예제 #1
0
  private void validatePolicy(Reports reports) {
    DiagnosticData diagnosticData = reports.getDiagnosticData();

    List<SignatureWrapper> signatures = diagnosticData.getSignatures();
    SignatureWrapper signatureWrapper = signatures.get(0);

    String policyId = diagnosticData.getPolicyId();
    assertEquals("2.16.724.1.3.1.1.2.1.9", policyId);
    assertEquals(
        "https://sede.060.gob.es/politica_de_firma_anexo_1.pdf", signatureWrapper.getPolicyUrl());
    assertFalse(signatureWrapper.isPolicyAsn1Processable());
    assertTrue(signatureWrapper.isPolicyIdentified());
    assertTrue(signatureWrapper.isPolicyStatus());
  }
예제 #2
0
  /**
   * This method returns the type of the qualification of the signature (signing certificate).
   *
   * @param signCert
   * @return
   */
  private SignatureType getSignatureType(final String certificateId) {

    CertificateWrapper certificate = diagnosticData.getUsedCertificateByIdNullSafe(certificateId);
    final CertificateQualification certQualification = new CertificateQualification();
    certQualification.setQcp(CertificatePolicyIdentifiers.isQCP(certificate));
    certQualification.setQcpp(CertificatePolicyIdentifiers.isQCPPlus(certificate));
    certQualification.setQcc(QCStatementPolicyIdentifiers.isQCCompliant(certificate));
    certQualification.setQcsscd(QCStatementPolicyIdentifiers.isSupportedByQSCD(certificate));

    final TLQualification trustedListQualification = new TLQualification();

    final String serviceType = certificate.getCertificateTSPServiceType();

    final List<String> qualifiers = certificate.getCertificateTSPServiceQualifiers();

    trustedListQualification.setCaqc(ServiceQualification.isCaQc(serviceType));
    trustedListQualification.setQcCNoSSCD(ServiceQualification.isQcNoSSCD(qualifiers));
    trustedListQualification.setQcForLegalPerson(
        ServiceQualification.isQcForLegalPerson(qualifiers));
    trustedListQualification.setQcSSCDAsInCert(
        ServiceQualification.isQcSscdStatusAsInCert(qualifiers));
    trustedListQualification.setQcWithSSCD(ServiceQualification.isQcWithSSCD(qualifiers));
    trustedListQualification.setQcStatement(ServiceQualification.isQcStatement(qualifiers));

    final SignatureType signatureType =
        SignatureQualification.getSignatureType(certQualification, trustedListQualification);
    return signatureType;
  }
예제 #3
0
 private void addSignatures(SimpleReport simpleReport) throws DSSException {
   validSignatureCount = 0;
   totalSignatureCount = 0;
   List<SignatureWrapper> signatures = diagnosticData.getSignatures();
   for (SignatureWrapper signature : signatures) {
     addSignature(simpleReport, signature);
   }
 }
  @Test
  public void test() throws Exception {
    DSSDocument documentToSign = new InMemoryDocument("Hello World".getBytes());

    CertificateService certificateService = new CertificateService();
    MockPrivateKeyEntry privateKeyEntry =
        certificateService.generateCertificateChain(SignatureAlgorithm.RSA_SHA256);

    CAdESSignatureParameters signatureParameters = new CAdESSignatureParameters();
    signatureParameters.bLevel().setSigningDate(new Date());
    signatureParameters.setSigningCertificate(privateKeyEntry.getCertificate());
    signatureParameters.setCertificateChain(privateKeyEntry.getCertificateChain());
    signatureParameters.setSignaturePackaging(SignaturePackaging.ENVELOPING);
    signatureParameters.setSignatureLevel(SignatureLevel.CAdES_BASELINE_LTA);

    CertificateVerifier certificateVerifier = new CommonCertificateVerifier();
    CAdESService service = new CAdESService(certificateVerifier);
    service.setTspSource(
        new MockTSPSource(certificateService.generateTspCertificate(SignatureAlgorithm.RSA_SHA1)));

    ToBeSigned toBeSigned = service.getDataToSign(documentToSign, signatureParameters);
    SignatureValue signatureValue =
        TestUtils.sign(signatureParameters.getSignatureAlgorithm(), privateKeyEntry, toBeSigned);
    final DSSDocument signedDocument =
        service.signDocument(documentToSign, signatureParameters, signatureValue);

    SignedDocumentValidator validator = SignedDocumentValidator.fromDocument(signedDocument);
    validator.setCertificateVerifier(new CommonCertificateVerifier());

