com.lacunasoftware.restpki

Class CadesSignatureStarter

java.lang.Object

com.lacunasoftware.restpki.SignatureStarter

com.lacunasoftware.restpki.CadesSignatureStarter

public class CadesSignatureStarter
extends SignatureStarter

Class used to perform the first of the two steps required to perform a CAdES signature.

Note on confidentiality: the file to be signed is stored on the server between the first and second steps, but never unencrypted. The content is encrypted using AES-128 and the key is not stored on the server, it is instead mixed into the token that is returned and which is necessary on the second step. In other words, the server stores the file but is unable to read it on its own, therefore the file contents cannot be compromised, even in the event of a complete data leakage.

Field Summary

Fields inherited from class com.lacunasoftware.restpki.SignatureStarter

callbackArgument, certificate, certificateInfo, client, done, securityContextId, signaturePolicyId

Constructor Summary

Constructors

Constructor and Description
CadesSignatureStarter(RestPkiClient client) Create a new instance using the given RestPkiClient.

Method Summary

Modifier and Type	Method and Description
void	setCmsToCoSign(byte[] cmsToCoSign) Sets the CMS to be co-signed as a byte array
void	setCmsToCoSign(java.io.InputStream stream) Sets the CMS to be co-signed
void	setCmsToCoSign(java.nio.file.Path path) Sets the path of the CMS file to be co-signed
void	setCmsToCoSign(java.lang.String path) Sets the path of the CMS file to be co-signed
void	setContentToSign(byte[] content) Sets the content to be signed as a byte array
void	setContentToSign(java.io.InputStream stream) Sets the content to be signed
void	setEncapsulateContent(java.lang.Boolean encapsulateContent) Optionally denotes whether the resulting CMS should include the content signed.
void	setFileToSign(java.nio.file.Path path) Sets the path of the file to be signed
void	setFileToSign(java.lang.String path) Sets the path of the file to be signed
ClientSideSignatureInstructions	start() Performs the first step, should be called after setting the necessary parameters.
java.lang.String	startWithWebPki() Performs the first step, should be called after setting the necessary parameters.

Methods inherited from class com.lacunasoftware.restpki.SignatureStarter

getCertificateInfo, setCallbackArgument, setSecurityContext, setSignaturePolicy, setSignerCertificate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CadesSignatureStarter

public CadesSignatureStarter(RestPkiClient client)

Create a new instance using the given RestPkiClient.

Parameters:

client - the RestPkiClient which shall be used.

Method Detail

setContentToSign

public void setContentToSign(java.io.InputStream stream)
                      throws java.io.IOException

Sets the content to be signed

Parameters:

stream - a pre-opened InputStream linked to the file that will be signed. The stream is NOT closed by this method.

Throws:

java.io.IOException - if an error occurs while reading the stream.

setContentToSign

public void setContentToSign(byte[] content)

Sets the content to be signed as a byte array

Parameters:

content - Binary content to be signed

setFileToSign

public void setFileToSign(java.lang.String path)
                   throws java.io.IOException

Sets the path of the file to be signed

Parameters:

path - Path of the file to be signed.

Throws:

java.io.IOException - if an error occurs while reading the file.

setFileToSign

public void setFileToSign(java.nio.file.Path path)
                   throws java.io.IOException

Sets the path of the file to be signed

Parameters:

path - Path of the file to be signed.

Throws:

java.io.IOException - if an error occurs while reading the file.

setCmsToCoSign

public void setCmsToCoSign(java.io.InputStream stream)
                    throws java.io.IOException

Sets the CMS to be co-signed

Parameters:

stream - a pre-opened InputStream linked to the CMS file that will be co-signed. The stream is NOT closed by this method.

Throws:

java.io.IOException - if an error occurs while reading the stream.

setCmsToCoSign

public void setCmsToCoSign(byte[] cmsToCoSign)

Sets the CMS to be co-signed as a byte array

Parameters:

cmsToCoSign - Binary content of the CMS to be co-signed

setCmsToCoSign

public void setCmsToCoSign(java.lang.String path)
                    throws java.io.IOException

Sets the path of the CMS file to be co-signed

Parameters:

path - Path of the CMS file to be co-signed.

Throws:

java.io.IOException - if an error occurs while reading the file.

setCmsToCoSign

public void setCmsToCoSign(java.nio.file.Path path)
                    throws java.io.IOException

Sets the path of the CMS file to be co-signed

Parameters:

path - Path of the CMS file to be co-signed.

Throws:

java.io.IOException - if an error occurs while reading the file.

setEncapsulateContent

public void setEncapsulateContent(java.lang.Boolean encapsulateContent)

Optionally denotes whether the resulting CMS should include the content signed. If omitted or set to null, the following rules apply:

If no CmsToSign is given, the resulting CMS will include the content

If a CmsToCoSign is given, the resulting CMS will include the content if and only if the CmsToCoSign also includes the content

start

public ClientSideSignatureInstructions start()
                                      throws RestException

Description copied from class: SignatureStarter

Performs the first step, should be called after setting the necessary parameters. If you intend to use the Web PKI component on the client-side, use the startWithWebPki() method instead.

Specified by:

start in class SignatureStarter

Returns:

An instance of ClientSideSignatureInstructions with the information necessary to perform the client-side signature and later call the server back with the results.

Throws:

RestException - if an error occurs when calling REST PKI

startWithWebPki

public java.lang.String startWithWebPki()
                                 throws RestException

Description copied from class: SignatureStarter

Performs the first step, should be called after setting the necessary parameters. This method should be used if the Web PKI component is being used on the client-side.

Specified by:

startWithWebPki in class SignatureStarter

Returns:

The token that should be passed on the signWithRestPki method of the Web PKI component (on the client-side logic).

Throws:

RestException - if an error occurs when calling REST PKI