ESYAE-imza Kütüphaneleri

Bu sayfa salt okunur. Kaynağı görebilirsiniz ama değiştiremezsiniz. Bunun yanlış olduğunu düşünüyorsanız yöneticiye danışın.

<h1>Multiple Signatures</h1> <div class="level1"> <p> As in paper documents, it is possible for a digital document signed by more than one person. The samples codes listed here is in the package<code>tr.gov.tubitak.uekae.esya.api.xades.example.multiple</code>. </p> <p> <code>esya.api.xmlsignature.SignedDocument.java</code> is created to easily manage multiple signatures. Please first examine this class carefully. It simply creates a signed document in XML format, that can contain one or more signatures. </p> <p> <em><</em>sxh xml> <em><</em>?xml version="1.0" encoding="UTF-8" ?> <em><</em>ma3:envelope xmlns:ma3="http:<em>uekae.tubitak.gov.tr/xml/signature#" xmlns:ds="http:</em><a href="http://www.w3.org/2000/09/xmldsig#"&gt" class="urlextern" title="http://www.w3.org/2000/09/xmldsig#"&gt" rel="nofollow">www.w3.org/2000/09/xmldsig#"&gt</a>; </p> <pre class="code"> &lt;ma3:data&gt; &lt;ma3:data-item&gt;...&lt;/ma3:data-item&gt; &lt;ma3:data-item&gt;...&lt;/ma3:data-item&gt; ... &lt;ma3:data&gt; &lt;ma3:signatures&gt; &lt;ds:signature&gt;...&lt;/ds:signature&gt; &lt;ds:signature&gt;...&lt;/ds:signature&gt; ... &lt;/ma3:signatures&gt; </pre><p> </p> <p> <em><</em>/ma3:envelope> <em><</em>/sxh> </p> </div> <h2>Parallel Signature</h2> <div class="level2"> <p> They are independent signature in the same document. In the code below, the data to be signed is added to the signed document first, then two parallel signatures are created.See <code>ParallelEnveloped</code>. </p> <p> <em><</em>sxh java> Context context = createContext(); </p> <p> SignedDocument signatures = new SignedDocument(context); </p> <p> Document doc = Resolver.resolve("./sample.txt", context); String fragment = signatures.addDocument(doc); </p> <p> XMLSignature signature1 = signatures.createSignature(); </p> <p> <em> add document as inner reference signature1.addDocument("#"+fragment, "text/plain", false); signature1.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256); </em> false-true gets non-qualified certificates while true-false gets qualified ones X509Certificate cert = JSmartCardManager.getInstance().getSignatureCertificate(true, false); </p> <p> <em> add certificate to show who signed the document signature1.addKeyInfo(new ECertificate(cert.getEncoded())); </em> now sign it by using smart card signature1.sign(JSmartCardManager.getInstance().getSigner(PIN, cert)); </p> <p> XMLSignature signature2 = signatures.createSignature(); </p> <p> <em> add document as inner reference signature2.addDocument("#"+fragment, "text/plain", false); signature2.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256); </em> add certificate to show who signed the document signature2.addKeyInfo(new ECertificate(cert.getEncoded())); </p> <p> <em> now sign it by using smart card signature2.sign(JSmartCardManager.getInstance().getSigner(PIN, cert)); </em> write combined document signatures.write(new FileOutputStream(BASE_DIR + SIGNATURE_FILENAME)); <em><</em>/sxh> </p> <p> Here is an example for creating parallel detached signatures, signing external data. The codes are in <code>ParallelDetached</code>. </p> <p> <em><</em>sxh java> Context context = createContext(); </p> <p> SignedDocument signatures = new SignedDocument(context); </p> <p> XMLSignature signature1 = signatures.createSignature(); </p> <p> <em> add document as reference, but do not embed it </em> into the signature (embed=false) signature1.addDocument("./sample.txt", "text/plain", false); </p> <p> signature1.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256); </p> <p> <em> false-true gets non-qualified certificates while true-false gets qualified ones X509Certificate cert = JSmartCardManager.getInstance().getSignatureCertificate(true, false); </em> add certificate to show who signed the document signature1.addKeyInfo(new ECertificate(cert.getEncoded())); </p> <p> <em> now sign it by using smart card signature1.sign(JSmartCardManager.getInstance().getSigner(PIN, cert)); XMLSignature signature2 = signatures.createSignature(); </em> add document as reference, but do not embed it <em> into the signature (embed=false) signature2.addDocument("./sample.txt", "text/plain", false); signature2.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256); </em> add certificate to show who signed the document signature2.addKeyInfo(new ECertificate(cert.getEncoded())); </p> <p> <em> now sign it by using smart card signature2.sign(JSmartCardManager.getInstance().getSigner(PIN, cert)); </em> write combined document signatures.write(new FileOutputStream(BASE_DIR + SIGNATURE_FILENAME)); <em><</em>/sxh> </p> <p> Note that the only difference is the use of reference to the data instead of the data itself in <code>XMLSignature</code>. </p> </div> <h2>Counter Signature</h2> <div class="level2"> <p> It is the signature of another signature. In the example below, the creation of a counter signature over an existing signature is listed. The codes are in <code>CounterDetached</code>. </p> <p> <em><</em>sxh java> Context context = createContext(); </p> <p> <em> read previously created signature, you need to run Detached.java first Document doc = Resolver.resolve(Detached.SIGNATURE_FILENAME, context); XMLSignature signature = XMLSignature.parse(doc, context); </em> create counter signature XMLSignature counterSignature = signature.createCounterSignature(); </p> <p> counterSignature.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256); </p> <p> <em> false-true gets non-qualified certificates while true-false gets qualified ones X509Certificate cert = JSmartCardManager.getInstance().getSignatureCertificate(true, false); </em> add certificate to show who signed the document counterSignature.addKeyInfo(new ECertificate(cert.getEncoded())); </p> <p> <em> now sign it by using smart card counterSignature.sign(JSmartCardManager.getInstance().getSigner(PIN, cert)); </em> signature contains itself and counter signature signature.write(new FileOutputStream(BASE_DIR + SIGNATURE_FILENAME)); <em><</em>/sxh> </p> <p> Now take a look at a more complex scenario in which a counter signature is added to a document that has two parallel signatures. The codes are in <code>CounterParallel</code>. </p> <p> <em><</em>sxh java> Context context = createContext(); </p> <p> <em> read previously created signature Document signatureFile = Resolver.resolve(ParallelDetached.SIGNATURE_FILENAME, context); SignedDocument signedDocument = new SignedDocument(signatureFile, context); </em> get first signature XMLSignature signature = signedDocument.getSignature(0); </p> <p> <em> create counter signature to the first one XMLSignature counterSignature = signature.createCounterSignature(); counterSignature.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256); </em> false-true gets non-qualified certificates while true-false gets qualified ones X509Certificate cert = JSmartCardManager.getInstance().getSignatureCertificate(true, false); </p> <p> <em> add certificate to show who signed the document counterSignature.addKeyInfo(new ECertificate(cert.getEncoded())); </em> now sign it by using smart card counterSignature.sign(JSmartCardManager.getInstance().getSigner(PIN, cert)); </p> <p> <em> signed doc contains both previous signature and now a counter signature </em> in first signature signedDocument.write(new FileOutputStream(BASE_DIR + SIGNATURE_FILENAME)); <em><</em>/sxh> </p> <p> Similar to the previous example,except the parallel signatures contained in the SignedDocument. </p> </div>