From 4b8ac0fd970aacf8fe0638fa24f6aa626b89fa56 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 30 Aug 2023 08:07:16 +0200
Subject: style(core): just some code-style work

---
 .../java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java  |   7 +-
 .../at/gv/egiz/pdfas/lib/util/SignatureUtils.java  | 250 ++++++++-------
 .../at/gv/egiz/pdfas/web/helper/PdfAsHelper.java   |   3 +-
 .../egiz/pdfas/sigs/pades/PAdESSignerKeystore.java | 341 ++++++++++-----------
 4 files changed, 297 insertions(+), 304 deletions(-)

diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java
index 22c6c9a1..1235e4e7 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java
@@ -208,9 +208,10 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants,
 
       // Create signature
       try {
-        signer.signPDF(status.getPdfObject(), requestedSignature, signer
-            .buildSignaturInterface(status.getSignParamter()
-                .getPlainSigner(), parameter, requestedSignature));
+        signer.signPDF(status.getPdfObject(), requestedSignature, 
+            signer.buildSignaturInterface(status.getSignParamter().getPlainSigner(), 
+                parameter, requestedSignature));
+        
       } finally {
         if (parameter instanceof BKUHeaderHolder) {
           final BKUHeaderHolder holder = (BKUHeaderHolder) parameter;
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/SignatureUtils.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/SignatureUtils.java
index 6e584f32..6282d9c1 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/SignatureUtils.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/SignatureUtils.java
@@ -1,144 +1,138 @@
 package at.gv.egiz.pdfas.lib.util;
 
-import iaik.asn1.CodingException;
-import iaik.asn1.ObjectID;
-import iaik.asn1.structures.Attribute;
-import iaik.cms.CMSException;
-import iaik.cms.SignedData;
-import iaik.cms.SignerInfo;
-import iaik.smime.ess.ESSCertID;
-import iaik.smime.ess.ESSCertIDv2;
-import iaik.smime.ess.SigningCertificate;
-import iaik.smime.ess.SigningCertificateV2;
-import iaik.x509.X509Certificate;
-
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
-import java.security.NoSuchAlgorithmException;
 import java.security.SignatureException;
-import java.security.cert.CertificateException;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import at.gv.egiz.pdfas.common.exceptions.ErrorConstants;
 import at.gv.egiz.pdfas.common.exceptions.PDFASError;
-import at.gv.egiz.pdfas.common.exceptions.PdfAsSignatureException;
-import at.gv.egiz.pdfas.common.utils.StreamUtils;
 import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
 import at.gv.egiz.pdfas.lib.impl.verify.VerifyResultImpl;
+import iaik.asn1.ObjectID;
+import iaik.asn1.structures.Attribute;
+import iaik.cms.CMSException;
+import iaik.cms.SignedData;
+import iaik.cms.SignerInfo;
+import iaik.smime.ess.SigningCertificate;
+import iaik.smime.ess.SigningCertificateV2;
+import iaik.x509.X509Certificate;
 
