aboutsummaryrefslogtreecommitdiff
path: root/pdf-as-lib
diff options
context:
space:
mode:
authorAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2013-12-12 12:17:05 +0100
committerAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2013-12-12 12:17:05 +0100
commit9bc71794a49d89e1ff6adab76f5f473b94b3d348 (patch)
tree40415f1157045b794569710a68293d1f437909eb /pdf-as-lib
parent1761001e82a4abcfc90d6ee93c4e867c66bedd34 (diff)
downloadpdf-as-4-9bc71794a49d89e1ff6adab76f5f473b94b3d348.tar.gz
pdf-as-4-9bc71794a49d89e1ff6adab76f5f473b94b3d348.tar.bz2
pdf-as-4-9bc71794a49d89e1ff6adab76f5f473b94b3d348.zip
Creation of PAdES signatures with local keystore
Diffstat (limited to 'pdf-as-lib')
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/CertificateUtils.java53
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/package-info.java8
2 files changed, 61 insertions, 0 deletions
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/CertificateUtils.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/CertificateUtils.java
new file mode 100644
index 00000000..2f4fbe10
--- /dev/null
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/CertificateUtils.java
@@ -0,0 +1,53 @@
+package at.gv.egiz.pdfas.lib.util;
+
+import iaik.asn1.structures.AlgorithmID;
+import iaik.x509.X509Certificate;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.interfaces.ECPublicKey;
+import java.security.spec.ECParameterSpec;
+
+public class CertificateUtils {
+ public static AlgorithmID[] getAlgorithmIDs(X509Certificate signingCertificate)
+ throws NoSuchAlgorithmException {
+ PublicKey publicKey = signingCertificate.getPublicKey();
+ String algorithm = publicKey.getAlgorithm();
+ AlgorithmID[] algorithms = new AlgorithmID[2];
+ AlgorithmID signatureAlgorithm;
+ AlgorithmID digestAlgorithm;
+
+ if ("DSA".equals(algorithm)) {
+ signatureAlgorithm = AlgorithmID.dsaWithSHA256;
+ digestAlgorithm = AlgorithmID.sha256;
+ } else if ("RSA".equals(algorithm)) {
+ signatureAlgorithm = AlgorithmID.sha256WithRSAEncryption;
+ digestAlgorithm = AlgorithmID.sha256;
+ } else if (("EC".equals(algorithm)) || ("ECDSA".equals(algorithm))) {
+
+ int fieldSize = 0;
+ if (publicKey instanceof ECPublicKey) {
+ ECParameterSpec params = ((ECPublicKey) publicKey).getParams();
+ fieldSize = params.getCurve().getField().getFieldSize();
+ }
+
+ if (fieldSize >= 512) {
+ signatureAlgorithm = AlgorithmID.ecdsa_With_SHA512;
+ digestAlgorithm = AlgorithmID.sha512;
+ } else if (fieldSize >= 256) {
+ signatureAlgorithm = AlgorithmID.ecdsa_With_SHA256;
+ digestAlgorithm = AlgorithmID.sha256;
+ } else {
+ signatureAlgorithm = AlgorithmID.ecdsa_With_SHA1;
+ digestAlgorithm = AlgorithmID.sha1;
+ }
+ } else {
+ throw new NoSuchAlgorithmException("Public key algorithm '"
+ + algorithm + "' not supported.");
+ }
+
+ algorithms[0] = signatureAlgorithm;
+ algorithms[1] = digestAlgorithm;
+
+ return algorithms;
+ }
+}
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/package-info.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/package-info.java
new file mode 100644
index 00000000..e635fb93
--- /dev/null
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/package-info.java
@@ -0,0 +1,8 @@
+/**
+ *
+ */
+/**
+ * @author afitzek
+ *
+ */
+package at.gv.egiz.pdfas.lib.util; \ No newline at end of file