aboutsummaryrefslogtreecommitdiff
path: root/signature-standards
diff options
context:
space:
mode:
Diffstat (limited to 'signature-standards')
-rw-r--r--signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSignerKeystore.java341
1 files changed, 170 insertions, 171 deletions
diff --git a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSignerKeystore.java b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSignerKeystore.java
index 6845adf2..4914833e 100644
--- a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSignerKeystore.java
+++ b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSignerKeystore.java
@@ -23,23 +23,6 @@
******************************************************************************/
package at.gv.egiz.pdfas.sigs.pades;
-import at.gv.egiz.pdfas.lib.api.IConfigurationConstants;
-import iaik.asn1.ASN1Object;
-import iaik.asn1.CodingException;
-import iaik.asn1.ObjectID;
-import iaik.asn1.SEQUENCE;
-import iaik.asn1.UTF8String;
-import iaik.asn1.structures.AlgorithmID;
-import iaik.asn1.structures.Attribute;
-import iaik.asn1.structures.ChoiceOfTime;
-import iaik.cms.ContentInfo;
-import iaik.cms.IssuerAndSerialNumber;
-import iaik.cms.SignedData;
-import iaik.cms.SignerInfo;
-import iaik.smime.ess.ESSCertID;
-import iaik.smime.ess.ESSCertIDv2;
-import iaik.x509.X509Certificate;
-
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
@@ -63,6 +46,7 @@ import at.gv.egiz.pdfas.common.exceptions.ErrorConstants;
import at.gv.egiz.pdfas.common.exceptions.PDFASError;
import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
import at.gv.egiz.pdfas.common.exceptions.PdfAsSignatureException;
+import at.gv.egiz.pdfas.lib.api.IConfigurationConstants;
import at.gv.egiz.pdfas.lib.api.PdfAsFactory;
import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner;
import at.gv.egiz.pdfas.lib.api.sign.SignParameter;
@@ -70,6 +54,21 @@ import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
import at.gv.egiz.pdfas.lib.impl.status.RequestedSignature;
import at.gv.egiz.pdfas.lib.util.CertificateUtils;
import at.gv.egiz.pdfas.lib.util.SignatureUtils;
+import iaik.asn1.ASN1Object;
+import iaik.asn1.CodingException;
+import iaik.asn1.ObjectID;
+import iaik.asn1.SEQUENCE;
+import iaik.asn1.UTF8String;
+import iaik.asn1.structures.AlgorithmID;
+import iaik.asn1.structures.Attribute;
+import iaik.asn1.structures.ChoiceOfTime;
+import iaik.cms.ContentInfo;
+import iaik.cms.IssuerAndSerialNumber;
+import iaik.cms.SignedData;
+import iaik.cms.SignerInfo;
+import iaik.smime.ess.ESSCertID;
+import iaik.smime.ess.ESSCertIDv2;
+import iaik.x509.X509Certificate;
public class PAdESSignerKeystore implements IPlainSigner, PAdESConstants {
@@ -83,85 +82,6 @@ public class PAdESSignerKeystore implements IPlainSigner, PAdESConstants {
PrivateKey privKey;
X509Certificate cert;
- private void readKeyStore(KeyStore ks, String alias, String keypassword) throws Throwable {
- if (keypassword == null) {
- throw new PdfAsException("error.pdf.sig.16");
- }
- PasswordProtection pwdProt = new PasswordProtection(
- keypassword.toCharArray());
-
- logger.info("Opening Alias: [" + alias + "]");
-
- Entry entry = ks.getEntry(alias, pwdProt);
-
- if (!(entry instanceof PrivateKeyEntry)) {
- throw new PdfAsException("error.pdf.sig.18");
- }
-
- PrivateKeyEntry privateEntry = (PrivateKeyEntry) entry;
-
- privKey = privateEntry.getPrivateKey();
-
- if (privKey == null) {
- throw new PdfAsException("error.pdf.sig.13");
- }
-
- Certificate c = privateEntry.getCertificate();
-
- if (c == null) {
- if (privateEntry.getCertificateChain() != null) {
- if (privateEntry.getCertificateChain().length > 0) {
- c = privateEntry.getCertificateChain()[0];
- }
- }
- }
-
- if (c == null) {
- throw new PdfAsException("error.pdf.sig.17");
- }
-
- cert = new X509Certificate(c.getEncoded());
- }
-
- private KeyStore buildKeyStoreFromFile(String file, String kspassword,
- String type, String provider) throws Throwable {
- String viusalProvider = (provider == null ? "IAIK" : provider);