 public class SignatureUtils implements ErrorConstants {
-
-	private static final Logger logger = LoggerFactory
-			.getLogger(SignatureUtils.class);
-
-	public static VerifyResult verifySignature(byte[] signature, byte[] input)
-			throws PDFASError {
-		// List<VerifyResult> results = new ArrayList<VerifyResult>();
-		try {
-			SignedData signedData = new SignedData(new ByteArrayInputStream(
-					signature));
-
-			signedData.setContent(input);
-
-			// get the signer infos
-			SignerInfo[] signerInfos = signedData.getSignerInfos();
-			if (signerInfos.length == 0) {
-				logger.warn("Invalid signature (no signer information)");
-				throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG);
-			}
-
-			if (signerInfos.length != 1) {
-				logger.warn("Invalid signature (multiple signer information)");
-				throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG);
-			}
-			// verify the signatures
-			// for (int i = 0; i < signerInfos.length; i++) {
-			VerifyResultImpl verifyResult = new VerifyResultImpl();
-			// results.add(verifyResult);
-			try {
-				logger.debug("Signature Algo: {}, Digest {}",
-						signedData.getSignerInfos()[0].getSignatureAlgorithm(),
-						signedData.getSignerInfos()[0].getDigestAlgorithm());
-				// verify the signature for SignerInfo at index i
-				X509Certificate signer_cert = signedData.verify(0);
-
-				// Must include Signing Certificate!
-				Attribute signedCertificate = signerInfos[0]
-						.getSignedAttribute(ObjectID.signingCertificate);
-
-				if (signedCertificate == null) {
-					signedCertificate = signerInfos[0]
-							.getSignedAttribute(ObjectID.signingCertificateV2);
-					if (signedCertificate == null) {
-						logger.warn("Signature ERROR missing signed Signing Certificate: ");
-
-						throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG);
-					} else {
-						// Validate signingCertificate2
-						try {
-							SigningCertificateV2 signingCert = (SigningCertificateV2)signedCertificate.getAttributeValue();
-							
-							if (signingCert.isSignerCertificate(signer_cert)) {
-								// OK
-								logger.debug("Found and verified SigningCertificateV2");
-							} else {
-								logger.error("Signature ERROR certificate missmatch, misbehaving Signature Backend?");
-
-								throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG);
-							}
-						} catch (Throwable e) {
-							logger.error("Signature ERROR wrong encoding for ESSCertIDv2, misbehaving Signature Backend?");
-
-							throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e);
-						} 
-					}
-				} else {
-					// Validate signingCertificate
-					try {
-						SigningCertificate signingCert = (SigningCertificate)signedCertificate.getAttributeValue();
-						if (signingCert.isSignerCertificate(signer_cert)) {
-							// OK
-							logger.debug("Found and verified SigningCertificate");
-						} else {
-							logger.warn("Signature ERROR certificate missmatch, misbehaving Signature Backend?");
-
-							throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG);
-						}
-					} catch (Throwable e) {
-						logger.error("Signature ERROR wrong encoding for ESSCertIDv2, misbehaving Signature Backend?");
-
-						throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e);
-					}
-				}
-
-				// if the signature is OK the certificate of the
-				// signer is returned
-				logger.debug("Signature OK");
-				verifyResult.setSignerCertificate(signer_cert);
-
-			} catch (SignatureException ex) {
-				// if the signature is not OK a SignatureException
-				// is thrown
-				logger.warn(
-						"Signature ERROR from signer: "
-								+ signedData.getCertificate(
-										signerInfos[0].getSignerIdentifier())
-										.getSubjectDN(), ex);
-
-				verifyResult.setSignerCertificate(signedData
-						.getCertificate(signerInfos[0].getSignerIdentifier()));
-				throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, ex);
-			}
-
-			return verifyResult;
-			// }
-		} catch (CMSException e) {
-			throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e);
-		} catch (IOException e) {
-			throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e);
-		}
-
-	}
+  private static final Logger logger = LoggerFactory.getLogger(SignatureUtils.class);
+
+  public static VerifyResult verifySignature(byte[] signature, byte[] input)
+      throws PDFASError {
+    // List<VerifyResult> results = new ArrayList<VerifyResult>();
+    try {
+      final SignedData signedData = new SignedData(new ByteArrayInputStream(signature));
+      signedData.setContent(input);
+
+      // get the signer infos
+      final SignerInfo[] signerInfos = signedData.getSignerInfos();
+      if (signerInfos.length == 0) {
+        logger.warn("Invalid signature (no signer information)");
+        throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG);
+        
+      }
+
+      if (signerInfos.length != 1) {
+        logger.warn("Invalid signature (multiple signer information)");
+        throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG);
+        
+      }
+      // verify the signatures
+      // for (int i = 0; i < signerInfos.length; i++) {
+      final VerifyResultImpl verifyResult = new VerifyResultImpl();
+      // results.add(verifyResult);
+      try {
+        logger.debug("Signature Algo: {}, Digest {}",
+            signedData.getSignerInfos()[0].getSignatureAlgorithm(),
+            signedData.getSignerInfos()[0].getDigestAlgorithm());
+        // verify the signature for SignerInfo at index i
+        final X509Certificate signer_cert = signedData.verify(0);
+
+        // Must include Signing Certificate!
+        Attribute signedCertificate = signerInfos[0].getSignedAttribute(ObjectID.signingCertificate);
+
+        if (signedCertificate == null) {
+          signedCertificate = signerInfos[0].getSignedAttribute(ObjectID.signingCertificateV2);
+          
+          if (signedCertificate == null) {
+            logger.warn("Signature ERROR missing signed Signing Certificate: ");
+            throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG);
+            
+          } else {
+            // Validate signingCertificate2
+            try {
+              final SigningCertificateV2 signingCert = (SigningCertificateV2) signedCertificate.getAttributeValue();
+              if (signingCert.isSignerCertificate(signer_cert)) {
+                // OK
+                logger.debug("Found and verified SigningCertificateV2");
+                
+              } else {
+                logger.error("Signature ERROR certificate missmatch, misbehaving Signature Backend?");
+
+                throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG);
+              }
+              
+            } catch (final Throwable e) {
+              logger.error("Signature ERROR wrong encoding for ESSCertIDv2, misbehaving Signature Backend?");
+              throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e);
+              
+            }
+          }
+          
+        } else {
+          // Validate signingCertificate
+          try {
+            final SigningCertificate signingCert = (SigningCertificate) signedCertificate.getAttributeValue();
+            if (signingCert.isSignerCertificate(signer_cert)) {
+              // OK
+              logger.debug("Found and verified SigningCertificate");
+            } else {
+              logger.warn("Signature ERROR certificate missmatch, misbehaving Signature Backend?");
+
+              throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG);
+            }
+          } catch (final Throwable e) {
+            logger.error("Signature ERROR wrong encoding for ESSCertIDv2, misbehaving Signature Backend?");
+
+            throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e);
+          }
+        }
+
+        // if the signature is OK the certificate of the
+        // signer is returned
+        logger.debug("Signature OK");
+        verifyResult.setSignerCertificate(signer_cert);
+
+      } catch (final SignatureException ex) {
+        // if the signature is not OK a SignatureException
+        // is thrown
+        logger.warn(
+            "Signature ERROR from signer: "
+                + signedData.getCertificate(
+                    signerInfos[0].getSignerIdentifier())
+                    .getSubjectDN(), ex);
+
+        verifyResult.setSignerCertificate(signedData
+            .getCertificate(signerInfos[0].getSignerIdentifier()));
+        throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, ex);
+        
+      }
+
+      return verifyResult;
+      // }
+    } catch (final CMSException e) {
+      throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e);
+      
+    } catch (final IOException e) {
+      throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e);
+      
+    }
+
+  }
 }
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
index 5db82e3a..8b98a322 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
@@ -553,8 +553,7 @@ public class PdfAsHelper {
 
