@Override
public byte[] getDataToSign(final WSDocument document, final WSParameters wsParameters)
throws DSSException {
String exceptionMessage;
try {
if (LOG.isInfoEnabled()) {
LOG.info("WsGetDataToSign: begin");
}
final SignatureParameters params = createParameters(wsParameters);
final DocumentSignatureService service =
getServiceForSignatureLevel(params.getSignatureLevel());
final byte[] dataToSign = service.getDataToSign(document, params);
if (LOG.isInfoEnabled()) {
LOG.info("WsGetDataToSign: end");
}
return dataToSign;
} catch (Throwable e) {
e.printStackTrace();
exceptionMessage = e.getMessage();
}
LOG.info("WsGetDataToSign: end with exception");
throw new DSSException(exceptionMessage);
}
@Override
public WSDocument extendSignature(
final WSDocument signedDocument, final WSParameters wsParameters) throws DSSException {
String exceptionMessage;
try {
if (LOG.isInfoEnabled()) {
LOG.info("WsExtendSignature: begin");
}
final SignatureParameters params = createParameters(wsParameters);
final DocumentSignatureService service =
getServiceForSignatureLevel(params.getSignatureLevel());
final DSSDocument dssDocument = service.extendDocument(signedDocument, params);
final WSDocument wsDocument = new WSDocument(dssDocument);
if (LOG.isInfoEnabled()) {
LOG.info("WsExtendSignature: end");
}
return wsDocument;
} catch (Throwable e) {
e.printStackTrace();
exceptionMessage = e.getMessage();
}
LOG.info("WsExtendSignature: end with exception");
throw new DSSException(exceptionMessage);
}
private void setSigningCertificateAndChain(
final WSParameters wsParameters, final SignatureParameters params) {
final byte[] signingCertBytes = wsParameters.getSigningCertificateBytes();
if (signingCertBytes == null) {
return;
}
final X509Certificate x509SigningCertificate = DSSUtils.loadCertificate(signingCertBytes);
params.setSigningCertificate(x509SigningCertificate);
final List<X509Certificate> chain = new ArrayList<X509Certificate>();
chain.add(x509SigningCertificate);
final List<byte[]> certificateChainByteArrayList =
wsParameters.getCertificateChainByteArrayList();
if (certificateChainByteArrayList != null) {
for (final byte[] x509CertificateBytes : certificateChainByteArrayList) {
final X509Certificate x509Certificate = DSSUtils.loadCertificate(x509CertificateBytes);
if (!chain.contains(x509Certificate)) {
chain.add(x509Certificate);
}
}
}
params.setCertificateChain(chain);
}
/**
* Adds the signature value to the signature.
*
* @param document the original document to sign.
* @param parameters set of the driving signing parameters
* @param signatureValue array of bytes representing the signature value.
* @return
* @throws DSSException
*/
public DSSDocument signDocument(
final DSSDocument document, final SignatureParameters parameters, final byte[] signatureValue)
throws DSSException {
SignatureBuilder builder = parameters.getContext().getBuilder();
if (builder != null) {
builder = parameters.getContext().getBuilder();
} else {
builder = SignatureBuilder.getSignatureBuilder(parameters, document, certificateVerifier);
}
final DSSDocument dssDocument = builder.signDocument(signatureValue);
parameters.getContext().setBuilder(builder);
return dssDocument;
}
/**
* Returns the canonicalized <ds:SignedInfo> XML segment under the form of InputStream
*
* @param dssDocument The original dssDocument to sign.
