@Override public Output get(Input input) throws Exception { Transform transform = input.getSignatureFactory().newTransform(CanonicalizationMethod.INCLUSIVE, (TransformParameterSpec) null); Reference ref = input.getSignatureFactory().newReference("#propertiesObject", input.getSignatureFactory().newDigestMethod(input.getContentDigestAlgorithm(), null), Collections.singletonList(transform), null, null); String doc2 = "<ts:timestamp xmlns:ts=\"http:/timestamp\">" + System.currentTimeMillis() + "</ts:timestamp>"; InputStream is = new ByteArrayInputStream(doc2.getBytes("UTF-8")); Document doc = XmlSignatureHelper.newDocumentBuilder(Boolean.TRUE).parse(is); DOMStructure structure = new DOMStructure(doc.getDocumentElement()); SignatureProperty prop = input.getSignatureFactory().newSignatureProperty(Collections.singletonList(structure), input.getSignatureId(), "property"); SignatureProperties properties = input.getSignatureFactory().newSignatureProperties(Collections.singletonList(prop), "properties"); XMLObject propertiesObject = input.getSignatureFactory().newXMLObject(Collections.singletonList(properties), "propertiesObject", null, null); XmlSignatureProperties.Output result = new Output(); result.setReferences(Collections.singletonList(ref)); result.setObjects(Collections.singletonList(propertiesObject)); return result; }
public void preSign(XMLSignatureFactory signatureFactory, Document document, String signatureId, List<X509Certificate> signingCertificateChain, List<Reference> references, List<XMLObject> objects) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { LOG.debug("pre sign"); Element dateElement = document.createElementNS("", "dc:date"); dateElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:dc", "http://purl.org/dc/elements/1.1/"); DateTime dateTime = new DateTime(DateTimeZone.UTC); DateTimeFormatter fmt = ISODateTimeFormat.dateTimeNoMillis(); String now = fmt.print(dateTime); now = now.substring(0, now.indexOf("Z")); LOG.debug("now: " + now); dateElement.setTextContent(now); String signaturePropertyId = "sign-prop-" + UUID.randomUUID().toString(); List<XMLStructure> signaturePropertyContent = new LinkedList<XMLStructure>(); signaturePropertyContent.add(new DOMStructure(dateElement)); SignatureProperty signatureProperty = signatureFactory.newSignatureProperty(signaturePropertyContent, "#" + signatureId, signaturePropertyId); List<XMLStructure> objectContent = new LinkedList<XMLStructure>(); List<SignatureProperty> signaturePropertiesContent = new LinkedList<SignatureProperty>(); signaturePropertiesContent.add(signatureProperty); SignatureProperties signatureProperties = signatureFactory.newSignatureProperties(signaturePropertiesContent, null); objectContent.add(signatureProperties); objects.add(signatureFactory.newXMLObject(objectContent, null, null, null)); DigestMethod digestMethod = signatureFactory.newDigestMethod(this.digestAlgo.getXmlAlgoId(), null); Reference reference = signatureFactory.newReference("#" + signaturePropertyId, digestMethod); references.add(reference); }
private void addSignatureTime(XMLSignatureFactory signatureFactory, Document document, String signatureId, List<XMLStructure> objectContent) { /* * SignatureTime */ Element signatureTimeElement = document.createElementNS(OOXML_DIGSIG_NS, "mdssi:SignatureTime"); signatureTimeElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:mdssi", OOXML_DIGSIG_NS); Element formatElement = document.createElementNS(OOXML_DIGSIG_NS, "mdssi:Format"); formatElement.setTextContent("YYYY-MM-DDThh:mm:ssTZD"); signatureTimeElement.appendChild(formatElement); Element valueElement = document.createElementNS(OOXML_DIGSIG_NS, "mdssi:Value"); Date now = this.clock.getTime(); DateTime dateTime = new DateTime(now.getTime(), DateTimeZone.UTC); DateTimeFormatter fmt = ISODateTimeFormat.dateTimeNoMillis(); String nowStr = fmt.print(dateTime); LOG.debug("now: " + nowStr); valueElement.setTextContent(nowStr); signatureTimeElement.appendChild(valueElement); List<XMLStructure> signatureTimeContent = new LinkedList<XMLStructure>(); signatureTimeContent.add(new DOMStructure(signatureTimeElement)); SignatureProperty signatureTimeSignatureProperty = signatureFactory.newSignatureProperty(signatureTimeContent, "#" + signatureId, "idSignatureTime"); List<SignatureProperty> signaturePropertyContent = new LinkedList<SignatureProperty>(); signaturePropertyContent.add(signatureTimeSignatureProperty); SignatureProperties signatureProperties = signatureFactory.newSignatureProperties(signaturePropertyContent, "id-signature-time-" + UUID.randomUUID().toString()); objectContent.add(signatureProperties); }
private void addSignatureInfo(XMLSignatureFactory signatureFactory, Document document, String signatureId, List<Reference> references, List<XMLObject> objects) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { List<XMLStructure> objectContent = new LinkedList<XMLStructure>(); Element signatureInfoElement = document.createElementNS(OFFICE_DIGSIG_NS, "SignatureInfoV1"); signatureInfoElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns", OFFICE_DIGSIG_NS); Element manifestHashAlgorithmElement = document.createElementNS(OFFICE_DIGSIG_NS, "ManifestHashAlgorithm"); manifestHashAlgorithmElement.setTextContent("http://www.w3.org/2000/09/xmldsig#sha1"); signatureInfoElement.appendChild(manifestHashAlgorithmElement); List<XMLStructure> signatureInfoContent = new LinkedList<XMLStructure>(); signatureInfoContent.add(new DOMStructure(signatureInfoElement)); SignatureProperty signatureInfoSignatureProperty = signatureFactory.newSignatureProperty(signatureInfoContent, "#" + signatureId, "idOfficeV1Details"); List<SignatureProperty> signaturePropertyContent = new LinkedList<SignatureProperty>(); signaturePropertyContent.add(signatureInfoSignatureProperty); SignatureProperties signatureProperties = signatureFactory.newSignatureProperties(signaturePropertyContent, null); objectContent.add(signatureProperties); String objectId = "idOfficeObject"; objects.add(signatureFactory.newXMLObject(objectContent, objectId, null, null)); DigestMethod digestMethod = signatureFactory.newDigestMethod(this.digestAlgo.getXmlAlgoId(), null); Reference reference = signatureFactory.newReference("#" + objectId, digestMethod, null, "http://www.w3.org/2000/09/xmldsig#Object", null); references.add(reference); }
protected byte[][] getSigRefIdPosTags() { byte[][] tags = new byte[2][]; String prefix = myThreadSafeData.getSignaturePrefix(); switch(myThreadSafeData.getSigRefIdPos()) { case SignatureProperties: if ("".equals(prefix)) { tags[0] = ("<SignatureProperties xmlns=\"" + XMLSignature.XMLNS + "\" Id=\"" + xmlTagReferenceUriValue + "\"><SignatureProperty Target=\"#" + xmlTagSignatureIdValue + "\">").getBytes(); tags[1] = "</SignatureProperty></SignatureProperties>".getBytes(); } else { tags[0] = ("<" + prefix + ":SignatureProperties xmlns" + ":" + prefix + "=\"" + XMLSignature.XMLNS + "\" Id=\"" + xmlTagReferenceUriValue + "\"><" + prefix + ":SignatureProperty Target=\"#" + xmlTagSignatureIdValue + "\">").getBytes(); tags[1] = ("</" + prefix + ":SignatureProperty></" + prefix + ":SignatureProperties>").getBytes(); } break; case SignatureProperty: if ("".equals(prefix)) { tags[0] = ("<SignatureProperty xmlns=\"" + XMLSignature.XMLNS + "\" Id=\"" + xmlTagReferenceUriValue + "\" Target=\"#" + xmlTagSignatureIdValue + "\">").getBytes(); tags[1] = "</SignatureProperty>".getBytes(); } else { tags[0] = ("<" + prefix + ":SignatureProperty xmlns" + ":" + prefix + "=\"" + XMLSignature.XMLNS + "\" Id=\"" + xmlTagReferenceUriValue + "\" Target=\"#" + xmlTagSignatureIdValue + "\">").getBytes(); tags[1] = ("</" + prefix + ":SignatureProperty>").getBytes(); } break; case Object: default: if ("".equals(prefix)) { tags[0] = ("<Object xmlns=\"" + XMLSignature.XMLNS + "\" Id=\"" + xmlTagReferenceUriValue + "\">").getBytes(); tags[1] = "</Object>".getBytes(); } else { tags[0] = ("<" + prefix + ":Object xmlns" + ":" + prefix + "=\"" + XMLSignature.XMLNS + "\" Id=\"" + xmlTagReferenceUriValue + "\">").getBytes(); tags[1] = ("</" + prefix + ":Object>").getBytes(); } break; } return tags; }
