aboutsummaryrefslogtreecommitdiff
path: root/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java
diff options
context:
space:
mode:
Diffstat (limited to 'pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java')
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java59
1 files changed, 54 insertions, 5 deletions
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java
index 8a7950a4..3a998816 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java
@@ -1,11 +1,19 @@
package at.gv.egiz.sl.util;
+import java.io.ByteArrayInputStream;
+import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.util.Iterator;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import iaik.cms.SignedData;
+import iaik.cms.SignerInfo;
import iaik.x509.X509Certificate;
import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner;
+import at.gv.egiz.pdfas.lib.impl.verify.VerifyResultImpl;
import at.gv.egiz.sl.CreateCMSSignatureRequestType;
import at.gv.egiz.sl.CreateCMSSignatureResponseType;
import at.gv.egiz.sl.InfoboxAssocArrayPairType;
@@ -14,12 +22,15 @@ import at.gv.egiz.sl.InfoboxReadResponseType;
public class ISignatureConnectorSLWrapper implements ISignatureConnector {
+ private static final Logger logger = LoggerFactory
+ .getLogger(ISignatureConnectorSLWrapper.class);
+
private ISLConnector connector;
-
+
public ISignatureConnectorSLWrapper(ISLConnector connector) {
this.connector = connector;
}
-
+
public X509Certificate getCertificate() throws PdfAsException {
X509Certificate certificate = null;
try {
@@ -47,9 +58,47 @@ public class ISignatureConnectorSLWrapper implements ISignatureConnector {
}
public byte[] sign(byte[] input, int[] byteRange) throws PdfAsException {
- CreateCMSSignatureRequestType request = connector.createCMSRequest(input, byteRange);
- CreateCMSSignatureResponseType response = connector.sendCMSRequest(request);
-
+ CreateCMSSignatureRequestType request = connector.createCMSRequest(
+ input, byteRange);
+ CreateCMSSignatureResponseType response = connector
+ .sendCMSRequest(request);
+ try {
+ SignedData signedData = new SignedData(new ByteArrayInputStream(
+ response.getCMSSignature()));
+
+ signedData.setContent(input);
+
+ // get the signer infos
+ SignerInfo[] signerInfos = signedData.getSignerInfos();
+ // verify the signatures
+ for (int i = 0; i < signerInfos.length; i++) {
+ VerifyResultImpl verifyResult = new VerifyResultImpl();
+ try {
+
+ // verify the signature for SignerInfo at index i
+ X509Certificate signer_cert = signedData.verify(i);
+ // if the signature is OK the certificate of the
+ // signer is returned
+ logger.info("Signature OK from signer: "
+ + signer_cert.getSubjectDN());
+ verifyResult.setSignerCertificate(signer_cert);
+ } catch (SignatureException ex) {
+ // if the signature is not OK a SignatureException
+ // is thrown
+ logger.info("Signature ERROR from signer: "
+ + signedData.getCertificate(
+ signerInfos[i].getSignerIdentifier())
+ .getSubjectDN());
+
+ verifyResult.setSignerCertificate(signedData
+ .getCertificate(signerInfos[i]
+ .getSignerIdentifier()));
+ }
+ }
+ } catch (Exception e) {
+ logger.error("ERROR", e);
+ }
+
return response.getCMSSignature();
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 07:35:42 +0000