* @param parameters set of the driving signing parameters
* @return bytes
*/
public byte[] getDataToSign(final DSSDocument dssDocument, final SignatureParameters parameters)
throws DSSException {
final SignatureBuilder signatureBuilder =
SignatureBuilder.getSignatureBuilder(parameters, dssDocument, certificateVerifier);
parameters.getContext().setBuilder(signatureBuilder);
final byte[] dataToSign = signatureBuilder.build();
return dataToSign;
}
private void setClaimedSignerRole(
final WSParameters wsParameters, final SignatureParameters params) {
final List<String> claimedSignerRoles = wsParameters.getClaimedSignerRole();
if (claimedSignerRoles != null) {
for (final String claimedSignerRole : claimedSignerRoles) {
params.bLevel().addClaimedSignerRole(claimedSignerRole);
}
}
}
private void setReferences(WSParameters wsParameters, SignatureParameters params) {
final List<DSSReference> references = wsParameters.getReferences();
// System.out.println("###WS - REFERENCES:");
// if (references == null) {
//
// System.out.println(" --> NULL");
// return;
// }
// for (DSSReference reference : references) {
// System.out.println(" --> " + reference.getId() + "/" + reference.getUri() + "/" +
// reference.getType());
// final List<DSSTransform> transforms = reference.getTransforms();
// for (DSSTransform transform : transforms) {
//
// System.out.println(" --> ---> " + transform.getElementName() + "/" +
// transform.getTextContent() + "/" + transform.getAlgorithm());
// }
// }
params.setReferences(references);
}
private void setAsicMimeType(WSParameters wsParameters, SignatureParameters params) {
params.aSiC().setMimeType(wsParameters.getAsicMimeType());
}
private void setAsicZipComment(WSParameters wsParameters, SignatureParameters params) {
params.aSiC().setZipComment(wsParameters.getAsicZipComment());
}
private void setSignatureLevel(WSParameters wsParameters, SignatureParameters params) {
final SignatureLevel signatureLevel = wsParameters.getSignatureLevel();
params.setSignatureLevel(signatureLevel);
}
private void setSignaturePackaging(
final WSParameters wsParameters, final SignatureParameters params) {
final SignaturePackaging signaturePackaging = wsParameters.getSignaturePackaging();
params.setSignaturePackaging(signaturePackaging);
}
private void setSignerLocation(WSParameters wsParameters, SignatureParameters params) {
final BLevelParameters.SignerLocation signerLocation = wsParameters.getSignerLocation();
params.bLevel().setSignerLocation(signerLocation);
}
/**
* @throws IOException
* @throws NoSuchAlgorithmException
* @throws DSSException
*/
public void signDocument() throws IOException, NoSuchAlgorithmException, DSSException {
final SignatureModel model = getModel();
final File fileToSign = model.getSelectedFile();
final SignatureTokenConnection tokenConnection = model.getTokenConnection();
final DSSPrivateKeyEntry privateKey = model.getSelectedPrivateKey();
final SignatureParameters parameters = new SignatureParameters();
parameters.setPrivateKeyEntry(privateKey);
parameters.setSigningToken(tokenConnection);
DigestAlgorithm digestAlgorithm = model.getSignatureDigestAlgorithm();
if (digestAlgorithm == null) {
parameters.setDigestAlgorithm(DigestAlgorithm.SHA256);
} else {
parameters.setDigestAlgorithm(digestAlgorithm);
}
if (model.isTslSignatureCheck()) {
parameters.clearCertificateChain();
parameters.setCertificateChain(parameters.getSigningCertificate());
parameters.setSignatureLevel(SignatureLevel.XAdES_BASELINE_B);
parameters.setSignaturePackaging(SignaturePackaging.ENVELOPED);
final List<DSSReference> references = new ArrayList<DSSReference>();
DSSReference dssReference = new DSSReference();
dssReference.setId("xml_ref_id");
dssReference.setUri("");
final List<DSSTransform> transforms = new ArrayList<DSSTransform>();
DSSTransform dssTransform = new DSSTransform();
dssTransform.setAlgorithm(CanonicalizationMethod.ENVELOPED);
transforms.add(dssTransform);
dssTransform = new DSSTransform();
dssTransform.setAlgorithm(CanonicalizationMethod.EXCLUSIVE);
