PdfSigGenericPKCS


1   /*
2    * Copyright 2004 by Paulo Soares.
3    *
4    * The contents of this file are subject to the Mozilla Public License Version 1.1
5    * (the "License"); you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at http://www.mozilla.org/MPL/
7    *
8    * Software distributed under the License is distributed on an "AS IS" basis,
9    * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
10   * for the specific language governing rights and limitations under the License.
11   *
12   * The Original Code is 'iText, a free JAVA-PDF library'.
13   *
14   * The Initial Developer of the Original Code is Bruno Lowagie. Portions created by
15   * the Initial Developer are Copyright (C) 1999, 2000, 2001, 2002 by Bruno Lowagie.
16   * All Rights Reserved.
17   * Co-Developer of the code is Paulo Soares. Portions created by the Co-Developer
18   * are Copyright (C) 2000, 2001, 2002 by Paulo Soares. All Rights Reserved.
19   *
20   * Contributor(s): all the names of the contributors are added in the source code
21   * where applicable.
22   *
23   * Alternatively, the contents of this file may be used under the terms of the
24   * LGPL license (the "GNU LIBRARY GENERAL PUBLIC LICENSE"), in which case the
25   * provisions of LGPL are applicable instead of those above.  If you wish to
26   * allow use of your version of this file only under the terms of the LGPL
27   * License and not to allow others to use your version of this file under
28   * the MPL, indicate your decision by deleting the provisions above and
29   * replace them with the notice and other provisions required by the LGPL.
30   * If you do not delete the provisions above, a recipient may use your version
31   * of this file under either the MPL or the GNU LIBRARY GENERAL PUBLIC LICENSE.
32   *
33   * This library is free software; you can redistribute it and/or modify it
34   * under the terms of the MPL as stated above or under the terms of the GNU
35   * Library General Public License as published by the Free Software Foundation;
36   * either version 2 of the License, or any later version.
37   *
38   * This library is distributed in the hope that it will be useful, but WITHOUT
39   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
40   * FOR A PARTICULAR PURPOSE. See the GNU Library general Public License for more
41   * details.
42   *
43   * If you didn't download this code from the following link, you should check if
44   * you aren't using an obsolete version:
45   * http://www.lowagie.com/iText/
46   */
47  package com.lowagie.text.pdf;
48  
49  import java.io.ByteArrayOutputStream  ;
50  import java.security.PrivateKey  ;
51  import java.security.cert.CRL  ;
52  import java.security.cert.Certificate  ;
53  
54  import com.lowagie.text.ExceptionConverter;
55  
56  /**
57   * A signature dictionary representation for the standard filters.
58   */
59  public abstract class PdfSigGenericPKCS extends PdfSignature {
60      /**
61       * The hash algorith, for example "SHA1"
62       */    
63      protected String   hashAlgorithm;
64      /**
65       * The crypto provider
66       */    
67      protected String   provider = null;
68      /**
69       * The class instance that calculates the PKCS#1 and PKCS#7
70       */    
71      protected PdfPKCS7 pkcs;
72      /**
73       * The subject name in the signing certificate (the element "CN")
74       */    
75      protected String     name;
76  
77      private byte externalDigest[];
78      private byte externalRSAdata[];
79      private String   digestEncryptionAlgorithm;
80  
81      /**
82       * Creates a generic standard filter.
83       * @param filter the filter name
84       * @param subFilter the sub-filter name
85       */    
86      public PdfSigGenericPKCS(PdfName filter, PdfName subFilter) {
87          super(filter, subFilter);
88      }
89  
90      /**
91       * Sets the crypto information to sign.
