From ece7d18cf35374bf4e26d041799cda8f791c89f8 Mon Sep 17 00:00:00 2001 From: gregor Date: Mon, 7 Jul 2003 10:58:37 +0000 Subject: Initial commit git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@2 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../invoke/CMSSignatureVerificationInvoker.java | 207 +++++++++++++++++++++ 1 file changed, 207 insertions(+) create mode 100644 spss.server/src/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java (limited to 'spss.server/src/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java') diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java new file mode 100644 index 000000000..33b924e2b --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java @@ -0,0 +1,207 @@ +package at.gv.egovernment.moa.spss.server.invoke; + +import java.io.IOException; +import java.io.InputStream; +import java.util.Date; +import java.util.Iterator; +import java.util.List; + +import iaik.IAIKException; +import iaik.IAIKRuntimeException; +import iaik.server.modules.cmsverify.CMSSignatureVerificationModule; +import iaik.server.modules.cmsverify.CMSSignatureVerificationModuleFactory; +import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile; +import iaik.server.modules.cmsverify.CMSSignatureVerificationResult; + +import at.gv.egovernment.moa.logging.LoggingContext; +import at.gv.egovernment.moa.logging.LoggingContextManager; + +import at.gv.egovernment.moa.spss.MOAApplicationException; +import at.gv.egovernment.moa.spss.MOAException; +import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent; +import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentExcplicit; +import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentReference; +import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; +import at.gv.egovernment.moa.spss.server.logging.IaikLog; +import at.gv.egovernment.moa.spss.server.logging.TransactionId; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; + +/** + * A class providing an interface to the + * CMSSignatureVerificationModule. + * + * This class performs the invocation of the + * iaik.server.modules.cmsverify.CMSSignatureVerificationModule + * from a VerifyCMSSignatureRequest. The result of the invocation + * is integrated into a VerifyCMSSignatureResponse returned. + * + * @author Patrick Peck + * @version $Id$ + */ +public class CMSSignatureVerificationInvoker { + + /** The single instance of this class. */ + private static CMSSignatureVerificationInvoker instance = null; + + /** + * Return the only instance of this class. + * + * @return The only instance of this class. + */ + public static synchronized CMSSignatureVerificationInvoker getInstance() { + if (instance == null) { + instance = new CMSSignatureVerificationInvoker(); + } + return instance; + } + + /** + * Create a new CMSSignatureVerificationInvoker. + * + * Protected to disallow multiple instances. + */ + protected CMSSignatureVerificationInvoker() { + } + + /** + * Verify a CMS signature. + * + * @param request The VerifyCMSSignatureRequest containing the + * CMS signature, as well as additional data needed for verification. + * @return Element A VerifyCMSSignatureResponse containing the + * answer to the VerifyCMSSignatureRequest. + * @throws MOAException An error occurred while processing the request. + */ + public VerifyCMSSignatureResponse verifyCMSSignature(VerifyCMSSignatureRequest request) + throws MOAException { + CMSSignatureVerificationProfileFactory profileFactory = + new CMSSignatureVerificationProfileFactory(request); + VerifyCMSSignatureResponseBuilder responseBuilder = + new VerifyCMSSignatureResponseBuilder(); + TransactionContext context = + TransactionContextManager.getInstance().getTransactionContext(); + LoggingContext loggingCtx = + LoggingContextManager.getInstance().getLoggingContext(); + InputStream signature; + InputStream signedContent; + CMSSignatureVerificationProfile profile; + Date signingTime; + List results; + CMSSignatureVerificationResult result; + int[] signatories; + InputStream input; + byte[] buf = new byte[256]; + + // get the signature + signature = request.getCMSSignature(); + + // get the signed content + signedContent = getSignedContent(request); + + // build the profile + profile = profileFactory.createProfile(); + + // get the signing time + signingTime = request.getDateTime(); + + // verify the signature + try { + CMSSignatureVerificationModule module = + CMSSignatureVerificationModuleFactory.getInstance(); + + module.setLog(new IaikLog(loggingCtx.getNodeID())); + + module.init( + signature, + signedContent, + profile, + new TransactionId(context.getTransactionID())); + input = module.getInputStream(); + + while (input.read(buf) > 0); + results = module.verifySignature(signingTime); + } catch (IAIKException e) { + MOAException moaException = IaikExceptionMapper.getInstance().map(e); + throw moaException; + } catch (IAIKRuntimeException e) { + MOAException moaException = IaikExceptionMapper.getInstance().map(e); + throw moaException; + } catch (IOException e) { + throw new MOAApplicationException("2244", null, e); + } + + // build the response: for each signatory add the result to the response + signatories = request.getSignatories(); + if (signatories == VerifyCMSSignatureRequest.ALL_SIGNATORIES) { + Iterator resultIter; + + for (resultIter = results.iterator(); resultIter.hasNext();) { + result = (CMSSignatureVerificationResult) resultIter.next(); + responseBuilder.addResult(result); + } + } else { + int i; + + for (i = 0; i < signatories.length; i++) { + int sigIndex = signatories[i] - 1; + + try { + result = + (CMSSignatureVerificationResult) results.get(signatories[i] - 1); + responseBuilder.addResult(result); + } catch (IndexOutOfBoundsException e) { + throw new MOAApplicationException( + "2249", + new Object[] { new Integer(sigIndex)}); + } + } + } + + return responseBuilder.getResponse(); + } + + /** + * Get the signed content contained either in the request itself or given as a + * reference to external data. + * + * @param request The VerifyCMSSignatureRequest containing the + * signed content (or the reference to the signed content). + * @return InputStream A stream providing the signed content data, or + * null if no signed content was provided with the request. + * @throws MOAApplicationException An error occurred building the stream. + */ + private InputStream getSignedContent(VerifyCMSSignatureRequest request) + throws MOAApplicationException { + + CMSDataObject dataObj; + CMSContent content; + + // select the Content element + dataObj = request.getDataObject(); + if (dataObj == null) { + return null; + } + content = dataObj.getContent(); + + // build the content data + switch (content.getContentType()) { + case CMSContent.EXPLICIT_CONTENT : + return ((CMSContentExcplicit) content).getBinaryContent(); + case CMSContent.REFERENCE_CONTENT : + String reference = ((CMSContentReference) content).getReference(); + if (!"".equals(reference)) { + ExternalURIResolver resolver = new ExternalURIResolver(); + return resolver.resolve(reference); + } else { + return null; + } + default : + return null; + } + + } + +} -- cgit v1.2.3