Changes for ecc library switch

author: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2013-12-11 12:05:53 +0100
committer: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2013-12-11 12:05:53 +0100
commit: ecaf5cdc0b09e9327e515ca875711967590623e6 (patch)
tree: f12c24a914a8badc7e70cff8b37e1260aa10c247 /signature-standards
parent: ce10d3fae02f1a358e498e84fd8fa19a84193403 (diff)
download: pdf-as-4-ecaf5cdc0b09e9327e515ca875711967590623e6.tar.gz
pdf-as-4-ecaf5cdc0b09e9327e515ca875711967590623e6.tar.bz2
pdf-as-4-ecaf5cdc0b09e9327e515ca875711967590623e6.zip
4 files changed, 6 insertions, 58 deletions
diff --git a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java
index 291d6898..6e79a1a0 100644
--- a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java
+++ b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java
@@ -1,6 +1,5 @@
 package at.gv.egiz.pdfas.sigs.pades;
 
-import iaik.security.ecc.provider.ECCProvider;
 import iaik.security.provider.IAIK;
 import iaik.x509.X509Certificate;
 
@@ -48,8 +47,6 @@ public class PAdESVerifier implements IVerifyFilter {
 	private String moaTrustProfile;
 
 	public PAdESVerifier() {
-		IAIK.getInstance();
-		ECCProvider.addAsProvider();
 	}
 
 	@SuppressWarnings("rawtypes")
diff --git a/signature-standards/sigs-pkcs7detached/build.gradle b/signature-standards/sigs-pkcs7detached/build.gradle
index d1ea063f..9159b3b1 100644
--- a/signature-standards/sigs-pkcs7detached/build.gradle
+++ b/signature-standards/sigs-pkcs7detached/build.gradle
@@ -16,8 +16,8 @@ dependencies {
 	compile project (':pdf-as-lib')
 	compile project (':pdf-as-common')
 	compile group: 'iaik', name: 'iaik_cms', version: '4.1'
-	compile group: 'eu.europa.ec.joinup.egovlabs.pdf-as.iaik', name: 'iaik_jce_eval_signed', version: '4.0'
-	compile group: 'eu.europa.ec.joinup.egovlabs.pdf-as.iaik', name: 'iaik_ecc_eval_signed', version: '2.19'
+	//compile group: 'eu.europa.ec.joinup.egovlabs.pdf-as.iaik', name: 'iaik_jce_eval_signed', version: '4.0'
+	//compile group: 'eu.europa.ec.joinup.egovlabs.pdf-as.iaik', name: 'iaik_ecc_eval_signed', version: '2.19'
     compile group: 'commons-collections', name: 'commons-collections', version: '3.2'
 	compile group: 'org.bouncycastle', name: 'bcprov-jdk16', version: '1.46'
 	compile group: 'org.bouncycastle', name: 'bcmail-jdk16', version: '1.46'
diff --git a/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java b/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java
index 83df6a59..2110209a 100644
--- a/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java
+++ b/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java
@@ -9,11 +9,6 @@ import iaik.cms.ContentInfo;
 import iaik.cms.IssuerAndSerialNumber;
 import iaik.cms.SignedData;
 import iaik.cms.SignerInfo;
-import iaik.cms.Utils;
-import iaik.pkcs.PKCSException;
-import iaik.pkcs.pkcs7.Data;
-import iaik.security.ecc.provider.ECCProvider;
-import iaik.security.provider.IAIK;
 import iaik.x509.X509Certificate;
 
 import java.io.FileInputStream;
@@ -21,7 +16,6 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.security.KeyStore;
-import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.security.cert.Certificate;
@@ -30,13 +24,11 @@ import java.util.Date;
 import org.apache.pdfbox.pdmodel.interactive.digitalsignature.PDSignature;
 import org.bouncycastle.cms.CMSException;
 import org.bouncycastle.cms.CMSProcessable;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
 import at.gv.egiz.pdfas.common.exceptions.PdfAsSignatureException;
-import at.gv.egiz.pdfas.common.utils.StringUtils;
 import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner;
 
 public class PKCS7DetachedSigner implements IPlainSigner {
@@ -50,8 +42,6 @@ public class PKCS7DetachedSigner implements IPlainSigner {
 	public PKCS7DetachedSigner(String file, String alias, String kspassword,
 			String keypassword, String type) throws PdfAsException {
 		try {
-			IAIK.addAsProvider();
-			ECCProvider.addAsProvider();
 			KeyStore ks = KeyStore.getInstance(type);
 			ks.load(new FileInputStream(file), kspassword.toCharArray());
 			privKey = (PrivateKey) ks.getKey(alias, keypassword.toCharArray());
@@ -88,49 +78,11 @@ public class PKCS7DetachedSigner implements IPlainSigner {
 		}
 	}
 