 		
     PDFASVerificationResponse verResponse = new PDFASVerificationResponse();
-    verResponse.setSignerCertificate(signResult.getSignerCertificate()
-        .getEncoded());
+    verResponse.setSignerCertificate(signResult.getSignerCertificate().getEncoded());
 
 		
     SignedDocument signPdfDoc = SignedDocument.builder()
diff --git a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSignerKeystore.java b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSignerKeystore.java
index 6845adf2..4914833e 100644
--- a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSignerKeystore.java
+++ b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSignerKeystore.java
@@ -23,23 +23,6 @@
  ******************************************************************************/
 package at.gv.egiz.pdfas.sigs.pades;
 
-import at.gv.egiz.pdfas.lib.api.IConfigurationConstants;
-import iaik.asn1.ASN1Object;
-import iaik.asn1.CodingException;
-import iaik.asn1.ObjectID;
-import iaik.asn1.SEQUENCE;
-import iaik.asn1.UTF8String;
-import iaik.asn1.structures.AlgorithmID;
-import iaik.asn1.structures.Attribute;
-import iaik.asn1.structures.ChoiceOfTime;
-import iaik.cms.ContentInfo;
-import iaik.cms.IssuerAndSerialNumber;
-import iaik.cms.SignedData;
-import iaik.cms.SignerInfo;
-import iaik.smime.ess.ESSCertID;
-import iaik.smime.ess.ESSCertIDv2;
-import iaik.x509.X509Certificate;
-
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
@@ -63,6 +46,7 @@ import at.gv.egiz.pdfas.common.exceptions.ErrorConstants;
 import at.gv.egiz.pdfas.common.exceptions.PDFASError;
 import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
 import at.gv.egiz.pdfas.common.exceptions.PdfAsSignatureException;
+import at.gv.egiz.pdfas.lib.api.IConfigurationConstants;
 import at.gv.egiz.pdfas.lib.api.PdfAsFactory;
 import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner;
 import at.gv.egiz.pdfas.lib.api.sign.SignParameter;
@@ -70,6 +54,21 @@ import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
 import at.gv.egiz.pdfas.lib.impl.status.RequestedSignature;
 import at.gv.egiz.pdfas.lib.util.CertificateUtils;
 import at.gv.egiz.pdfas.lib.util.SignatureUtils;
+import iaik.asn1.ASN1Object;
+import iaik.asn1.CodingException;
+import iaik.asn1.ObjectID;
+import iaik.asn1.SEQUENCE;
+import iaik.asn1.UTF8String;
+import iaik.asn1.structures.AlgorithmID;
+import iaik.asn1.structures.Attribute;
+import iaik.asn1.structures.ChoiceOfTime;
+import iaik.cms.ContentInfo;
+import iaik.cms.IssuerAndSerialNumber;
+import iaik.cms.SignedData;
+import iaik.cms.SignerInfo;
+import iaik.smime.ess.ESSCertID;
+import iaik.smime.ess.ESSCertIDv2;
+import iaik.x509.X509Certificate;
 
