/** * @param certificate * @return */ public static String base64Encode(final X509Certificate certificate) throws DSSException { try { final byte[] bytes = certificate.getEncoded(); final String base64EncodedBytes = base64Encode(bytes); return base64EncodedBytes; } catch (CertificateEncodingException e) { throw new DSSException(e); } }
/** * Encodes dss document using the base64 algorithm . * * @param dssDocument dss document to be encoded * @return encoded base64 string */ public static String base64Encode(DSSDocument dssDocument) { final byte[] bytes = dssDocument.getBytes(); final String base64EncodedBytes = base64Encode(bytes); return base64EncodedBytes; }
@Override public String getDigest(final DigestAlgorithm digestAlgorithm) { final byte[] digestBytes = DSSUtils.digest(digestAlgorithm, getBytes()); final String base64Encode = DSSUtils.base64Encode(digestBytes); return base64Encode; }
@Override public String getDigest(final DigestAlgorithm digestAlgorithm) { final byte[] digestBytes = DSSUtils.digest(digestAlgorithm, getBytes()); final String base64Encode = DSSUtils.base64Encode(digestBytes); return base64Encode; } }
/** * Retrieves the encoded signed data digest value. * * @return base 64 encoded {@code String} */ public String getEncodedSignedDataDigestValue() { final byte[] messageImprintDigest = timeStamp.getTimeStampInfo().getMessageImprintDigest(); return DSSUtils.base64Encode(messageImprintDigest); }
private void addCertificate(final Element x509DataDom, final X509Certificate x509Certificate) { final byte[] encoded = DSSUtils.getEncoded(x509Certificate); final String base64Encoded = DSSUtils.base64Encode(encoded); // <ds:X509Certificate>...</ds:X509Certificate> DSSXMLUtils.addTextElement(documentDom, x509DataDom, XMLNS, DS_X509_CERTIFICATE, base64Encoded); }
/** * Returns the encoded base 64 digest value of the certificate for a given algorithm. Can return null if the * algorithm is unknown. * * @param digestAlgorithm * @return */ public String getDigestValue(final DigestAlgorithm digestAlgorithm) { if (digests == null) { digests = new HashMap<DigestAlgorithm, String>(); } String encodedDigest = digests.get(digestAlgorithm); if (encodedDigest == null) { final byte[] digest = DSSUtils.digest(digestAlgorithm, DSSUtils.getEncoded(x509Certificate)); encodedDigest = DSSUtils.base64Encode(digest); digests.put(digestAlgorithm, encodedDigest); } return encodedDigest; }
private TimestampReference createCertificateTimestampReference(final DigestAlgorithm digestAlgorithm, final byte[] certHash) { final TimestampReference reference = new TimestampReference(digestAlgorithm.name(), DSSUtils.base64Encode(certHash)); return reference; }
@Override public String getDigest(final DigestAlgorithm digestAlgorithm) { final byte[] digestBytes = DSSUtils.digest(digestAlgorithm, getBytes()); final String base64Encode = DSSUtils.base64Encode(digestBytes); return base64Encode; }
private TimestampReference createCertificateTimestampReference(final DigestAlgorithm digestAlgorithm, final byte[] certHash) { final TimestampReference reference = new TimestampReference(digestAlgorithm.getXmlId(), DSSUtils.base64Encode(certHash)); return reference; }
public TimestampReference(final String signatureId) { if (signatureId == null) { throw new DSSNullException(String.class, "signatureId"); } this.signatureId = signatureId; this.digestAlgorithm = DigestAlgorithm.SHA1.name(); this.digestValue = DSSUtils.base64Encode(DSSUtils.digest(DigestAlgorithm.SHA1, signatureId.getBytes())); this.category = TimestampReferenceCategory.SIGNATURE; }
private void incorporateOcspTokens(Element parentDom, final List<OCSPToken> ocspTokens) { if (ocspTokens.isEmpty()) { return; } // ...<xades:OCSPValues> // .........<xades:EncapsulatedOCSPValue>MIIERw... final Element ocspValuesDom = DSSXMLUtils.addElement(documentDom, parentDom, XAdESNamespaces.XAdES, "xades:OCSPValues"); for (final RevocationToken revocationToken : ocspTokens) { final byte[] encodedOCSP = revocationToken.getEncoded(); final String base64EncodedOCSP = DSSUtils.base64Encode(encodedOCSP); DSSXMLUtils.addTextElement(documentDom, ocspValuesDom, XAdESNamespaces.XAdES, "xades:EncapsulatedOCSPValue", base64EncodedOCSP); } } }
private void incorporateCrlTokens(final Element parentDom, final List<CRLToken> crlTokens) { if (crlTokens.isEmpty()) { return; } // ...<xades:CRLValues/> final Element crlValuesDom = DSSXMLUtils.addElement(documentDom, parentDom, XAdESNamespaces.XAdES, "xades:CRLValues"); for (final RevocationToken revocationToken : crlTokens) { final byte[] encodedCRL = revocationToken.getEncoded(); final String base64EncodedCRL = DSSUtils.base64Encode(encodedCRL); DSSXMLUtils.addTextElement(documentDom, crlValuesDom, XAdESNamespaces.XAdES, "xades:EncapsulatedCRLValue", base64EncodedCRL); } }
private void incorporateCrlTokens(final Element parentDom, final List<CRLToken> crlTokens) { if (crlTokens.isEmpty()) { return; } // ...<xades:CRLValues/> final Element crlValuesDom = DSSXMLUtils.addElement(documentDom, parentDom, XAdESNamespaces.XAdES, "xades:CRLValues"); for (final RevocationToken revocationToken : crlTokens) { final byte[] encodedCRL = revocationToken.getEncoded(); final String base64EncodedCRL = DSSUtils.base64Encode(encodedCRL); DSSXMLUtils.addTextElement(documentDom, crlValuesDom, XAdESNamespaces.XAdES, "xades:EncapsulatedCRLValue", base64EncodedCRL); } }
