Java tutorial
/* * Copyright 2004 by Paulo Soares. * * The contents of this file are subject to the Mozilla Public License Version 1.1 * (the "License"); you may not use this file except in compliance with the License. * You may obtain a copy of the License at http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License * for the specific language governing rights and limitations under the License. * * The Original Code is 'iText, a free JAVA-PDF library'. * * The Initial Developer of the Original Code is Bruno Lowagie. Portions created by * the Initial Developer are Copyright (C) 1999, 2000, 2001, 2002 by Bruno Lowagie. * All Rights Reserved. * Co-Developer of the code is Paulo Soares. Portions created by the Co-Developer * are Copyright (C) 2000, 2001, 2002 by Paulo Soares. All Rights Reserved. * * Contributor(s): all the names of the contributors are added in the source code * where applicable. * * Alternatively, the contents of this file may be used under the terms of the * LGPL license (the "GNU LIBRARY GENERAL PUBLIC LICENSE"), in which case the * provisions of LGPL are applicable instead of those above. If you wish to * allow use of your version of this file only under the terms of the LGPL * License and not to allow others to use your version of this file under * the MPL, indicate your decision by deleting the provisions above and * replace them with the notice and other provisions required by the LGPL. * If you do not delete the provisions above, a recipient may use your version * of this file under either the MPL or the GNU LIBRARY GENERAL PUBLIC LICENSE. * * This library is free software; you can redistribute it and/or modify it * under the terms of the MPL as stated above or under the terms of the GNU * Library General Public License as published by the Free Software Foundation; * either version 2 of the License, or any later version. * * This library is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU Library general Public License for more * details. * * If you didn't download this code from the following link, you should check if * you aren't using an obsolete version: * http://www.lowagie.com/iText/ */ /** * 10-11-2009 * Modified by Paul -> stripped out everything that has not to do with timestamping and pre calculated ocsp. * * */ package es.uji.security.crypto.pdf; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.math.BigInteger; import java.security.InvalidKeyException; import java.security.KeyStore; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.PrivateKey; import java.security.Provider; import java.security.Signature; import java.security.SignatureException; import java.security.cert.CRL; import java.security.cert.Certificate; import java.security.cert.CertificateParsingException; import java.security.cert.X509CRL; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Arrays; import java.util.Calendar; import java.util.Collection; import java.util.Date; import java.util.Enumeration; import java.util.GregorianCalendar; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; import java.util.Set; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1EncodableVector; import org.bouncycastle.asn1.ASN1InputStream; import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1OutputStream; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DEREnumerated; import org.bouncycastle.asn1.DERInteger; import org.bouncycastle.asn1.DERNull; import org.bouncycastle.asn1.DERObject; import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERSet; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.DERUTCTime; import org.bouncycastle.asn1.cms.Attribute; import org.bouncycastle.asn1.cms.AttributeTable; import org.bouncycastle.asn1.cms.ContentInfo; import org.bouncycastle.asn1.ocsp.BasicOCSPResponse; import org.bouncycastle.asn1.ocsp.OCSPObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.x509.X509Extensions; import org.bouncycastle.jce.provider.X509CRLParser; import org.bouncycastle.jce.provider.X509CertParser; import org.bouncycastle.ocsp.BasicOCSPResp; import org.bouncycastle.ocsp.CertificateID; import org.bouncycastle.ocsp.SingleResp; import com.lowagie.text.ExceptionConverter; import es.uji.security.crypto.timestamp.TSResponse; import es.uji.security.crypto.timestamp.TimeStampFactory; import es.uji.security.crypto.timestamp.TimestampToken; /** * This class does all the processing related to signing and verifying a PKCS#7 * signature. * <p> * It's based in code found at org.bouncycastle. */ public class PdfPKCS7TSA { private byte sigAttr[]; private byte digestAttr[]; private int version, signerversion; private Set digestalgos; private Collection certs, crls, signCerts; private X509Certificate signCert; private byte[] digest; private MessageDigest messageDigest; private String digestAlgorithm, digestEncryptionAlgorithm; private Signature sig; private transient PrivateKey privKey; private byte RSAdata[]; private boolean verified; private boolean verifyResult; private byte externalDigest[]; private byte externalRSAdata[]; private Provider