xades4j.production.DataGenBaseCertRefs Maven / Gradle / Ivy

Show more of this group Show more artifacts with this name
Show all versions of xades4j Show documentation

The XAdES4j library is an high-level, configurable and extensible Java implementation of XML Advanced Electronic Signatures (XAdES 1.3.2 and 1.4.1). It enables producing, verifying and extending signatures in the main XAdES forms: XAdES-BES, XAdES-EPES, XAdES-T and XAdES-C. Also, extended forms are supported through the enrichment of an existing signature.

There is a newer version: 2.2.2

Show newest version

/*
 * XAdES4j - A Java library for generation and verification of XAdES signatures.
 * Copyright (C) 2010 Luis Goncalves.
 *
 * XAdES4j is free software; you can redistribute it and/or modify it under
 * the terms of the GNU Lesser General Public License as published by the Free
 * Software Foundation; either version 3 of the License, or any later version.
 *
 * XAdES4j is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
 * details.
 *
 * You should have received a copy of the GNU Lesser General Public License along
 * with XAdES4j. If not, see .
 */
package xades4j.production;

import java.security.MessageDigest;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import xades4j.properties.QualifyingProperty;
import xades4j.UnsupportedAlgorithmException;
import xades4j.properties.data.BaseCertRefsData;
import xades4j.properties.data.CertRef;
import xades4j.properties.data.PropertyDataObject;
import xades4j.providers.AlgorithmsProviderEx;
import xades4j.providers.MessageDigestEngineProvider;

/**
 *
 * @author Luís
 */
class DataGenBaseCertRefs
{
    private final AlgorithmsProviderEx algorithmsProvider;
    private final MessageDigestEngineProvider messageDigestProvider;

    protected DataGenBaseCertRefs(
            AlgorithmsProviderEx algorithmsProvider,
            MessageDigestEngineProvider messageDigestProvider)
    {
        this.algorithmsProvider = algorithmsProvider;
        this.messageDigestProvider = messageDigestProvider;
    }

    protected PropertyDataObject generate(
            Collection certs,
            BaseCertRefsData certRefsData,
            QualifyingProperty prop) throws PropertyDataGenerationException
    {
        if (null == certs)
        {
            throw new PropertyDataGenerationException(prop, "certificates not provided");
        }

        try
        {
            String digestAlgUri = this.algorithmsProvider.getDigestAlgorithmForReferenceProperties();
            MessageDigest messageDigest = this.messageDigestProvider.getEngine(digestAlgUri);

            for (X509Certificate cert : certs)
            {
                // "DigestValue contains the base-64 encoded value of the digest
                // computed on the DER-encoded certificate."
                // The base-64 encoding is done by JAXB with the configured
                // adapter (Base64XmlAdapter).
                // For X509 certificates the encoded form return by getEncoded is DER.
                byte[] digestValue = messageDigest.digest(cert.getEncoded());

                certRefsData.addCertRef(new CertRef(
                        cert.getIssuerX500Principal().getName(),
                        cert.getSerialNumber(),
                        digestAlgUri,
                        digestValue));
            }
            return certRefsData;

        } catch (UnsupportedAlgorithmException ex)
        {
            throw new PropertyDataGenerationException(prop, ex.getMessage(), ex);
        } catch (CertificateEncodingException ex)
        {
            throw new PropertyDataGenerationException(prop, "cannot get encoded certificate", ex);
        }
    }
}