private void incorporateOcspTokens(Element parentDom, final List<OCSPToken> ocspTokens) { if (ocspTokens.isEmpty()) { return; } // ...<xades:OCSPValues> // .........<xades:EncapsulatedOCSPValue>MIIERw... final Element ocspValuesDom = DSSXMLUtils.addElement(documentDom, parentDom, XAdESNamespaces.XAdES, "xades:OCSPValues"); for (final RevocationToken revocationToken : ocspTokens) { final byte[] encodedOCSP = revocationToken.getEncoded(); final String base64EncodedOCSP = DSSUtils.base64Encode(encodedOCSP); DSSXMLUtils.addTextElement(documentDom, ocspValuesDom, XAdESNamespaces.XAdES, "xades:EncapsulatedOCSPValue", base64EncodedOCSP); } }
@Override public String getDigest(final DigestAlgorithm digestAlgorithm) { final InputStream inputStream = openStream(); final byte[] digestBytes = DSSUtils.digest(digestAlgorithm, inputStream); DSSUtils.closeQuietly(inputStream); final String base64Encode = DSSUtils.base64Encode(digestBytes); return base64Encode; } }
/** * Adds signature value to the signature and returns XML signature (InMemoryDocument) * * @param signatureValue * @return * @throws DSSException */ @Override public DSSDocument signDocument(final byte[] signatureValue) throws DSSException { if (!built) { build(); } final EncryptionAlgorithm encryptionAlgorithm = params.getEncryptionAlgorithm(); final byte[] signatureValueBytes = DSSSignatureUtils.convertToXmlDSig(encryptionAlgorithm, signatureValue); final String signatureValueBase64Encoded = DSSUtils.base64Encode(signatureValueBytes); final Text signatureValueNode = documentDom.createTextNode(signatureValueBase64Encoded); signatureValueDom.appendChild(signatureValueNode); byte[] documentBytes = DSSXMLUtils.transformDomToByteArray(documentDom); final InMemoryDocument inMemoryDocument = new InMemoryDocument(documentBytes); inMemoryDocument.setMimeType(MimeType.XML); return inMemoryDocument; } }
private boolean verifySigningCertificateReferences(final BigInteger signingTokenSerialNumber, final GeneralNames signingTokenIssuerName, final byte[] signingTokenCertHash, final byte[] certHash, final IssuerSerial issuerSerial) { signingCertificateValidity.setDigest(DSSUtils.base64Encode(signingTokenCertHash)); final boolean hashEqual = Arrays.equals(certHash, signingTokenCertHash); signingCertificateValidity.setDigestEqual(hashEqual); if (issuerSerial != null) { final BigInteger serialNumber = issuerSerial.getSerial().getValue(); boolean serialNumberEqual = serialNumber.equals(signingTokenSerialNumber); signingCertificateValidity.setSerialNumberEqual(serialNumberEqual); } if (issuerSerial != null) { final GeneralNames issuerName = issuerSerial.getIssuer(); final String canonicalizedIssuerName = getCanonicalizedName(issuerName); final String canonicalizedSigningTokenIssuerName = getCanonicalizedName(signingTokenIssuerName); // DOES NOT WORK IN ALL CASES: // issuerNameEqual = issuerName.equals(signingTokenIssuerName); boolean issuerNameEqual = canonicalizedIssuerName.equals(canonicalizedSigningTokenIssuerName); signingCertificateValidity.setDistinguishedNameEqual(issuerNameEqual); } // Validation of the hash is sufficient return hashEqual; }
@Override protected void init() { final Parameters parameters = getController().getParameter(); final SignatureModel model = getModel(); if (parameters.hasSignaturePolicyAlgo() && DSSUtils.isEmpty(model.getSignaturePolicyAlgo())) { model.setSignaturePolicyAlgo(parameters.getSignaturePolicyAlgo()); } if (parameters.hasSignaturePolicyValue() && DSSUtils.isEmpty(model.getSignaturePolicyValue())) { model.setSignaturePolicyValue(DSSUtils.base64Encode(parameters.getSignaturePolicyValue())); } // TODO: (Bob: 2014 Jan 19) To be adapted to baseline profile final boolean levelBES = model.getLevel().toUpperCase().endsWith("-BES"); model.setSignaturePolicyVisible(!levelBES); }
/** * Constructor with an indication of the timestamp type. The default constructor for {@code TimestampToken}. * * @param timeStamp {@code TimeStampToken} * @param type {@code TimestampType} * @param certPool {@code CertificatePool} which is used to identify the signing certificate of the timestamp */ public TimestampToken(final TimeStampToken timeStamp, final TimestampType type, final CertificatePool certPool) { this.timeStamp = timeStamp; this.timeStampType = type; this.extraInfo = new TokenValidationExtraInfo(); wrappedSource = new CAdESCertificateSource(timeStamp, certPool); final Collection<CertificateToken> certs = wrappedSource.getCertificates(); for (final CertificateToken certificateToken : certs) { final byte[] encoded = certificateToken.getEncoded(); final Certificate certificate = Certificate.getInstance(encoded); final X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(certificate); if (timeStamp.getSID().match(x509CertificateHolder)) { boolean valid = isSignedBy(certificateToken); if (valid) { break; } } } final byte[] digest = DSSUtils.digest(DigestAlgorithm.MD5, DSSUtils.getEncoded(timeStamp)); final String base64Encoded = DSSUtils.base64Encode(digest); dssId = base64Encoded.hashCode(); }