 public class PAdESSignerKeystore implements IPlainSigner, PAdESConstants {
 
@@ -83,85 +82,6 @@ public class PAdESSignerKeystore implements IPlainSigner, PAdESConstants {
 	PrivateKey privKey;
 	X509Certificate cert;
 
-	private void readKeyStore(KeyStore ks, String alias, String keypassword)  throws Throwable {
-		if (keypassword == null) {
-			throw new PdfAsException("error.pdf.sig.16");
-		}
-		PasswordProtection pwdProt = new PasswordProtection(
-				keypassword.toCharArray());
-
-		logger.info("Opening Alias: [" + alias + "]");
-
-		Entry entry = ks.getEntry(alias, pwdProt);
-
-		if (!(entry instanceof PrivateKeyEntry)) {
-			throw new PdfAsException("error.pdf.sig.18");
-		}
-
-		PrivateKeyEntry privateEntry = (PrivateKeyEntry) entry;
-
-		privKey = privateEntry.getPrivateKey();
-
-		if (privKey == null) {
-			throw new PdfAsException("error.pdf.sig.13");
-		}
-
-		Certificate c = privateEntry.getCertificate();
-
-		if (c == null) {
-			if (privateEntry.getCertificateChain() != null) {
-				if (privateEntry.getCertificateChain().length > 0) {
-					c = privateEntry.getCertificateChain()[0];
-				}
-			}
-		}
-
-		if (c == null) {
-			throw new PdfAsException("error.pdf.sig.17");
-		}
-
-		cert = new X509Certificate(c.getEncoded());
-	}
-	
-	private KeyStore buildKeyStoreFromFile(String file, String kspassword, 
-			String type, String provider)  throws Throwable {
-		String viusalProvider = (provider == null ? "IAIK" : provider);
-		logger.trace("Opening Keystore: " + file + " with [" + viusalProvider
-				+ "]");
-
-		KeyStore ks = null;
-		if (provider == null) {
-			ks = KeyStore.getInstance(type);
-		} else {
-			ks = KeyStore.getInstance(type, provider);
-		}
-
-		if (ks == null) {
-			throw new PdfAsException("error.pdf.sig.14");
-		}
-		if (kspassword == null) {
-			throw new PdfAsException("error.pdf.sig.15");
-		}
-		FileInputStream is = null;
-		try {
-			is = new FileInputStream(file);
-			ks.load(is, kspassword.toCharArray());
-		} finally {
-			if (is != null) {
-				is.close();
-			}
-		}
-		return ks;
-	}
-	
-	private void loadKeystore(String file, String alias, String kspassword,
-			String keypassword, String type, String provider) throws Throwable {
-
-		KeyStore ks = buildKeyStoreFromFile(file, kspassword, type, provider);
-
-		readKeyStore(ks, alias, keypassword);
-	}
-
 	public PAdESSignerKeystore(KeyStore ks, String alias,
 			String keypassword) throws PDFASError {
 		try {
@@ -221,6 +141,160 @@ public class PAdESSignerKeystore implements IPlainSigner, PAdESConstants {
 		return cert;
 	}
 
