package at.gv.egovernment.moa.spss.server.invoke;
import java.io.IOException;
import java.io.InputStream;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import iaik.IAIKException;
import iaik.IAIKRuntimeException;
import iaik.server.modules.cmsverify.CMSSignatureVerificationModule;
import iaik.server.modules.cmsverify.CMSSignatureVerificationModuleFactory;
import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
import iaik.server.modules.cmsverify.CMSSignatureVerificationResult;
import at.gv.egovernment.moa.logging.LoggingContext;
import at.gv.egovernment.moa.logging.LoggingContextManager;
import at.gv.egovernment.moa.spss.MOAApplicationException;
import at.gv.egovernment.moa.spss.MOAException;
import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentExcplicit;
import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentReference;
import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
import at.gv.egovernment.moa.spss.server.logging.IaikLog;
import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
/**
* A class providing an interface to the
* CMSSignatureVerificationModule
.
*
* This class performs the invocation of the
* iaik.server.modules.cmsverify.CMSSignatureVerificationModule
* from a VerifyCMSSignatureRequest
. The result of the invocation
* is integrated into a VerifyCMSSignatureResponse
returned.
*
* @author Patrick Peck
* @version $Id$
*/
public class CMSSignatureVerificationInvoker {
/** The single instance of this class. */
private static CMSSignatureVerificationInvoker instance = null;
/**
* Return the only instance of this class.
*
* @return The only instance of this class.
*/
public static synchronized CMSSignatureVerificationInvoker getInstance() {
if (instance == null) {
instance = new CMSSignatureVerificationInvoker();
}
return instance;
}
/**
* Create a new CMSSignatureVerificationInvoker
.
*
* Protected to disallow multiple instances.
*/
protected CMSSignatureVerificationInvoker() {
}
/**
* Verify a CMS signature.
*
* @param request The VerifyCMSSignatureRequest
containing the
* CMS signature, as well as additional data needed for verification.
* @return Element A VerifyCMSSignatureResponse
containing the
* answer to the VerifyCMSSignatureRequest
.
* @throws MOAException An error occurred while processing the request.
*/
public VerifyCMSSignatureResponse verifyCMSSignature(VerifyCMSSignatureRequest request)
throws MOAException {
CMSSignatureVerificationProfileFactory profileFactory =
new CMSSignatureVerificationProfileFactory(request);
VerifyCMSSignatureResponseBuilder responseBuilder =
new VerifyCMSSignatureResponseBuilder();
TransactionContext context =
TransactionContextManager.getInstance().getTransactionContext();
LoggingContext loggingCtx =
LoggingContextManager.getInstance().getLoggingContext();
InputStream signature;
InputStream signedContent;
CMSSignatureVerificationProfile profile;
Date signingTime;
List results;
CMSSignatureVerificationResult result;
int[] signatories;
InputStream input;
byte[] buf = new byte[256];
// get the signature
signature = request.getCMSSignature();
// get the signed content
signedContent = getSignedContent(request);
// build the profile
profile = profileFactory.createProfile();
// get the signing time
signingTime = request.getDateTime();
// verify the signature
try {
CMSSignatureVerificationModule module =
CMSSignatureVerificationModuleFactory.getInstance();
module.setLog(new IaikLog(loggingCtx.getNodeID()));
module.init(
signature,
signedContent,
profile,
new TransactionId(context.getTransactionID()));
input = module.getInputStream();
while (input.read(buf) > 0);
results = module.verifySignature(signingTime);
} catch (IAIKException e) {
MOAException moaException = IaikExceptionMapper.getInstance().map(e);
throw moaException;
} catch (IAIKRuntimeException e) {
MOAException moaException = IaikExceptionMapper.getInstance().map(e);
throw moaException;
} catch (IOException e) {
throw new MOAApplicationException("2244", null, e);
}
// build the response: for each signatory add the result to the response
signatories = request.getSignatories();
if (signatories == VerifyCMSSignatureRequest.ALL_SIGNATORIES) {
Iterator resultIter;
for (resultIter = results.iterator(); resultIter.hasNext();) {
result = (CMSSignatureVerificationResult) resultIter.next();
responseBuilder.addResult(result);
}
} else {
int i;
for (i = 0; i < signatories.length; i++) {
int sigIndex = signatories[i] - 1;
try {
result =
(CMSSignatureVerificationResult) results.get(signatories[i] - 1);
responseBuilder.addResult(result);
} catch (IndexOutOfBoundsException e) {
throw new MOAApplicationException(
"2249",
new Object[] { new Integer(sigIndex)});
}
}
}
return responseBuilder.getResponse();
}
/**
* Get the signed content contained either in the request itself or given as a
* reference to external data.
*
* @param request The VerifyCMSSignatureRequest
containing the
* signed content (or the reference to the signed content).
* @return InputStream A stream providing the signed content data, or
* null
if no signed content was provided with the request.
* @throws MOAApplicationException An error occurred building the stream.
*/
private InputStream getSignedContent(VerifyCMSSignatureRequest request)
throws MOAApplicationException {
CMSDataObject dataObj;
CMSContent content;
// select the Content element
dataObj = request.getDataObject();
if (dataObj == null) {
return null;
}
content = dataObj.getContent();
// build the content data
switch (content.getContentType()) {
case CMSContent.EXPLICIT_CONTENT :
return ((CMSContentExcplicit) content).getBinaryContent();
case CMSContent.REFERENCE_CONTENT :
String reference = ((CMSContentReference) content).getReference();
if (!"".equals(reference)) {
ExternalURIResolver resolver = new ExternalURIResolver();
return resolver.resolve(reference);
} else {
return null;
}
default :
return null;
}
}
}