private SignatureData getFromCmsSignature(
SignatureVerificationRequest signatureVerificationRequest,
SignatureVerificationResponse response)
throws CMSException {
String signature = signatureVerificationRequest.getSignature();
byte[] decoded = Base64.decode(signature);
CMSSignedData cmsSignedData = new CMSSignedData(decoded);
String encodedSignedData = new String((byte[]) cmsSignedData.getSignedContent().getContent());
// Fetch information about the issuers
List<String> certInfos = new ArrayList<String>();
Collection certificates = cmsSignedData.getCertificates().getMatches(null);
for (Object certificate : certificates) {
X509CertificateHolder holder = (X509CertificateHolder) certificate;
certInfos.add(holder.getSubject().toString());
CertificateInfo ci = new CertificateInfo();
ci.setSubjectDn(holder.getSubject().toString());
ci.setValidTo(simpleDateFormat.format(holder.getNotAfter()));
response.getCertificateInfos().getCertificateInfo().add(ci);
}
// Fetch timestamp
Date signingDate = findTimestamp(cmsSignedData);
String dateString = simpleDateFormat.format(signingDate);
response.setSignatureDate(dateString);
// Create the SignatureData to be verified
SignatureData signData = new SignatureData();
signData.setEncodedTbs(encodedSignedData);
signData.setSignature(signature);
ELegType clientType = new ELegType("test", "test", PkiClient.NETMAKER_NETID_4);
signData.setClientType(clientType);
return signData;
}
private SignatureData createSignatureDataFromXmlDigSig(String signature)
throws SignatureException {
// Start with setting some fields that are known directly
SignatureData signatureData = new SignatureData();
signatureData.setClientType(new ELegType("test", "test", PkiClient.NEXUS_PERSONAL_4X));
signatureData.setSignature(new String(Base64.encode(signature.getBytes())));
// For the rest we need to parse the XML
try {
Document document = createDocument(new ByteArrayInputStream(signature.getBytes()), false);
// nonce and tbs
XPath xpath = XPathFactory.newInstance().newXPath();
XPathExpression expression =
xpath.compile("/Signature/Object/bankIdSignedData/srvInfo/nonce/text()");
String encodedNonce = (String) expression.evaluate(document, XPathConstants.STRING);
String decodedNonce =
new String(Base64.decode(encodedNonce)); // will be re-encoded again before it is sent
signatureData.setNonce(decodedNonce);
expression = xpath.compile("/Signature/Object/bankIdSignedData/usrVisibleData/text()");
String encodedTbs = (String) expression.evaluate(document, XPathConstants.STRING);
String decodedTbs =
new String(Base64.decode(encodedTbs)); // this will be re-encoded again before it is sent
signatureData.setEncodedTbs(encodedTbs);
signatureData.setTbs(decodedTbs);
} catch (XPathExpressionException e) {
throw new SignatureException(e);
} catch (ParserConfigurationException e) {
throw new SignatureException(e);
} catch (SAXException e) {
throw new SignatureException(e);
} catch (IOException e) {
throw new SignatureException(e);
}
return signatureData;
}