From 9bc71794a49d89e1ff6adab76f5f473b94b3d348 Mon Sep 17 00:00:00 2001 From: Andreas Fitzek Date: Thu, 12 Dec 2013 12:17:05 +0100 Subject: Creation of PAdES signatures with local keystore --- .../gv/egiz/pdfas/lib/util/CertificateUtils.java | 53 ++++++++++++++++++++++ .../at/gv/egiz/pdfas/lib/util/package-info.java | 8 ++++ 2 files changed, 61 insertions(+) create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/CertificateUtils.java create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/package-info.java (limited to 'pdf-as-lib/src/main/java/at') diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/CertificateUtils.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/CertificateUtils.java new file mode 100644 index 00000000..2f4fbe10 --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/CertificateUtils.java @@ -0,0 +1,53 @@ +package at.gv.egiz.pdfas.lib.util; + +import iaik.asn1.structures.AlgorithmID; +import iaik.x509.X509Certificate; +import java.security.NoSuchAlgorithmException; +import java.security.PublicKey; +import java.security.interfaces.ECPublicKey; +import java.security.spec.ECParameterSpec; + +public class CertificateUtils { + public static AlgorithmID[] getAlgorithmIDs(X509Certificate signingCertificate) + throws NoSuchAlgorithmException { + PublicKey publicKey = signingCertificate.getPublicKey(); + String algorithm = publicKey.getAlgorithm(); + AlgorithmID[] algorithms = new AlgorithmID[2]; + AlgorithmID signatureAlgorithm; + AlgorithmID digestAlgorithm; + + if ("DSA".equals(algorithm)) { + signatureAlgorithm = AlgorithmID.dsaWithSHA256; + digestAlgorithm = AlgorithmID.sha256; + } else if ("RSA".equals(algorithm)) { + signatureAlgorithm = AlgorithmID.sha256WithRSAEncryption; + digestAlgorithm = AlgorithmID.sha256; + } else if (("EC".equals(algorithm)) || ("ECDSA".equals(algorithm))) { + + int fieldSize = 0; + if (publicKey instanceof ECPublicKey) { + ECParameterSpec params = ((ECPublicKey) publicKey).getParams(); + fieldSize = params.getCurve().getField().getFieldSize(); + } + + if (fieldSize >= 512) { + signatureAlgorithm = AlgorithmID.ecdsa_With_SHA512; + digestAlgorithm = AlgorithmID.sha512; + } else if (fieldSize >= 256) { + signatureAlgorithm = AlgorithmID.ecdsa_With_SHA256; + digestAlgorithm = AlgorithmID.sha256; + } else { + signatureAlgorithm = AlgorithmID.ecdsa_With_SHA1; + digestAlgorithm = AlgorithmID.sha1; + } + } else { + throw new NoSuchAlgorithmException("Public key algorithm '" + + algorithm + "' not supported."); + } + + algorithms[0] = signatureAlgorithm; + algorithms[1] = digestAlgorithm; + + return algorithms; + } +} diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/package-info.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/package-info.java new file mode 100644 index 00000000..e635fb93 --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/package-info.java @@ -0,0 +1,8 @@ +/** + * + */ +/** + * @author afitzek + * + */ +package at.gv.egiz.pdfas.lib.util; \ No newline at end of file -- cgit v1.2.3