GlobalSign Digital Signing Service Java API Implementation
Never
import java.io.BufferedReader; import java.io.ByteArrayInputStream; import java.io.DataOutputStream; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.math.BigInteger; import java.net.URL; import java.security.GeneralSecurityException; import java.security.KeyStore; import java.security.MessageDigest; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.Calendar; import java.util.Properties; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.KeyManager; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import org.apache.commons.codec.DecoderException; import org.apache.commons.codec.binary.Hex; import org.bouncycastle.cert.ocsp.BasicOCSPResp; import org.bouncycastle.cert.ocsp.OCSPException; import org.bouncycastle.cert.ocsp.OCSPResp; import org.json.simple.JSONArray; import org.json.simple.JSONObject; import org.json.simple.parser.JSONParser; import org.json.simple.parser.ParseException; import com.itextpdf.text.DocumentException; import com.itextpdf.text.Rectangle; import com.itextpdf.text.pdf.PdfDictionary; import com.itextpdf.text.pdf.PdfName; import com.itextpdf.text.pdf.PdfReader; import com.itextpdf.text.pdf.PdfSignatureAppearance; import com.itextpdf.text.pdf.PdfStamper; import com.itextpdf.text.pdf.codec.Base64; import com.itextpdf.text.pdf.security.BouncyCastleDigest; import com.itextpdf.text.pdf.security.DigestAlgorithms; import com.itextpdf.text.pdf.security.ExtenalBlankSignatureContainer; import com.itextpdf.text.pdf.security.ExtenalSignatureContainer; import com.itextpdf.text.pdf.security.MakeSignature; import com.itextpdf.text.pdf.security.PdfPKCS7; import com.itextpdf.text.pdf.security.TSAClient; import com.itextpdf.text.pdf.security.TSAClientBouncyCastle; import com.itextpdf.text.pdf.security.MakeSignature.CryptoStandard; public class ApiConnect { public static final String KEY = "e510e289e6cd8941"; public static final String SECRET = "a477a8393d17a55ecb2ba6a61f58feb84770b621"; public static final String baseURL = "https://stg-emea.api.hvca.globalsign.com:8443"; public final static String SRC = "results/chapter01/hello_world.pdf"; public final static String TEMP = "results/chapter01/hello_world_temp.pdf"; public final static String DEST = "results/chapter01/hello_world_dss.pdf"; public static final String PROPS = "results/chapter01/signkey1.properties"; public final static String tsURL = "http://aatl-timestamp.globalsign.com/tsa/aohfewat2389535fnasgnlg5m23"; public static void main(String[] args) throws GeneralSecurityException, IOException, ParseException, DocumentException, DecoderException, OCSPException { InputStream trustStream = new FileInputStream("results/chapter01/bundle1.jks"); Properties properties = new Properties(); properties.load(new FileInputStream(PROPS)); char [] trustPassword = properties.getProperty("PASSWORD").toCharArray(); KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(trustStream, trustPassword); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(trustStore, trustPassword); KeyManager[] kms = kmf.getKeyManagers(); TrustManager[] trustAllCerts = new TrustManager[]{ new X509TrustManager(){ public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { } public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { retun null; } } }; SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(kms, trustAllCerts, null); SSLContext.setDefault(sslContext); //get JSON access token JSONObject access = login(baseURL,KEY,SECRET); //get JSON with id/certificate/ocsp respone JSONObject identity = identity(baseURL,access); String cert = (String) identity.get("signing_cert"); String ocspJSON = (String) identity.get("ocsp_response"); String id = (String) identity.get("id"); JSONObject path = certificatePath(baseURL,access); String ca = (String) path.get("path"); //Create Certificate chain Certificate [] chain = createChain(cert,ca); //If validation policy is needed //JSONObject policy = validationPolicy(baseURL,access); //System.out.println("policy: "+policy.toString()); //create empty signature PdfReader reader = new PdfReader(SRC); FileOutputStream os = new FileOutputStream(TEMP); PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0'); PdfSignatureAppearance appearance = stamper.getSignatureAppearance(); appearance.setVisibleSignature(new Rectangle(36,748,144,780), 1, "sig1"); appearance.setCertificate(chain[0]); appearance.setReason("Test