Skip to content

Commit

Permalink
ASiC-S TimeStamp creation support
Browse files Browse the repository at this point in the history
IB-8181

Signed-off-by: Raul Metsma <raul@metsma.ee>
  • Loading branch information
metsma committed Dec 16, 2024
1 parent e7bbc30 commit f42fc03
Show file tree
Hide file tree
Showing 7 changed files with 41 additions and 14 deletions.
31 changes: 22 additions & 9 deletions src/ASiC_S.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,11 @@

#include "SignatureTST.h"
#include "SignatureXAdES_LTA.h"
#include "crypto/Signer.h"
#include "util/algorithm.h"
#include "util/File.h"
#include "util/log.h"

#include <algorithm>
#include <sstream>

using namespace digidoc;
Expand All @@ -45,10 +46,6 @@ ASiC_S::ASiC_S(const string &path)
: ASiContainer(MIMETYPE_ASIC_S)
{
auto z = load(path, false, {mediaType()});
auto starts_with = [](string_view str, string_view needle) constexpr {
return str.size() >= needle.size() && str.compare(0, needle.size(), needle) == 0;
};

for(const string &file: z.list())
{
if(file == "mimetype")
Expand Down Expand Up @@ -87,9 +84,21 @@ ASiC_S::ASiC_S(const string &path)
THROW("ASiC-S container does not contain any signatures.");
}

unique_ptr<Container> ASiC_S::createInternal(const string & /*path*/)
void ASiC_S::addDataFileChecks(const string &fileName, const string &mediaType)
{
ASiContainer::addDataFileChecks(fileName, mediaType);
if(!dataFiles().empty())
THROW("Can not add document to ASiC-S container which already contains a document.");
}

unique_ptr<Container> ASiC_S::createInternal(const string &path)
{
return {};
if(!util::File::fileExtension(path, {"asics", "scs"}))
return {};
DEBUG("ASiC_S::createInternal(%s)", path.c_str());
auto doc = unique_ptr<ASiC_S>(new ASiC_S());
doc->zpath(path);
return doc;
}

void ASiC_S::addAdESSignature(istream & /*signature*/)
Expand Down Expand Up @@ -124,9 +133,13 @@ void ASiC_S::save(const ZipSerialize &s)
s.addFile("META-INF/timestamp.tst", zproperty("META-INF/timestamp.tst"))(static_cast<SignatureTST*>(list.front())->save());
}

Signature *ASiC_S::sign(Signer * /*signer*/)
Signature *ASiC_S::sign(Signer *signer)
{
THROW("Not implemented.");
if(signer->profile() != ASIC_TST_PROFILE)
THROW("ASiC-S container supports only TimeStampToken signing.");
if(!signatures().empty())
THROW("ASiC-S container supports only one TimeStampToken signature.");
return addSignature(make_unique<SignatureTST>(this, signer));
}

/**
Expand Down
1 change: 1 addition & 0 deletions src/ASiC_S.h
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ namespace digidoc
ASiC_S(const std::string &path);
DISABLE_COPY(ASiC_S);

void addDataFileChecks(const std::string &path, const std::string &mediaType) override;
void canSave() final;
void save(const ZipSerialize &s) final;

Expand Down
10 changes: 10 additions & 0 deletions src/SignatureTST.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
#include "ASiC_S.h"
#include "DataFile_p.h"
#include "crypto/Digest.h"
#include "crypto/Signer.h"
#include "crypto/TS.h"
#include "crypto/X509Cert.h"
#include "util/DateTime.h"
Expand All @@ -35,6 +36,15 @@ SignatureTST::SignatureTST(const string &data, ASiC_S *asicSDoc)
, timestampToken(make_unique<TS>((const unsigned char*)data.data(), data.size()))
{}

SignatureTST::SignatureTST(ASiC_S *asicSDoc, Signer *signer)
: asicSDoc(asicSDoc)
{
auto *dataFile = static_cast<DataFilePrivate*>(asicSDoc->dataFiles().front());
Digest digest;
dataFile->digest(digest);
timestampToken = make_unique<TS>(digest, signer->userAgent());
}

SignatureTST::~SignatureTST() = default;

X509Cert SignatureTST::TimeStampCertificate() const
Expand Down
1 change: 1 addition & 0 deletions src/SignatureTST.h
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ class SignatureTST final: public Signature
{
public:
SignatureTST(const std::string &data, ASiC_S *asicSDoc);
SignatureTST(ASiC_S *asicSDoc, Signer *signer);
~SignatureTST();

std::vector<unsigned char> messageImprint() const override;
Expand Down
8 changes: 5 additions & 3 deletions src/crypto/Signer.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
#include "Signer.h"

#include "ASiC_E.h"
#include "ASiC_S.h"
#include "Conf.h"
#include "crypto/Digest.h"
#include "crypto/X509Cert.h"
Expand All @@ -38,7 +39,7 @@ class Signer::Private
{
public:
optional<string> method;
string profile = "time-stamp";
string profile{ASiC_E::ASIC_TS_PROFILE};
string userAgent;
string city, streetAddress, stateOrProvince, postalCode, countryName;
vector<string> signerRoles;
Expand Down Expand Up @@ -181,9 +182,10 @@ void Signer::setProfile(const string &profile)
{"TSA", ASiC_E::ASIC_TSA_PROFILE},
{ASiC_E::ASIC_TS_PROFILE, ASiC_E::ASIC_TS_PROFILE},
{ASiC_E::ASIC_TSA_PROFILE, ASiC_E::ASIC_TSA_PROFILE},
{ASiC_S::ASIC_TST_PROFILE, ASiC_S::ASIC_TST_PROFILE},
{"time-stamp-token", ASiC_S::ASIC_TST_PROFILE}
};
if(auto it = std::find_if(profiles.cbegin(), profiles.cend(), [&profile](const auto &elem) { return elem.first == profile; });
it != profiles.cend())
if(auto it = profiles.find(profile); it != profiles.cend())
d->profile = it->second;
else
THROW("Unsupported profile: %s", profile.c_str());
Expand Down
2 changes: 1 addition & 1 deletion src/digidoc-tool.1.cmake
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ Command websign:
Command sign:
Example: digidoc-tool sign demo-container.asice
Available options:
--profile= - signature profile, TS, TSA, time-stamp, time-stamp-archive
--profile= - signature profile, TS, TSA, time-stamp, time-stamp-archive, TimeStampToken, time-stamp-token
--XAdESEN - use XAdES EN profile
--city= - city of production place
--street= - streetAddress of production place in XAdES EN profile
Expand Down
2 changes: 1 addition & 1 deletion src/digidoc-tool.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -350,7 +350,7 @@ static int printUsage(const char *executable)
<< " Command sign:" << endl
<< " Example: " << executable << " sign demo-container.asice" << endl
<< " Available options:" << endl
<< " --profile= - signature profile, TS, TSA, time-stamp, time-stamp-archive" << endl
<< " --profile= - signature profile, TS, TSA, time-stamp, time-stamp-archive, TimeStampToken, time-stamp-token" << endl
<< " --XAdESEN - use XAdES EN profile" << endl
<< " --city= - city of production place" << endl
<< " --street= - streetAddress of production place in XAdES EN profile" << endl
Expand Down

0 comments on commit f42fc03

Please sign in to comment.