+	 public byte[] sign(byte[] input, int[] byteRange, SignParameter parameter,
+	      RequestedSignature requestedSignature) throws PdfAsException {
+	    try {
+	      logger.info("Creating PAdES signature.");
+
+	      requestedSignature.getStatus().getMetaInformations()
+	      .put(ErrorConstants.STATUS_INFO_SIGDEVICE, SIGNATURE_DEVICE);
+	      requestedSignature.getStatus().getMetaInformations()
+	      .put(ErrorConstants.STATUS_INFO_SIGDEVICEVERSION, PdfAsFactory.getVersion());
+	      
+	      IssuerAndSerialNumber issuer = new IssuerAndSerialNumber(cert);
+
+	      AlgorithmID[] algorithms = CertificateUtils.getAlgorithmIDs(cert);
+
+	      SignerInfo signer1 = new SignerInfo(issuer, algorithms[1],
+	          algorithms[0], privKey);
+
+	      SignedData si = new SignedData(input, SignedData.EXPLICIT);
+	      si.addCertificates(new Certificate[] { cert });
+
+
+	      //Check PAdES Flag
+	      if (parameter.getConfiguration().hasValue(IConfigurationConstants.SIG_PADES_FORCE_FLAG))
+	      {
+	        if (IConfigurationConstants.TRUE.equalsIgnoreCase(parameter.getConfiguration().getValue(IConfigurationConstants.SIG_PADES_FORCE_FLAG)))
+	        {
+	          setAttributes(cert, signer1);
+	        }
+	        else
+	        {
+	          setAttributes("application/pdf", cert, new Date(), signer1);
+	        }
+	      }
+	      else
+	      {
+	        setAttributes("application/pdf", cert, new Date(), signer1);
+	      }
+
+	      si.addSignerInfo(signer1);
+	      InputStream dataIs = si.getInputStream();
+	      byte[] buf = new byte[1024];
+	      @SuppressWarnings("unused")
+	      int r;
+	      while ((r = dataIs.read(buf)) > 0)
+	        ; // skip data
+	      ContentInfo ci = new ContentInfo(si);
+	      byte[] signature = ci.getEncoded();
+	      
+	      VerifyResult verifyResult = SignatureUtils.verifySignature(
+	          signature, input);
+	      
+	      return signature;
+	    } catch (NoSuchAlgorithmException e) {
+	      throw new PdfAsSignatureException("error.pdf.sig.01", e);
+	    } catch (iaik.cms.CMSException e) {
+	      throw new PdfAsSignatureException("error.pdf.sig.01", e);
+	    } catch (IOException e) {
+	      throw new PdfAsSignatureException("error.pdf.sig.01", e);
+	    } catch (CertificateException e) {
+	      throw new PdfAsSignatureException("error.pdf.sig.01", e);
+	    } catch (CodingException e) {
+	      throw new PdfAsSignatureException("error.pdf.sig.01", e);
+	    } catch (PDFASError e) {
+	      throw new PdfAsSignatureException("error.pdf.sig.01", e);
+	    }
+	  }
+
+	  public String getPDFSubFilter() {
+	    return SUBFILTER_ETSI_CADES_DETACHED;
+	  }
+
+	  public String getPDFFilter() {
+	    return FILTER_ADOBE_PPKLITE;
+	  }
+	
+	 private void readKeyStore(KeyStore ks, String alias, String keypassword)  throws Throwable {
+	    if (keypassword == null) {
+	      throw new PdfAsException("error.pdf.sig.16");
+	    }
+	    PasswordProtection pwdProt = new PasswordProtection(
+	        keypassword.toCharArray());
+
+	    logger.info("Opening Alias: [" + alias + "]");
+
+	    Entry entry = ks.getEntry(alias, pwdProt);
+
+	    if (!(entry instanceof PrivateKeyEntry)) {
+	      throw new PdfAsException("error.pdf.sig.18");
+	    }
+
+	    PrivateKeyEntry privateEntry = (PrivateKeyEntry) entry;
+
+	    privKey = privateEntry.getPrivateKey();
+
+	    if (privKey == null) {
+	      throw new PdfAsException("error.pdf.sig.13");
+	    }
+
+	    Certificate c = privateEntry.getCertificate();
+
+	    if (c == null) {
+	      if (privateEntry.getCertificateChain() != null) {
+	        if (privateEntry.getCertificateChain().length > 0) {
+	          c = privateEntry.getCertificateChain()[0];
+	        }
+	      }
+	    }
+
+	    if (c == null) {
+	      throw new PdfAsException("error.pdf.sig.17");
+	    }
+
+	    cert = new X509Certificate(c.getEncoded());
+	  }
+	  
+	  private KeyStore buildKeyStoreFromFile(String file, String kspassword, 
+	      String type, String provider)  throws Throwable {
+	    String viusalProvider = (provider == null ? "IAIK" : provider);
+	    logger.trace("Opening Keystore: " + file + " with [" + viusalProvider
+	        + "]");
+
+	    KeyStore ks = null;
+	    if (provider == null) {
+	      ks = KeyStore.getInstance(type);
+	    } else {
+	      ks = KeyStore.getInstance(type, provider);
+	    }
+
+	    if (ks == null) {
+	      throw new PdfAsException("error.pdf.sig.14");
+	    }
+	    if (kspassword == null) {
+	      throw new PdfAsException("error.pdf.sig.15");
+	    }
+	    FileInputStream is = null;
+	    try {
+	      is = new FileInputStream(file);
+	      ks.load(is, kspassword.toCharArray());
+	    } finally {
+	      if (is != null) {
+	        is.close();
+	      }
+	    }
+	    return ks;
+	  }
+	  
+	  private void loadKeystore(String file, String alias, String kspassword,
+	      String keypassword, String type, String provider) throws Throwable {
+
+	    KeyStore ks = buildKeyStoreFromFile(file, kspassword, type, provider);
+
+	    readKeyStore(ks, alias, keypassword);
+	  }
+	
 	private void setMimeTypeAttrib(List<Attribute> attributes, String mimeType) {
 		String oidStr = "0.4.0.1733.2.1";
 		String name = "mime-type";
@@ -292,79 +366,4 @@ public class PAdESSignerKeystore implements IPlainSigner, PAdESConstants {
 		signerInfo.setSignedAttributes(attributeArray);
 	}
 
