private void setSigningCertificateAndChain( final WSParameters wsParameters, final SignatureParameters params) { final byte[] signingCertBytes = wsParameters.getSigningCertificateBytes(); if (signingCertBytes == null) { return; } final X509Certificate x509SigningCertificate = DSSUtils.loadCertificate(signingCertBytes); params.setSigningCertificate(x509SigningCertificate); final List<X509Certificate> chain = new ArrayList<X509Certificate>(); chain.add(x509SigningCertificate); final List<byte[]> certificateChainByteArrayList = wsParameters.getCertificateChainByteArrayList(); if (certificateChainByteArrayList != null) { for (final byte[] x509CertificateBytes : certificateChainByteArrayList) { final X509Certificate x509Certificate = DSSUtils.loadCertificate(x509CertificateBytes); if (!chain.contains(x509Certificate)) { chain.add(x509Certificate); } } } params.setCertificateChain(chain); }
/** * @throws IOException * @throws NoSuchAlgorithmException * @throws DSSException */ public void signDocument() throws IOException, NoSuchAlgorithmException, DSSException { final SignatureModel model = getModel(); final File fileToSign = model.getSelectedFile(); final SignatureTokenConnection tokenConnection = model.getTokenConnection(); final DSSPrivateKeyEntry privateKey = model.getSelectedPrivateKey(); final SignatureParameters parameters = new SignatureParameters(); parameters.setPrivateKeyEntry(privateKey); parameters.setSigningToken(tokenConnection); DigestAlgorithm digestAlgorithm = model.getSignatureDigestAlgorithm(); if (digestAlgorithm == null) { parameters.setDigestAlgorithm(DigestAlgorithm.SHA256); } else { parameters.setDigestAlgorithm(digestAlgorithm); } if (model.isTslSignatureCheck()) { parameters.clearCertificateChain(); parameters.setCertificateChain(parameters.getSigningCertificate()); parameters.setSignatureLevel(SignatureLevel.XAdES_BASELINE_B); parameters.setSignaturePackaging(SignaturePackaging.ENVELOPED); final List<DSSReference> references = new ArrayList<DSSReference>(); DSSReference dssReference = new DSSReference(); dssReference.setId("xml_ref_id"); dssReference.setUri(""); final List<DSSTransform> transforms = new ArrayList<DSSTransform>(); DSSTransform dssTransform = new DSSTransform(); dssTransform.setAlgorithm(CanonicalizationMethod.ENVELOPED); transforms.add(dssTransform); dssTransform = new DSSTransform(); dssTransform.setAlgorithm(CanonicalizationMethod.EXCLUSIVE); transforms.add(dssTransform); dssReference.setTransforms(transforms); references.add(dssReference); // System.out.println("###APPLET - REFERENCES:"); // for (DSSReference reference : references) { // System.out.println(" --> " + reference.getId() + "/" + reference.getUri() + "/" + // reference.getType()); // final List<DSSTransform> transforms_ = reference.getTransforms(); // for (DSSTransform transform : transforms_) { // // System.out.println(" --> ---> " + transform.getElementName() + "/" + // transform.getTextContent() + "/" + transform.getAlgorithm()); // } // } parameters.setReferences(references); } else { final String signatureLevelString = model.getLevel(); final SignatureLevel signatureLevel = SignatureLevel.valueByName(signatureLevelString); parameters.setSignatureLevel(signatureLevel); parameters.setSignaturePackaging(model.getPackaging()); if (model.isClaimedCheck()) { parameters.bLevel().addClaimedSignerRole(model.getClaimedRole()); } if (model.isSignaturePolicyCheck()) { final byte[] hashValue = DSSUtils.base64Decode(model.getSignaturePolicyValue()); final Policy policy = new Policy(); policy.setId(model.getSignaturePolicyId()); final DigestAlgorithm policyDigestAlgorithm = DigestAlgorithm.forName(model.getSignaturePolicyAlgo()); policy.setDigestAlgorithm(policyDigestAlgorithm); policy.setDigestValue(hashValue); parameters.bLevel().setSignaturePolicy(policy); } } final DSSDocument signedDocument = SigningUtils.signDocument(serviceURL, fileToSign, parameters); final FileOutputStream fos = new FileOutputStream(model.getTargetFile()); DSSUtils.copy(signedDocument.openStream(), fos); fos.close(); }