provider; private static final String ID_PKCS7_DATA = "1.2.840.113549.1.7.1"; private static final String ID_PKCS7_SIGNED_DATA = "1.2.840.113549.1.7.2"; private static final String ID_RSA = "1.2.840.113549.1.1.1"; private static final String ID_DSA = "1.2.840.10040.4.1"; private static final String ID_CONTENT_TYPE = "1.2.840.113549.1.9.3"; private static final String ID_MESSAGE_DIGEST = "1.2.840.113549.1.9.4"; private static final String ID_SIGNING_TIME = "1.2.840.113549.1.9.5"; private static final String ID_ADBE_REVOCATION = "1.2.840.113583.1.1.8"; /** * Holds value of property reason. */ private String reason; /** * Holds value of property location. */ private String location; /** * Holds value of property signDate. */ private Calendar signDate; /** * Holds value of property signName. */ private String signName; private TimestampToken timeStampToken; private static final HashMap digestNames = new HashMap(); private static final HashMap algorithmNames = new HashMap(); private static final HashMap allowedDigests = new HashMap(); static { digestNames.put("1.3.14.3.2.26", "SHA1"); digestNames.put("2.16.840.1.101.3.4.2.4", "SHA224"); digestNames.put("2.16.840.1.101.3.4.2.1", "SHA256"); digestNames.put("2.16.840.1.101.3.4.2.2", "SHA384"); digestNames.put("2.16.840.1.101.3.4.2.3", "SHA512"); digestNames.put("1.2.840.113549.1.1.5", "SHA1"); digestNames.put("1.2.840.113549.1.1.14", "SHA224"); digestNames.put("1.2.840.113549.1.1.11", "SHA256"); digestNames.put("1.2.840.113549.1.1.12", "SHA384"); digestNames.put("1.2.840.113549.1.1.13", "SHA512"); digestNames.put("1.2.840.10040.4.3", "SHA1"); digestNames.put("2.16.840.1.101.3.4.3.1", "SHA224"); digestNames.put("2.16.840.1.101.3.4.3.2", "SHA256"); digestNames.put("2.16.840.1.101.3.4.3.3", "SHA384"); digestNames.put("2.16.840.1.101.3.4.3.4", "SHA512"); algorithmNames.put("1.2.840.113549.1.1.1", "RSA"); algorithmNames.put("1.2.840.113549.1.1.2", "RSA"); algorithmNames.put("1.2.840.113549.1.1.4", "RSA"); algorithmNames.put("1.2.840.113549.1.1.5", "RSA"); algorithmNames.put("1.2.840.113549.1.1.14", "RSA"); algorithmNames.put("1.2.840.113549.1.1.11", "RSA"); algorithmNames.put("1.2.840.113549.1.1.12", "RSA"); algorithmNames.put("1.2.840.113549.1.1.13", "RSA"); algorithmNames.put("1.3.36.3.3.1.3", "RSA"); algorithmNames.put("1.3.36.3.3.1.2", "RSA"); algorithmNames.put("1.3.36.3.3.1.4", "RSA"); allowedDigests.put("SHA1", "1.3.14.3.2.26"); allowedDigests.put("SHA224", "2.16.840.1.101.3.4.2.4"); allowedDigests.put("SHA256", "2.16.840.1.101.3.4.2.1"); allowedDigests.put("SHA384", "2.16.840.1.101.3.4.2.2"); allowedDigests.put("SHA512", "2.16.840.1.101.3.4.2.3"); allowedDigests.put("SHA-1", "1.3.14.3.2.26"); allowedDigests.put("SHA-224", "2.16.840.1.101.3.4.2.4"); allowedDigests.put("SHA-256", "2.16.840.1.101.3.4.2.1"); allowedDigests.put("SHA-384", "2.16.840.1.101.3.4.2.2"); allowedDigests.put("SHA-512", "2.16.840.1.101.3.4.2.3"); } /** * Gets the digest name for a certain id * @param oid an id (for instance "1.2.840.113549.2.5") * @return a digest name (for instance "MD5") * @since 2.1.6 */ public static String getDigest(String oid) { String ret = (String) digestNames.get(oid); if (ret == null) return oid; else return ret; } /** * Gets the algorithm name for a certain id. * @param oid an id (for instance "1.2.840.113549.1.1.1") * @return an algorithm name (for instance "RSA") * @since 2.1.6 */ public static String getAlgorithm(String oid) { String ret = (String) algorithmNames.get(oid); if (ret == null) return oid; else return ret; } /** * Gets the timestamp token if there is one. * @return the timestamp token or null * @since 2.1.6 */ public TimestampToken getTimeStampToken() { return timeStampToken; } /** * Gets the timestamp date * @return a date * @since 2.1.6 */ public Calendar getTimeStampDate() { if (timeStampToken == null) return null; Calendar cal = new GregorianCalendar(); Date date = timeStampToken.getDate(); cal.setTime(date); return cal; } /** * Verifies a signature using the sub-filter adbe.x509.rsa_sha1. * @param contentsKey the /Contents key * @param certsKey the /Cert key * @param provider the provider or <code>null</code> for the default provider */ public PdfPKCS7TSA(byte[] contentsKey, byte[] certsKey, Provider provider) { try { this.provider = provider; X509CertParser cr = new X509CertParser(); cr.engineInit(new ByteArrayInputStream(certsKey)); certs = cr.engineReadAll(); signCerts = certs; signCert = (X509Certificate) certs.iterator().next(); crls = new ArrayList(); ASN1InputStream in = new ASN1InputStream(new ByteArrayInputStream(contentsKey)); digest = ((DEROctetString) in.readObject()).getOctets(); if (provider == null) sig = Signature.getInstance("SHA1withRSA"); else sig = Signature.getInstance("SHA1withRSA", provider); sig.initVerify(signCert.getPublicKey()); } catch (Exception e) { throw new ExceptionConverter(e); } } private BasicOCSPResp basicResp; /** * Gets the OCSP basic response if there is one. * @return the OCSP basic response or null * @since 2.1.6 */ public BasicOCSPResp getOcsp() { return basicResp; } private