- logger.trace("Opening Keystore: " + file + " with [" + viusalProvider
- + "]");
-
- KeyStore ks = null;
- if (provider == null) {
- ks = KeyStore.getInstance(type);
- } else {
- ks = KeyStore.getInstance(type, provider);
- }
-
- if (ks == null) {
- throw new PdfAsException("error.pdf.sig.14");
- }
- if (kspassword == null) {
- throw new PdfAsException("error.pdf.sig.15");
- }
- FileInputStream is = null;
- try {
- is = new FileInputStream(file);
- ks.load(is, kspassword.toCharArray());
- } finally {
- if (is != null) {
- is.close();
- }
- }
- return ks;
- }
-
- private void loadKeystore(String file, String alias, String kspassword,
- String keypassword, String type, String provider) throws Throwable {
-
- KeyStore ks = buildKeyStoreFromFile(file, kspassword, type, provider);
-
- readKeyStore(ks, alias, keypassword);
- }
-
public PAdESSignerKeystore(KeyStore ks, String alias,
String keypassword) throws PDFASError {
try {
@@ -221,6 +141,160 @@ public class PAdESSignerKeystore implements IPlainSigner, PAdESConstants {
return cert;
}
+ public byte[] sign(byte[] input, int[] byteRange, SignParameter parameter,
+ RequestedSignature requestedSignature) throws PdfAsException {
+ try {
+ logger.info("Creating PAdES signature.");
+
+ requestedSignature.getStatus().getMetaInformations()
+ .put(ErrorConstants.STATUS_INFO_SIGDEVICE, SIGNATURE_DEVICE);
+ requestedSignature.getStatus().getMetaInformations()
+ .put(ErrorConstants.STATUS_INFO_SIGDEVICEVERSION, PdfAsFactory.getVersion());
+
+ IssuerAndSerialNumber issuer = new IssuerAndSerialNumber(cert);
+
+ AlgorithmID[] algorithms = CertificateUtils.getAlgorithmIDs(cert);
+
+ SignerInfo signer1 = new SignerInfo(issuer, algorithms[1],
+ algorithms[0], privKey);
+
+ SignedData si = new SignedData(input, SignedData.EXPLICIT);
+ si.addCertificates(new Certificate[] { cert });
+
+
+ //Check PAdES Flag
+ if (parameter.getConfiguration().hasValue(IConfigurationConstants.SIG_PADES_FORCE_FLAG))
+ {
+ if (IConfigurationConstants.TRUE.equalsIgnoreCase(parameter.getConfiguration().getValue(IConfigurationConstants.SIG_PADES_FORCE_FLAG)))
+ {
+ setAttributes(cert, signer1);
+ }
+ else
+ {
+ setAttributes("application/pdf", cert, new Date(), signer1);
+ }
+ }
+ else
+ {
+ setAttributes("application/pdf", cert, new Date(), signer1);
+ }
+
+ si.addSignerInfo(signer1);
+ InputStream dataIs = si.getInputStream();
+ byte[] buf = new byte[1024];
+ @SuppressWarnings("unused")
+ int r;
+ while ((r = dataIs.read(buf)) > 0)
+ ; // skip data
+ ContentInfo ci = new ContentInfo(si);
+ byte[] signature = ci.getEncoded();
+
+ VerifyResult verifyResult = SignatureUtils.verifySignature(
+ signature, input);
+
+ return signature;
+ } catch (NoSuchAlgorithmException e) {
+ throw new PdfAsSignatureException("error.pdf.sig.01", e);
+ } catch (iaik.cms.CMSException e) {
+ throw new PdfAsSignatureException("error.pdf.sig.01", e);
+ } catch (IOException e) {
+ throw new PdfAsSignatureException("error.pdf.sig.01", e);
+ } catch (CertificateException e) {
+ throw new PdfAsSignatureException("error.pdf.sig.01", e);
+ } catch (CodingException e) {
+ throw new PdfAsSignatureException("error.pdf.sig.01", e);
+ } catch (PDFASError e) {
+ throw new PdfAsSignatureException("error.pdf.sig.01", e);
+ }
+ }
+
+ public String getPDFSubFilter() {
+ return SUBFILTER_ETSI_CADES_DETACHED;
+ }
+
+ public String getPDFFilter() {
+ return FILTER_ADOBE_PPKLITE;
+ }
+
+ private void readKeyStore(KeyStore ks, String alias, String keypassword) throws Throwable {
+ if (keypassword == null) {
+ throw new PdfAsException("error.pdf.sig.16");
+ }
+ PasswordProtection pwdProt = new PasswordProtection(
+ keypassword.toCharArray());
+
+ logger.info("Opening Alias: [" + alias + "]");
+
+ Entry entry = ks.getEntry(alias, pwdProt);
+
+ if (!(entry instanceof PrivateKeyEntry)) {
+ throw new PdfAsException("error.pdf.sig.18");
+ }
+
+ PrivateKeyEntry privateEntry = (PrivateKeyEntry) entry;
+
+ privKey = privateEntry.getPrivateKey();
+
+ if (privKey == null) {
+ throw new PdfAsException("error.pdf.sig.13");
+ }
+
