protected Transform newTransform(String canonicalizationMethod) throws XMLSignatureException { return newTransform(canonicalizationMethod, null); }
private XAdESTimeStampType createXAdESTimeStamp( List<Node> nodeList, RevocationData revocationData) { byte[] c14nSignatureValueElement = getC14nValue(nodeList, signatureConfig.getXadesCanonicalizationMethod()); return createXAdESTimeStamp(c14nSignatureValueElement, revocationData); }
@Override public void preSign( Document document , List<Reference> references , List<XMLObject> objects) throws XMLSignatureException { LOG.log(POILogger.DEBUG, "pre sign"); addManifestObject(document, references, objects); addSignatureInfo(document, references, objects); }
addSignatureFacet(new OOXMLSignatureFacet()); addSignatureFacet(new KeyInfoSignatureFacet()); addSignatureFacet(new XAdESSignatureFacet()); addSignatureFacet(new Office2010SignatureFacet()); sf.setSignatureConfig(this);
XAdESTimeStampType signatureTimeStamp = createXAdESTimeStamp (Collections.singletonList(nlSigVal.item(0)), tsaRevocationDataXadesT); ValidationDataType validationData = createValidationData(tsaRevocationDataXadesT); insertXChild(unsignedSigProps, validationData); for (X509Certificate cert : certChain.subList(1, chainSize)) { CertIDType certId = certIdList.addNewCert(); XAdESSignatureFacet.setCertID(certId, signatureConfig, false, cert); cal.setTime(crl.getThisUpdate()); crlIdentifier.setIssueTime(cal); crlIdentifier.setNumber(getCrlNumber(crl)); XAdESSignatureFacet.setDigestAlgAndValue(digestAlgAndValue, encodedCrl, signatureConfig.getDigestAlgo()); XAdESSignatureFacet.setDigestAlgAndValue(digestAlgAndValue, ocsp, signatureConfig.getDigestAlgo()); XAdESTimeStampType timeStampXadesX1 = createXAdESTimeStamp (timeStampNodesXadesX1, tsaRevocationDataXadesX1); if (tsaRevocationDataXadesX1.hasRevocationDataEntries()) { ValidationDataType timeStampXadesX1ValidationData = createValidationData(tsaRevocationDataXadesX1); insertXChild(unsignedSigProps, timeStampXadesX1ValidationData); createRevocationValues(revocationValues, revocationData);
CertIDType certId = signingCertificates.addNewCert(); X509Certificate certificate = signatureConfig.getSigningCertificateChain().get(0); setCertID(certId, signatureConfig, signatureConfig.isXadesIssuerNameNoReverseOrder(), certificate); XmlString roleString = XmlString.Factory.newInstance(); roleString.setStringValue(role); insertXChild(claimedRole, roleString); setDigestAlgAndValue(sigPolicyHash, signaturePolicyDocumentData, signatureConfig.getDigestAlgo()); XmlString spUriElement = XmlString.Factory.newInstance(); spUriElement.setStringValue(signaturePolicyDownloadUrl); insertXChild(sigPolicyQualifier, spUriElement); Element qualDocEl = (Element)document.importNode(qualDocElSrc, true); xadesObjectContent.add(new DOMStructure(qualDocEl)); XMLObject xadesObject = getSignatureFactory().newXMLObject(xadesObjectContent, null, null, null); objects.add(xadesObject); Transform exclusiveTransform = newTransform(CanonicalizationMethod.INCLUSIVE); transforms.add(exclusiveTransform); Reference reference = newReference ("#"+signatureConfig.getXadesSignatureId(), transforms, XADES_TYPE, null, null); references.add(reference);
protected void addManifestObject( Document document , List<Reference> references , List<XMLObject> objects) throws XMLSignatureException { List<Reference> manifestReferences = new ArrayList<>(); addManifestReferences(manifestReferences); Manifest manifest = getSignatureFactory().newManifest(manifestReferences); List<XMLStructure> objectContent = new ArrayList<>(); objectContent.add(manifest); addSignatureTime(document, objectContent); XMLObject xo = getSignatureFactory().newXMLObject(objectContent, ID_PACKAGE_OBJECT, null, null); objects.add(xo); Reference reference = newReference("#"+ID_PACKAGE_OBJECT, null, XML_DIGSIG_NS+"Object", null, null); references.add(reference); }
if (!isSignedRelationship(relationshipType)) { continue; String partName = normalizePartName(relationship.getTargetURI(), baseUri); Reference reference = newReference(uri, null, null, null, null); manifestReferences.add(reference); transforms.add(newTransform(RelationshipTransformService.TRANSFORM_URI, parameterSpec)); transforms.add(newTransform(CanonicalizationMethod.INCLUSIVE)); String uri = normalizePartName(pp.getPartName().getURI(), baseUri) + "?ContentType=application/vnd.openxmlformats-package.relationships+xml"; Reference reference = newReference(uri, transforms, null, null, null); manifestReferences.add(reference);
@Override public void preSign(Document document , List<Reference> references , List<XMLObject> objects) throws XMLSignatureException { List<Transform> transforms = new ArrayList<>(); Transform envelopedTransform = newTransform(CanonicalizationMethod.ENVELOPED); transforms.add(envelopedTransform); Transform exclusiveTransform = newTransform(CanonicalizationMethod.EXCLUSIVE); transforms.add(exclusiveTransform); Reference reference = newReference("", transforms, null, null, null); references.add(reference); } }