92       * @param privKey the private key
93       * @param certChain the certificate chain
94       * @param crlList the certificate revocation list. It can be <CODE>null</CODE>
95       */    
96      public void setSignInfo(PrivateKey   privKey, Certificate  [] certChain, CRL  [] crlList) {
97          try {
98              pkcs = new PdfPKCS7(privKey, certChain, crlList, hashAlgorithm, provider, PdfName.ADBE_PKCS7_SHA1.equals(get(PdfName.SUBFILTER)));
99              pkcs.setExternalDigest(externalDigest, externalRSAdata, digestEncryptionAlgorithm);
100             if (PdfName.ADBE_X509_RSA_SHA1.equals(get(PdfName.SUBFILTER))) {
101                 ByteArrayOutputStream   bout = new ByteArrayOutputStream  ();
102                 for (int k = 0; k < certChain.length; ++k) {
103                     bout.write(certChain[k].getEncoded());
104                 }
105                 bout.close();
106                 setCert(bout.toByteArray());
107                 setContents(pkcs.getEncodedPKCS1());
108             }
109             else
110                 setContents(pkcs.getEncodedPKCS7());
111             name = PdfPKCS7.getSubjectFields(pkcs.getSigningCertificate()).getField("CN");
112             if (name != null)
113                 put(PdfName.NAME, new PdfString(name, PdfObject.TEXT_UNICODE));
114             pkcs = new PdfPKCS7(privKey, certChain, crlList, hashAlgorithm, provider, PdfName.ADBE_PKCS7_SHA1.equals(get(PdfName.SUBFILTER)));
115             pkcs.setExternalDigest(externalDigest, externalRSAdata, digestEncryptionAlgorithm);
116         }
117         catch (Exception   e) {
118             throw new ExceptionConverter(e);
119         }
120     }
121 
122     /**
123      * Sets the digest/signature to an external calculated value.
124      * @param digest the digest. This is the actual signature
125      * @param RSAdata the extra data that goes into the data tag in PKCS#7
126      * @param digestEncryptionAlgorithm the encryption algorithm. It may must be <CODE>null</CODE> if the <CODE>digest</CODE>
127      * is also <CODE>null</CODE>. If the <CODE>digest</CODE> is not <CODE>null</CODE>
128      * then it may be "RSA" or "DSA"
129      */    
130     public void setExternalDigest(byte digest[], byte RSAdata[], String   digestEncryptionAlgorithm) {
131         externalDigest = digest;
132         externalRSAdata = RSAdata;
133         this.digestEncryptionAlgorithm = digestEncryptionAlgorithm;
134     }
135 
136     /**
137      * Gets the subject name in the signing certificate (the element "CN")
138      * @return the subject name in the signing certificate (the element "CN")
139      */    
140     public String   getName() {
141         return name;
142     }
143 
144     /**
145      * Gets the class instance that does the actual signing.
146      * @return the class instance that does the actual signing
147      */    
148     public PdfPKCS7 getSigner() {
149         return pkcs;
150     }
151 
152     /**
153      * Gets the signature content. This can be a PKCS#1 or a PKCS#7. It corresponds to
154      * the /Contents key.
155      * @return the signature content
156      */    
157     public byte[] getSignerContents() {
158         if (PdfName.ADBE_X509_RSA_SHA1.equals(get(PdfName.SUBFILTER)))
159             return pkcs.getEncodedPKCS1();
160         else
161             return pkcs.getEncodedPKCS7();
162     }
163 
164     /**
165      * Creates a standard filter of the type VeriSign.
166      */    
167     public static class VeriSign extends PdfSigGenericPKCS {
168         /**
169          * The constructor for the default provider.
170          */        
171         public VeriSign() {
172             super(PdfName.VERISIGN_PPKVS, PdfName.ADBE_PKCS7_DETACHED);
173             hashAlgorithm = "MD5";
174             put(PdfName.R, new PdfNumber(65537));
175         }
176 
177         /**
178          * The constructor for an explicit provider.
179          * @param provider the crypto provider
180          */        
181         public VeriSign(String   provider) {
182             this();
183             this.provider = provider;
184         }
185     }
186 
187     /**
188      * Creates a standard filter of the type self signed.
189      */    
190     public static class PPKLite extends PdfSigGenericPKCS {
191         /**
192          * The constructor for the default provider.
193          */        
194         public PPKLite() {
195             super(PdfName.ADOBE_PPKLITE, PdfName.ADBE_X509_RSA_SHA1);
196             hashAlgorithm = "SHA1";
197             put(PdfName.R, new PdfNumber(65541));
198         }
199 
200         /**
201          * The constructor for an explicit provider.
202          * @param provider the crypto provider
203          */        
204         public PPKLite(String   provider) {
205             this();
206             this.provider = provider;
207         }
208     }
209 
210     /**
211      * Creates a standard filter of the type Windows Certificate.
212      */    
213     public static class PPKMS extends PdfSigGenericPKCS {
214         /**
215          * The constructor for the default provider.
216          */        
217         public PPKMS() {
218             super(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);
219             hashAlgorithm = "SHA1";
220         }
221 
222         /**
223          * The constructor for an explicit provider.
224          * @param provider the crypto provider
225          */        
226         public PPKMS(String   provider) {
227             this();
228             this.provider = provider;
229         }
230     }
231 }
232
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags