Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /*
- * This class is part of the white paper entitled
- * "Digital Signatures for PDF documents"
- * written by Bruno Lowagie
- *
- * For more info, go to: http://itextpdf.com/learn
- */
- package signatures.chapter3;
- import java.io.FileInputStream;
- import java.io.IOException;
- import java.security.GeneralSecurityException;
- import java.security.KeyStore;
- import java.security.PrivateKey;
- import java.security.Security;
- import java.security.cert.Certificate;
- import java.util.Properties;
- import org.bouncycastle.jce.provider.BouncyCastleProvider;
- import com.itextpdf.text.DocumentException;
- import com.itextpdf.text.pdf.security.DigestAlgorithms;
- import com.itextpdf.text.pdf.security.MakeSignature.CryptoStandard;
- import com.itextpdf.text.pdf.security.OCSPVerifier;
- import com.itextpdf.text.pdf.security.OcspClient;
- import com.itextpdf.text.pdf.security.OcspClientBouncyCastle;
- import com.itextpdf.text.pdf.security.PdfPKCS7;
- import com.itextpdf.text.pdf.security.TSAClient;
- import com.itextpdf.text.pdf.security.TSAClientBouncyCastle;
- import java.security.cert.CertificateFactory;
- import java.security.cert.X509Certificate;
- public class C3_09_SignWithTSA_1 extends C3_01_SignWithCAcert {
- public static final String SRC = "src/main/resources/hello.pdf";
- public static final String DEST = "results/chapter3/hello_cacert_ocsp_ts.pdf";
- public static void main(String[] args) throws IOException, GeneralSecurityException, DocumentException {
- Properties properties = new Properties();
- //properties.load(new FileInputStream("c:/home/blowagie/key.properties"));
- properties.setProperty("PRIVATE", "src/main/resources/new/identity.p12");
- properties.setProperty("PASSWORD", "password");
- properties.setProperty("TSAURL", "http://localhost:3000");
- //properties.setProperty("TSAURL", "https://freetsa.org/tsr");
- //properties.setProperty("TSAUSERNAME", "tsausername");
- //properties.setProperty("TSAPASSWORD", "tsapassword");
- String path = properties.getProperty("PRIVATE");
- char[] pass = properties.getProperty("PASSWORD").toCharArray();
- String tsaUrl = properties.getProperty("TSAURL");
- String tsaUser = properties.getProperty("TSAUSERNAME");
- String tsaPass = properties.getProperty("TSAPASSWORD");
- BouncyCastleProvider provider = new BouncyCastleProvider();
- Security.addProvider(provider);
- KeyStore ks = KeyStore.getInstance("pkcs12", provider.getName());
- ks.load(new FileInputStream(path), pass);
- String alias = (String)ks.aliases().nextElement();
- PrivateKey pk = (PrivateKey) ks.getKey(alias, pass);
- Certificate[] chain = ks.getCertificateChain(alias);
- //OCSPVerifier ocspVerifier = new OCSPVerifier(null, null);
- //OcspClient ocspClient = new OcspClientBouncyCastle(ocspVerifier);
- OcspClientBouncyCastle ocspClient = null;
- String urlOcsp = "localhost:3001";
- CertificateFactory cf = CertificateFactory.getInstance("X509");
- FileInputStream is = new FileInputStream(properties.getProperty("ROOTCERT"));
- X509Certificate root = (X509Certificate) cf.generateCertificate(is);
- ocspClient = new OcspClientBouncyCastle();
- ocspClient.getEncoded((X509Certificate) chain[0], root, urlOcsp);
- TSAClient tsaClient = new TSAClientBouncyCastle(tsaUrl); //, tsaUser, tsaPass)
- System.out.println(tsaClient.toString());
- //System.out.println(tsaClient.getMessageDigest());
- C3_09_SignWithTSA app = new C3_09_SignWithTSA();
- app.sign(SRC, DEST, chain, pk, DigestAlgorithms.SHA256, provider.getName(), CryptoStandard.CMS, "Test", "Madrid",
- null, ocspClient, tsaClient, 0);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