void findOcsp(ASN1Sequence seq) throws IOException { basicResp = null; boolean ret = false; while (true) { if ((seq.getObjectAt(0) instanceof DERObjectIdentifier) && ((DERObjectIdentifier) seq.getObjectAt(0)) .getId().equals(OCSPObjectIdentifiers.id_pkix_ocsp_basic.getId())) { break; } ret = true; for (int k = 0; k < seq.size(); ++k) { if (seq.getObjectAt(k) instanceof ASN1Sequence) { seq = (ASN1Sequence) seq.getObjectAt(0); ret = false; break; } if (seq.getObjectAt(k) instanceof ASN1TaggedObject) { ASN1TaggedObject tag = (ASN1TaggedObject) seq.getObjectAt(k); if (tag.getObject() instanceof ASN1Sequence) { seq = (ASN1Sequence) tag.getObject(); ret = false; break; } else return; } } if (ret) return; } DEROctetString os = (DEROctetString) seq.getObjectAt(1); ASN1InputStream inp = new ASN1InputStream(os.getOctets()); BasicOCSPResponse resp = BasicOCSPResponse.getInstance(inp.readObject()); basicResp = new BasicOCSPResp(resp); } /** * Verifies a signature using the sub-filter adbe.pkcs7.detached or * adbe.pkcs7.sha1. * @param contentsKey the /Contents key * @param provider the provider or <code>null</code> for the default provider */ public PdfPKCS7TSA(byte[] contentsKey, Provider provider) { try { this.provider = provider; ASN1InputStream din = new ASN1InputStream(new ByteArrayInputStream(contentsKey)); // // Basic checks to make sure it's a PKCS#7 SignedData Object // DERObject pkcs; try { pkcs = din.readObject(); } catch (IOException e) { throw new IllegalArgumentException("can't decode PKCS7SignedData object"); } if (!(pkcs instanceof ASN1Sequence)) { throw new IllegalArgumentException("Not a valid PKCS#7 object - not a sequence"); } ASN1Sequence signedData = (ASN1Sequence) pkcs; DERObjectIdentifier objId = (DERObjectIdentifier) signedData.getObjectAt(0); if (!objId.getId().equals(ID_PKCS7_SIGNED_DATA)) throw new IllegalArgumentException("Not a valid PKCS#7 object - not signed data"); ASN1Sequence content = (ASN1Sequence) ((DERTaggedObject) signedData.getObjectAt(1)).getObject(); // the positions that we care are: // 0 - version // 1 - digestAlgorithms // 2 - possible ID_PKCS7_DATA // (the certificates and crls are taken out by other means) // last - signerInfos // the version version = ((DERInteger) content.getObjectAt(0)).getValue().intValue(); // the digestAlgorithms digestalgos = new HashSet(); Enumeration e = ((ASN1Set) content.getObjectAt(1)).getObjects(); while (e.hasMoreElements()) { ASN1Sequence s = (ASN1Sequence) e.nextElement(); DERObjectIdentifier o = (DERObjectIdentifier) s.getObjectAt(0); digestalgos.add(o.getId()); } // the certificates and crls X509CertParser cr = new X509CertParser(); cr.engineInit(new ByteArrayInputStream(contentsKey)); certs = cr.engineReadAll(); X509CRLParser cl = new X509CRLParser(); cl.engineInit(new ByteArrayInputStream(contentsKey)); crls = cl.engineReadAll(); // the possible ID_PKCS7_DATA ASN1Sequence rsaData = (ASN1Sequence) content.getObjectAt(2); if (rsaData.size() > 1) { DEROctetString rsaDataContent = (DEROctetString) ((DERTaggedObject) rsaData.getObjectAt(1)) .getObject(); RSAdata = rsaDataContent.getOctets(); } // the signerInfos int next = 3; while (content.getObjectAt(next) instanceof DERTaggedObject) ++next; ASN1Set signerInfos = (ASN1Set) content.getObjectAt(next); if (signerInfos.size() != 1) throw new IllegalArgumentException( "This PKCS#7 object has multiple SignerInfos - only one is supported at this time"); ASN1Sequence signerInfo = (ASN1Sequence) signerInfos.getObjectAt(0); // the positions that we care are // 0 - version // 1 - the signing certificate serial number // 2 - the digest algorithm // 3 or 4 - digestEncryptionAlgorithm // 4 or 5 - encryptedDigest signerversion = ((DERInteger) signerInfo.getObjectAt(0)).getValue().intValue(); // Get the signing certificate ASN1Sequence issuerAndSerialNumber = (ASN1Sequence) signerInfo.getObjectAt(1); BigInteger serialNumber = ((DERInteger) issuerAndSerialNumber.getObjectAt(1)).getValue(); for (Iterator i = certs.iterator(); i.hasNext();) { X509Certificate cert = (X509Certificate) i.next(); if (serialNumber.equals(cert.getSerialNumber())) { signCert = cert; break; } } if (signCert == null) { throw new IllegalArgumentException( "Can't find signing certificate with serial " + serialNumber.toString(16)); } signCertificateChain(); digestAlgorithm = ((DERObjectIdentifier) ((ASN1Sequence) signerInfo.getObjectAt(2)).getObjectAt(0)) .getId(); next = 3; if (signerInfo.getObjectAt(next) instanceof ASN1TaggedObject) { ASN1TaggedObject tagsig = (ASN1TaggedObject) signerInfo.getObjectAt(next); ASN1Set sseq = ASN1Set.getInstance(tagsig, false); sigAttr = sseq.getEncoded(ASN1Encodable.DER); for (int k = 0; k < sseq.size(); ++k) { ASN1Sequence seq2 = (ASN1Sequence) sseq.getObjectAt(k); if (((DERObjectIdentifier) seq2.getObjectAt(0)).getId().equals(ID_MESSAGE_DIGEST)) { ASN1Set set = (ASN1Set) seq2.getObjectAt(1); digestAttr = ((DEROctetString) set.getObjectAt(0)).getOctets(); } else if (((DERObjectIdentifier) seq2.getObjectAt(0)).getId().equals(ID_ADBE_REVOCATION)) { ASN1Set