ESYAE-imza Kütüphaneleri

Bu sayfa salt okunur. Kaynağı görebilirsiniz ama değiştiremezsiniz. Bunun yanlış olduğunu düşünüyorsanız yöneticiye danışın.

<h2>Signature Creation</h2> <div class="level2"> <p> Signature creation consists of two steps which are the validation of the signing certificate and creation of the signature. </p> </div> <h3>Signing an Unsigned Document</h3> <div class="level3"> <p> <code>BaseSignedData</code> is responsible for data signing. Firstly, by using the method <code>addContent(…)</code> the data to be signed must be defined. This method must be called only once. The data to be signed can not be modified once it is assigned by <code>addContent(…)</code>. The signer information is defined by using <code>addSigner(…)</code>. This function takes the type of the signature, the certificate of the signer, the properties of the crypto device that will perform the signature creation, and other signature properties as parameters. The sample code for signature creation is as follows: </p> <p> <em><</em>sxh java;title:Java> BaseSignedData bs = new BaseSignedData(); ISignable content = new SignableByteArray("test".getBytes()); bs.addContent(content); </p> <p> HashMap<em><</em>String, Object> params = new HashMap<em><</em>String, Object>(); </p> <p> <em>if the user does not want certificate validation at generating signature,he can add </em>P_VALIDATE_CERTIFICATE_BEFORE_SIGNING parameter with its value set to false <em>params.put(EParameters.P_VALIDATE_CERTIFICATE_BEFORE_SIGNING, false); </em>necessary for certificate validation.By default,certificate validation is done params.put(EParameters.P_CERT_VALIDATION_POLICY, TestConstants.getPolicy()); </p> <p> <em>By default, QC statement is checked,and signature wont be created if it is not a </em>qualified certificate. boolean checkQCStatement = TestConstants.getCheckQCStatement(); </p> <p> <em>Get qualified or non-qualified certificate. ECertificate cert = SmartCardManager.getInstance().getSignatureCertificate(checkQCStatement, !checkQCStatement); BaseSigner signer = SmartCardManager.getInstance().getSigner(TestConstants.getPIN(), cert); </em>add signer <em>Since the specified attributes are mandatory for bes,null is given as parameter </em>for optional attributes bs.addSigner(ESignatureType.TYPE_BES, cert , signer, null, params); </p> <p> SmartCardManager.getInstance().logout(); </p> <p> byte [] signedDocument = bs.getEncoded(); </p> <p> <em>write the contentinfo to file AsnIO.dosyayaz(signedDocument,TestConstants.getDirectory() + "testdata/BES-1.p7s"); </em><<em>/sxh> </em><<em>sxh csharp;title:C#> BaseSignedData bs = new BaseSignedData(); ISignable content = new SignableByteArray(ASCIIEncoding.ASCII.GetBytes("test")); bs.addContent(content); Dictionary</em><<em>String, Object> params_ = new Dictionary</em><<em>String, Object>(); </em>if the user does not want certificate validation at generating signature,he can add <em>P_VALIDATE_CERTIFICATE_BEFORE_SIGNING parameter with its value set to false params_[EParameters.P_VALIDATE_CERTIFICATE_BEFORE_SIGNING] = false; </em>necessary for certificate validation.By default,certificate validation is done params_[EParameters.P_CERT_VALIDATION_POLICY] = TestConstants.getPolicy(); </p> <p> <em>By default, QC statement is checked,and signature wont be created if it is not a </em>qualified certificate. </p> <p> bool checkQCStatement = TestConstants.getCheckQCStatement(); </p> <p> <em>Get qualified or non-qualified certificate. ECertificate cert = SmartCardManager.getInstance().getSignatureCertificate(checkQCStatement, !checkQCStatement); BaseSigner signer = SmartCardManager.getInstance().getSigner(TestConstants.getPIN(), cert); </em>add signer <em>Since the specified attributes are mandatory for bes,null is given as parameter </em>for optional attributes try { bs.addSigner(ESignatureType.TYPE_BES, cert, signer, null, params_); } catch (CertificateValidationException cve) { Console.WriteLine(cve.getCertStatusInfo().getDetailedMessage()); </p> <pre class="code"> } </pre><p> </p> <p> SmartCardManager.getInstance().logout(); </p> <p> byte[] signedDocument = bs.getEncoded(); </p> <p> <em>write the contentinfo to file DirectoryInfo di = Directory.CreateDirectory(TestConstants.getDirectory()+@"\testVerileri"); AsnIO.dosyayaz(signedDocument, di.FullName + @"\BES-1.p7s"); </em><<em>/sxh> ==== Signing an Already Signed Document ==== A document can be signed by more than one person. Multiple signatures can be in two forms: - Parallel Signature - Counter Signature === Parallel Signature === In this form, all signers sign the same data and