-	private static BouncyCastleProvider provider = new BouncyCastleProvider();
-
-	/*
-	 * public byte[] sign(byte[] input, int[] byteRange) throws PdfAsException {
-	 * CMSProcessableInputStream content = new CMSProcessableInputStream(new
-	 * ByteArrayInputStream(input)); CMSSignedDataGenerator gen = new
-	 * CMSSignedDataGenerator(); // CertificateChain List<X509Certificate>
-	 * certList = Arrays.asList(cert);
-	 * 
-	 * CertStore certStore = null; try { certStore =
-	 * CertStore.getInstance("Collection", new
-	 * CollectionCertStoreParameters(certList), provider);
-	 * gen.addSigner(privKey, (X509Certificate)certList.get(0),
-	 * CMSSignedGenerator.DIGEST_SHA256); gen.addCertificatesAndCRLs(certStore);
-	 * CMSSignedData signedData = gen.generate(content, false, provider); return
-	 * signedData.getEncoded(); } catch (Exception e) { // should be handled
-	 * e.printStackTrace(); } throw new
-	 * RuntimeException("Problem while preparing signature"); }
-	 */
-
 	public byte[] sign(byte[] input, int[] byteRange) throws PdfAsException {
 		try {
-			// SignedDataStream signed_data_stream = new SignedDataStream(
-			// new ByteArrayInputStream(input), SignedDataStream.EXPLICIT);
-			// ByteArrayOutputStream baos = new ByteArrayOutputStream();
-			// signed_data_stream.addCertificates(new Certificate[] { cert });
-			//
-			// SubjectKeyID subjectKeyId = new SubjectKeyID(cert);
-			// SignerInfo signer1 = new SignerInfo(subjectKeyId,
-			// AlgorithmID.sha256, privKey);
-			// signed_data_stream.addSignerInfo(signer1);
-			// InputStream data_is = signed_data_stream.getInputStream();
-			// if (signed_data_stream.getMode() == SignedDataStream.EXPLICIT) {
-			// byte[] buf = new byte[1024];
-			// int r;
-			// while ((r = data_is.read(buf)) > 0) {
-			// // do something useful
-			// }
-			// }
-			// SubjectKeyID subjectKeyId = new SubjectKeyID(cert);
 			IssuerAndSerialNumber issuer = new IssuerAndSerialNumber(cert);
 			SignerInfo signer1 = new SignerInfo(issuer, AlgorithmID.sha256, 
-					AlgorithmID.ecdsa_plain_With_SHA256, 
+					AlgorithmID.ecdsa_With_SHA256, 
 					privKey);
 
 			SignedData si = new SignedData(input, SignedData.EXPLICIT);
diff --git a/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java b/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java
index ed7ae01c..3d0aed42 100644
--- a/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java
+++ b/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java
@@ -5,8 +5,6 @@ import iaik.asn1.structures.AlgorithmID;
 import iaik.cms.ContentInfo;
 import iaik.cms.SignedData;
 import iaik.cms.SignerInfo;
-import iaik.security.ecc.provider.ECCProvider;
-import iaik.security.provider.IAIK;
 import iaik.x509.X509Certificate;
 
 import java.io.ByteArrayInputStream;
@@ -33,8 +31,6 @@ public class PKCS7DetachedVerifier implements IVerifyFilter {
 	private static final Logger logger = LoggerFactory.getLogger(PKCS7DetachedVerifier.class);
 	
 	public PKCS7DetachedVerifier() {
-		IAIK.addAsProvider();
-		ECCProvider.addAsProvider();
 	}
 	
 	public List<VerifyResult> verify(byte[] contentData, byte[] signatureContent)
@@ -69,6 +65,9 @@ public class PKCS7DetachedVerifier implements IVerifyFilter {
 				try {
 					// verify the signature for SignerInfo at index i
 					X509Certificate signer_cert = signedData.verify(i);
+					logger.info("Signature Algo: {}, Digest {}",  
+							signedData.getSignerInfos()[i].getSignatureAlgorithm(),
+							signedData.getSignerInfos()[i].getDigestAlgorithm());
 					// if the signature is OK the certificate of the
 					// signer is returned
 					logger.info("Signature OK from signer: "
author	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2013-12-11 12:05:53 +0100
committer	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2013-12-11 12:05:53 +0100
commit	ecaf5cdc0b09e9327e515ca875711967590623e6 (patch)
tree	f12c24a914a8badc7e70cff8b37e1260aa10c247 /signature-standards
parent	ce10d3fae02f1a358e498e84fd8fa19a84193403 (diff)
download	pdf-as-4-ecaf5cdc0b09e9327e515ca875711967590623e6.tar.gz pdf-as-4-ecaf5cdc0b09e9327e515ca875711967590623e6.tar.bz2 pdf-as-4-ecaf5cdc0b09e9327e515ca875711967590623e6.zip