private byte[] signDocumentAndReturnDigest(
      final PAdESSignatureParameters parameters,
      final byte[] signatureBytes,
      final File signedFile,
      final FileOutputStream fileOutputStream,
      final PDDocument pdDocument,
      final PDSignature pdSignature,
      final DigestAlgorithm digestAlgorithm)
      throws DSSException {

    SignatureOptions options = new SignatureOptions();
    try {

      final MessageDigest digest = DSSUtils.getMessageDigest(digestAlgorithm);
      // register signature dictionary and sign interface
      SignatureInterface signatureInterface =
          new SignatureInterface() {

            @Override
            public byte[] sign(InputStream content) throws SignatureException, IOException {

              byte[] b = new byte[4096];
              int count;
              while ((count = content.read(b)) > 0) {
                digest.update(b, 0, count);
              }
              return signatureBytes;
            }
          };

      options.setPreferedSignatureSize(parameters.getSignatureSize());
      if (parameters.getImageParameters() != null) {
        fillImageParameters(pdDocument, parameters.getImageParameters(), options);
      }
      pdDocument.addSignature(pdSignature, signatureInterface, options);

      saveDocumentIncrementally(parameters, signedFile, fileOutputStream, pdDocument);
      final byte[] digestValue = digest.digest();
      if (logger.isDebugEnabled()) {
        logger.debug("Digest to be signed: " + Hex.encodeHexString(digestValue));
      }
      fileOutputStream.close();
      return digestValue;
    } catch (IOException e) {
      throw new DSSException(e);
    } catch (SignatureException e) {
      throw new DSSException(e);
    } finally {
      IOUtils.closeQuietly(options.getVisualSignature());
    }
  }
  public void saveDocumentIncrementally(
      PAdESSignatureParameters parameters,
      File signedFile,
      FileOutputStream fileOutputStream,
      PDDocument pdDocument)
      throws DSSException {

    FileInputStream signedFileInputStream = null;
    try {

      signedFileInputStream = new FileInputStream(signedFile);
      // the document needs to have an ID, if not a ID based on the current system time is used, and
      // then the
      // digest of the signed data is
      // different
      if (pdDocument.getDocumentId() == null) {

        final byte[] documentIdBytes =
            DSSUtils.digest(
                DigestAlgorithm.MD5, parameters.bLevel().getSigningDate().toString().getBytes());
        pdDocument.setDocumentId(DSSUtils.toLong(documentIdBytes));
        pdDocument.setDocumentId(0L);
      }
      pdDocument.saveIncremental(signedFileInputStream, fileOutputStream);
    } catch (IOException e) {
      throw new DSSException(e);
    } catch (COSVisitorException e) {
      throw new DSSException(e);
    } finally {
      IOUtils.closeQuietly(signedFileInputStream);
    }
  }
  private PDSignature createSignatureDictionary(final PAdESSignatureParameters parameters) {

    final PDSignature signature = new PDSignature();
    signature.setType(getType());
    // signature.setName(String.format("SD-DSS Signature %s", parameters.getDeterministicId()));
    Date date = parameters.bLevel().getSigningDate();
    String encodedDate =
        " "
            + Hex.encodeHexString(
                DSSUtils.digest(DigestAlgorithm.SHA1, Long.toString(date.getTime()).getBytes()));
    CertificateToken token = parameters.getSigningCertificate();
    if (token == null) {
      signature.setName("Unknown signer" + encodedDate);
    } else {
      if (parameters.getSigningCertificate().getSubjectShortName() != null) {
        String shortName = parameters.getSigningCertificate().getSubjectShortName() + encodedDate;
        signature.setName(shortName);
      } else {
        signature.setName("Unknown signer" + encodedDate);
      }
    }

    signature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE); // default filter
    // sub-filter for basic and PAdES Part 2 signatures
    signature.setSubFilter(getSubFilter());

    if (COSName.SIG.equals(getType())) {
      if (StringUtils.isNotEmpty(parameters.getContactInfo())) {
        signature.setContactInfo(parameters.getContactInfo());
      }

      if (StringUtils.isNotEmpty(parameters.getLocation())) {
        signature.setLocation(parameters.getLocation());
      }

      if (StringUtils.isNotEmpty(parameters.getReason())) {
        signature.setReason(parameters.getReason());
      }
    }

    // the signing date, needed for valid signature
    final Calendar cal = Calendar.getInstance();
    final Date signingDate = parameters.bLevel().getSigningDate();
    cal.setTime(signingDate);
    signature.setSignDate(cal);
    return signature;
  }
Beispiel #4
0
  @Before
  public void init() throws Exception {
    documentToSign = new FileDocument(new File("src/test/resources/sample.pdf"));

    CertificateService certificateService = new CertificateService();
    privateKeyEntry = certificateService.generateCertificateChain(SignatureAlgorithm.RSA_SHA256);

    signatureParameters = new PAdESSignatureParameters();
    signatureParameters.bLevel().setSigningDate(new Date());
    signatureParameters.setSigningCertificate(privateKeyEntry.getCertificate());
    signatureParameters.setCertificateChain(privateKeyEntry.getCertificateChain());
    signatureParameters.setSignaturePackaging(SignaturePackaging.ENVELOPING);
    signatureParameters.setSignatureLevel(SignatureLevel.PAdES_BASELINE_B);
    signatureParameters.setLocation("Luxembourg");
    signatureParameters.setReason("DSS testing");
    signatureParameters.setContactInfo("Jira");

    CertificateVerifier certificateVerifier = new CommonCertificateVerifier();
    service = new PAdESService(certificateVerifier);
  }