setout = (ASN1Set) seq2.getObjectAt(1); ASN1Sequence seqout = (ASN1Sequence) setout.getObjectAt(0); for (int j = 0; j < seqout.size(); ++j) { ASN1TaggedObject tg = (ASN1TaggedObject) seqout.getObjectAt(j); if (tg.getTagNo() != 1) continue; ASN1Sequence seqin = (ASN1Sequence) tg.getObject(); findOcsp(seqin); } } } if (digestAttr == null) throw new IllegalArgumentException("Authenticated attribute is missing the digest."); ++next; } digestEncryptionAlgorithm = ((DERObjectIdentifier) ((ASN1Sequence) signerInfo.getObjectAt(next++)) .getObjectAt(0)).getId(); digest = ((DEROctetString) signerInfo.getObjectAt(next++)).getOctets(); if (next < signerInfo.size() && (signerInfo.getObjectAt(next) instanceof DERTaggedObject)) { DERTaggedObject taggedObject = (DERTaggedObject) signerInfo.getObjectAt(next); ASN1Set unat = ASN1Set.getInstance(taggedObject, false); AttributeTable attble = new AttributeTable(unat); Attribute ts = attble.get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken); if (ts != null) { ASN1Set attributeValues = ts.getAttrValues(); ASN1Sequence tokenSequence = ASN1Sequence.getInstance(attributeValues.getObjectAt(0)); ContentInfo contentInfo = new ContentInfo(tokenSequence); this.timeStampToken = new TimestampToken(contentInfo.getEncoded()); } } if (RSAdata != null || digestAttr != null) { if (provider == null || provider.getName().startsWith("SunPKCS11")) messageDigest = MessageDigest.getInstance(getHashAlgorithm()); else messageDigest = MessageDigest.getInstance(getHashAlgorithm(), provider); } if (provider == null) sig = Signature.getInstance(getDigestAlgorithm()); else sig = Signature.getInstance(getDigestAlgorithm(), provider); sig.initVerify(signCert.getPublicKey()); } catch (Exception e) { throw new ExceptionConverter(e); } } /** * Generates a signature. * @param privKey the private key * @param certChain the certificate chain * @param crlList the certificate revocation list * @param hashAlgorithm the hash algorithm * @param provider the provider or <code>null</code> for the default provider * @param hasRSAdata <CODE>true</CODE> if the sub-filter is adbe.pkcs7.sha1 * @throws InvalidKeyException on error * @throws NoSuchProviderException on error * @throws NoSuchAlgorithmException on error */ public PdfPKCS7TSA(PrivateKey privKey, Certificate[] certChain, CRL[] crlList, String hashAlgorithm, Provider provider, boolean hasRSAdata) throws InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException { this.privKey = privKey; this.provider = provider; digestAlgorithm = (String) allowedDigests.get(hashAlgorithm.toUpperCase()); if (digestAlgorithm == null) throw new NoSuchAlgorithmException("Unknown Hash Algorithm " + hashAlgorithm); version = signerversion = 1; certs = new ArrayList(); crls = new ArrayList(); digestalgos = new HashSet(); digestalgos.add(digestAlgorithm); // // Copy in the certificates and crls used to sign the private key. // signCert = (X509Certificate) certChain[0]; for (int i = 0; i < certChain.length; i++) { certs.add(certChain[i]); } if (crlList != null) { for (int i = 0; i < crlList.length; i++) { crls.add(crlList[i]); } } if (privKey != null) { // // Now we have private key, find out what the digestEncryptionAlgorithm is. // digestEncryptionAlgorithm = privKey.getAlgorithm(); if (digestEncryptionAlgorithm.equals("RSA")) { digestEncryptionAlgorithm = ID_RSA; } else if (digestEncryptionAlgorithm.equals("DSA")) { digestEncryptionAlgorithm = ID_DSA; } else { throw new NoSuchAlgorithmException("Unknown Key Algorithm " + digestEncryptionAlgorithm); } } if (hasRSAdata) { RSAdata = new byte[0]; if (provider == null || provider.getName().startsWith("SunPKCS11")) messageDigest = MessageDigest.getInstance(getHashAlgorithm()); else messageDigest = MessageDigest.getInstance(getHashAlgorithm(), provider); } if (privKey != null) { if (provider == null) sig = Signature.getInstance(getDigestAlgorithm()); else sig = Signature.getInstance(getDigestAlgorithm(), provider); sig.initSign(privKey); } } /** * Update the digest with the specified bytes. This method is used both for signing and verifying * @param buf the data buffer * @param off the offset in the data buffer * @param len the data length * @throws SignatureException on error */ public void update(byte[] buf, int off, int len) throws SignatureException { if (RSAdata != null || digestAttr != null) messageDigest.update(buf, off, len); else sig.update(buf, off, len); } /** * Verify the digest. * @throws SignatureException on error * @return <CODE>true</CODE> if the signature checks out, <CODE>false</CODE> otherwise */ public boolean verify() throws SignatureException { if (verified) return verifyResult; if (sigAttr != null) { sig.update(sigAttr); if (RSAdata != null) { byte msd[] = messageDigest.digest(); messageDigest.update(msd); } verifyResult = (Arrays.equals(messageDigest.digest(), digestAttr) && sig.verify(digest)); } else { if (RSAdata != null) sig.update(messageDigest.digest()); verifyResult = sig.verify(digest); } verified = true; return verifyResult; } /** * Get all the X.509 certificates