Demoiselle Signer and Serpro Digital Signature

1

I'm trying to use the Demoiselle Signer to verify the signature of a document made with the Serpro Digital Document Recorder ( link ).

The code is very simple:

    byte[] documento = getBytesFrom("assinatura/tema-228.pdf");
    byte[] assinatura = getBytesFrom("assinatura/tema-228.p7s");
    PKCS7Signer signer = PKCS7Factory.getInstance().factoryDefault();
    boolean ok = signer.check(documento, assinatura);
    System.out.println(ok);

The files used in the test:

Pom:

    <dependency>
        <groupId>br.gov.frameworkdemoiselle.component</groupId>
        <artifactId>demoiselle-certificate-signer</artifactId>
        <version>2.0.0</version>
    </dependency>

And what happened ...

java.lang.NullPointerException
    at br.gov.frameworkdemoiselle.certificate.signer.pkcs7.impl.CAdESSigner.check(CAdESSigner.java:178)
    at br.gov.serpro.sislv.assinatura.DemoiselleSignerTest.shouldVerificarAssinatura(DemoiselleSignerTest.java:29)

I tried to use the previous version of the signer:

    <dependency>
        <groupId>br.gov.frameworkdemoiselle.component</groupId>
        <artifactId>demoiselle-certificate-signer</artifactId>
        <version>1.0.9</version>
    </dependency>

There he made another mistake:

br.gov.frameworkdemoiselle.certificate.signer.SignerException: O Atributo signingCertificate não pode ser nulo.
    at br.gov.frameworkdemoiselle.certificate.signer.pkcs7.bc.policies.ADRBCMS_2_1.validate(ADRBCMS_2_1.java:219)
    at br.gov.frameworkdemoiselle.certificate.signer.pkcs7.bc.CAdESSigner.check(CAdESSigner.java:238)
    at br.gov.serpro.sislv.assinatura.DemoiselleSignerTest.shouldVerificarAssinatura(DemoiselleSignerTest.java:29)

The use of Signer was based on the following documentation: link

Doubt: How can I check a document signed by the Serpro Signer? Can you use the Demoiseller Signer for this?

One bad thing is that on the Signer page it does not account for the algorithms used = / Is this subscriber basically Demoiselle Applet with Demoiselle Signer ? Or is it something else to see?

Thank you! Leonardo Leite

PS: Demoiselle code where null pointer occurs in version 2.0.0:

    AttributeTable unsignedAttributes = signer.getUnsignedAttributes();
    if (unsignedAttributes.size() == 0) { // null pointer aqui!
        logger.info("O pacote PKCS7 não contem atributos nao assinados.");
    }
    
asked by anonymous 06.05.2015 / 21:18

1 answer

1

Leonardo,

To generate a signature you can use demoiselle-certificate-signer: link

As for the subscriber page, I can not provide much information because it is a Serpro application. But if you use the component in its most up-to-date version (from 1.0.8 or 2.0.0) it is generated according to ITI Policies. Existing 2.0 and 2.1 policies use SHA2 for encryption.

As for the NullPointer reported in version 2.0 is indeed a bug. I reported the bug at link and a correction should come out in the next release.

When the error reported in version 1, please check again since there was a new version of the signer.

    
12.05.2015 / 15:44