Download - Svetlin Nakov
Download - Svetlin Nakov
Download - Svetlin Nakov
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
}<br />
// Check if the private key is available<br />
PrivateKey privateKey = privateKeyAndCertChain.mPrivateKey;<br />
if (privateKey == null) {<br />
String errorMessage = "Can not find the private key on the smart card.";<br />
throw new DocumentSignException(errorMessage);<br />
}<br />
// Check if X.509 certification chain is available<br />
Certificate[] certChain = privateKeyAndCertChain.mCertificationChain;<br />
if (certChain == null) {<br />
String errorMessage = "Can not find the certificate on the smart card.";<br />
throw new DocumentSignException(errorMessage);<br />
}<br />
// Create the result object<br />
CertificationChainAndSignatureBase64 signingResult =<br />
new CertificationChainAndSignatureBase64();<br />
// Save X.509 certification chain in the result encoded in Base64<br />
try {<br />
signingResult.mCertificationChain=encodeX509CertChainToBase64(certChain);<br />
}<br />
catch (CertificateException cee) {<br />
String errorMessage = "Invalid certificate on the smart card.";<br />
throw new DocumentSignException(errorMessage);<br />
}<br />
// Calculate the digital signature of the file,<br />
// encode it in Base64 and save it in the result<br />
try {<br />
byte[] digitalSignature = signDocument(aDocumentToSign, privateKey);<br />
signingResult.mSignature = Base64Utils.base64Encode(digitalSignature);<br />
} catch (GeneralSecurityException gsex) {<br />
String errorMessage = "File signing failed.\n" +<br />
"Problem details: " + gsex.getMessage();<br />
throw new DocumentSignException(errorMessage, gsex);<br />
}<br />
}<br />
return signingResult;<br />
/**<br />
* Loads the keystore from the smart card using its PKCS#11 implementation<br />
* library and the Sun PKCS#11 security provider. The PIN code for accessing<br />
* the smart card is required.<br />
*/<br />
private KeyStore loadKeyStoreFromSmartCard(String aPKCS11LibraryFileName,<br />
String aSmartCardPIN)<br />
throws GeneralSecurityException, IOException {<br />
// First configure the Sun PKCS#11 provider. It requires a stream (or file)<br />
// containing the configuration parameters - "name" and "library".<br />
String pkcs11ConfigSettings =<br />
"name = SmartCard\n" + "library = " + aPKCS11LibraryFileName;<br />
byte[] pkcs11ConfigBytes = pkcs11ConfigSettings.getBytes();<br />
ByteArrayInputStream confStream =<br />
new ByteArrayInputStream(pkcs11ConfigBytes);<br />
// Instantiate the provider dynamically with Java reflection<br />
try {<br />
Class sunPkcs11Class = Class.forName(SUN_PKCS11_PROVIDER_CLASS);<br />
Constructor pkcs11Con = sunPkcs11Class.getConstructor(<br />
java.io.InputStream.class);<br />
99