associated with this PKCS#7 object in no particular order. * Other certificates, from OCSP for example, will also be included. * @return the X.509 certificates associated with this PKCS#7 object */ public Certificate[] getCertificates() { return (X509Certificate[]) certs.toArray(new X509Certificate[certs.size()]); } /** * Get the X.509 sign certificate chain associated with this PKCS#7 object. * Only the certificates used for the main signature will be returned, with * the signing certificate first. * @return the X.509 certificates associated with this PKCS#7 object * @since 2.1.6 */ public Certificate[] getSignCertificateChain() { return (X509Certificate[]) signCerts.toArray(new X509Certificate[signCerts.size()]); } private void signCertificateChain() { ArrayList cc = new ArrayList(); cc.add(signCert); ArrayList oc = new ArrayList(certs); for (int k = 0; k < oc.size(); ++k) { if (signCert.getSerialNumber().equals(((X509Certificate) oc.get(k)).getSerialNumber())) { oc.remove(k); --k; continue; } } boolean found = true; while (found) { X509Certificate v = (X509Certificate) cc.get(cc.size() - 1); found = false; for (int k = 0; k < oc.size(); ++k) { try { if (provider == null) v.verify(((X509Certificate) oc.get(k)).getPublicKey()); else v.verify(((X509Certificate) oc.get(k)).getPublicKey(), provider.getName()); found = true; cc.add(oc.get(k)); oc.remove(k); break; } catch (Exception e) { } } } signCerts = cc; } /** * Get the X.509 certificate revocation lists associated with this PKCS#7 object * @return the X.509 certificate revocation lists associated with this PKCS#7 object */ public Collection getCRLs() { return crls; } /** * Get the X.509 certificate actually used to sign the digest. * @return the X.509 certificate actually used to sign the digest */ public X509Certificate getSigningCertificate() { return signCert; } /** * Get the version of the PKCS#7 object. Always 1 * @return the version of the PKCS#7 object. Always 1 */ public int getVersion() { return version; } /** * Get the version of the PKCS#7 "SignerInfo" object. Always 1 * @return the version of the PKCS#7 "SignerInfo" object. Always 1 */ public int getSigningInfoVersion() { return signerversion; } /** * Get the algorithm used to calculate the message digest * @return the algorithm used to calculate the message digest */ public String getDigestAlgorithm() { String dea = getAlgorithm(digestEncryptionAlgorithm); if (dea == null) dea = digestEncryptionAlgorithm; return getHashAlgorithm() + "with" + dea; } /** * Returns the algorithm. * @return the digest algorithm */ public String getHashAlgorithm() { return getDigest(digestAlgorithm); } /** * Loads the default root certificates at <java.home>/lib/security/cacerts * with the default provider. * @return a <CODE>KeyStore</CODE> */ public static KeyStore loadCacertsKeyStore() { return loadCacertsKeyStore(null); } /** * Loads the default root certificates at <java.home>/lib/security/cacerts. * @param provider the provider or <code>null</code> for the default provider * @return a <CODE>KeyStore</CODE> */ public static KeyStore loadCacertsKeyStore(String provider) { File file = new File(System.getProperty("java.home"), "lib"); file = new File(file, "security"); file = new File(file, "cacerts"); FileInputStream fin = null; try { fin = new FileInputStream(file); KeyStore k; if (provider == null) k = KeyStore.getInstance("JKS"); else k = KeyStore.getInstance("JKS", provider); k.load(fin, null); return k; } catch (Exception e) { throw new ExceptionConverter(e); } finally { try { if (fin != null) { fin.close(); } } catch (Exception ex) { } } } /** * Verifies a single certificate. * @param cert the certificate to verify * @param crls the certificate revocation list or <CODE>null</CODE> * @param calendar the date or <CODE>null</CODE> for the current date * @return a <CODE>String</CODE> with the error description or <CODE>null</CODE> * if no error */ public static String verifyCertificate(X509Certificate cert, Collection crls, Calendar calendar) { if (calendar == null) calendar = new GregorianCalendar(); if (cert.hasUnsupportedCriticalExtension()) return "Has unsupported critical extension"; try { cert.checkValidity(calendar.getTime()); } catch (Exception e) { return e.getMessage(); } if (crls != null) { for (Iterator it = crls.iterator(); it.hasNext();) { if (((CRL) it.next()).isRevoked(cert)) return "Certificate revoked"; } } return null; } /** * Retrieves the OCSP URL from the given certificate. * @param certificate the certificate * @return the URL or null * @throws CertificateParsingException on error * @since 2.1.6 */ public static String getOCSPURL(X509Certificate certificate) throws CertificateParsingException { try { DERObject obj = getExtensionValue(certificate, X509Extensions.AuthorityInfoAccess.getId()); if (obj == null) { return null; } ASN1Sequence AccessDescriptions = (ASN1Sequence) obj; for (int i = 0; i < AccessDescriptions.size(); i++) { ASN1Sequence AccessDescription = (ASN1Sequence) AccessDescriptions.getObjectAt(i); if (AccessDescription.size() != 