@Test
public void test() throws Exception {
DSSDocument documentToSign = new InMemoryDocument("Hello World".getBytes());
CertificateService certificateService = new CertificateService();
MockPrivateKeyEntry privateKeyEntry =
certificateService.generateCertificateChain(SignatureAlgorithm.RSA_SHA256);
CAdESSignatureParameters signatureParameters = new CAdESSignatureParameters();
signatureParameters.bLevel().setSigningDate(new Date());
signatureParameters.setSigningCertificate(privateKeyEntry.getCertificate());
signatureParameters.setCertificateChain(privateKeyEntry.getCertificateChain());
signatureParameters.setSignaturePackaging(SignaturePackaging.ENVELOPING);
signatureParameters.setSignatureLevel(SignatureLevel.CAdES_BASELINE_LTA);
CertificateVerifier certificateVerifier = new CommonCertificateVerifier();
CAdESService service = new CAdESService(certificateVerifier);
service.setTspSource(
new MockTSPSource(certificateService.generateTspCertificate(SignatureAlgorithm.RSA_SHA1)));
ToBeSigned toBeSigned = service.getDataToSign(documentToSign, signatureParameters);
SignatureValue signatureValue =
TestUtils.sign(signatureParameters.getSignatureAlgorithm(), privateKeyEntry, toBeSigned);
final DSSDocument signedDocument =
service.signDocument(documentToSign, signatureParameters, signatureValue);
SignedDocumentValidator validator = SignedDocumentValidator.fromDocument(signedDocument);
validator.setCertificateVerifier(new CommonCertificateVerifier());
Reports report = validator.validateDocument();
// report.print();
DiagnosticData diagnostic = report.getDiagnosticData();
String timestampId = diagnostic.getSignatures().get(0).getTimestampList().get(0).getId();
for (TimestampWrapper wrapper : diagnostic.getTimestampList(diagnostic.getFirstSignatureId())) {
if (wrapper.getType().equals(TimestampType.ARCHIVE_TIMESTAMP.toString())) {
Assert.assertEquals(
timestampId, wrapper.getSignedObjects().getTimestampedTimestamp().get(0).getId());
}
}
}
public void init(DiagnosticData diagnosticData, Date currentTime) {
Set<SignatureWrapper> signatures = diagnosticData.getAllSignatures();
for (SignatureWrapper signature : signatures) {
addPOE(signature.getId(), currentTime);
}
Set<TimestampWrapper> timestamps = diagnosticData.getAllTimestamps();
for (TimestampWrapper timestamp : timestamps) {
addPOE(timestamp.getId(), currentTime);
}
List<CertificateWrapper> usedCertificates = diagnosticData.getUsedCertificates();
for (CertificateWrapper certificate : usedCertificates) {
addPOE(certificate.getId(), currentTime);
Set<RevocationWrapper> revocations = certificate.getRevocationData();
if (CollectionUtils.isNotEmpty(revocations)) {
for (RevocationWrapper revocation : revocations) {
if (RevocationOrigin.SIGNATURE.name().equals(revocation.getOrigin())) {
addPOE(revocation.getId(), currentTime);
}
}
}
}
}
public void extractPOE(TimestampWrapper timestamp, DiagnosticData diagnosticData) {
Date productionTime = timestamp.getProductionTime();
XmlSignedObjectsType signedObjects = timestamp.getSignedObjects();
if (signedObjects != null) {
if (CollectionUtils.isNotEmpty(signedObjects.getSignedSignature())) {
// SIGNATURES and TIMESTAMPS
for (XmlSignedSignature signedSignature : signedObjects.getSignedSignature()) {
addPOE(signedSignature.getId(), productionTime);
}
for (XmlTimestampedTimestamp timstampedTimastamp :
signedObjects.getTimestampedTimestamp()) {
addPOE(timstampedTimastamp.getId(), productionTime);
}
}
if (CollectionUtils.isNotEmpty(signedObjects.getDigestAlgAndValue())) {
for (XmlDigestAlgAndValueType digestAlgoAndValue : signedObjects.getDigestAlgAndValue()) {
if (StringUtils.equals(
TimestampReferenceCategory.CERTIFICATE.name(), digestAlgoAndValue.getCategory())) {
String certificateId = getCertificateIdByDigest(digestAlgoAndValue, diagnosticData);
if (certificateId != null) {
addPOE(certificateId, productionTime);
}
} else if (StringUtils.equals(
TimestampReferenceCategory.REVOCATION.name(), digestAlgoAndValue.getCategory())) {
String revocationId = getRevocationIdByDigest(digestAlgoAndValue, diagnosticData);
if (revocationId != null) {
addPOE(revocationId, productionTime);
}
}
}
}
}
}