private SignatureData getFromXmlDigSigSignature( SignatureVerificationRequest signatureVerificationRequest, SignatureVerificationResponse response) throws ParserConfigurationException, SAXException, IOException, MarshalException, SignatureException { String signature = new String(Base64.decode(signatureVerificationRequest.getSignature())); InputStream is = new ByteArrayInputStream(signature.getBytes()); Document document = createDocument(is, true); XMLSignature xmlSignature = XMLSignatureFactory.getInstance().unmarshalXMLSignature(new DOMStructure(document)); List contentList = xmlSignature.getKeyInfo().getContent(); for (Object content : contentList) { if (content instanceof X509Data) { List certificateList = ((X509Data) content).getContent(); for (Object certificateObject : certificateList) { if (certificateObject instanceof X509Certificate) { X509Certificate cert = (X509Certificate) certificateObject; CertificateInfo ci = new CertificateInfo(); ci.setSubjectDn(cert.getSubjectDN().getName()); ci.setValidTo(simpleDateFormat.format(cert.getNotAfter())); response.getCertificateInfos().getCertificateInfo().add(ci); } } } } return createSignatureDataFromXmlDigSig(signature); }
private SignatureData getFromCmsSignature( SignatureVerificationRequest signatureVerificationRequest, SignatureVerificationResponse response) throws CMSException { String signature = signatureVerificationRequest.getSignature(); byte[] decoded = Base64.decode(signature); CMSSignedData cmsSignedData = new CMSSignedData(decoded); String encodedSignedData = new String((byte[]) cmsSignedData.getSignedContent().getContent()); // Fetch information about the issuers List<String> certInfos = new ArrayList<String>(); Collection certificates = cmsSignedData.getCertificates().getMatches(null); for (Object certificate : certificates) { X509CertificateHolder holder = (X509CertificateHolder) certificate; certInfos.add(holder.getSubject().toString()); CertificateInfo ci = new CertificateInfo(); ci.setSubjectDn(holder.getSubject().toString()); ci.setValidTo(simpleDateFormat.format(holder.getNotAfter())); response.getCertificateInfos().getCertificateInfo().add(ci); } // Fetch timestamp Date signingDate = findTimestamp(cmsSignedData); String dateString = simpleDateFormat.format(signingDate); response.setSignatureDate(dateString); // Create the SignatureData to be verified SignatureData signData = new SignatureData(); signData.setEncodedTbs(encodedSignedData); signData.setSignature(signature); ELegType clientType = new ELegType("test", "test", PkiClient.NETMAKER_NETID_4); signData.setClientType(clientType); return signData; }
/** * Method that verifies an incoming signature and returns the response as application/xml. * * @param signatureVerificationRequest the request which is converted to a {@link * SignatureVerificationRequest} from xml * @return the {@link SignatureVerificationResponse} as application/xml */ @POST @Path("/verifySignature") @Consumes("application/xml") @Produces("application/xml") public SignatureVerificationResponse verifySignature( SignatureVerificationRequest signatureVerificationRequest) { SignatureVerificationResponse response = new SignatureVerificationResponse(); response.setCertificateInfos(new CertificateInfos()); boolean verified = false; String message = null; try { SignatureFormat format = signatureVerificationRequest.getSignatureFormat(); if (SignatureFormat.XMLDIGSIG.equals(format)) { try { SignatureData signatureData = getFromXmlDigSigSignature(signatureVerificationRequest, response); verified = super.verifySignature(signatureData); } catch (SignatureException e) { e.printStackTrace(); message = e.getMessage(); } } else if (SignatureFormat.CMS.equals(format)) { SignatureData signData = getFromCmsSignature(signatureVerificationRequest, response); try { // Verify verified = super.verifySignature(signData); } catch (SignatureException e) { e.printStackTrace(); message = e.getMessage(); } } response.setStatus(verified ? SignatureStatus.SUCCESS : SignatureStatus.FAILURE); if (message != null) { response.setMessage(message); } } catch (IOException ex) { throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR); } catch (MarshalException ex) { throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR); } catch (ParserConfigurationException ex) { throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR); } catch (SAXException ex) { throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR); } catch (CMSException ex) { throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR); } return response; }