2) { continue; } else { if ((AccessDescription.getObjectAt(0) instanceof DERObjectIdentifier) && ((DERObjectIdentifier) AccessDescription.getObjectAt(0)).getId() .equals("1.3.6.1.5.5.7.48.1")) { String AccessLocation = getStringFromGeneralName( (DERObject) AccessDescription.getObjectAt(1)); if (AccessLocation == null) { return ""; } else { return AccessLocation; } } } } } catch (Exception e) { } return null; } /** * Checks if OCSP revocation refers to the document signing certificate. * @return true if it checks false otherwise * @since 2.1.6 */ public boolean isRevocationValid() { if (basicResp == null) return false; if (signCerts.size() < 2) return false; try { X509Certificate[] cs = (X509Certificate[]) getSignCertificateChain(); SingleResp sr = basicResp.getResponses()[0]; CertificateID cid = sr.getCertID(); X509Certificate sigcer = getSigningCertificate(); X509Certificate isscer = cs[1]; CertificateID tis = new CertificateID(CertificateID.HASH_SHA1, isscer, sigcer.getSerialNumber()); return tis.equals(cid); } catch (Exception ex) { } return false; } private static DERObject getExtensionValue(X509Certificate cert, String oid) throws IOException { byte[] bytes = cert.getExtensionValue(oid); if (bytes == null) { return null; } ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(bytes)); ASN1OctetString octs = (ASN1OctetString) aIn.readObject(); aIn = new ASN1InputStream(new ByteArrayInputStream(octs.getOctets())); return aIn.readObject(); } private static String getStringFromGeneralName(DERObject names) throws IOException { DERTaggedObject taggedObject = (DERTaggedObject) names; return new String(ASN1OctetString.getInstance(taggedObject, false).getOctets(), "ISO-8859-1"); } /** * Get the "issuer" from the TBSCertificate bytes that are passed in * @param enc a TBSCertificate in a byte array * @return a DERObject */ private static DERObject getIssuer(byte[] enc) { try { ASN1InputStream in = new ASN1InputStream(new ByteArrayInputStream(enc)); ASN1Sequence seq = (ASN1Sequence) in.readObject(); return (DERObject) seq.getObjectAt(seq.getObjectAt(0) instanceof DERTaggedObject ? 3 : 2); } catch (IOException e) { throw new ExceptionConverter(e); } } /** * Get the "subject" from the TBSCertificate bytes that are passed in * @param enc A TBSCertificate in a byte array * @return a DERObject */ private static DERObject getSubject(byte[] enc) { try { ASN1InputStream in = new ASN1InputStream(new ByteArrayInputStream(enc)); ASN1Sequence seq = (ASN1Sequence) in.readObject(); return (DERObject) seq.getObjectAt(seq.getObjectAt(0) instanceof DERTaggedObject ? 5 : 4); } catch (IOException e) { throw new ExceptionConverter(e); } } /** * Gets the bytes for the PKCS#1 object. * @return a byte array */ public byte[] getEncodedPKCS1() { try { if (externalDigest != null) digest = externalDigest; else digest = sig.sign(); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); ASN1OutputStream dout = new ASN1OutputStream(bOut); dout.writeObject(new DEROctetString(digest)); dout.close(); return bOut.toByteArray(); } catch (Exception e) { throw new ExceptionConverter(e); } } /** * Sets the digest/signature to an external calculated value. * @param digest the digest. This is the actual signature * @param RSAdata the extra data that goes into the data tag in PKCS#7 * @param digestEncryptionAlgorithm the encryption algorithm. It may must be <CODE>null</CODE> if the <CODE>digest</CODE> * is also <CODE>null</CODE>. If the <CODE>digest</CODE> is not <CODE>null</CODE> * then it may be "RSA" or "DSA" */ public void setExternalDigest(byte digest[], byte RSAdata[], String digestEncryptionAlgorithm) { externalDigest = digest; externalRSAdata = RSAdata; if (digestEncryptionAlgorithm != null) { if (digestEncryptionAlgorithm.equals("RSA")) { this.digestEncryptionAlgorithm = ID_RSA; } else if (digestEncryptionAlgorithm.equals("DSA")) { this.digestEncryptionAlgorithm = ID_DSA; } else throw new ExceptionConverter( new NoSuchAlgorithmException("Unknown Key Algorithm " + digestEncryptionAlgorithm)); } } /** * Gets the bytes for the PKCS7SignedData object. * @return the bytes for the PKCS7SignedData object */ public byte[] getEncodedPKCS7() { return getEncodedPKCS7(null, null, null, null); } /** * Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes * in the signerInfo can also be set. If either of the parameters is <CODE>null</CODE>, none will be used. * @param secondDigest the digest in the authenticatedAttributes * @param signingTime the signing time in the authenticatedAttributes * @return the bytes for the PKCS7SignedData object */ public byte[] getEncodedPKCS7(byte secondDigest[], Calendar signingTime) { return getEncodedPKCS7(secondDigest, signingTime, null, null); } /** * Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes * in the signerInfo can also be set, OR a time-stamp-authority client * may be provided. * @param secondDigest the digest in the authenticatedAttributes * @param signingTime the signing time in the authenticatedAttributes * @param tsaUrl TSAClient - null or an optional time stamp