+ Certificate c = privateEntry.getCertificate();
+
+ if (c == null) {
+ if (privateEntry.getCertificateChain() != null) {
+ if (privateEntry.getCertificateChain().length > 0) {
+ c = privateEntry.getCertificateChain()[0];
+ }
+ }
+ }
+
+ if (c == null) {
+ throw new PdfAsException("error.pdf.sig.17");
+ }
+
+ cert = new X509Certificate(c.getEncoded());
+ }
+
+ private KeyStore buildKeyStoreFromFile(String file, String kspassword,
+ String type, String provider) throws Throwable {
+ String viusalProvider = (provider == null ? "IAIK" : provider);
+ logger.trace("Opening Keystore: " + file + " with [" + viusalProvider
+ + "]");
+
+ KeyStore ks = null;
+ if (provider == null) {
+ ks = KeyStore.getInstance(type);
+ } else {
+ ks = KeyStore.getInstance(type, provider);
+ }
+
+ if (ks == null) {
+ throw new PdfAsException("error.pdf.sig.14");
+ }
+ if (kspassword == null) {
+ throw new PdfAsException("error.pdf.sig.15");
+ }
+ FileInputStream is = null;
+ try {
+ is = new FileInputStream(file);
+ ks.load(is, kspassword.toCharArray());
+ } finally {
+ if (is != null) {
+ is.close();
+ }
+ }
+ return ks;
+ }
+
+ private void loadKeystore(String file, String alias, String kspassword,
+ String keypassword, String type, String provider) throws Throwable {
+
+ KeyStore ks = buildKeyStoreFromFile(file, kspassword, type, provider);
+
+ readKeyStore(ks, alias, keypassword);
+ }
+
private void setMimeTypeAttrib(List<Attribute> attributes, String mimeType) {
String oidStr = "0.4.0.1733.2.1";
String name = "mime-type";
@@ -292,79 +366,4 @@ public class PAdESSignerKeystore implements IPlainSigner, PAdESConstants {
signerInfo.setSignedAttributes(attributeArray);
}
- public byte[] sign(byte[] input, int[] byteRange, SignParameter parameter,
- RequestedSignature requestedSignature) throws PdfAsException {
- try {
- logger.info("Creating PAdES signature.");
-
- requestedSignature.getStatus().getMetaInformations()
- .put(ErrorConstants.STATUS_INFO_SIGDEVICE, SIGNATURE_DEVICE);
- requestedSignature.getStatus().getMetaInformations()
- .put(ErrorConstants.STATUS_INFO_SIGDEVICEVERSION, PdfAsFactory.getVersion());
-
- IssuerAndSerialNumber issuer = new IssuerAndSerialNumber(cert);
-
- AlgorithmID[] algorithms = CertificateUtils.getAlgorithmIDs(cert);
-
- SignerInfo signer1 = new SignerInfo(issuer, algorithms[1],
- algorithms[0], privKey);
-
- SignedData si = new SignedData(input, SignedData.EXPLICIT);
- si.addCertificates(new Certificate[] { cert });
-
-
- //Check PAdES Flag
- if (parameter.getConfiguration().hasValue(IConfigurationConstants.SIG_PADES_FORCE_FLAG))
- {
- if (IConfigurationConstants.TRUE.equalsIgnoreCase(parameter.getConfiguration().getValue(IConfigurationConstants.SIG_PADES_FORCE_FLAG)))
- {
- setAttributes(cert, signer1);
- }
- else
- {
- setAttributes("application/pdf", cert, new Date(), signer1);
- }
- }
- else
- {
- setAttributes("application/pdf", cert, new Date(), signer1);
- }
-
- si.addSignerInfo(signer1);
- InputStream dataIs = si.getInputStream();
- byte[] buf = new byte[1024];
- @SuppressWarnings("unused")
- int r;
- while ((r = dataIs.read(buf)) > 0)
- ; // skip data
- ContentInfo ci = new ContentInfo(si);
- byte[] signature = ci.getEncoded();
-
- VerifyResult verifyResult = SignatureUtils.verifySignature(
- signature, input);
-
- return signature;
- } catch (NoSuchAlgorithmException e) {
- throw new PdfAsSignatureException("error.pdf.sig.01", e);
- } catch (iaik.cms.CMSException e) {
- throw new PdfAsSignatureException("error.pdf.sig.01", e);
- } catch (IOException e) {
- throw new PdfAsSignatureException("error.pdf.sig.01", e);
- } catch (CertificateException e) {
- throw new PdfAsSignatureException("error.pdf.sig.01", e);
- } catch (CodingException e) {
- throw new PdfAsSignatureException("error.pdf.sig.01", e);
- } catch (PDFASError e) {
- throw new PdfAsSignatureException("error.pdf.sig.01", e);
- }
- }
-
- public String getPDFSubFilter() {
- return SUBFILTER_ETSI_CADES_DETACHED;
- }
-
- public String getPDFFilter() {
- return FILTER_ADOBE_PPKLITE;
- }
-
}