Skip to content

Managing containers (sign‐lib)

Jump to bottom
Marten Rebane edited this page Jun 4, 2021 · 1 revision

High-level support for signing and parsing containers.

SignedContainer is an immutable class so all modifier methods return a new instance.

Initialize sign-lib in Application.onCreate 

@Override
public void onCreate() {
    super.onCreate();
    SignLib.init(this);
}

Creating a new container

File containerFile = new File("path-to-new-container.asice");
ImmutableList<File> dataFiles = ...;
try {
    SignedContainer container = SignedContainer.create(containerFile, dataFiles);
} catch (IOException e) {
    // could not open container
} catch (ContainerDataFilesEmptyException e) {
    // no data files provided for container
}

Opening an existing container

File containerFile = new File("path-to-container.asice");
try {
    SignedContainer container = SignedContainer.open(containerFile);
} catch (IOException e) {
    // could not open container
}

Working with container data files

SignedContainer container = ...;

// returns all data files in the container
ImmutableList<DataFile> dataFiles = container.dataFiles();

// check whether adding data files to this container is allowed
boolean dataFileAddEnabled = container.dataFileAddEnabled();

// check whether removing data files from this container is allowed
boolean dataFileRemoveEnabled = container.dataFileRemoveEnabled();

// extract data file from the container to a File
DataFile dataFile = ...;
File dataFileDirectory = new File("path/to/data-files/");
File dataFilePath = container.getDataFile(dataFile, dataFileDirectory);

// add data files to the container
ImmutableList<File> newDataFiles = ...;
SignedContainer newContainer = container.addDataFiles(newDataFiles);

// remove data file from the container
DataFile dataFile = ...;
SignedContainer newContainer = container.removeDataFile(dataFile);

Working with container signatures

SignedContainer container = ...;

// returns all signatures in the container
ImmutableList<Signature> signatures = container.signatures();

// check whether all signatures in the container are valid
container.signaturesValid();

// remove signature from container
Signature signature = ...;
container = container.removeSignature(signature);

// add AdES (advanced electronic signature) to the container
byte[] adEsSignature = ...;
container = container.addAdEsSignature(adEsSignature);

// add signature by signing it with signing certificate
ByteString certificate = ...;
Function<ByteString, ByteString> signFunction = ...;
container = container.sign(certificate, signFunction);

Example of implementing signFunction with Token from id-card-lib 

String pin2 = ...;
Token token = ...;
Certificate certificate =
        Certificate.create(ByteString.of(token.certificate(CertificateType.SIGNING)));

Function<ByteString, ByteString> signFunction = signData -> 
        ByteString.of(token.calculateSignature(
                pin2.getBytes(), 
                signData.toByteArray(), 
                certificate.ellipticCurve()));

Other useful functions

// check whether a file can be opened as a container or could only be added to containers
boolean isContainer = SignedContainer.isContainer(new File("file-to-check.asice"));

// check whether a container is considered legacy and needs to be nested inside a new container to add signatures
boolean isLegacyContainer = SignedContainer.isLegacyContainer(new File("file-to-check.ddoc"));
Clone this wiki locally