From f3476576c50efd922593c82656efda7aec5ae97f Mon Sep 17 00:00:00 2001 From: Andreas Fitzek Date: Wed, 27 Nov 2013 10:05:17 +0100 Subject: MOA integration sign/verification (not finished yet ...) Lots of PDF-AS Web implementation --- .../java/at/gv/egiz/sl/util/BaseSLConnector.java | 36 +++------- .../at/gv/egiz/sl/util/ISignatureConnector.java | 9 +++ .../egiz/sl/util/ISignatureConnectorSLWrapper.java | 56 +++++++++++++++ .../main/java/at/gv/egiz/sl/util/MOAConnector.java | 84 ++++++++++++++++++++++ 4 files changed, 159 insertions(+), 26 deletions(-) create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnector.java create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/sl/util/MOAConnector.java (limited to 'pdf-as-lib/src/main/java/at/gv/egiz/sl') diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BaseSLConnector.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BaseSLConnector.java index 51b63f51..e5abc6bd 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BaseSLConnector.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BaseSLConnector.java @@ -1,41 +1,19 @@ package at.gv.egiz.sl.util; -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; -import java.nio.Buffer; +import java.math.BigInteger; import java.util.Arrays; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; - -import org.apache.http.HttpResponse; -import org.apache.http.client.ClientProtocolException; -import org.apache.http.client.HttpClient; -import org.apache.http.client.methods.HttpPost; -import org.apache.http.entity.ContentType; -import org.apache.http.entity.mime.HttpMultipartMode; -import org.apache.http.entity.mime.MultipartEntity; -import org.apache.http.entity.mime.MultipartEntityBuilder; -import org.apache.http.entity.mime.content.StringBody; -import org.apache.http.impl.client.DefaultHttpClient; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import at.gv.egiz.pdfas.common.exceptions.PDFIOException; -import at.gv.egiz.pdfas.common.exceptions.PdfAsException; -import at.gv.egiz.pdfas.common.exceptions.SLPdfAsException; -import at.gv.egiz.pdfas.lib.impl.signing.pdfbox.PADESPDFBOXSigner; import at.gv.egiz.sl.Base64OptRefContentType; import at.gv.egiz.sl.CMSDataObjectRequiredMetaType; import at.gv.egiz.sl.CreateCMSSignatureRequestType; -import at.gv.egiz.sl.CreateCMSSignatureResponseType; -import at.gv.egiz.sl.ErrorResponseType; +import at.gv.egiz.sl.ExcludedByteRangeType; import at.gv.egiz.sl.InfoboxReadParamsAssocArrayType; +import at.gv.egiz.sl.InfoboxReadParamsAssocArrayType.ReadValue; import at.gv.egiz.sl.InfoboxReadRequestType; -import at.gv.egiz.sl.InfoboxReadResponseType; import at.gv.egiz.sl.MetaInfoType; -import at.gv.egiz.sl.InfoboxReadParamsAssocArrayType.ReadValue; import at.gv.egiz.sl.ObjectFactory; public abstract class BaseSLConnector implements ISLConnector { @@ -106,7 +84,13 @@ public abstract class BaseSLConnector implements ISLConnector { CMSDataObjectRequiredMetaType cmsDataObjectRequiredMetaType = new CMSDataObjectRequiredMetaType(); cmsDataObjectRequiredMetaType.setMetaInfo(metaInfoType); cmsDataObjectRequiredMetaType.setContent(base64OptRefContentType); - // cmsDataObjectRequiredMetaType.setExcludedByteRange() + if(byteRange.length > 0) { + ExcludedByteRangeType excludeByteRange = new ExcludedByteRangeType(); + excludeByteRange.setFrom(new BigInteger(String.valueOf(byteRange[0]))); + excludeByteRange.setTo(new BigInteger(String.valueOf(byteRange[0]+byteRange[1]))); + cmsDataObjectRequiredMetaType.setExcludedByteRange(excludeByteRange); + } + // == CreateCMSSignatureRequestType CreateCMSSignatureRequestType request = new CreateCMSSignatureRequestType(); diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnector.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnector.java new file mode 100644 index 00000000..8830db5c --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnector.java @@ -0,0 +1,9 @@ +package at.gv.egiz.sl.util; + +import iaik.x509.X509Certificate; +import at.gv.egiz.pdfas.common.exceptions.PdfAsException; + +public interface ISignatureConnector { + public X509Certificate getCertificate() throws PdfAsException; + public byte[] sign(byte[] input, int[] byteRange) throws PdfAsException; +} diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java new file mode 100644 index 00000000..491c465a --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java @@ -0,0 +1,56 @@ +package at.gv.egiz.sl.util; + +import java.security.cert.CertificateException; +import java.util.Iterator; + +import iaik.x509.X509Certificate; +import at.gv.egiz.pdfas.common.exceptions.PdfAsException; +import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner; +import at.gv.egiz.sl.CreateCMSSignatureRequestType; +import at.gv.egiz.sl.CreateCMSSignatureResponseType; +import at.gv.egiz.sl.InfoboxAssocArrayPairType; +import at.gv.egiz.sl.InfoboxReadRequestType; +import at.gv.egiz.sl.InfoboxReadResponseType; + +public class ISignatureConnectorSLWrapper implements ISignatureConnector { + + private ISLConnector connector; + + public ISignatureConnectorSLWrapper(ISLConnector connector) { + this.connector = connector; + } + + public X509Certificate getCertificate() throws PdfAsException { + X509Certificate certificate = null; + try { + InfoboxReadRequestType request = connector + .createInfoboxReadRequest(); + InfoboxReadResponseType response = connector + .sendInfoboxReadRequest(request); + + Iterator iterator = response + .getAssocArrayData().getPair().iterator(); + + while (iterator.hasNext()) { + InfoboxAssocArrayPairType pair = iterator.next(); + if (pair.getKey().equals("SecureSignatureKeypair")) { + byte[] certData = pair.getBase64Content(); + certificate = new X509Certificate(certData); + break; + } + } + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + return certificate; + } + + public byte[] sign(byte[] input, int[] byteRange) throws PdfAsException { + CreateCMSSignatureRequestType request = connector.createCMSRequest(input, byteRange); + CreateCMSSignatureResponseType response = connector.sendCMSRequest(request); + + return response.getCMSSignature(); + } + +} diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/MOAConnector.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/MOAConnector.java new file mode 100644 index 00000000..d75aa66e --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/MOAConnector.java @@ -0,0 +1,84 @@ +package at.gv.egiz.sl.util; + +import iaik.x509.X509Certificate; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.InputStream; +import java.security.cert.CertificateException; + +import javax.activation.DataHandler; + +import at.gv.egiz.moa.ByteArrayDataSource; +import at.gv.egiz.moa.SignatureCreationServiceStub; +import at.gv.egiz.moa.SignatureCreationServiceStub.CMSContentBaseType; +import at.gv.egiz.moa.SignatureCreationServiceStub.CreateCMSSignatureRequest; +import at.gv.egiz.moa.SignatureCreationServiceStub.CreateCMSSignatureResponse; +import at.gv.egiz.moa.SignatureCreationServiceStub.DataObjectInfo_type1; +import at.gv.egiz.moa.SignatureCreationServiceStub.DataObject_type1; +import at.gv.egiz.moa.SignatureCreationServiceStub.KeyIdentifierType; +import at.gv.egiz.moa.SignatureCreationServiceStub.SingleSignatureInfo_type1; +import at.gv.egiz.pdfas.common.exceptions.PdfAsException; +import at.gv.egiz.pdfas.common.utils.StreamUtils; +import at.gv.egiz.pdfas.lib.api.Configuration; + +public class MOAConnector implements ISignatureConnector { + + public static final String MOA_SIGN_URL = "moa.sign.url"; + public static final String MOA_SIGN_KEY_ID = "moa.sign.KeyIdentifier"; + public static final String MOA_SIGN_CERTIFICATE = "moa.sign.Certificate"; + + private X509Certificate certificate; + private String moaEndpoint; + private String keyIdentifier; + + public MOAConnector(Configuration config) + throws CertificateException, FileNotFoundException, IOException { + this.certificate = new X509Certificate(new FileInputStream(new File(config.getValue(MOA_SIGN_CERTIFICATE)))); + this.moaEndpoint = config.getValue(MOA_SIGN_URL); + this.keyIdentifier = config.getValue(MOA_SIGN_KEY_ID); + } + + public X509Certificate getCertificate() throws PdfAsException { + return this.certificate; + } + + public byte[] sign(byte[] input, int[] byteRange) throws PdfAsException { + try { + SignatureCreationServiceStub signatureCreationService = new SignatureCreationServiceStub( + this.moaEndpoint); + + CreateCMSSignatureRequest createCMSSignatureRequest = new CreateCMSSignatureRequest(); + SingleSignatureInfo_type1 singleSignature = new SingleSignatureInfo_type1(); + DataObjectInfo_type1 dataObjectType = new DataObjectInfo_type1(); + singleSignature.setDataObjectInfo(dataObjectType); + DataObject_type1 dataObject = new DataObject_type1(); + dataObjectType.setDataObject(dataObject); + CMSContentBaseType cmsContent = new CMSContentBaseType(); + cmsContent.setBase64Content(new DataHandler( + new ByteArrayDataSource(input, "application/pdf"))); + dataObject.setContent(cmsContent); + + createCMSSignatureRequest + .setSingleSignatureInfo(new SingleSignatureInfo_type1[] { singleSignature }); + KeyIdentifierType keyId = new KeyIdentifierType(); + keyId.setKeyIdentifierType(this.keyIdentifier); + createCMSSignatureRequest.setKeyIdentifier(keyId); + + CreateCMSSignatureResponse response = signatureCreationService + .createCMSSignature(createCMSSignatureRequest); + + InputStream is = response.getCreateCMSSignatureResponse() + .getCreateCMSSignatureResponseTypeChoice()[0] + .getCMSSignature().getInputStream(); + + byte[] signature = StreamUtils.inputStreamToByteArray(is); + + return signature; + } catch (Exception e) { + throw new PdfAsException(e.getMessage()); + } + } +} -- cgit v1.2.3