示例#1
0
  private void setSigningCertificateAndChain(
      final WSParameters wsParameters, final SignatureParameters params) {

    final byte[] signingCertBytes = wsParameters.getSigningCertificateBytes();
    if (signingCertBytes == null) {
      return;
    }
    final X509Certificate x509SigningCertificate = DSSUtils.loadCertificate(signingCertBytes);
    params.setSigningCertificate(x509SigningCertificate);

    final List<X509Certificate> chain = new ArrayList<X509Certificate>();
    chain.add(x509SigningCertificate);
    final List<byte[]> certificateChainByteArrayList =
        wsParameters.getCertificateChainByteArrayList();
    if (certificateChainByteArrayList != null) {

      for (final byte[] x509CertificateBytes : certificateChainByteArrayList) {

        final X509Certificate x509Certificate = DSSUtils.loadCertificate(x509CertificateBytes);
        if (!chain.contains(x509Certificate)) {

          chain.add(x509Certificate);
        }
      }
    }
    params.setCertificateChain(chain);
  }
  /**
   * @throws IOException
   * @throws NoSuchAlgorithmException
   * @throws DSSException
   */
  public void signDocument() throws IOException, NoSuchAlgorithmException, DSSException {

    final SignatureModel model = getModel();

    final File fileToSign = model.getSelectedFile();
    final SignatureTokenConnection tokenConnection = model.getTokenConnection();
    final DSSPrivateKeyEntry privateKey = model.getSelectedPrivateKey();

    final SignatureParameters parameters = new SignatureParameters();
    parameters.setPrivateKeyEntry(privateKey);
    parameters.setSigningToken(tokenConnection);

    DigestAlgorithm digestAlgorithm = model.getSignatureDigestAlgorithm();
    if (digestAlgorithm == null) {
      parameters.setDigestAlgorithm(DigestAlgorithm.SHA256);
    } else {
      parameters.setDigestAlgorithm(digestAlgorithm);
    }
    if (model.isTslSignatureCheck()) {

      parameters.clearCertificateChain();
      parameters.setCertificateChain(parameters.getSigningCertificate());
      parameters.setSignatureLevel(SignatureLevel.XAdES_BASELINE_B);
      parameters.setSignaturePackaging(SignaturePackaging.ENVELOPED);

      final List<DSSReference> references = new ArrayList<DSSReference>();

      DSSReference dssReference = new DSSReference();
      dssReference.setId("xml_ref_id");
      dssReference.setUri("");

      final List<DSSTransform> transforms = new ArrayList<DSSTransform>();

      DSSTransform dssTransform = new DSSTransform();
      dssTransform.setAlgorithm(CanonicalizationMethod.ENVELOPED);
      transforms.add(dssTransform);

      dssTransform = new DSSTransform();
      dssTransform.setAlgorithm(CanonicalizationMethod.EXCLUSIVE);
      transforms.add(dssTransform);

      dssReference.setTransforms(transforms);
      references.add(dssReference);

      //			System.out.println("###APPLET - REFERENCES:");
      //			for (DSSReference reference : references) {
      //				System.out.println("    --> " + reference.getId() + "/" + reference.getUri() + "/" +
      // reference.getType());
      //				final List<DSSTransform> transforms_ = reference.getTransforms();
      //				for (DSSTransform transform : transforms_) {
      //
      //					System.out.println("    --> ---> " + transform.getElementName() + "/" +
      // transform.getTextContent() + "/" + transform.getAlgorithm());
      //				}
      //			}
      parameters.setReferences(references);

    } else {

      final String signatureLevelString = model.getLevel();
      final SignatureLevel signatureLevel = SignatureLevel.valueByName(signatureLevelString);
      parameters.setSignatureLevel(signatureLevel);
      parameters.setSignaturePackaging(model.getPackaging());

      if (model.isClaimedCheck()) {
        parameters.bLevel().addClaimedSignerRole(model.getClaimedRole());
      }
      if (model.isSignaturePolicyCheck()) {

        final byte[] hashValue = DSSUtils.base64Decode(model.getSignaturePolicyValue());
        final Policy policy = new Policy();
        policy.setId(model.getSignaturePolicyId());
        final DigestAlgorithm policyDigestAlgorithm =
            DigestAlgorithm.forName(model.getSignaturePolicyAlgo());
        policy.setDigestAlgorithm(policyDigestAlgorithm);
        policy.setDigestValue(hashValue);
        parameters.bLevel().setSignaturePolicy(policy);
      }
    }
    final DSSDocument signedDocument =
        SigningUtils.signDocument(serviceURL, fileToSign, parameters);
    final FileOutputStream fos = new FileOutputStream(model.getTargetFile());
    DSSUtils.copy(signedDocument.openStream(), fos);
    fos.close();
  }