package at.gv.egovernment.moa.spss.server.iaik.xmlsign;
import java.util.List;
import java.util.Set;
import iaik.server.modules.algorithms.SignatureAlgorithms;
import iaik.server.modules.keys.AlgorithmUnavailableException;
import iaik.server.modules.keys.KeyEntryID;
import iaik.server.modules.keys.KeyModule;
import iaik.server.modules.keys.KeyModuleFactory;
import iaik.server.modules.keys.UnknownKeyException;
import iaik.server.modules.xml.Canonicalization;
import iaik.server.modules.xmlsign.XMLSignatureCreationProfile;
import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation;
import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
import at.gv.egovernment.moa.spss.server.util.IdGenerator;
/**
* An object providing auxiliary information for creating an XML signature.
*
* @author Patrick Peck
* @version $Id$
*/
public class XMLSignatureCreationProfileImpl
implements XMLSignatureCreationProfile {
/** The transformations to apply to a data object. */
private List dataObjectTreatmentList;
/** The set of keys available to the signing process. */
private Set keySet;
/** The type URI of the signature manifest. */
private String securityLayerManifestTypeURI;
/** Whether the created signature is to be Security Layer conform. */
private boolean securityLayerConform;
/** Where to insert the signature into the signature environment. */
private XMLSignatureInsertionLocation signatureInsertionLocation;
/** The signature structur type. */
private String signatureStructureType;
/** The type of Canonicalization
to use for the signed info. */
private Canonicalization signedInfoCanonicalization;
/** Properties to be signed during signature creation. */
private List signedProperties;
/** The ID generator for signature IDs. */
private IdGenerator signatureIDGenerator;
/** The ID generator for manifst IDs. */
private IdGenerator manifestIDGenerator;
/** The ID generator for XMLDsig manifest IDs. */
private IdGenerator dsigManifestIDGenerator;
/** The ID generator for signed property IDs. */
private IdGenerator propertyIDGenerator;
/**
* Create a new XMLSignatureCreationProfileImpl
.
*
* @param createProfileCount Provides external information about the
* number of calls to the signature creation module, using the same request.
* @param reservedIDs The set of IDs that must not be used while generating
* new IDs.
*/
public XMLSignatureCreationProfileImpl(
int createProfileCount,
Set reservedIDs) {
signatureIDGenerator =
new IdGenerator("signature-" + createProfileCount, reservedIDs);
manifestIDGenerator =
new IdGenerator("manifest-" + createProfileCount, reservedIDs);
dsigManifestIDGenerator =
new IdGenerator("dsig-manifest-" + createProfileCount, reservedIDs);
propertyIDGenerator =
new IdGenerator("etsi-signed-" + createProfileCount, reservedIDs);
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getDataObjectTreatmentList()
*/
public List getDataObjectTreatmentList() {
return dataObjectTreatmentList;
}
/**
* Sets the list of DataObjectTreatment
s.
*
* @param dataObjectTreatmentList The DataObjectTreatment
s to
* set.
*/
public void setDataObjectTreatmentList(List dataObjectTreatmentList) {
this.dataObjectTreatmentList = dataObjectTreatmentList;
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getKeySet()
*/
public Set getKeySet() {
return keySet;
}
/**
* Set the set of KeyEntryID
s which may be used for signature
* creation.
*
* @param keySet The set of KeyEntryID
s to set.
*/
public void setKeySet(Set keySet) {
this.keySet = keySet;
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSecurityLayerManifestTypeURI()
*/
public String getSecurityLayerManifestTypeURI() {
return securityLayerManifestTypeURI;
}
/**
* Set the SecurityLayerManifestTypeURI.
*
* @param securityLayerManifestTypeURI The SecurityLayerManifestTypeURI to
* set.
*/
public void setSecurityLayerManifestTypeURI(String securityLayerManifestTypeURI) {
this.securityLayerManifestTypeURI = securityLayerManifestTypeURI;
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureAlgorithmName(KeyEntryID)
*/
public String getSignatureAlgorithmName(KeyEntryID selectedKeyID)
throws AlgorithmUnavailableException {
TransactionContext context =
TransactionContextManager.getInstance().getTransactionContext();
TransactionId tid = new TransactionId(context.getTransactionID());
KeyModule module = KeyModuleFactory.getInstance(tid);
Set algorithms;
try {
algorithms = module.getSupportedSignatureAlgorithms(selectedKeyID);
} catch (UnknownKeyException e) {
throw new AlgorithmUnavailableException(
"Unknown key entry: " + selectedKeyID,
e,
null);
}
if (algorithms.contains(SignatureAlgorithms.MD2_WITH_RSA)
|| algorithms.contains(SignatureAlgorithms.MD5_WITH_RSA)
|| algorithms.contains(SignatureAlgorithms.RIPEMD128_WITH_RSA)
|| algorithms.contains(SignatureAlgorithms.RIPEMD160_WITH_RSA)
|| algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)
|| algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
return SignatureAlgorithms.SHA1_WITH_RSA;
} else if (
algorithms.contains(SignatureAlgorithms.ECDSA_X962_C2TNB191V1)) {
return SignatureAlgorithms.ECDSA_X962_C2TNB191V1;
} else if (
algorithms.contains(SignatureAlgorithms.DSA)) {
return SignatureAlgorithms.DSA;
} else {
throw new AlgorithmUnavailableException(
"No algorithm for key entry: " + selectedKeyID,
null,
null);
}
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureInsertionLocation()
*/
public XMLSignatureInsertionLocation getSignatureInsertionLocation() {
return signatureInsertionLocation;
}
/**
* Set the location where the signature is to be inserted into the signature
* parent.
*
* @param signatureInsertionLocation The location to set.
*/
public void setSignatureInsertionLocation(XMLSignatureInsertionLocation signatureInsertionLocation) {
this.signatureInsertionLocation = signatureInsertionLocation;
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureStructureType()
*/
public String getSignatureStructureType() {
return signatureStructureType;
}
/**
* Set the signature structure type.
* @param signatureStructureType The signature structure type to set.
*/
public void setSignatureStructureType(String signatureStructureType) {
this.signatureStructureType = signatureStructureType;
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedInfoCanonicalization()
*/
public Canonicalization getSignedInfoCanonicalization() {
return signedInfoCanonicalization;
}
/**
* Sets the canonicalization method to use for the SignedInfo object.
*
* @param signedInfoCanonicalization The canonicalization method to set.
*/
public void setSignedInfoCanonicalization(Canonicalization signedInfoCanonicalization) {
this.signedInfoCanonicalization = signedInfoCanonicalization;
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedProperties()
*/
public List getSignedProperties() {
return signedProperties;
}
/**
* Set the signed properties.
*
* @param signedProperties The signed properties to set.
*/
public void setSignedProperties(List signedProperties) {
this.signedProperties = signedProperties;
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#isSecurityLayerConform()
*/
public boolean isSecurityLayerConform() {
return securityLayerConform;
}
/**
* Sets the security layer conformity.
*
* @param securityLayerConform true
, if the created signature
* is to be conform to the Security Layer specification.
*/
public void setSecurityLayerConform(boolean securityLayerConform) {
this.securityLayerConform = securityLayerConform;
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureID()
*/
public String getSignatureID() {
return signatureIDGenerator.uniqueId();
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSecurityLayerManifestID()
*/
public String getSecurityLayerManifestID() {
return manifestIDGenerator.uniqueId();
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getDsigManifestID()
*/
public String getDsigManifestID() {
return dsigManifestIDGenerator.uniqueId();
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedPropertiesID()
*/
public String getSignedPropertiesID() {
return propertyIDGenerator.uniqueId();
}
}