import org.etsi.uri.x01903.v13.OCSPRefType;\r
import org.etsi.uri.x01903.v13.OCSPRefsType;\r
import org.etsi.uri.x01903.v13.OCSPValuesType;\r
+import org.etsi.uri.x01903.v13.QualifyingPropertiesDocument;\r
import org.etsi.uri.x01903.v13.QualifyingPropertiesType;\r
import org.etsi.uri.x01903.v13.ResponderIDType;\r
import org.etsi.uri.x01903.v13.RevocationValuesType;\r
) throws XmlException {\r
LOG.log(POILogger.DEBUG, "XAdES-X-L post sign phase");\r
\r
+ QualifyingPropertiesDocument qualDoc = null;\r
QualifyingPropertiesType qualProps = null;\r
\r
// check for XAdES-BES\r
NodeList qualNl = document.getElementsByTagNameNS("http://uri.etsi.org/01903/v1.3.2#", "QualifyingProperties");\r
if (qualNl.getLength() == 1) {\r
- qualProps = QualifyingPropertiesType.Factory.parse(qualNl.item(0));\r
+ qualDoc = QualifyingPropertiesDocument.Factory.parse(qualNl.item(0));\r
+ qualProps = qualDoc.getQualifyingProperties();\r
} else {\r
throw new IllegalArgumentException("no XAdES-BES extension present");\r
}\r
}\r
\r
// marshal XAdES-X\r
+ unsignedSigProps.addNewSigAndRefsTimeStamp().set(timeStampXadesX1);\r
\r
// XAdES-X-L\r
CertificateValuesType certificateValues = unsignedSigProps.addNewCertificateValues();\r
createRevocationValues(revocationValues, revocationData);\r
\r
// marshal XAdES-X-L\r
- Node n = document.importNode(qualProps.getDomNode().getFirstChild(), true);\r
+ Node n = document.importNode(qualProps.getDomNode(), true);\r
qualNl.item(0).getParentNode().replaceChild(n, qualNl.item(0));\r
}\r
\r
\r
import javax.xml.bind.DatatypeConverter;\r
\r
-import org.apache.commons.codec.binary.Hex;\r
import org.apache.poi.poifs.crypt.CryptoFunctions;\r
import org.apache.poi.poifs.crypt.HashAlgorithm;\r
import org.apache.poi.util.IOUtils;\r
JcaX509ExtensionUtils utils = new JcaX509ExtensionUtils();\r
\r
X509CertificateHolder signerCert = null;\r
- Map<String, X509CertificateHolder> certificateMap = new HashMap<String, X509CertificateHolder>();\r
+ Map<X500Name, X509CertificateHolder> certificateMap = new HashMap<X500Name, X509CertificateHolder>();\r
for (X509CertificateHolder certificate : certificates) {\r
if (signerCertIssuer.equals(certificate.getIssuer())\r
&& signerCertSerialNumber.equals(certificate.getSerialNumber())) {\r
signerCert = certificate;\r
}\r
- byte skiBytes[] = utils.createSubjectKeyIdentifier(certificate.getSubjectPublicKeyInfo()).getKeyIdentifier();\r
- String ski = Hex.encodeHexString(skiBytes);\r
- certificateMap.put(ski, certificate);\r
- LOG.log(POILogger.DEBUG, "embedded certificate: "\r
- + certificate.getSubject() + "; SKI="\r
- + ski);\r
+ certificateMap.put(certificate.getSubject(), certificate);\r
}\r
\r
// TSP signer cert path building\r
if (certificate.getSubject().equals(certificate.getIssuer())) {\r
break;\r
}\r
- byte akiBytes[] = utils.createAuthorityKeyIdentifier(certificate.getSubjectPublicKeyInfo()).getKeyIdentifier();\r
- String aki = Hex.encodeHexString(akiBytes);\r
- certificate = certificateMap.get(aki);\r
+ certificate = certificateMap.get(certificate.getIssuer());\r
} while (null != certificate);\r
\r
// verify TSP signer signature\r
signatureFacet.postSign(document, signingCertificateChain);\r
}\r
\r
+ registerIds(document);\r
writeDocument(document);\r
}\r
\r
xmlSignature.sign(xmlSignContext);\r
\r
registerIds(document);\r
- // document.getElementById("idPackageObject").setAttributeNS(XmlNS, "xmlns:mdssi", PackageNamespaces.DIGITAL_SIGNATURE);\r
-\r
\r
/*\r
* Completion of undigested ds:References in the ds:Manifests.\r
import org.etsi.uri.x01903.v13.DigestAlgAndValueType;\r
import org.etsi.uri.x01903.v13.QualifyingPropertiesType;\r
import org.junit.BeforeClass;\r
-import org.junit.Ignore;\r
import org.junit.Test;\r
import org.w3.x2000.x09.xmldsig.SignatureDocument;\r
import org.w3c.dom.Document;\r
\r
@SuppressWarnings("unused")\r
@Test\r
- @Ignore\r
public void testSignEnvelopingDocument() throws Exception {\r
String testFile = "hello-world-unsigned.xlsx";\r
OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);\r
projects / poi.git / commitdiff