GS"); ExtenalSignatureContainer extenal = new ExtenalBlankSignatureContainer(PdfName.ADOBE_PPKLITE,PdfName.ADBE_PKCS7_DETACHED); MakeSignature.signExtenalContainer(appearance, extenal, 8192); InputStream data = appearance.getRangeStream(); String hashAlgorithm = "SHA256"; BouncyCastleDigest digest = new BouncyCastleDigest(); PdfPKCS7 sgn = new PdfPKCS7(null,chain,hashAlgorithm,null,digest,false); byte []hash = DigestAlgorithms.digest(data, digest.getMessageDigest(hashAlgorithm)); Calendar cal = Calendar.getInstance(); //decode ocsp response OCSPResp ocspResp = new OCSPResp(new ByteArrayInputStream(Base64.decode(ocspJSON))); BasicOCSPResp basicResp = (BasicOCSPResp)ocspResp.getResponseObject(); byte[] oc = basicResp.getEncoded(); //create data array from pdf byte [] sh = sgn.getAuthenticatedAttributeBytes(hash, cal, oc, null, CryptoStandard.CMS); //create sha256 message digest sh = MessageDigest.getInstance("SHA-256").digest(sh); //create hex encoded sha256 message digest String hexencodedDigest = new BigInteger(1,sh).toString(16); hexencodedDigest = hexencodedDigest.toUpperCase(); //JSONObject time = timestamp(baseURL,hexencodedDigest,access); //System.out.println("timestamp token: "+ time.toString()); TSAClient tsc = new TSAClientBouncyCastle(tsURL,null,null); JSONObject signed = sign(baseURL,id,hexencodedDigest,access); String sig = (String)signed.get("signature"); //decode hex signature byte[] dsg = Hex.decodeHex(sig.toCharArray()); sgn.setExtenalDigest(dsg, null, "RSA"); byte [] encodedpkcs7 = sgn.getEncodedPKCS7(hash, cal, tsc, oc, null, CryptoStandard.CMS); //add signature to pdf createSignature(TEMP,DEST,"sig1",encodedpkcs7); System.out.println("GS Finished"); } public static void createSignature(String src, String dest, String fieldname, byte [] sig) throws IOException, DocumentException, GeneralSecurityException{ PdfReader reader = new PdfReader(src); FileOutputStream os = new FileOutputStream(dest); ExtenalSignatureContainer extenal = new MyExtenalSignatureContainer(sig); MakeSignature.signDeferred(reader, fieldname, os, extenal); } public static JSONObject login(String aURL, Object aKey, Object aSecret) throws IOException, ParseException{ URL loginURL = new URL (aURL+ "/login"); HttpsURLConnection conn = (HttpsURLConnection) loginURL.openConnection(); JSONObject apiLogin = new JSONObject(); apiLogin.put("api_key", aKey); apiLogin.put("api_secret", aSecret); conn.setRequestMethod("POST"); conn.setRequestProperty("Content-Type", "application/json; charset=UTF-8"); conn.setRequestProperty("Content-Length", "" + apiLogin.toString().length()); //Send Request conn.setDoOutput(true); DataOutputStream os = new DataOutputStream(conn.getOutputStream()); os.writeBytes(apiLogin.toString()); os.flush(); os.close(); //Get Response BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream())); String aux = ""; StringBuilder builder = new StringBuilder(); while ((aux = br.readLine()) != null){ builder.append(aux); } String output = builder.toString(); JSONParser parser = new JSONParser(); JSONObject accessCode = (JSONObject) parser.parse(output); br.close(); conn.disconnect(); retun accessCode; } public static JSONObject identity(String aURL, JSONObject aObj)throws IOException, ParseException{ URL loginURL = new URL (aURL+ "/identity"); HttpsURLConnection conn = (HttpsURLConnection) loginURL.openConnection(); JSONParser parser = new JSONParser(); //info for certificate JSONObject apiID = new JSONObject(); JSONObject subj = new JSONObject(); subj.put("common_name", "Jose Sue"); subj.put("country", "GB"); JSONArray adm = new JSONArray(); adm.add("Sales"); subj.put("organizational_unit", adm); apiID.put("subject_dn", subj); String token = (String)aObj.get("access_token"); conn.setRequestMethod("POST"); conn.setRequestProperty("Authorization", "Bearer "+ token); conn.setRequestProperty("Content-Type", "application/json; charset=UTF-8"); conn.setRequestProperty("Content-Length", "" + apiID.toString().length()); //Send Request conn.setDoOutput(true); DataOutputStream os = new DataOutputStream(conn.getOutputStream()); os.writeBytes(apiID.toString()); os.flush(); os.close(); //Get Response BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream())); String aux = ""; StringBuilder builder = new StringBuilder(); while ((aux = br.readLine()) != null){ builder.append(aux); } String output = builder.toString(); JSONParser parser1 = new JSONParser(); JSONObject identity = (JSONObject) parser1.parse(output); br.close(); conn.disconnect(); retun identity; } public static JSONObject validationPolicy(String aURL, JSONObject aObj) throws IOException, ParseException{ URL loginURL = new URL (aURL+ "/validationpolicy"); HttpsURLConnection conn = (HttpsURLConnection) loginURL.openConnection(); String token = (String)aObj.get("access_token"); conn.setRequestMethod("GET"); conn.setRequestProperty("Authorization", "Bearer "+ token); //Get Response BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream())); String aux = ""; StringBuilder builder = new StringBuilder(); while ((aux = br.readLine()) != null){ builder.append(aux); } String output = builder.toString(); JSONParser parser = new JSONParser(); JSONObject policy = (JSONObject) parser.parse(output); br.close(); conn.disconnect(); retun policy; } public static JSONObject certificatePath(String aURL, JSONObject aObj) throws IOException, ParseException{ URL loginURL = new URL (aURL+ "/certificate_path"); HttpsURLConnection conn = (HttpsURLConnection) loginURL.openConnection(); String token = (String)aObj.get("access_token"); conn.setRequestMethod("GET"); conn.setRequestProperty("Authorization", "Bearer "+ token); //Get Response BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream())); String aux = ""; StringBuilder builder = new StringBuilder(); while ((aux = br.readLine()) != null){ builder.append(aux); } String output = builder.toString(); JSONParser parser = new JSONParser(); JSONObject path = (JSONObject) parser.parse(output); br.close(); conn.disconnect(); retun path; } public static JSONObject timestamp(String aURL, String digest, JSONObject aObj) throws IOException, ParseException{ URL loginURL = new URL (aURL+ "/timestamp/" + digest); HttpsURLConnection conn = (HttpsURLConnection) loginURL.openConnection(); String token = (String)aObj.get("access_token"); conn.setRequestMethod("GET"); conn.setRequestProperty("Authorization", "Bearer "+ token); //Get Response BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream())); String aux = ""; StringBuilder builder = new StringBuilder(); while ((aux = br.readLine()) != null){ builder.append(aux); } String output = builder.toString(); JSONParser parser = new JSONParser(); JSONObject time = (JSONObject) parser.parse(output); br.close(); conn.disconnect(); retun time; } public static JSONObject sign(String aURL, String id, String digest, JSONObject aObj) throws IOException, ParseException{ URL loginURL = new URL (aURL+ "/identity/" + id + "/sign/" + digest); HttpsURLConnection conn = (HttpsURLConnection) loginURL.openConnection(); String token = (String)aObj.get("access_token"); conn.setRequestMethod("GET"); conn.setRequestProperty("Authorization", "Bearer "+ token); //Get Response BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream())); String aux = ""; StringBuilder builder = new StringBuilder(); while ((aux = br.readLine()) != null){ builder.append(aux); } String output = builder.toString(); JSONParser parser = new JSONParser(); JSONObject signature = (JSONObject) parser.parse(output); br.close(); conn.disconnect(); retun signature; } public static Certificate[] createChain(String cert, String ca) throws IOException, CertificateException{ Certificate [] chainy = new Certificate[2]; CertificateFactory fact = CertificateFactory.getInstance("X.509"); X509Certificate cer = null; InputStream in = new ByteArrayInputStream(cert.getBytes("UTF-8")); cer = (X509Certificate) fact.generateCertificate(in); chainy[0] = (Certificate)cer; X509Certificate caCert = null; in = new ByteArrayInputStream(ca.getBytes("UTF-8")); caCert = (X509Certificate) fact.generateCertificate(in); chainy[1] = (Certificate)caCert; retun chainy; } static class MyExtenalSignatureContainer implements ExtenalSignatureContainer { protected byte[]sig; public MyExtenalSignatureContainer(byte[] sig){ this.sig = sig; } public void modifySigningDictionary(PdfDictionary arg0) { } public byte[] sign(InputStream arg0) throws GeneralSecurityException { retun sig; } } }
Raw Text
-
Adult Telegram Channels
5 min ago
-
No Deposit Bonus
8 min ago
-
Teen Dildo Lover Scarlett Takes Off Her Clothes And Masturbates With Dildo!
23 min ago
-
https://www.facebook.com/MakersCBDGummies/
42 min ago
-
DIRECTLINK NOADS ANDT
42 min ago
-
Bocie smph mulus T
43 min ago
-
New mega konten T
43 min ago
-
SMA BERHIJAB CANTIK BGT
44 min ago
-
Get New Dōods T
44 min ago
-
BARATDOODS T
45 min ago