001: /*
002: * Copyright 2004 by Paulo Soares.
003: *
004: * The contents of this file are subject to the Mozilla Public License Version 1.1
005: * (the "License"); you may not use this file except in compliance with the License.
006: * You may obtain a copy of the License at http://www.mozilla.org/MPL/
007: *
008: * Software distributed under the License is distributed on an "AS IS" basis,
009: * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
010: * for the specific language governing rights and limitations under the License.
011: *
012: * The Original Code is 'iText, a free JAVA-PDF library'.
013: *
014: * The Initial Developer of the Original Code is Bruno Lowagie. Portions created by
015: * the Initial Developer are Copyright (C) 1999, 2000, 2001, 2002 by Bruno Lowagie.
016: * All Rights Reserved.
017: * Co-Developer of the code is Paulo Soares. Portions created by the Co-Developer
018: * are Copyright (C) 2000, 2001, 2002 by Paulo Soares. All Rights Reserved.
019: *
020: * Contributor(s): all the names of the contributors are added in the source code
021: * where applicable.
022: *
023: * Alternatively, the contents of this file may be used under the terms of the
024: * LGPL license (the "GNU LIBRARY GENERAL PUBLIC LICENSE"), in which case the
025: * provisions of LGPL are applicable instead of those above. If you wish to
026: * allow use of your version of this file only under the terms of the LGPL
027: * License and not to allow others to use your version of this file under
028: * the MPL, indicate your decision by deleting the provisions above and
029: * replace them with the notice and other provisions required by the LGPL.
030: * If you do not delete the provisions above, a recipient may use your version
031: * of this file under either the MPL or the GNU LIBRARY GENERAL PUBLIC LICENSE.
032: *
033: * This library is free software; you can redistribute it and/or modify it
034: * under the terms of the MPL as stated above or under the terms of the GNU
035: * Library General Public License as published by the Free Software Foundation;
036: * either version 2 of the License, or any later version.
037: *
038: * This library is distributed in the hope that it will be useful, but WITHOUT
039: * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
040: * FOR A PARTICULAR PURPOSE. See the GNU Library general Public License for more
041: * details.
042: *
043: * If you didn't download this code from the following link, you should check if
044: * you aren't using an obsolete version:
045: * http://www.lowagie.com/iText/
046: */
047: package com.lowagie.text.pdf;
048:
049: import java.io.ByteArrayOutputStream;
050: import java.security.PrivateKey;
051: import java.security.cert.CRL;
052: import java.security.cert.Certificate;
053:
054: import com.lowagie.text.ExceptionConverter;
055:
056: /**
057: * A signature dictionary representation for the standard filters.
058: */
059: public abstract class PdfSigGenericPKCS extends PdfSignature {
060: /**
061: * The hash algorith, for example "SHA1"
062: */
063: protected String hashAlgorithm;
064: /**
065: * The crypto provider
066: */
067: protected String provider = null;
068: /**
069: * The class instance that calculates the PKCS#1 and PKCS#7
070: */
071: protected PdfPKCS7 pkcs;
072: /**
073: * The subject name in the signing certificate (the element "CN")
074: */
075: protected String name;
076:
077: private byte externalDigest[];
078: private byte externalRSAdata[];
079: private String digestEncryptionAlgorithm;
080:
081: /**
082: * Creates a generic standard filter.
083: * @param filter the filter name
084: * @param subFilter the sub-filter name
085: */
086: public PdfSigGenericPKCS(PdfName filter, PdfName subFilter) {
087: super (filter, subFilter);
088: }
089:
090: /**
091: * Sets the crypto information to sign.
