ESYAE-imza Kütüphaneleri

User Tools

Site Tools


en:esya:asic:eimza-asic-kutuphanesi

ASiC Signature API

ASiC signature packages as decribed in ETSI TS 102 918 can be created by using ESYA ASiC Signature API. By using this structure, one ore more signature, signed data and validation data can be bundled into a single zip file.

Requirements

ASiC Signature API requires the licence file, certificate validation policy file and certificate store file. CAdES or XAdES API is also required according to the signature format used in the ASiC package..

For qualified signatures, use of a secure hardware is compulsory. Usually, smartcards are used for this purpose. To access smartcard, the driver for the smartcard reader and the smartcard must be set up in the target machine. A utility application to view the contents of smartcard can be obtained from card manufacturers.

Concepts

Package Type

public enum PackageType
{
    ASiC_S,
    ASiC_E 
}
Basit (ASIC_S) Single signature and single data.
Extended (ASIC_E) One or more signature and one or more data. Single signature for multiple data may also exist.

Key Interfaces and Design

SignaturePackageFactory

It contains static methods used for signature creation.

SignaturePackage

It represents the ZIP structure containing SignatureContainer and signed data. For the interfaces SignatureContainer, Signature, and Signable, see Common Signature API.

API Usage

A Simple Package Creation

Context c = new Context();
SignatureFormat format = SignatureFormat.CAdES; // Can also be SignatureFormat.XAdES

SignaturePackage signaturePackage = SignaturePackageFactory
    .createPackage(c, PackageType.ASiC_S, format);

// Add data to be signed
Signable inPackage = signaturePackage.addData(new SignableFile(dataFile, "text/plain"), "sample.txt");
SignatureContainer container = signaturePackage.createContainer();
Signature signature = container.createSignature(CERTIFICATE);

// Add data to be signed(false=data is not included in the signature) 
signature.addContent(inPackage, false);
signature.sign(SIGNER);

// write the package
signaturePackage.write(new FileOutputStream(fileName));

Multiple signatures

// read package from file
SignaturePackage sp = SignaturePackageFactory.readPackage(new Context(), inputFile);

// create new container in package
SignatureContainer sc = sp.createContainer();
// create new signature in container
Signature s = sc.createSignature(CERTIFICATE);

// get signable from package
s.addContent(sp.getDatas().get(0), false);
s.sign(SIGNER);

// write
sp.write(new FileOutputStream(outFileName));

Verification

// read package from file
SignaturePackage sp = SignaturePackageFactory.readPackage(new Context(), inputFile);

// verify
PackageValidationResult pvr = sp.verifyAll();

// check result
assert pvr.getResultType() == PackageValidationResultType.ALL_VALID;

Signature Upgrade

// read package from file 
Context c = new Context();
SignaturePackage sp = SignaturePackageFactory.readPackage(c, new File(fileName));

// get first signature container
SignatureContainer sc = signaturePackage.getContainers().get(0);

// get first signature in container
Signature signature = sc.getSignatures().get(0);

// upgrade
signature.upgrade(SignatureType.ES_T);

signaturePackage.write(new FileOutputStream(outFileName));

For more examples, see Common Signature API. The codes listed here are kept short for the sake of readability. You can also check here.

en/esya/asic/eimza-asic-kutuphanesi.txt · Son değiştirilme: 2013/09/11 08:26 Değiştiren: Dindar Öz