transforms.add(dssTransform);
dssReference.setTransforms(transforms);
references.add(dssReference);
// System.out.println("###APPLET - REFERENCES:");
// for (DSSReference reference : references) {
// System.out.println(" --> " + reference.getId() + "/" + reference.getUri() + "/" +
// reference.getType());
// final List<DSSTransform> transforms_ = reference.getTransforms();
// for (DSSTransform transform : transforms_) {
//
// System.out.println(" --> ---> " + transform.getElementName() + "/" +
// transform.getTextContent() + "/" + transform.getAlgorithm());
// }
// }
parameters.setReferences(references);
} else {
final String signatureLevelString = model.getLevel();
final SignatureLevel signatureLevel = SignatureLevel.valueByName(signatureLevelString);
parameters.setSignatureLevel(signatureLevel);
parameters.setSignaturePackaging(model.getPackaging());
if (model.isClaimedCheck()) {
parameters.bLevel().addClaimedSignerRole(model.getClaimedRole());
}
if (model.isSignaturePolicyCheck()) {
final byte[] hashValue = DSSUtils.base64Decode(model.getSignaturePolicyValue());
final Policy policy = new Policy();
policy.setId(model.getSignaturePolicyId());
final DigestAlgorithm policyDigestAlgorithm =
DigestAlgorithm.forName(model.getSignaturePolicyAlgo());
policy.setDigestAlgorithm(policyDigestAlgorithm);
policy.setDigestValue(hashValue);
parameters.bLevel().setSignaturePolicy(policy);
}
}
final DSSDocument signedDocument =
SigningUtils.signDocument(serviceURL, fileToSign, parameters);
final FileOutputStream fos = new FileOutputStream(model.getTargetFile());
DSSUtils.copy(signedDocument.openStream(), fos);
fos.close();
}
private void setDeterministicId(
final WSParameters wsParameters, final SignatureParameters params) {
final String deterministicId = wsParameters.getDeterministicId();
params.setDeterministicId(deterministicId);
}
private void setDigestAlgorithm(
final WSParameters wsParameters, final SignatureParameters params) {
final DigestAlgorithm digestAlgorithm = wsParameters.getDigestAlgorithm();
params.setDigestAlgorithm(digestAlgorithm);
}
private void setEncryptionAlgorithm(WSParameters wsParameters, SignatureParameters params) {
final EncryptionAlgorithm encryptionAlgorithm = wsParameters.getEncryptionAlgorithm();
params.setEncryptionAlgorithm(encryptionAlgorithm);
}
private void setContentIdentifierPrefix(WSParameters wsParameters, SignatureParameters params) {
final String contentIdentifierPrefix = wsParameters.getContentIdentifierPrefix();
params.bLevel().setContentIdentifierPrefix(contentIdentifierPrefix);
}
private void setCommitmentTypeIndication(WSParameters wsParameters, SignatureParameters params) {
final List<String> commitmentTypeIndication = wsParameters.getCommitmentTypeIndication();
params.bLevel().setCommitmentTypeIndications(commitmentTypeIndication);
}
private void setAsicSignatureForm(WSParameters wsParameters, SignatureParameters params) {
params.aSiC().setAsicSignatureForm(wsParameters.getAsicSignatureForm());
}
private void setAsicEnclosedSignature(WSParameters wsParameters, SignatureParameters params) {
params.aSiC().setEnclosedSignature(wsParameters.getAsicEnclosedSignature());
}
/**
* Allows to change the default behaviour regarding the use of an expired certificate.
*
* @param wsParameters
* @param params
*/
private void setSignWithExpiredCertificate(
final WSParameters wsParameters, final SignatureParameters params) {
final boolean signWithExpiredCertificate = wsParameters.getSignWithExpiredCertificate();
params.setSignWithExpiredCertificate(signWithExpiredCertificate);
}
private void setSigningDate(final WSParameters wsParameters, final SignatureParameters params) {
final Date signingDate = wsParameters.getSigningDate();
params.bLevel().setSigningDate(signingDate);
}
private void setSignaturePolicy(WSParameters wsParameters, SignatureParameters params) {
final BLevelParameters.Policy signaturePolicy = wsParameters.getSignaturePolicy();
params.bLevel().setSignaturePolicy(signaturePolicy);
}