authority client * @return byte[] the bytes for the PKCS7SignedData object * @since 2.1.6 */ public byte[] getEncodedPKCS7(byte secondDigest[], Calendar signingTime, String tsaUrl, byte[] ocsp) { try { if (externalDigest != null) { digest = externalDigest; if (RSAdata != null) RSAdata = externalRSAdata; } else if (externalRSAdata != null && RSAdata != null) { RSAdata = externalRSAdata; sig.update(RSAdata); digest = sig.sign(); } else { if (RSAdata != null) { RSAdata = messageDigest.digest(); sig.update(RSAdata); } digest = sig.sign(); } // Create the set of Hash algorithms ASN1EncodableVector digestAlgorithms = new ASN1EncodableVector(); for (Iterator it = digestalgos.iterator(); it.hasNext();) { ASN1EncodableVector algos = new ASN1EncodableVector(); algos.add(new DERObjectIdentifier((String) it.next())); algos.add(DERNull.INSTANCE); digestAlgorithms.add(new DERSequence(algos)); } // Create the contentInfo. ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new DERObjectIdentifier(ID_PKCS7_DATA)); if (RSAdata != null) v.add(new DERTaggedObject(0, new DEROctetString(RSAdata))); DERSequence contentinfo = new DERSequence(v); // Get all the certificates // v = new ASN1EncodableVector(); for (Iterator i = certs.iterator(); i.hasNext();) { ASN1InputStream tempstream = new ASN1InputStream( new ByteArrayInputStream(((X509Certificate) i.next()).getEncoded())); v.add(tempstream.readObject()); } DERSet dercertificates = new DERSet(v); // Create signerinfo structure. // ASN1EncodableVector signerinfo = new ASN1EncodableVector(); // Add the signerInfo version // signerinfo.add(new DERInteger(signerversion)); v = new ASN1EncodableVector(); v.add(getIssuer(signCert.getTBSCertificate())); v.add(new DERInteger(signCert.getSerialNumber())); signerinfo.add(new DERSequence(v)); // Add the digestAlgorithm v = new ASN1EncodableVector(); v.add(new DERObjectIdentifier(digestAlgorithm)); v.add(new DERNull()); signerinfo.add(new DERSequence(v)); // add the authenticated attribute if present if (secondDigest != null && signingTime != null) { signerinfo.add(new DERTaggedObject(false, 0, getAuthenticatedAttributeSet(secondDigest, signingTime, ocsp))); } // Add the digestEncryptionAlgorithm v = new ASN1EncodableVector(); v.add(new DERObjectIdentifier(digestEncryptionAlgorithm)); v.add(new DERNull()); signerinfo.add(new DERSequence(v)); // Add the digest signerinfo.add(new DEROctetString(digest)); // When requested, go get and add the timestamp. May throw an exception. // Added by Martin Brunecky, 07/12/2007 folowing Aiken Sam, 2006-11-15 // Sam found Adobe expects time-stamped SHA1-1 of the encrypted digest if (tsaUrl != null) { byte[] tsImprint = MessageDigest.getInstance("SHA-1").digest(digest); TSResponse response = TimeStampFactory.getTimeStampResponse(tsaUrl, tsImprint, false); byte[] tsToken = response.getEncodedToken(); //Strip the status code out of the response, the adobe validator requieres it. //TODO: Research about this. byte[] status = { 0x30, (byte) 0x82, 0x03, (byte) 0xA7, 0x30, 0x03, 0x02, 0x01, 0x00 }; byte[] modTsToken = new byte[tsToken.length - status.length]; System.arraycopy(tsToken, status.length, modTsToken, 0, tsToken.length - status.length); if (modTsToken != null) { ASN1EncodableVector unauthAttributes = buildUnauthenticatedAttributes(modTsToken); if (unauthAttributes != null) { signerinfo.add(new DERTaggedObject(false, 1, new DERSet(unauthAttributes))); } } } // Finally build the body out of all the components above ASN1EncodableVector body = new ASN1EncodableVector(); body.add(new DERInteger(version)); body.add(new DERSet(digestAlgorithms)); body.add(contentinfo); body.add(new DERTaggedObject(false, 0, dercertificates)); if (!crls.isEmpty()) { v = new ASN1EncodableVector(); for (Iterator i = crls.iterator(); i.hasNext();) { ASN1InputStream t = new ASN1InputStream( new ByteArrayInputStream(((X509CRL) i.next()).getEncoded())); v.add(t.readObject()); } DERSet dercrls = new DERSet(v); body.add(new DERTaggedObject(false, 1, dercrls)); } // Only allow one signerInfo body.add(new DERSet(new DERSequence(signerinfo))); // Now we have the body, wrap it in it's PKCS7Signed shell // and return it // ASN1EncodableVector whole = new ASN1EncodableVector(); whole.add(new DERObjectIdentifier(ID_PKCS7_SIGNED_DATA)); whole.add(new DERTaggedObject(0, new DERSequence(body))); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); ASN1OutputStream dout = new ASN1OutputStream(bOut); dout.writeObject(new DERSequence(whole)); dout.close(); return bOut.toByteArray(); } catch (Exception e) { throw new ExceptionConverter(e); } } /** * Added by Aiken Sam, 2006-11-15, modifed by Martin Brunecky 07/12/2007 * to start with the timeStampToken (signedData 1.2.840.113549.1.7.2). * Token is the TSA response without response status, which is usually * handled by the (vendor supplied) TSA request/response interface). * @param timeStampToken byte[] - time stamp token, DER encoded signedData * @return ASN1EncodableVector * @throws IOException */ private ASN1EncodableVector buildUnauthenticatedAttributes(byte[] timeStampToken) throws