public static Signature finalizeXadesXL_TS(SignedDoc sdoc, Signature sig)
throws DigiDocException {
if (m_logger.isDebugEnabled())
m_logger.debug("Finalize XAdES-TS: " + sig.getId() + " profile: " + sig.getProfile());
if (sdoc.getFormat().equals(SignedDoc.FORMAT_BDOC)) {
DigiDocXmlGenFactory genFac = new DigiDocXmlGenFactory(sdoc);
TimestampFactory tsFac = ConfigManager.instance().getTimestampFactory();
String sTsaCert = ConfigManager.instance().getStringProperty("DIGIDOC_TSA_CRT", null);
if (sTsaCert != null) {
if (m_logger.isDebugEnabled()) m_logger.debug("TSA cert: " + sTsaCert);
X509Certificate tsaCrt = SignedDoc.readCertificate(sTsaCert);
if (tsaCrt != null) {
if (m_logger.isDebugEnabled())
m_logger.debug("Add tsa cert: " + tsaCrt.getSubjectDN().getName());
registerCert(tsaCrt, CertID.CERTID_TYPE_TSA, sig.getId() + "-TSA", sig);
}
}
sig.setProfile(SignedDoc.BDOC_PROFILE_TS);
// get <SigAndRefsTimeStamp>
/* SignAndRefsTimestam not used in bdoc 2.0 any more
StringBuffer sb = new StringBuffer();
String tsaUrl = ConfigManager.instance().getProperty("DIGIDOC_TSA_URL");
genFac.signatureValue2xml(sb, sig.getSignatureValue(), true);
//String sSigValXml = sb.toString().trim();
genFac.completeCertificateRefs2xml(sb, sig.getUnsignedProperties().getCompleteCertificateRefs(), sig, true);
genFac.completeRevocationRefs2xml(sb, sig.getUnsignedProperties().getCompleteRevocationRefs(), sig, true);
String sSigAndRefsDat = sb.toString().trim();
byte[] hash = SignedDoc.digestOfType(sSigAndRefsDat.getBytes(),
(sdoc.getFormat().equals(SignedDoc.FORMAT_BDOC) ? SignedDoc.SHA256_DIGEST_TYPE : SignedDoc.SHA1_DIGEST_TYPE));
if(m_logger.isDebugEnabled())
m_logger.debug("Get sig-val-ts for: " + Base64Util.encode(hash) + " uri: " + tsaUrl +
" DATA:\n---\n" + sSigAndRefsDat + "\n---\n");
TimeStampResponse tresp = tsFac.requestTimestamp(TSPAlgorithms.SHA1.getId(), hash, tsaUrl);
if(tresp != null) {
TimestampInfo ti = new TimestampInfo(sig.getId() + "-T1", sig, TimestampInfo.TIMESTAMP_TYPE_SIG_AND_REFS, hash, tresp);
ti.addIncludeInfo(new IncludeInfo("#" + sig.getId() + "-SIG"));
ti.addIncludeInfo(new IncludeInfo("#" + sig.getId() + "-T0"));
ti.addIncludeInfo(new IncludeInfo("#" + sig.getId() + "-CERTREFS"));
ti.addIncludeInfo(new IncludeInfo("#" + sig.getId() + "-REVOCREFS"));
sig.addTimestampInfo(ti);
sig.setProfile(SignedDoc.BDOC_PROFILE_TS);
}*/
}
return sig;
}
public static Signature finalizeXadesT(SignedDoc sdoc, Signature sig) throws DigiDocException {
if (m_logger.isDebugEnabled())
m_logger.debug("Finalize XAdES-T: " + sig.getId() + " profile: " + sig.getProfile());
UnsignedProperties usp = new UnsignedProperties(sig);
sig.setUnsignedProperties(usp);
if (sdoc.getFormat().equals(SignedDoc.FORMAT_BDOC)) {
DigiDocXmlGenFactory genFac = new DigiDocXmlGenFactory(sdoc);
TimestampFactory tsFac = ConfigManager.instance().getTimestampFactory();
// get <SignatureValueTimeStamp>
StringBuffer sb = new StringBuffer();
String tsaUrl = ConfigManager.instance().getProperty("DIGIDOC_TSA_URL");
genFac.signatureValue2xml(sb, sig.getSignatureValue(), true);
String sSigValXml = sb.toString().trim();
byte[] hash =
SignedDoc.digestOfType(
sSigValXml.getBytes(),
(sdoc.getFormat().equals(SignedDoc.FORMAT_BDOC)
? SignedDoc.SHA256_DIGEST_TYPE
: SignedDoc.SHA1_DIGEST_TYPE));
if (m_logger.isDebugEnabled())
m_logger.debug(
"Get sig-val-ts for: "
+ Base64Util.encode(hash)
+ " uri: "
+ tsaUrl
+ " DATA:\n---\n"
+ sSigValXml
+ "\n---\n");
TimeStampResponse tresp = tsFac.requestTimestamp(TSPAlgorithms.SHA1.getId(), hash, tsaUrl);
if (tresp != null) {
TimestampInfo ti =
new TimestampInfo(
sig.getId() + "-T0", sig, TimestampInfo.TIMESTAMP_TYPE_SIGNATURE, hash, tresp);
ti.addIncludeInfo(new IncludeInfo("#" + sig.getId() + "-SIG"));
sig.addTimestampInfo(ti);
try {
if (m_logger.isDebugEnabled())
m_logger.debug("Timestamp: " + Base64Util.encode(tresp.getEncoded()));
} catch (Exception ex) {
}
// sb = new StringBuffer();
// genFac.timestampInfo2xml(sb, ti, true);
// String sToXml = sb.toString();
// TODO: add TSA refs and certs ? Not in TSL yet!
sig.setProfile(SignedDoc.BDOC_PROFILE_T);
try {
X509Certificate cert =
SignedDoc.readCertificate(
new java.io.File("/Users/veiko/workspace/jdigidoc/trunk/iaik-tsa.crt"));
/*Store st = tresp.getTimeStampToken().getCertificates();
if(st != null) {
SignerInformationStore signers = st.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certStore.getMatches(signer.getSID());
Iterator certIt = certCollection.iterator();
X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
}
}*/
} catch (Exception ex) {
m_logger.error("Error ts: " + ex);
}
}
}
return sig;
}