all signatures are in the same level in the sign tree. All signatures are independent meaning that extraction of one signature does not affects the validity of the others. </em><<em>sxh java;title:Java> byte [] signature = AsnIO.dosyadanOKU(SIGNATURE_FILE); BaseSignedData bs = new BaseSignedData(signature); </em>create parameters necessary for signature creation HashMap<em><</em>String, Object> params = new HashMap<em><</em>String, Object>(); ValidationPolicy policy = PolicyReader.readValidationPolicy(new FileInputStream(POLICY_FILE)); params.put(EParameters.P_CERT_VALIDATION_POLICY, policy); /*necessary for certificate validation.By default,certificate validation is done.But if the user does not want certificate validation,he can add P_VALIDATE_CERTIFICATE_BEFORE_SIGNING parameter with its value set to false*/ </p> <p> <em>By default, QC statement is checked,and signature wont be created if it is not a </em>qualified certificate. boolean checkQCStatement = TestConstants.getCheckQCStatement(); </p> <p> <em>Get qualified or non-qualified certificate. ECertificate cert = SmartCardManager.getInstance().getSignatureCertificate(checkQCStatement, !checkQCStatement); BaseSigner signer = SmartCardManager.getInstance().getSigner(TestConstants.getPIN(), cert); </em>add signer. Since the specified attributes are mandatory for bes,null is given as parameter for <em>optional attributes bs.addSigner(ESignatureType.TYPE_BES, cert , signer, null, params); </em>write the contentinfo to file AsnIO.dosyayaz(bs.getEncoded(),NEW_SIGNATURE_ADDED_FILE); sc.logout(session); </p> <p> SmartCardManager.getInstance().logout(); <em><</em>/sxh> </p> <p> <em><</em>sxh csharp;title:C#> byte[] signature = AsnIO.dosyadanOKU(SIGNATURE_FILE); BaseSignedData bs = new BaseSignedData(signature); </p> <p> <em>create parameters necessary for signature creation Dictionary</em><<em>String, Object> params_ = new Dictionary</em><<em>String, Object>(); ValidationPolicy policy = PolicyReader.readValidationPolicy(new FileStream(POLICY_FILE, FileMode.Open, FileAccess.Read)); params_[EParameters.P_CERT_VALIDATION_POLICY] = policy; /*necessary for certificate validation.By default,certificate validation is done.But if the user does not want certificate validation,he can add P_VALIDATE_CERTIFICATE_BEFORE_SIGNING parameter with its value set to false*/ bool checkQCStatement = TestConstants.getCheckQCStatement(); </em>Get qualified or non-qualified certificate. ECertificate cert = SmartCardManager.getInstance().getSignatureCertificate(checkQCStatement, !checkQCStatement); BaseSigner signer = SmartCardManager.getInstance().getSigner(TestConstants.getPIN(), cert); </p> <p> <em>add signer. Since the specified attributes are mandatory for bes,null is given as parameter for </em>optional attributes bs.addSigner(ESignatureType.TYPE_BES, cert, signer, null, params_); </p> <p> <em>write the contentinfo to file AsnIO.dosyayaz(bs.getEncoded(), NEW_SIGNATURE_ADDED_FILE); SmartCardManager.getInstance().logout(); </em><<em>/sxh> === Counter Signature === It is signing another signature. Extracting a signature from a signed documents affects all of its counter signatures. The code below demonstrates adding a counter signature to the first signature in a document. </em><<em>sxh java;title:Java> byte [] signature = AsnIO.dosyadanOKU(SIGNATURE_FILE); BaseSignedData bs = new BaseSignedData(signature); </em>create parameters necessary for signature creation HashMap<em><</em>String, Object> params = new HashMap<em><</em>String, Object>(); ValidationPolicy policy = PolicyReader.readValidationPolicy(new FileInputStream(POLICY_FILE)); params.put(EParameters.P_CERT_VALIDATION_POLICY, policy); /*necessary for certificate validation.By default,certificate validation is done.But if the user does not want certificate validation,he can add P_VALIDATE_CERTIFICATE_BEFORE_SIGNING parameter with its value set to false*/ </p> <p> <em>By default, QC statement is checked,and signature wont be created if it is not a </em>qualified certificate. boolean checkQCStatement = TestConstants.getCheckQCStatement(); </p> <p> <em>Get qualified or non-qualified certificate. ECertificate cert = SmartCardManager.getInstance().getSignatureCertificate(checkQCStatement, !checkQCStatement); BaseSigner signer = SmartCardManager.getInstance().getSigner(TestConstants.getPIN(), cert); Signer firstSigner = bs.getSignerList().get(0); firstSigner.addCounterSigner(ESignatureType.TYPE_BES, cert , signer, null, params); </em>write the contentinfo to file AsnIO.dosyayaz(bs.getEncoded(),NEW_SIGNATURE_ADDED_FILE); SmartCardManager.getInstance().logout(); <em><</em>/sxh> </p> <p> <em><</em>sxh