Download - Svetlin Nakov

More documents

Recommendations

Info

} "Unable to access the local file system.\n" + "This applet should be started with full security permissions.\n" + "Please accept to trust this applet when the Java Plug-In ask you."); } catch (JSException jse) { jse.printStackTrace(); JOptionPane.showMessageDialog(this, "Unable to access some of the fields in the\n" + "HTML form. Please check applet parameters."); } catch (Exception e) { e.printStackTrace(); JOptionPane.showMessageDialog(this, "Unexpected error: "+e.getMessage()); } /** * Signs given local file. The certification chain and private key to be used for * signing are specified by the local user who choose a PFX file and password for * accessing it. * @param aFileName the name of the file to be signed. * @return the digital signature of the given file and the certification chain of * the certificate used for signing the file, both Base64-encoded or null if the * signing process is canceled by the user. * @throws DocumentSignException when a problem arise during the singing process * (e.g. invalid file format, invalid certificate, invalid password, etc.) */ private CertificationChainAndSignatureInBase64 signFile(String aFileName) throws DocumentSignException { // Load the file for signing byte[] documentToSign = null; try { documentToSign = readFileInByteArray(aFileName); } catch (IOException ioex) { String errorMsg = "Can not read the file for signing " + aFileName + "."; throw new DocumentSignException(errorMsg, ioex); } // Show a dialog for selecting PFX file and password CertificateFileAndPasswordDialog certFileAndPasswdDlg = new CertificateFileAndPasswordDialog(); if (certFileAndPasswdDlg.run()) { // Load the keystore from specified file using the specified password String keyStoreFileName = certFileAndPasswdDlg.getCertificateFileName(); if (keyStoreFileName.length() == 0) { String errorMessage = "It is mandatory to select a certificate " + "keystore (.PFX or .P12 file)!"; throw new DocumentSignException(errorMessage); } String password = certFileAndPasswdDlg.getCertificatePassword(); KeyStore userKeyStore = null; try { userKeyStore = loadKeyStoreFromPFXFile(keyStoreFileName, password); } catch (Exception ex) { String errorMessage = "Can not read certificate keystore file (" + keyStoreFileName + ").\nThe file is either not in PKCS#12 format" + " (.P12 or .PFX) or is corrupted or the password is invalid."; throw new DocumentSignException(errorMessage, ex); } // Get the private key and its certification chain from the keystore PrivateKeyAndCertChain privateKeyAndCertChain = null; 78
try { privateKeyAndCertChain = getPrivateKeyAndCertChain(userKeyStore, password); } catch (GeneralSecurityException gsex) { String errorMessage = "Can not extract certification chain and " + "corresponding private key from the specified keystore file " + "with given password. Probably the password is incorrect."; throw new DocumentSignException(errorMessage, gsex); } // Check if a private key is available in the keystore PrivateKey privateKey = privateKeyAndCertChain.mPrivateKey; if (privateKey == null) { String errorMessage = "Can not find the private key in the " + "specified file " + keyStoreFileName + "."; throw new DocumentSignException(errorMessage); } // Check if X.509 certification chain is available Certificate[] certChain = privateKeyAndCertChain.mCertificationChain; if (certChain == null) { String errorMessage = "Can not find neither certificate nor " + "certification chain in the file " + keyStoreFileName + "."; throw new DocumentSignException(errorMessage); } // Create the result object CertificationChainAndSignatureInBase64 signingResult = new CertificationChainAndSignatureInBase64(); // Save X.509 certification chain in the result encoded in Base64 try { signingResult.mCertChain = encodeX509CertChainToBase64(certChain); } catch (CertificateException cee) { String errorMessage = "Invalid certification chain found in the " + "file " + keyStoreFileName + "."; throw new DocumentSignException(errorMessage); } // Calculate the digital signature of the file, // encode it in Base64 and save it in the result try { byte[] signature = signDocument(documentToSign, privateKey); signingResult.mSignature = Base64Utils.base64Encode(signature); } catch (GeneralSecurityException gsex) { String errorMessage = "Error signing file " + aFileName + "."; throw new DocumentSignException(errorMessage, gsex); } } // Document signing completed succesfully return signingResult; } else { // Document signing canceled by the user return null; } /** * Loads a keystore from .PFX or .P12 file (file format should be PKCS#12) * using given keystore password. */ 79
Page 2 and 3:
Java за цифрово подпи
Page 4 and 5:
НАЦИОНАЛНА АКАДЕМИ
Page 6 and 7:
Съдържание СЪДЪРЖА
Page 8 and 9:
Увод Настоящата ра
Page 10 and 11:
сървърът има довер
Page 12 and 13:
Page 14 and 15:
обратното. Това пра
Page 16 and 17:
Цифрово подписване
Page 18 and 19:
Фигура 1-2. Верифика
Page 20 and 21:
независима страна,
Page 22 and 23:
(транзитивно). Техн
Page 24 and 25:
това лице (име, орга
Page 26 and 27:
В света на цифроват
Page 28 and 29: Саморъчно подписан
Page 30 and 31: Тя започва от серти
Page 32 and 33: Хранилищата са защ
Page 34 and 35: Издаване на сертиф
Page 36 and 37: По подразбиране пр
Page 38 and 39: Фигура 1-11. Списък с
Page 40 and 41: Закупуване на цифр
Page 42 and 43: .NET Windows Forms контрола
Page 44 and 45: Фигура 1-13. Подписан
Page 46 and 47: Предимство на тази
Page 48 and 49: Java аплетите и сигур
Page 50 and 51: Глава 2. Цифрови под
Page 52 and 53: java.security.KeyStore Класът
Page 54 and 55: certFactory.generateCertificate(str
Page 56 and 57: java.security.cert.TrustAnchor Кл
Page 58 and 59: Преди извикване на
Page 60 and 61: Използване на Sun PKCS#
Page 62 and 63: НАЦИОНАЛНА АКАДЕМИ
Page 64 and 65: - DocumentSigningDemoWebApp - Java-
Page 66 and 67: Тази команда подпи
Page 68 and 69: Стандартно Java апле
Page 70 and 71: Процесът на подпис
Page 72 and 73: Директна верификац
Page 74 and 75: Глава 4. NakovDocumentSigner -
Page 76 and 77: * The applet asks the user to locat
Page 80 and 81: private KeyStore loadKeyStoreFromPF
Page 82 and 83: import java.awt.event.*; import jav
Page 84 and 85: * Called when the browse button is
Page 86 and 87: ** * File filter class, intended to
Page 88 and 89: Skip padding from the end of encode
Page 90 and 91: след кодиране с Base64
Page 92 and 93: Важно е да не из
Page 94 and 95: Сертификати за тес
Page 96 and 97: * All rights reserved. This code is
Page 98 and 99: new PKCS11LibraryFileAndPINCodeDial
Page 100 and 101: Provider pkcs11Provider = (Provider
Page 102 and 103: import java.awt.*; import java.awt.
Page 104 and 105: ** * Called when the "Browse" butto
Page 106 and 107: } } return mResult; /** * File filt
Page 108 and 109: Резултатът от изпъ
Page 110 and 111: Фигура 4-3. Java Plug-In 1.5
Page 112 and 113: За директната пров
Page 114 and 115: Document signing apple
Page 116 and 117: scriptable="true" fileNameField="up
Page 118 and 119: * * Copyright (c) 2003 by Svetlin N
Page 120 and 121: displayFileInfo(mReceivedFile, mRec
Page 122 and 123: * and displays the verification res
Page 124 and 125: Read all X.509 certificate files on
Page 126 and 127: Фигура 4-7. Резултат
Page 128 and 129:
InputStream aCertStream) throws Gen
Page 130 and 131:
Create a set of trust anchors from
Page 132 and 133:
web.xml action org.apache.strut
Page 134 and 135:

Page 136 and 137:
Page 138 and 139:
на удостоверителни
Page 140 and 141:
Page 142 and 143:
тите, инсталирани в
Page 144:
14. [MSDN WinForms] MSDN Library: D
show all

Download - Svetlin Nakov

Create successful ePaper yourself

Delete template?

Save as template?