Commit cef4c4ae authored by Lukas Hameury's avatar Lukas Hameury
Browse files

Add a new library and new method for pkcs1 signature for windows OS

parent a391929b
......@@ -4,6 +4,7 @@ Class-Path: lib/xom-1.2.10.jar
lib/xmlsec-1.4.6.jar
lib/commons-httpclient-3.1.jar
lib/commons-ssl-0.3.0.jar
lib/commons-lang-2.6.jar
lib/bcpkix-jdk15on-150.jar
lib/bcprov-jdk15on-150.jar
lib/iaikPkcs11Wrapper.jar
......
......@@ -40,6 +40,7 @@ file.reference.iaikPkcs11Wrapper.jar=lib/iaikPkcs11Wrapper.jar
file.reference.libpkcs11wrapper.jnilib.jar=lib/libpkcs11wrapper.jnilib.jar
file.reference.xmlsec-1.4.6.jar=lib/xmlsec-1.4.6.jar
file.reference.xom-1.2.10.jar=lib/xom-1.2.10.jar
file.reference.commons-lang-2.6.jar=lib/commons-lang-2.6.jar
includes=**
jar.archive.disabled=${jnlp.enabled}
jar.compress=true
......@@ -49,6 +50,7 @@ javac.classpath=\
${file.reference.xmlsec-1.4.6.jar}:\
${file.reference.commons-httpclient-3.1.jar}:\
${file.reference.commons-ssl-0.3.0.jar}:\
${file.reference.commons-lang-2.6.jar}:\
${file.reference.bcpkix-jdk15on-150.jar}:\
${file.reference.bcprov-jdk15on-150.jar}:\
${file.reference.iaikPkcs11Wrapper.jar}:\
......
......@@ -59,7 +59,7 @@ public class ListCertsAction {
obj.put("nonce", "applet");
obj.put("result", "ok");
List<Map<String, Object>> arrayCerts = new ArrayList<Map<String, Object>>();
List<String> arrayCerts = new ArrayList<String>();
for (Certificate cert : certs) {
X509Certificate cer = (X509Certificate) cert;
Map<String, Object> certDetail = new HashMap<String, Object>();
......@@ -95,7 +95,7 @@ public class ListCertsAction {
certDetail.put("VERIFIEDWITH", new ArrayList<String>());
certDetail.put("PUBKEY", Base64.encodeBytes(cert.getEncoded()));
arrayCerts.add(certDetail);
arrayCerts.add(JSONUtils.mapToJSONString(certDetail));
}
obj.put("certs", arrayCerts);
......
......@@ -4,8 +4,11 @@ import coop.libriciel.model.SignCertificate;
import coop.libriciel.util.JSONUtils;
import coop.libriciel.util.StringUtils;
import org.adullact.parapheur.applets.splittedsign.Base64;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.reflect.MethodUtils;
import java.io.IOException;
import java.lang.reflect.Method;
import java.security.*;
import java.util.ArrayList;
import java.util.HashMap;
......@@ -17,21 +20,25 @@ public class SignAction {
return AccessController.doPrivileged(new PrivilegedAction<String>() {
@Override
public String run() {
Map<String, Object> signs = new HashMap<String, Object>();
List<String> signs = new ArrayList<String>();
for (int i = 0; i < jsonDataToSign.size(); i++) {
String toSign = jsonDataToSign.get(i);
List<String> finalToSign = new ArrayList<String>();
for(String tmpToSign: toSign.split(",")) {
try {
finalToSign.add(doSign(Base64.decode(tmpToSign), signingObj.getPrivateKey()));
if(tmpToSign.startsWith("pkcs1:")) {
finalToSign.add(doSignPKCS1(Base64.decode(tmpToSign.substring(6)), signingObj.getPrivateKey()));
} else {
finalToSign.add(doSign(Base64.decode(tmpToSign), signingObj.getPrivateKey()));
}
} catch(Exception e) {
e.printStackTrace();
throw new RuntimeException("Cannot sign document, see erro log", e);
throw new RuntimeException("Cannot sign document, see error log", e);
}
}
signs.put(String.valueOf(i), StringUtils.join(",", finalToSign));
signs.add(StringUtils.join(",", finalToSign));
}
return JSONUtils.mapToJSONString(signs);
return JSONUtils.arrayToJSONString(signs, true);
}
});
......@@ -53,4 +60,37 @@ public class SignAction {
byte[] signature = sig.sign();
return Base64.encodeBytes(signature);
}
public static String doSignPKCS1(byte[] bytesToSign, PrivateKey privateKey) throws Exception {
System.out.println(System.getProperty("os.name"));
if (System.getProperty("os.name").startsWith("Windows")) {
try {
// Obtain the handles
long hCryptKey = (Long) MethodUtils.invokeMethod(privateKey, "getHCryptKey", null);
long hCryptProvider = (Long)MethodUtils.invokeMethod(privateKey, "getHCryptProvider", null);
// Call the internal native method
Class<?> internalClass = Class.forName("sun.security.mscapi.RSASignature");
Method internalSignHashMethod = internalClass.getDeclaredMethod("signHash", boolean.class, byte[].class, int.class, String.class, long.class, long.class);
internalSignHashMethod.setAccessible(true);
byte[] res = (byte[])internalSignHashMethod.invoke(internalClass, false, bytesToSign, bytesToSign.length, "SHA-256", hCryptProvider, hCryptKey);
ArrayUtils.reverse(res); // Make it big endian
return Base64.encodeBytes(res);
} catch(Exception e) {
e.printStackTrace();
throw e;
}
} else {
Signature sig;
if (privateKey instanceof java.security.interfaces.RSAPrivateKey) {
sig = Signature.getInstance("NONEWithRSA", "BC");
} else {
sig = Signature.getInstance("NONEwithRSA", "SunRsaSign");
}
sig.initSign(privateKey);
sig.update(bytesToSign);
byte[] signature = sig.sign();
return Base64.encodeBytes(signature);
}
}
}
......@@ -22,7 +22,7 @@ public class JSONUtils {
if(entry.getValue() instanceof String) {
result.append("\"").append(entry.getValue()).append("\"");
} else if(entry.getValue() instanceof List) {
result.append(arrayToJSONString((List<String>) entry.getValue()));
result.append(arrayToJSONString((List<String>) entry.getValue(), false));
} else if(entry.getValue() instanceof Long) {
result.append(entry.getValue());
} else if(entry.getValue() instanceof Map) {
......@@ -37,15 +37,19 @@ public class JSONUtils {
return Arrays.asList(json.replace("[", "").replace("]", "").split(","));
}
public static String arrayToJSONString(List<String> array) {
public static String arrayToJSONString(List<String> array, boolean isOnlyString) {
StringBuilder result = new StringBuilder("[");
boolean isFirst = true;
for(String entry: array) {
if(isFirst) {
result.append(entry);
isFirst = false;
} else {
result.append(",").append(entry);
result.append(",");
}
if(isOnlyString) {
result.append("\"").append(entry).append("\"");
} else {
result.append(entry);
}
}
result.append("]");
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment