ASiC-S LTA extending support

IB-8182 Signed-off-by: Raul Metsma <[email protected]>
open-eid · Dec 16, 2024 · 9f14163 · 9f14163
1 parent 24eeef4
commit 9f14163
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 0 deletions.
diff --git a/src/SignatureTST.cpp b/src/SignatureTST.cpp
@@ -103,6 +103,61 @@ std::vector<TSAInfo> SignatureTST::ArchiveTimeStamps() const
     return result;
 }
 
+void SignatureTST::extendSignatureProfile(Signer *signer)
+{
+
+    string tstName = "META-INF/timestamp001.tst";
+    for(size_t i = 1;
+         any_of(metadata.cbegin(), metadata.cend(), [&tstName](const auto &f) { return f.name == tstName; });
+         tstName = Log::format("META-INF/timestamp%03zu.tst", ++i));
+
+    auto doc = XMLDocument::create("ASiCManifest", ASiContainer::ASIC_NS, "asic");
+    auto ref = doc + "SigReference";
+    ref.setProperty("MimeType", "application/vnd.etsi.timestamp-token");
+    ref.setProperty("URI", tstName);
+
+    auto addRef = [&doc](const string &name, string_view mime, bool root, const Digest &digest) {
+        auto ref = doc + "DataObjectReference";
+        ref.setProperty("MimeType", mime);
+        ref.setProperty("URI", util::File::toUriPath(name));
+        if(root)
+            ref.setProperty("Rootfile", "true");
+        auto method = ref + DigestMethod;
+        method.setNS(method.addNS(DSIG_NS, "ds"));
+        method.setProperty("Algorithm", digest.uri());
+        auto value = ref + DigestValue;
+        value.setNS(value.addNS(DSIG_NS, "ds"));
+        value = digest.result();
+    };
+
+    DataFile *file = asicSDoc->dataFiles().front();
+    Digest digest;
+    static_cast<DataFilePrivate*>(file)->digest(digest);
+    addRef(file->fileName(), file->mediaType(), false, digest);
+    for(auto &data: metadata)
+    {
+        if(data.name == "META-INF/ASiCArchiveManifest.xml")
+        {
+            string mfsName = "META-INF/ASiCArchiveManifest001.xml";
+            for(size_t i = 0;
+                 any_of(metadata.cbegin(), metadata.cend(), [&mfsName](const auto &f) { return f.name == mfsName; });
+                 mfsName = Log::format("META-INF/ASiCArchiveManifest%03zu.xml", ++i));
+            data.name = mfsName;
+            data.root = true;
+        }
+        addRef(data.name, data.mime, data.root, data.digest());
+    }
+
+    string data;
+    doc.save([&data](const char *buf, size_t size) {
+        data.append(buf, size);
+        return size;
+    }, true);
+    metadata.push_back({"META-INF/ASiCArchiveManifest.xml", "text/xml", std::move(data)});
+    vector<unsigned char> der = TS(metadata.back().digest(), signer->userAgent());
+    metadata.push_back({tstName, "application/vnd.etsi.timestamp-token", {der.cbegin(), der.cend()}});
+}
+
 X509Cert SignatureTST::TimeStampCertificate() const
 {
     return timestampToken->cert();

diff --git a/src/SignatureTST.h b/src/SignatureTST.h
@@ -50,6 +50,7 @@ class SignatureTST final: public Signature
     void validate() const final;
     std::vector<unsigned char> dataToSign() const final;
     void setSignatureValue(const std::vector<unsigned char> &signatureValue) final;
+    void extendSignatureProfile(Signer *signer) final;
 
     // Xades properties
     std::string profile() const final;