protected void addSignatureInfo(Document document, List<Reference> references, List<XMLObject> objects) throws XMLSignatureException { List<XMLStructure> objectContent = new ArrayList<>(); SignatureInfoV1Document sigV1 = SignatureInfoV1Document.Factory.newInstance(); CTSignatureInfoV1 ctSigV1 = sigV1.addNewSignatureInfoV1(); ctSigV1.setManifestHashAlgorithm(signatureConfig.getDigestMethodUri()); if (signatureConfig.getSignatureDescription() != null) { ctSigV1.setSignatureComments(signatureConfig.getSignatureDescription()); } Element n = (Element)document.importNode(ctSigV1.getDomNode(), true); n.setAttributeNS(XML_NS, XMLConstants.XMLNS_ATTRIBUTE, MS_DIGSIG_NS); List<XMLStructure> signatureInfoContent = new ArrayList<>(); signatureInfoContent.add(new DOMStructure(n)); SignatureProperty signatureInfoSignatureProperty = getSignatureFactory() .newSignatureProperty(signatureInfoContent, "#" + signatureConfig.getPackageSignatureId(), "idOfficeV1Details"); List<SignatureProperty> signaturePropertyContent = new ArrayList<>(); signaturePropertyContent.add(signatureInfoSignatureProperty); SignatureProperties signatureProperties = getSignatureFactory() .newSignatureProperties(signaturePropertyContent, null); objectContent.add(signatureProperties); String objectId = "idOfficeObject"; objects.add(getSignatureFactory().newXMLObject(objectContent, objectId, null, null)); Reference reference = newReference("#" + objectId, null, XML_DIGSIG_NS+"Object", null, null); references.add(reference); }
protected Transform newTransform(String canonicalizationMethod, TransformParameterSpec paramSpec) throws XMLSignatureException { try { return getSignatureFactory().newTransform(canonicalizationMethod, paramSpec); } catch (GeneralSecurityException e) { throw new XMLSignatureException("unknown canonicalization method: "+canonicalizationMethod, e); } }
private ValidationDataType createValidationData( RevocationData revocationData) { ValidationDataType validationData = ValidationDataType.Factory.newInstance(); RevocationValuesType revocationValues = validationData.addNewRevocationValues(); createRevocationValues(revocationValues, revocationData); return validationData; }
signatureFacet.postSign(document);
setDigestAlgAndValue(certDigest, encodedCertificate, signatureConfig.getXadesDigestAlgo());
protected void addSignatureTime(Document document, List<XMLStructure> objectContent) { /* * SignatureTime */ SignatureTimeDocument sigTime = SignatureTimeDocument.Factory.newInstance(); CTSignatureTime ctTime = sigTime.addNewSignatureTime(); ctTime.setFormat("YYYY-MM-DDThh:mm:ssTZD"); ctTime.setValue(signatureConfig.formatExecutionTime()); LOG.log(POILogger.DEBUG, "execution time: " + ctTime.getValue()); Element n = (Element)document.importNode(ctTime.getDomNode(),true); List<XMLStructure> signatureTimeContent = new ArrayList<>(); signatureTimeContent.add(new DOMStructure(n)); SignatureProperty signatureTimeSignatureProperty = getSignatureFactory() .newSignatureProperty(signatureTimeContent, "#" + signatureConfig.getPackageSignatureId(), "idSignatureTime"); List<SignatureProperty> signaturePropertyContent = new ArrayList<>(); signaturePropertyContent.add(signatureTimeSignatureProperty); SignatureProperties signatureProperties = getSignatureFactory() .newSignatureProperties(signaturePropertyContent, null); objectContent.add(signatureProperties); }
public static Reference newReference( String uri , List<Transform> transforms , String type , String id , byte digestValue[] , SignatureConfig signatureConfig) throws XMLSignatureException { // the references appear in the package signature or the package object // so we can use the default digest algorithm String digestMethodUri = signatureConfig.getDigestMethodUri(); XMLSignatureFactory sigFac = signatureConfig.getSignatureFactory(); DigestMethod digestMethod; try { digestMethod = sigFac.newDigestMethod(digestMethodUri, null); } catch (GeneralSecurityException e) { throw new XMLSignatureException("unknown digest method uri: "+digestMethodUri, e); } Reference reference; if (digestValue == null) { reference = sigFac.newReference(uri, digestMethod, transforms, type, id); } else { reference = sigFac.newReference(uri, digestMethod, transforms, type, id, digestValue); } return reference; } }
for (SignatureFacet signatureFacet : signatureConfig.getSignatureFacets()) { LOG.log(POILogger.DEBUG, "invoking signature facet: " + signatureFacet.getClass().getSimpleName()); signatureFacet.preSign(document, references, objects);
private XAdESTimeStampType createXAdESTimeStamp( List<Node> nodeList, RevocationData revocationData) { byte[] c14nSignatureValueElement = getC14nValue(nodeList, signatureConfig.getXadesCanonicalizationMethod()); return createXAdESTimeStamp(c14nSignatureValueElement, revocationData); }
@Override public void preSign( Document document , List<Reference> references , List<XMLObject> objects) throws XMLSignatureException { LOG.log(POILogger.DEBUG, "pre sign"); addManifestObject(document, references, objects); addSignatureInfo(document, references, objects); }
protected Transform newTransform(String canonicalizationMethod) throws XMLSignatureException { return newTransform(canonicalizationMethod, null); }