-4-0876981fd70fdab07f7c3e1666cf77071b5fe03d.tar.gz pdf-as-4-0876981fd70fdab07f7c3e1666cf77071b5fe03d.tar.bz2 pdf-as-4-0876981fd70fdab07f7c3e1666cf77071b5fe03d.zip | |
+ added PKCS7 detached siganture standard via keystore
+ added simple verification implementation
Diffstat (limited to 'pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing')
| -rw-r--r-- | pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java | 8 | ||||
| -rw-r--r-- | pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/JKSSigner.java | 78 |
2 files changed, 5 insertions, 81 deletions
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java index 82ee57fe..7f16a87a 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java @@ -8,6 +8,7 @@ import java.io.FileOutputStream; import java.io.IOException; import java.util.Calendar; +import org.apache.pdfbox.cos.COSName; import org.apache.pdfbox.exceptions.COSVisitorException; import org.apache.pdfbox.exceptions.SignatureException; import org.apache.pdfbox.pdmodel.PDDocument; @@ -52,8 +53,8 @@ public class PADESPDFBOXSigner implements IPdfSigner { new ByteArrayInputStream(pdfObject.getStampedDocument())); PDSignature signature = new PDSignature(); - signature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE); // default filter - signature.setSubFilter(PDSignature.SUBFILTER_ETSI_CADES_DETACHED); + signature.setFilter(COSName.getPDFName(signer.getPDFFilter())); // default filter + signature.setSubFilter(COSName.getPDFName(signer.getPDFSubFilter())); SignatureProfileSettings signatureProfileSettings = TableFactory .createProfile(requestedSignature.getSignatureProfileID(), @@ -62,7 +63,8 @@ public class PADESPDFBOXSigner implements IPdfSigner { ValueResolver resolver = new ValueResolver(); String signerName = resolver.resolve("SIG_SUBJECT", signatureProfileSettings.getValue("SIG_SUBJECT"), signatureProfileSettings, requestedSignature); - // TODO: change signature data from certificate + + signature.setName(signerName); //signature.setLocation("signer location"); signature.setReason("PDF-AS Signatur"); diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/JKSSigner.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/JKSSigner.java deleted file mode 100644 index 85697436..00000000 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/JKSSigner.java +++ /dev/null @@ -1,78 +0,0 @@ -package at.gv.egiz.pdfas.lib.impl.signing.sig_interface; - -import iaik.asn1.structures.AlgorithmID; -import iaik.cms.SignedDataStream; -import iaik.cms.SignerInfo; -import iaik.cms.SubjectKeyID; -import iaik.security.ecc.provider.ECCProvider; -import iaik.security.provider.IAIK; -import iaik.x509.X509Certificate; -import iaik.x509.X509ExtensionException; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.KeyStore; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.cert.Certificate; - -import org.apache.pdfbox.exceptions.SignatureException; - -import at.gv.egiz.pdfas.common.exceptions.PdfAsException; -import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner; - -public class JKSSigner implements IPlainSigner { - - PrivateKey privKey; - X509Certificate cert; - - public JKSSigner(String file, String alias, String kspassword, - String keypassword, String type) throws PdfAsException { - try { - IAIK.getInstance(); - ECCProvider.addAsProvider(); - KeyStore ks = KeyStore.getInstance(type); - ks.load(new FileInputStream(file), kspassword.toCharArray()); - privKey = (PrivateKey) ks.getKey(alias, keypassword.toCharArray()); - cert = new X509Certificate(ks.getCertificate(alias).getEncoded()); - } catch (Throwable e) { - throw new PdfAsException("Failed to get KeyStore", e); - } - } - - public X509Certificate getCertificate() { - return cert; - } - - public byte[] sign(byte[] input) throws SignatureException, IOException { - try { - SignedDataStream signed_data_stream = new SignedDataStream( - new ByteArrayInputStream(input), SignedDataStream.EXPLICIT); - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - signed_data_stream.addCertificates(new Certificate[] { cert }); - - SubjectKeyID subjectKeyId = new SubjectKeyID(cert); - SignerInfo signer1 = new SignerInfo(subjectKeyId, - AlgorithmID.sha256, privKey); - signed_data_stream.addSignerInfo(signer1); - InputStream data_is = signed_data_stream.getInputStream(); - if (signed_data_stream.getMode() == SignedDataStream.EXPLICIT) { - byte[] buf = new byte[1024]; - int r; - while ((r = data_is.read(buf)) > 0) { - // do something useful - } - } - signed_data_stream.writeTo(baos); - return baos.toByteArray(); - } catch (NoSuchAlgorithmException e) { - throw new SignatureException(e); - } catch (X509ExtensionException e) { - throw new SignatureException(e); - } - } - -} |