    Reports report = validator.validateDocument();
    // report.print();
    DiagnosticData diagnostic = report.getDiagnosticData();
    String timestampId = diagnostic.getSignatures().get(0).getTimestampList().get(0).getId();
    for (TimestampWrapper wrapper : diagnostic.getTimestampList(diagnostic.getFirstSignatureId())) {
      if (wrapper.getType().equals(TimestampType.ARCHIVE_TIMESTAMP.toString())) {
        Assert.assertEquals(
            timestampId, wrapper.getSignedObjects().getTimestampedTimestamp().get(0).getId());
      }
    }
  }
예제 #5
0
 public void init(DiagnosticData diagnosticData, Date currentTime) {
   Set<SignatureWrapper> signatures = diagnosticData.getAllSignatures();
   for (SignatureWrapper signature : signatures) {
     addPOE(signature.getId(), currentTime);
   }
   Set<TimestampWrapper> timestamps = diagnosticData.getAllTimestamps();
   for (TimestampWrapper timestamp : timestamps) {
     addPOE(timestamp.getId(), currentTime);
   }
   List<CertificateWrapper> usedCertificates = diagnosticData.getUsedCertificates();
   for (CertificateWrapper certificate : usedCertificates) {
     addPOE(certificate.getId(), currentTime);
     Set<RevocationWrapper> revocations = certificate.getRevocationData();
     if (CollectionUtils.isNotEmpty(revocations)) {
       for (RevocationWrapper revocation : revocations) {
         if (RevocationOrigin.SIGNATURE.name().equals(revocation.getOrigin())) {
           addPOE(revocation.getId(), currentTime);
         }
       }
     }
   }
 }
예제 #6
0
 private void addSignedBy(
     final SignatureWrapper diagnosticSignature, final XmlSignature xmlSignature) {
   String unknown = "?";
   String signedBy = unknown;
   String certificateId = diagnosticSignature.getSigningCertificateId();
   if (StringUtils.isNotEmpty(certificateId)) {
     signedBy = diagnosticData.getUsedCertificateById(certificateId).getCommonName();
     if (signedBy.equals(StringUtils.EMPTY)) {
       signedBy = diagnosticData.getUsedCertificateById(certificateId).getGivenName();
       if (signedBy.equals(StringUtils.EMPTY)) {
         signedBy = diagnosticData.getUsedCertificateById(certificateId).getSurname();
         if (signedBy.equals(StringUtils.EMPTY)) {
           signedBy = diagnosticData.getUsedCertificateById(certificateId).getPseudo();
           if (signedBy.equals(StringUtils.EMPTY)) {
             signedBy = unknown;
           }
         }
       }
     }
   }
   xmlSignature.setSignedBy(signedBy);
 }
예제 #7
0
 private String getCertificateIdByDigest(
     XmlDigestAlgAndValueType digestAlgoValue, DiagnosticData diagnosticData) {
   List<CertificateWrapper> certificates = diagnosticData.getUsedCertificates();
   if (CollectionUtils.isNotEmpty(certificates)) {
     for (CertificateWrapper certificate : certificates) {
       List<XmlDigestAlgAndValueType> digestAlgAndValues = certificate.getDigestAlgAndValue();
       if (CollectionUtils.isNotEmpty(digestAlgAndValues)) {
         for (XmlDigestAlgAndValueType certificateDigestAndValue : digestAlgAndValues) {
           if (StringUtils.equals(
                   certificateDigestAndValue.getDigestMethod(), digestAlgoValue.getDigestMethod())
               && StringUtils.equals(
                   certificateDigestAndValue.getDigestValue(), digestAlgoValue.getDigestValue())) {
             return certificate.getId();
           }
         }
       }
     }
   }
   return null;
 }
예제 #8
0
 private String getRevocationIdByDigest(
     XmlDigestAlgAndValueType digestAlgoValue, DiagnosticData diagnosticData) {
   List<CertificateWrapper> certificates = diagnosticData.getUsedCertificates();
   if (CollectionUtils.isNotEmpty(certificates)) {
     for (CertificateWrapper certificate : certificates) {
       Set<RevocationWrapper> revocations = certificate.getRevocationData();
       if (CollectionUtils.isNotEmpty(revocations)) {
         for (RevocationWrapper revocationData : revocations) {
           List<XmlDigestAlgAndValueType> digestAlgAndValues =
               revocationData.getDigestAlgAndValue();
           for (XmlDigestAlgAndValueType revocDigestAndValue : digestAlgAndValues) {
             if (StringUtils.equals(
                     revocDigestAndValue.getDigestMethod(), digestAlgoValue.getDigestMethod())
                 && StringUtils.equals(
                     revocDigestAndValue.getDigestValue(), digestAlgoValue.getDigestValue())) {
               return revocationData.getId();
             }
           }
         }
       }
     }
   }
   return null;
 }
예제 #9
0
 private void addDocumentName(SimpleReport report) {
   report.setDocumentName(diagnosticData.getDocumentName());
 }