092: * @param privKey the private key
093: * @param certChain the certificate chain
094: * @param crlList the certificate revocation list. It can be <CODE>null</CODE>
095: */
096: public void setSignInfo(PrivateKey privKey,
097: Certificate[] certChain, CRL[] crlList) {
098: try {
099: pkcs = new PdfPKCS7(privKey, certChain, crlList,
100: hashAlgorithm, provider, PdfName.ADBE_PKCS7_SHA1
101: .equals(get(PdfName.SUBFILTER)));
102: pkcs.setExternalDigest(externalDigest, externalRSAdata,
103: digestEncryptionAlgorithm);
104: if (PdfName.ADBE_X509_RSA_SHA1
105: .equals(get(PdfName.SUBFILTER))) {
106: ByteArrayOutputStream bout = new ByteArrayOutputStream();
107: for (int k = 0; k < certChain.length; ++k) {
108: bout.write(certChain[k].getEncoded());
109: }
110: bout.close();
111: setCert(bout.toByteArray());
112: setContents(pkcs.getEncodedPKCS1());
113: } else
114: setContents(pkcs.getEncodedPKCS7());
115: name = PdfPKCS7.getSubjectFields(
116: pkcs.getSigningCertificate()).getField("CN");
117: if (name != null)
118: put(PdfName.NAME, new PdfString(name,
119: PdfObject.TEXT_UNICODE));
120: pkcs = new PdfPKCS7(privKey, certChain, crlList,
121: hashAlgorithm, provider, PdfName.ADBE_PKCS7_SHA1
122: .equals(get(PdfName.SUBFILTER)));
123: pkcs.setExternalDigest(externalDigest, externalRSAdata,
124: digestEncryptionAlgorithm);
125: } catch (Exception e) {
126: throw new ExceptionConverter(e);
127: }
128: }
129:
130: /**
131: * Sets the digest/signature to an external calculated value.
132: * @param digest the digest. This is the actual signature
133: * @param RSAdata the extra data that goes into the data tag in PKCS#7
134: * @param digestEncryptionAlgorithm the encryption algorithm. It may must be <CODE>null</CODE> if the <CODE>digest</CODE>
135: * is also <CODE>null</CODE>. If the <CODE>digest</CODE> is not <CODE>null</CODE>
136: * then it may be "RSA" or "DSA"
137: */
138: public void setExternalDigest(byte digest[], byte RSAdata[],
139: String digestEncryptionAlgorithm) {
140: externalDigest = digest;
141: externalRSAdata = RSAdata;
142: this .digestEncryptionAlgorithm = digestEncryptionAlgorithm;
143: }
144:
145: /**
146: * Gets the subject name in the signing certificate (the element "CN")
147: * @return the subject name in the signing certificate (the element "CN")
148: */
149: public String getName() {
150: return name;
151: }
152:
153: /**
154: * Gets the class instance that does the actual signing.
155: * @return the class instance that does the actual signing
156: */
157: public PdfPKCS7 getSigner() {
158: return pkcs;
159: }
160:
161: /**
162: * Gets the signature content. This can be a PKCS#1 or a PKCS#7. It corresponds to
163: * the /Contents key.
164: * @return the signature content
165: */
166: public byte[] getSignerContents() {
167: if (PdfName.ADBE_X509_RSA_SHA1.equals(get(PdfName.SUBFILTER)))
168: return pkcs.getEncodedPKCS1();
169: else
170: return pkcs.getEncodedPKCS7();
171: }
172:
173: /**
174: * Creates a standard filter of the type VeriSign.
175: */
176: public static class VeriSign extends PdfSigGenericPKCS {
177: /**
178: * The constructor for the default provider.
179: */
180: public VeriSign() {
181: super (PdfName.VERISIGN_PPKVS, PdfName.ADBE_PKCS7_DETACHED);
182: hashAlgorithm = "MD5";
183: put(PdfName.R, new PdfNumber(65537));
184: }
185:
186: /**
187: * The constructor for an explicit provider.
188: * @param provider the crypto provider
189: */
190: public VeriSign(String provider) {
191: this ();
192: this .provider = provider;
193: }
194: }
195:
196: /**
197: * Creates a standard filter of the type self signed.
198: */
199: public static class PPKLite extends PdfSigGenericPKCS {
200: /**
201: * The constructor for the default provider.
202: */
203: public PPKLite() {
204: super (PdfName.ADOBE_PPKLITE, PdfName.ADBE_X509_RSA_SHA1);
205: hashAlgorithm = "SHA1";
206: put(PdfName.R, new PdfNumber(65541));
207: }
208:
209: /**
210: * The constructor for an explicit provider.
211: * @param provider the crypto provider
212: */
213: public PPKLite(String provider) {
214: this ();
215: this .provider = provider;
216: }
217: }
218:
219: /**
220: * Creates a standard filter of the type Windows Certificate.
221: */
222: public static class PPKMS extends PdfSigGenericPKCS {
223: /**
224: * The constructor for the default provider.
225: */
226: public PPKMS() {
227: super (PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);
228: hashAlgorithm = "SHA1";
229: }
230:
231: /**
232: * The constructor for an explicit provider.
233: * @param provider the crypto provider
234: */
235: public PPKMS(String provider) {
236: this();
237: this.provider = provider;
238: }
239: }
240: }
|