-	public byte[] sign(byte[] input, int[] byteRange, SignParameter parameter,
-			RequestedSignature requestedSignature) throws PdfAsException {
-		try {
-			logger.info("Creating PAdES signature.");
-
-			requestedSignature.getStatus().getMetaInformations()
-			.put(ErrorConstants.STATUS_INFO_SIGDEVICE, SIGNATURE_DEVICE);
-			requestedSignature.getStatus().getMetaInformations()
-			.put(ErrorConstants.STATUS_INFO_SIGDEVICEVERSION, PdfAsFactory.getVersion());
-			
-			IssuerAndSerialNumber issuer = new IssuerAndSerialNumber(cert);
-
-			AlgorithmID[] algorithms = CertificateUtils.getAlgorithmIDs(cert);
-
-			SignerInfo signer1 = new SignerInfo(issuer, algorithms[1],
-					algorithms[0], privKey);
-
-			SignedData si = new SignedData(input, SignedData.EXPLICIT);
-			si.addCertificates(new Certificate[] { cert });
-
-
-			//Check PAdES Flag
-			if (parameter.getConfiguration().hasValue(IConfigurationConstants.SIG_PADES_FORCE_FLAG))
-			{
-				if (IConfigurationConstants.TRUE.equalsIgnoreCase(parameter.getConfiguration().getValue(IConfigurationConstants.SIG_PADES_FORCE_FLAG)))
-				{
-					setAttributes(cert, signer1);
-				}
-				else
-				{
-					setAttributes("application/pdf", cert, new Date(), signer1);
-				}
-			}
-			else
-			{
-				setAttributes("application/pdf", cert, new Date(), signer1);
-			}
-
-			si.addSignerInfo(signer1);
-			InputStream dataIs = si.getInputStream();
-			byte[] buf = new byte[1024];
-			@SuppressWarnings("unused")
-			int r;
-			while ((r = dataIs.read(buf)) > 0)
-				; // skip data
-			ContentInfo ci = new ContentInfo(si);
-			byte[] signature = ci.getEncoded();
-			
-			VerifyResult verifyResult = SignatureUtils.verifySignature(
-					signature, input);
-			
-			return signature;
-		} catch (NoSuchAlgorithmException e) {
-			throw new PdfAsSignatureException("error.pdf.sig.01", e);
-		} catch (iaik.cms.CMSException e) {
-			throw new PdfAsSignatureException("error.pdf.sig.01", e);
-		} catch (IOException e) {
-			throw new PdfAsSignatureException("error.pdf.sig.01", e);
-		} catch (CertificateException e) {
-			throw new PdfAsSignatureException("error.pdf.sig.01", e);
-		} catch (CodingException e) {
-			throw new PdfAsSignatureException("error.pdf.sig.01", e);
-		} catch (PDFASError e) {
-			throw new PdfAsSignatureException("error.pdf.sig.01", e);
-		}
-	}
-
-	public String getPDFSubFilter() {
-		return SUBFILTER_ETSI_CADES_DETACHED;
-	}
-
-	public String getPDFFilter() {
-		return FILTER_ADOBE_PPKLITE;
-	}
-
 }
-- 
cgit v1.2.3