public String getSigRefIdPos() { SigRefIdPos sigRefIdPos = myThreadSafeData.getSigRefIdPos(); switch(sigRefIdPos) { case Object: return "Object"; case SignatureProperty: return "SignatureProperty"; case SignatureProperties: return "SignatureProperties"; } return null; }
public void setSigRefIdPos(String sigRefIdPos) throws Exception { if ("Object".equalsIgnoreCase(sigRefIdPos)) myThreadSafeData.setSigRefIdPos(SigRefIdPos.Object); else if ("SignatureProperty".equalsIgnoreCase(sigRefIdPos)) myThreadSafeData.setSigRefIdPos(SigRefIdPos.SignatureProperty); else if ("SignatureProperties".equalsIgnoreCase(sigRefIdPos)) myThreadSafeData.setSigRefIdPos(SigRefIdPos.SignatureProperties); else throw new Exception("invalid sigRefIdPos=" + sigRefIdPos + ". Valid values are Object|SignatureProperty|SignatureProperties"); }
@Override public void marshalObject(XmlWriter xwriter, SignatureProperty toMarshal, String dsPrefix, XMLCryptoContext context) throws MarshalException { DOMSignatureProperty.marshal(xwriter, toMarshal, dsPrefix, context); }
@SuppressWarnings("unchecked") private boolean validateSignatureProperty(SignatureProperty signatureProperty, String signatureId) { if (!signatureProperty.getId().equals("idSignatureTime")) { LOG.error("Unexpected SignatureProperty: expected id=idSignatureTime " + "but got: " + signatureProperty.getId()); return false; } if (!signatureProperty.getTarget().equals("#" + signatureId)) { LOG.error("Unexpected SignatureProperty: expected target=#" + signatureId + "but got: " + signatureProperty.getTarget()); return false; } List<XMLStructure> signatureTimeContent = signatureProperty.getContent(); if (signatureTimeContent.size() != 1) { LOG.error("Unexpected SignatureTime content."); return false; } DOMStructure signatureTimeDOM = (DOMStructure) signatureTimeContent.get(0); Node signatureTimeElement = signatureTimeDOM.getNode(); if (!signatureTimeElement.getNamespaceURI().equals(OOXMLSignatureFacet.OOXML_DIGSIG_NS)) { LOG.error("Invalid SignatureTime element: NS=" + signatureTimeElement.getNamespaceURI()); return false; } if (!signatureTimeElement.getLocalName().equals("SignatureTime")) { LOG.error("Invalid SignatureTime element: Name=" + signatureTimeElement.getLocalName()); return false; } if (signatureTimeElement.getChildNodes().getLength() != 2) { LOG.error("Invalid SignatureTime element: Childs=" + signatureTimeElement.getChildNodes().getLength() + ", expected 2 (Format+Value)"); return false; } // format element Node formatElement = signatureTimeElement.getChildNodes().item(0); if (!formatElement.getNamespaceURI().equals(OOXMLSignatureFacet.OOXML_DIGSIG_NS)) { LOG.error("Invalid SignatureTime.Format element: NS=" + formatElement.getNamespaceURI()); return false; } if (!formatElement.getLocalName().equals("Format")) { LOG.error("Invalid SignatureTime.Format element: Name=" + formatElement.getLocalName()); return false; } // value element Node valueElement = signatureTimeElement.getChildNodes().item(1); if (!valueElement.getNamespaceURI().equals(OOXMLSignatureFacet.OOXML_DIGSIG_NS)) { LOG.error("Invalid SignatureTime.Value element: NS=" + valueElement.getNamespaceURI()); return false; } if (!valueElement.getLocalName().equals("Value")) { LOG.error("Invalid SignatureTime.Value element: Name=" + valueElement.getLocalName()); return false; } // TODO: validate value? return true; }
public SignatureProperty newSignatureProperty(List content, String target, String id) { throw new UnsupportedOperationException(); }