public SignatureResponse(SignatureValue signatureValue, CertificateToken certificate, CertificateToken[] certificateChain) { this.signatureValue = signatureValue.getValue(); this.signatureAlgorithm = signatureValue.getAlgorithm(); this.certificate = certificate; this.certificateChain = certificateChain; }
private byte[] signECDSA(DigestAlgorithm digestAlgorithm, byte[] dataToSign) { try { logger.debug("Signing with PKCS#11 and " + digestAlgorithm.name()); ToBeSigned toBeSigned = new ToBeSigned(dataToSign); eu.europa.esig.dss.DigestAlgorithm dssDigestAlgorithm = eu.europa.esig.dss.DigestAlgorithm.forXML(digestAlgorithm.toString()); SignatureValue signature = signatureTokenConnection.sign(toBeSigned, dssDigestAlgorithm, privateKeyEntry); return signature.getValue(); } catch (Exception e) { logger.error("Failed to sign with PKCS#11: " + e.getMessage()); throw new TechnicalException("Failed to sign with PKCS#11: " + e.getMessage(), e); } /* */ }
@Override public byte[] sign(org.digidoc4j.DigestAlgorithm digestAlgorithm, byte[] dataToSign) { logger.info("Signing with PKCS#12 signature token, using digest algorithm: " + digestAlgorithm.name()); ToBeSigned toBeSigned = new ToBeSigned(dataToSign); eu.europa.esig.dss.DigestAlgorithm dssDigestAlgorithm = eu.europa.esig.dss.DigestAlgorithm.forXML(digestAlgorithm.toString()); SignatureValue signature = signatureTokenConnection.sign(toBeSigned, dssDigestAlgorithm, keyEntry); return signature.getValue(); }
public static void main(String[] args) { try (MSCAPISignatureToken token = new MSCAPISignatureToken()) { List<DSSPrivateKeyEntry> keys = token.getKeys(); for (DSSPrivateKeyEntry entry : keys) { System.out.println(entry.getCertificate().getCertificate()); } ToBeSigned toBeSigned = new ToBeSigned("Hello world".getBytes()); SignatureValue signatureValue = token.sign(toBeSigned, DigestAlgorithm.SHA256, keys.get(0)); System.out.println("Signature value : " + Base64.getEncoder().encodeToString(signatureValue.getValue())); } }
SignatureValue signatureValue = token.sign(toBeSigned, DigestAlgorithm.SHA256, key); System.out.println("Signature value : " + Base64.getEncoder().encodeToString(signatureValue.getValue()));
@Test public void testPkcs12() throws IOException { try (Pkcs12SignatureToken signatureToken = new Pkcs12SignatureToken("src/test/resources/user_a_rsa.p12", new PasswordProtection("password".toCharArray()))) { assertNotNull(signatureToken); List<DSSPrivateKeyEntry> keys = signatureToken.getKeys(); assertFalse(keys.isEmpty()); KSPrivateKeyEntry dssPrivateKeyEntry = (KSPrivateKeyEntry) keys.get(0); assertNotNull(dssPrivateKeyEntry); assertNotNull(dssPrivateKeyEntry.getAlias()); DSSPrivateKeyEntry entry = signatureToken.getKey(dssPrivateKeyEntry.getAlias(), new PasswordProtection("password".toCharArray())); assertNotNull(entry); assertNotNull(entry.getCertificate()); assertNotNull(entry.getCertificateChain()); assertNotNull(entry.getEncryptionAlgorithm()); ToBeSigned toBeSigned = new ToBeSigned("Hello world".getBytes("UTF-8")); SignatureValue signValue = signatureToken.sign(toBeSigned, DigestAlgorithm.SHA256, entry); assertNotNull(signValue); assertNotNull(signValue.getAlgorithm()); assertNotNull(signValue.getValue()); } }
@Test public void testRemoteSigning() throws IOException { Pkcs12SignatureToken serverToken = new Pkcs12SignatureToken("src/test/resources/good-user.p12", new PasswordProtection("ks-password".toCharArray())); RemoteSignatureTokenConnectionImpl exposedToken = new RemoteSignatureTokenConnectionImpl(); exposedToken.setToken(serverToken); List<RemoteKeyEntry> keys = exposedToken.getKeys(); assertTrue(keys != null && keys.size() > 0); for (RemoteKeyEntry remoteKeyEntry : keys) { assertNotNull(remoteKeyEntry.getAlias()); assertNotNull(remoteKeyEntry.getCertificate()); assertNotNull(remoteKeyEntry.getCertificateChain()); RemoteKeyEntry key = exposedToken.getKey(remoteKeyEntry.getAlias()); assertEquals(remoteKeyEntry.getAlias(), key.getAlias()); assertEquals(remoteKeyEntry.getEncryptionAlgo(), key.getEncryptionAlgo()); } RemoteKeyEntry remoteKeyEntry = keys.get(0); ToBeSigned toBeSigned = new ToBeSigned(new byte[] {1,2,3,4,5}); SignatureValue signatureValue = exposedToken.sign(toBeSigned, DigestAlgorithm.SHA256, remoteKeyEntry.getAlias()); assertNotNull(signatureValue); assertNotNull(signatureValue.getValue()); assertEquals(SignatureAlgorithm.RSA_SHA256, signatureValue.getAlgorithm()); }