csharp;title:C#> byte[] signature = AsnIO.dosyadanOKU(SIGNATURE_FILE); BaseSignedData bs = new BaseSignedData(signature); </p> <p> <em>create parameters necessary for signature creation Dictionary</em><<em>String, Object> params_ = new Dictionary</em><<em>String, Object>(); ValidationPolicy policy = PolicyReader.readValidationPolicy(new FileStream(POLICY_FILE, FileMode.Open, FileAccess.Read)); params_[EParameters.P_CERT_VALIDATION_POLICY] = policy; /*necessary for certificate validation.By default,certificate validation is done.But if the user does not want certificate validation,he can add P_VALIDATE_CERTIFICATE_BEFORE_SIGNING parameter with its value set to false*/ bool checkQCStatement = TestConstants.getCheckQCStatement(); </em>Get qualified or non-qualified certificate. ECertificate cert = SmartCardManager.getInstance().getSignatureCertificate(checkQCStatement, !checkQCStatement); BaseSigner signer = SmartCardManager.getInstance().getSigner(TestConstants.getPIN(), cert); </p> <p> Signer firstSigner = bs.getSignerList()[0]; </p> <p> firstSigner.addCounterSigner(ESignatureType.TYPE_BES, cert, signer, null, params_); </p> <p> <em>write the contentinfo to file AsnIO.dosyayaz(bs.getEncoded(), NEW_SIGNATURE_ADDED_FILE); SmartCardManager.getInstance().logout(); </em><<em>/sxh> ==== Detached Signature ==== If the second parameter of <code>BaseSignedData.addContent(…)</code> is set to <code>false</code> then the created signature will be detached. Large files can not be signed as attached. This is because the atached signature creation operation requires the whole content to be signed takes place in the memory. </em><<em>sxh java;title:Java> BaseSignedData bs = new BaseSignedData(); File file = new File(MOVIE_FILE); ISignable signable = new SignableFile(file,2048); bs.addContent(signable,false); </em>create parameters necessary for signature creation HashMap<em><</em>String, Object> params = new HashMap<em><</em>String, Object>(); </p> <p> ValidationPolicy policy = PolicyReader.readValidationPolicy(new FileInputStream(POLICY_FILE)); params.put(EParameters.P_CERT_VALIDATION_POLICY, policy); </p> <p> <em>By default, QC statement is checked,and signature wont be created if it is not a </em>qualified certificate. boolean checkQCStatement = TestConstants.getCheckQCStatement(); </p> <p> <em>Get qualified or non-qualified certificate. ECertificate cert = SmartCardManager.getInstance().getSignatureCertificate(checkQCStatement, !checkQCStatement); BaseSigner signer = SmartCardManager.getInstance().getSigner(TestConstants.getPIN(), cert); bs.addSigner(ESignatureType.TYPE_BES, cert, signer, null, params); AsnIO.dosyayaz(bs.getEncoded(), SIGNATURE_FILE); SmartCardManager.getInstance().logout(); </em><<em>/sxh> </em><<em>sxh csharp;title:C#> BaseSignedData bs = new BaseSignedData(); FileInfo file = new FileInfo(MOVIE_FILE); ISignable signable = new SignableFile(file, 2048); bs.addContent(signable, false); </em>create parameters necessary for signature creation Dictionary<em><</em>String, Object> params_ = new Dictionary<em><</em>String, Object>(); </p> <p> ValidationPolicy policy = PolicyReader.readValidationPolicy(new FileStream(POLICY_FILE, FileMode.Open, FileAccess.Read)); params_[EParameters.P_CERT_VALIDATION_POLICY] = policy; </p> <p> bool checkQCStatement = TestConstants.getCheckQCStatement(); </p> <p> <em>Get qualified or non-qualified certificate. ECertificate cert = SmartCardManager.getInstance().getSignatureCertificate(checkQCStatement, !checkQCStatement); BaseSigner signer = SmartCardManager.getInstance().getSigner(TestConstants.getPIN(), cert); bs.addSigner(ESignatureType.TYPE_BES, cert, signer, null, params_); AsnIO.dosyayaz(bs.getEncoded(), SIGNATURE_FILE); SmartCardManager.getInstance().logout(); </em><<em>/sxh> === Converting a Detached Signature To an Attached Signature === Detached signature can be converted into attached signature by using the function <code>attachExternalContent</code> and passing the signed content as a parameter. </em><<em>sxh java;title:Java> byte[] input = AsnIO.dosyadanOKU(AYRIK_IMZA); BaseSignedData bs = new BaseSignedData(input); File file = new File(IMZALANAN_ICERIK); ISignable signable = new SignableFile(file,2048); bs.attachExternalContent(signable); </em><<em>/sxh> </em><<em>sxh csharp;title:C#> byte[] input = AsnIO.dosyadanOKU(AYRIK_IMZA); BaseSignedData bs = new BaseSignedData(input); FileInfo file = new FileInfo(IMZALANAN_ICERIK); ISignable signable = new SignableFile(file, 2048); bs. attachExternalContent(signable); </em><<em>/sxh> </p> </div>