diff options
author | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2013-12-12 12:17:05 +0100 |
---|---|---|
committer | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2013-12-12 12:17:05 +0100 |
commit | 9bc71794a49d89e1ff6adab76f5f473b94b3d348 (patch) | |
tree | 40415f1157045b794569710a68293d1f437909eb /pdf-as-lib | |
parent | 1761001e82a4abcfc90d6ee93c4e867c66bedd34 (diff) | |
download | pdf-as-4-9bc71794a49d89e1ff6adab76f5f473b94b3d348.tar.gz pdf-as-4-9bc71794a49d89e1ff6adab76f5f473b94b3d348.tar.bz2 pdf-as-4-9bc71794a49d89e1ff6adab76f5f473b94b3d348.zip |
Creation of PAdES signatures with local keystore
Diffstat (limited to 'pdf-as-lib')
-rw-r--r-- | pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/CertificateUtils.java | 53 | ||||
-rw-r--r-- | pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/package-info.java | 8 |
2 files changed, 61 insertions, 0 deletions
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/CertificateUtils.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/CertificateUtils.java new file mode 100644 index 00000000..2f4fbe10 --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/CertificateUtils.java @@ -0,0 +1,53 @@ +package at.gv.egiz.pdfas.lib.util; + +import iaik.asn1.structures.AlgorithmID; +import iaik.x509.X509Certificate; +import java.security.NoSuchAlgorithmException; +import java.security.PublicKey; +import java.security.interfaces.ECPublicKey; +import java.security.spec.ECParameterSpec; + +public class CertificateUtils { + public static AlgorithmID[] getAlgorithmIDs(X509Certificate signingCertificate) + throws NoSuchAlgorithmException { + PublicKey publicKey = signingCertificate.getPublicKey(); + String algorithm = publicKey.getAlgorithm(); + AlgorithmID[] algorithms = new AlgorithmID[2]; + AlgorithmID signatureAlgorithm; + AlgorithmID digestAlgorithm; + + if ("DSA".equals(algorithm)) { + signatureAlgorithm = AlgorithmID.dsaWithSHA256; + digestAlgorithm = AlgorithmID.sha256; + } else if ("RSA".equals(algorithm)) { + signatureAlgorithm = AlgorithmID.sha256WithRSAEncryption; + digestAlgorithm = AlgorithmID.sha256; + } else if (("EC".equals(algorithm)) || ("ECDSA".equals(algorithm))) { + + int fieldSize = 0; + if (publicKey instanceof ECPublicKey) { + ECParameterSpec params = ((ECPublicKey) publicKey).getParams(); + fieldSize = params.getCurve().getField().getFieldSize(); + } + + if (fieldSize >= 512) { + signatureAlgorithm = AlgorithmID.ecdsa_With_SHA512; + digestAlgorithm = AlgorithmID.sha512; + } else if (fieldSize >= 256) { + signatureAlgorithm = AlgorithmID.ecdsa_With_SHA256; + digestAlgorithm = AlgorithmID.sha256; + } else { + signatureAlgorithm = AlgorithmID.ecdsa_With_SHA1; + digestAlgorithm = AlgorithmID.sha1; + } + } else { + throw new NoSuchAlgorithmException("Public key algorithm '" + + algorithm + "' not supported."); + } + + algorithms[0] = signatureAlgorithm; + algorithms[1] = digestAlgorithm; + + return algorithms; + } +} diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/package-info.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/package-info.java new file mode 100644 index 00000000..e635fb93 --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/package-info.java @@ -0,0 +1,8 @@ +/** + * + */ +/** + * @author afitzek + * + */ +package at.gv.egiz.pdfas.lib.util;
\ No newline at end of file |