/**
* Main method for stamping given file. It serves as an example of whole process in one go.
*
* @param filename
* @param is
* @return
* @throws java.io.IOException
* @throws org.bouncycastle.tsp.TSPException
*/
public byte[] stamp(String filename, InputStream is) throws IOException, TSPException {
logger.entry();
logger.info("File to be stamped: {}", filename);
byte[] file = getBytesFromInputStream(is);
ExtendedDigest digestAlgorithm = new SHA256Digest(); // select hash algorithm
ASN1ObjectIdentifier requestAlgorithm;
try {
requestAlgorithm = getHashObjectIdentifier(digestAlgorithm.getAlgorithmName());
} catch (IllegalArgumentException e) {
logger.catching(e);
throw e;
}
logger.info("Selected algorithm: {}", digestAlgorithm.getAlgorithmName());
// create request
byte[] digest = calculateMessageDigest(file, digestAlgorithm);
TimeStampRequest tsq = getTSRequest(digest, requestAlgorithm);
logger.debug("TS request generated");
// send request and receive response
TimeStampResponse tsr;
try {
tsr = getTSResponse(tsq, server);
} catch (IOException | TSPException e) {
logger.catching(e);
throw e;
}
logger.debug("TSA response received");
// log reason of failure
if (tsr.getFailInfo() != null) {
logFailReason(tsr.getFailInfo().intValue());
return null;
}
// log response
logResponse(tsr);
logger.exit();
return tsr.getEncoded();
}
public static Signature finalizeXadesT(SignedDoc sdoc, Signature sig) throws DigiDocException {
if (m_logger.isDebugEnabled())
m_logger.debug("Finalize XAdES-T: " + sig.getId() + " profile: " + sig.getProfile());
UnsignedProperties usp = new UnsignedProperties(sig);
sig.setUnsignedProperties(usp);
if (sdoc.getFormat().equals(SignedDoc.FORMAT_BDOC)) {
DigiDocXmlGenFactory genFac = new DigiDocXmlGenFactory(sdoc);
TimestampFactory tsFac = ConfigManager.instance().getTimestampFactory();
// get <SignatureValueTimeStamp>
StringBuffer sb = new StringBuffer();
String tsaUrl = ConfigManager.instance().getProperty("DIGIDOC_TSA_URL");
genFac.signatureValue2xml(sb, sig.getSignatureValue(), true);
String sSigValXml = sb.toString().trim();
byte[] hash =
SignedDoc.digestOfType(
sSigValXml.getBytes(),
(sdoc.getFormat().equals(SignedDoc.FORMAT_BDOC)
? SignedDoc.SHA256_DIGEST_TYPE
: SignedDoc.SHA1_DIGEST_TYPE));
if (m_logger.isDebugEnabled())
m_logger.debug(
"Get sig-val-ts for: "
+ Base64Util.encode(hash)
+ " uri: "
+ tsaUrl
+ " DATA:\n---\n"
+ sSigValXml
+ "\n---\n");
TimeStampResponse tresp = tsFac.requestTimestamp(TSPAlgorithms.SHA1.getId(), hash, tsaUrl);
if (tresp != null) {
TimestampInfo ti =
new TimestampInfo(
sig.getId() + "-T0", sig, TimestampInfo.TIMESTAMP_TYPE_SIGNATURE, hash, tresp);
ti.addIncludeInfo(new IncludeInfo("#" + sig.getId() + "-SIG"));
sig.addTimestampInfo(ti);
try {
if (m_logger.isDebugEnabled())
m_logger.debug("Timestamp: " + Base64Util.encode(tresp.getEncoded()));
} catch (Exception ex) {
}
// sb = new StringBuffer();
// genFac.timestampInfo2xml(sb, ti, true);
// String sToXml = sb.toString();
// TODO: add TSA refs and certs ? Not in TSL yet!
sig.setProfile(SignedDoc.BDOC_PROFILE_T);
try {
X509Certificate cert =
SignedDoc.readCertificate(
new java.io.File("/Users/veiko/workspace/jdigidoc/trunk/iaik-tsa.crt"));
/*Store st = tresp.getTimeStampToken().getCertificates();
if(st != null) {
SignerInformationStore signers = st.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certStore.getMatches(signer.getSID());
Iterator certIt = certCollection.iterator();
X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
}
}*/
} catch (Exception ex) {
m_logger.error("Error ts: " + ex);
}
}
}
return sig;
}