Exemple #1
0
  @Override
  public XMLSignatureInput engineResolveURI(ResourceResolverContext context)
      throws ResourceResolverException {

    final Attr uriAttr = context.attr;
    final String baseUriString = context.baseUri;
    String documentUri = uriAttr.getNodeValue();
    documentUri = decodeUrl(documentUri);
    final DSSDocument document = getDocument(documentUri);
    if (document != null) {

      // The input stream is closed automatically by XMLSignatureInput class

      // TODO-Bob (05/09/2014):  There is an error concerning the input streams base64 encoded. Some
      // extra bytes are added within the santuario which breaks the HASH.
      // TODO-Vin (05/09/2014): Can you create an isolated test-case JIRA DSS-?
      InputStream inputStream = document.openStream();
      //			final byte[] bytes = DSSUtils.toByteArray(inputStream);
      //			final String string = new String(bytes);
      //			inputStream = DSSUtils.toInputStream(bytes);
      final XMLSignatureInput result = new XMLSignatureInput(inputStream);
      result.setSourceURI(documentUri);
      final MimeType mimeType = document.getMimeType();
      if (mimeType != null) {
        result.setMIMEType(mimeType.getMimeTypeString());
      }
      return result;
    } else {

      Object exArgs[] = {"The uriNodeValue " + documentUri + " is not configured for offline work"};
      throw new ResourceResolverException(
          "generic.EmptyMessage", exArgs, documentUri, baseUriString);
    }
  }
Exemple #2
0
  private DSSDocument isKnown(final String documentUri) {

    for (final DSSDocument dssDocument : documents) {

      if (isRightDocument(documentUri, dssDocument)) {

        return dssDocument;
      }
      DSSDocument nextDssDocument = dssDocument.getNextDocument();
      while (nextDssDocument != null) {

        if (isRightDocument(documentUri, nextDssDocument)) {
          return nextDssDocument;
        }
        nextDssDocument = nextDssDocument.getNextDocument();
      }
    }
    return null;
  }
Exemple #3
0
  /**
   * If the {@code DSSDocument} is a CMS message and the signed content's content is not null then
   * the {@code CMSSignedData} is returned. All exceptions are hidden
   *
   * @param dssDocument
   * @return {@code CMSSignedData} or {@code null}
   */
  public static CMSSignedData getOriginalSignedData(final DSSDocument dssDocument) {

    CMSSignedData originalSignedData = null;

    try {
      // check if input toSignDocument is already signed
      originalSignedData = new CMSSignedData(dssDocument.getBytes());
      if (originalSignedData.getSignedContent().getContent() == null) {
        originalSignedData = null;
      }
    } catch (Exception e) {
      // not a parallel signature
    }
    return originalSignedData;
  }
Exemple #4
0
  private static boolean isRightDocument(final String documentUri, final DSSDocument document) {

    final String documentUri_ = document.getName();
    if (documentUri.equals(documentUri_)) {

      return true;
    }
    final int length = documentUri.length();
    final int length_ = documentUri_.length();
    // For the file name as "/toto.txt"
    final boolean case1 = documentUri.startsWith("/") && length - 1 == length_;
    // For the file name as "./toto.txt"
    final boolean case2 = documentUri.startsWith("./") && length - 2 == length_;
    if (documentUri.endsWith(documentUri_) && (case1 || case2)) {

      return true;
    }
    return false;
  }
  /**
   * @throws IOException
   * @throws NoSuchAlgorithmException
   * @throws DSSException
   */
  public void signDocument() throws IOException, NoSuchAlgorithmException, DSSException {

    final SignatureModel model = getModel();

    final File fileToSign = model.getSelectedFile();
    final SignatureTokenConnection tokenConnection = model.getTokenConnection();
    final DSSPrivateKeyEntry privateKey = model.getSelectedPrivateKey();

    final SignatureParameters parameters = new SignatureParameters();
    parameters.setPrivateKeyEntry(privateKey);
    parameters.setSigningToken(tokenConnection);

    DigestAlgorithm digestAlgorithm = model.getSignatureDigestAlgorithm();
    if (digestAlgorithm == null) {
      parameters.setDigestAlgorithm(DigestAlgorithm.SHA256);
    } else {
      parameters.setDigestAlgorithm(digestAlgorithm);
    }
    if (model.isTslSignatureCheck()) {

      parameters.clearCertificateChain();
      parameters.setCertificateChain(parameters.getSigningCertificate());
      parameters.setSignatureLevel(SignatureLevel.XAdES_BASELINE_B);
      parameters.setSignaturePackaging(SignaturePackaging.ENVELOPED);

      final List<DSSReference> references = new ArrayList<DSSReference>();

      DSSReference dssReference = new DSSReference();
      dssReference.setId("xml_ref_id");
      dssReference.setUri("");

      final List<DSSTransform> transforms = new ArrayList<DSSTransform>();

      DSSTransform dssTransform = new DSSTransform();
      dssTransform.setAlgorithm(CanonicalizationMethod.ENVELOPED);
      transforms.add(dssTransform);

      dssTransform = new DSSTransform();
      dssTransform.setAlgorithm(CanonicalizationMethod.EXCLUSIVE);
      transforms.add(dssTransform);

      dssReference.setTransforms(transforms);
      references.add(dssReference);

      //			System.out.println("###APPLET - REFERENCES:");
      //			for (DSSReference reference : references) {
      //				System.out.println("    --> " + reference.getId() + "/" + reference.getUri() + "/" +
      // reference.getType());
      //				final List<DSSTransform> transforms_ = reference.getTransforms();
      //				for (DSSTransform transform : transforms_) {
      //
      //					System.out.println("    --> ---> " + transform.getElementName() + "/" +
      // transform.getTextContent() + "/" + transform.getAlgorithm());
      //				}
      //			}
      parameters.setReferences(references);

    } else {

      final String signatureLevelString = model.getLevel();
      final SignatureLevel signatureLevel = SignatureLevel.valueByName(signatureLevelString);
      parameters.setSignatureLevel(signatureLevel);
      parameters.setSignaturePackaging(model.getPackaging());

      if (model.isClaimedCheck()) {
        parameters.bLevel().addClaimedSignerRole(model.getClaimedRole());
      }
      if (model.isSignaturePolicyCheck()) {

        final byte[] hashValue = DSSUtils.base64Decode(model.getSignaturePolicyValue());
        final Policy policy = new Policy();
        policy.setId(model.getSignaturePolicyId());
        final DigestAlgorithm policyDigestAlgorithm =
            DigestAlgorithm.forName(model.getSignaturePolicyAlgo());
        policy.setDigestAlgorithm(policyDigestAlgorithm);
        policy.setDigestValue(hashValue);
        parameters.bLevel().setSignaturePolicy(policy);
      }
    }
    final DSSDocument signedDocument =
        SigningUtils.signDocument(serviceURL, fileToSign, parameters);
    final FileOutputStream fos = new FileOutputStream(model.getTargetFile());
    DSSUtils.copy(signedDocument.openStream(), fos);
    fos.close();
  }