IOException { if (timeStampToken == null) return null; // @todo: move this together with the rest of the defintions String ID_TIME_STAMP_TOKEN = "1.2.840.113549.1.9.16.2.14"; // RFC 3161 id-aa-timeStampToken ASN1InputStream tempstream = new ASN1InputStream(new ByteArrayInputStream(timeStampToken)); ASN1EncodableVector unauthAttributes = new ASN1EncodableVector(); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new DERObjectIdentifier(ID_TIME_STAMP_TOKEN)); // id-aa-timeStampToken ASN1Sequence seq = (ASN1Sequence) tempstream.readObject(); v.add(new DERSet(seq)); unauthAttributes.add(new DERSequence(v)); return unauthAttributes; } /** * When using authenticatedAttributes the authentication process is different. * The document digest is generated and put inside the attribute. The signing is done over the DER encoded * authenticatedAttributes. This method provides that encoding and the parameters must be * exactly the same as in {@link #getEncodedPKCS7(byte[],Calendar)}. * <p> * A simple example: * <p> * <pre> * Calendar cal = Calendar.getInstance(); * PdfPKCS7 pk7 = new PdfPKCS7(key, chain, null, "SHA1", null, false); * MessageDigest messageDigest = MessageDigest.getInstance("SHA1"); * byte buf[] = new byte[8192]; * int n; * InputStream inp = sap.getRangeStream(); * while ((n = inp.read(buf)) > 0) { * messageDigest.update(buf, 0, n); * } * byte hash[] = messageDigest.digest(); * byte sh[] = pk7.getAuthenticatedAttributeBytes(hash, cal); * pk7.update(sh, 0, sh.length); * byte sg[] = pk7.getEncodedPKCS7(hash, cal); * </pre> * @param secondDigest the content digest * @param signingTime the signing time * @return the byte array representation of the authenticatedAttributes ready to be signed */ public byte[] getAuthenticatedAttributeBytes(byte secondDigest[], Calendar signingTime, byte[] ocsp) { try { return getAuthenticatedAttributeSet(secondDigest, signingTime, ocsp).getEncoded(ASN1Encodable.DER); } catch (Exception e) { throw new ExceptionConverter(e); } } private DERSet getAuthenticatedAttributeSet(byte secondDigest[], Calendar signingTime, byte[] ocsp) { try { ASN1EncodableVector attribute = new ASN1EncodableVector(); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new DERObjectIdentifier(ID_CONTENT_TYPE)); v.add(new DERSet(new DERObjectIdentifier(ID_PKCS7_DATA))); attribute.add(new DERSequence(v)); v = new ASN1EncodableVector(); v.add(new DERObjectIdentifier(ID_SIGNING_TIME)); v.add(new DERSet(new DERUTCTime(signingTime.getTime()))); attribute.add(new DERSequence(v)); v = new ASN1EncodableVector(); v.add(new DERObjectIdentifier(ID_MESSAGE_DIGEST)); v.add(new DERSet(new DEROctetString(secondDigest))); attribute.add(new DERSequence(v)); if (ocsp != null) { v = new ASN1EncodableVector(); v.add(new DERObjectIdentifier(ID_ADBE_REVOCATION)); DEROctetString doctet = new DEROctetString(ocsp); ASN1EncodableVector vo1 = new ASN1EncodableVector(); ASN1EncodableVector v2 = new ASN1EncodableVector(); v2.add(OCSPObjectIdentifiers.id_pkix_ocsp_basic); v2.add(doctet); DEREnumerated den = new DEREnumerated(0); ASN1EncodableVector v3 = new ASN1EncodableVector(); v3.add(den); v3.add(new DERTaggedObject(true, 0, new DERSequence(v2))); vo1.add(new DERSequence(v3)); v.add(new DERSet(new DERSequence(new DERTaggedObject(true, 1, new DERSequence(vo1))))); attribute.add(new DERSequence(v)); } else if (!crls.isEmpty()) { v = new ASN1EncodableVector(); v.add(new DERObjectIdentifier(ID_ADBE_REVOCATION)); ASN1EncodableVector v2 = new ASN1EncodableVector(); for (Iterator i = crls.iterator(); i.hasNext();) { ASN1InputStream t = new ASN1InputStream( new ByteArrayInputStream(((X509CRL) i.next()).getEncoded())); v2.add(t.readObject()); } v.add(new DERSet(new DERSequence(new DERTaggedObject(true, 0, new DERSequence(v2))))); attribute.add(new DERSequence(v)); } return new DERSet(attribute); } catch (Exception e) { throw new ExceptionConverter(e); } } /** * Getter for property reason. * @return Value of property reason. */ public String getReason() { return this.reason; } /** * Setter for property reason. * @param reason New value of property reason. */ public void setReason(String reason) { this.reason = reason; } /** * Getter for property location. * @return Value of property location. */ public String getLocation() { return this.location; } /** * Setter for property location. * @param location New value of property location. */ public void setLocation(String location) { this.location = location; } /** * Getter for property signDate. * @return Value of property signDate. */ public Calendar getSignDate() { return this.signDate; } /** * Setter for property signDate. * @param signDate New value of property signDate. */ public void setSignDate(Calendar signDate) { this.signDate = signDate; } /** * Getter for property sigName. * @return Value of property sigName. */ public String getSignName() { return this.signName; } /** * Setter for property sigName. * @param signName New value of property sigName. */ public void setSignName(String signName) { this.signName = signName; } }