CMS verification

author: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2015-12-04 13:12:24 +0100
committer: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2015-12-04 13:12:24 +0100
commit: 7510ab5173001711ecb5d6c8834878e7cce63ff9 (patch)
tree: e07bba24e87b9b3d1e8d8275c68809a59c3e067d
parent: 191ba3411f2db0a48ae8d4243926b33a063bf769 (diff)
download: moa-sig-7510ab5173001711ecb5d6c8834878e7cce63ff9.tar.gz
moa-sig-7510ab5173001711ecb5d6c8834878e7cce63ff9.tar.bz2
moa-sig-7510ab5173001711ecb5d6c8834878e7cce63ff9.zip
10 files changed, 128 insertions, 23 deletions
diff --git a/moaSig/libs/iaik_moa.jar b/moaSig/libs/iaik_moa.jar
index 7ffc47e..8d274c6 100644
--- a/moaSig/libs/iaik_moa.jar
+++ b/moaSig/libs/iaik_moa.jar
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
index 981ea05..304a7d3 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
@@ -83,11 +83,11 @@ public class CRLRetriever implements RevocationInfoRetriever {
 
 	@Override
 	public void setConnectTimeout(int arg0) {
-		// TODO AFITZEK TODO IMPLEMENT THIS METHOD
+		// TODO AFITZEK IMPLEMENT THIS METHOD
 	}
 
 	@Override
 	public void setReadTimeout(int arg0) {
-		// TODO AFITZEK TODO IMPLEMENT THIS METHOD
+		// TODO AFITZEK IMPLEMENT THIS METHOD
 	}
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java
index 9dd0ffe..39da9cf 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java
@@ -108,7 +108,7 @@ public class DirectoryCertStoreParametersImpl
 
 @Override
 public Set getVirtualStores() {
-	// TODO AFITZEK TODO IMPLEMENT THIS METHOD
+	// TODO AFITZEK IMPLEMENT THIS METHOD
 	return Collections.EMPTY_SET;
 }
 
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
index 5e29b5c..fe0de1f 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
@@ -100,13 +100,13 @@ public class PKIConfigurationImpl implements PKIConfiguration {
 
 	@Override
 	public int getConnectTimeout() {
-		// TODO AFITZEK TODO IMPLEMENT THIS METHOD
+		// TODO AFITZEK IMPLEMENT THIS METHOD
 		return 0;
 	}
 
 	@Override
 	public int getReadTimeout() {
-		// TODO AFITZEK TODO IMPLEMENT THIS METHOD
+		// TODO AFITZEK IMPLEMENT THIS METHOD
 		return 0;
 	}
 
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
index b03c4a2..a09a701 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
@@ -87,25 +87,25 @@ public class RevocationConfigurationImpl extends AbstractObservableConfiguration
 
 	@Override
 	public DBCrlConfig getDataBaseCRLConfig() {
-		// TODO AFITZEK TODO IMPLEMENT THIS METHOD
+		// TODO AFITZEK IMPLEMENT THIS METHOD
 		return null;
 	}
 
 	@Override
 	public boolean getKeepRevocationInfo() {
-		// TODO AFITZEK TODO IMPLEMENT THIS METHOD
+		// TODO AFITZEK IMPLEMENT THIS METHOD
 		return false;
 	}
 
 	@Override
 	public Set getPositiveOCSPResponders() {
-		// TODO AFITZEK TODO IMPLEMENT THIS METHOD
+		// TODO AFITZEK IMPLEMENT THIS METHOD
 		return null;
 	}
 
 	@Override
 	public boolean skipIndirectCRLCheckForAlternativeDistributionPoints() {
-		// TODO AFITZEK TODO IMPLEMENT THIS METHOD
+		// TODO AFITZEK IMPLEMENT THIS METHOD
 		return false;
 	}
 
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
index 491986b..3f6998a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
@@ -145,13 +145,17 @@ public class PKIProfileImpl implements PKIProfile {
 	 */
 	@Override
 	public int autoAddCertificates() {
-		// TODO AFITZEK TODO IMPLEMENT THIS METHOD
-		return 0;
+		if(config.getAutoAddCertificates()) {
+			return PKIProfile.AUTO_ADD_EE_DISABLE;
+		} else {
+			return PKIProfile.AUTO_ADD_DISABLE;
+		}
+		// TODO AFITZEK allow saving of end entity certificates
 	}
 
 	@Override
 	public TrustStoreProfile getIndirectRevocationTrustStoreProfile() {
-		// TODO AFITZEK TODO IMPLEMENT THIS METHOD
+		// TODO AFITZEK IMPLEMENT THIS METHOD
 		return null;
 	}
 
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
index 718673a..df04434 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
@@ -50,6 +50,8 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
+import org.apache.commons.io.IOUtils;
+
 import at.gv.egovernment.moa.logging.LogMsg;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
@@ -71,6 +73,7 @@ import at.gv.egovernment.moa.spss.server.iaik.cmssign.CMSSignatureCreationProfil
 import at.gv.egovernment.moa.spss.server.logging.TransactionId;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.util.FilteredOutputStream;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
 import at.gv.egovernment.moa.util.Constants;
 
@@ -238,25 +241,44 @@ public class CMSSignatureCreationInvoker {
 					 
 			  // now write the data to be signed to the signedDataStream
 			  
+			  // 
 			  int byteRead;
+			  /*
 			  BigDecimal counter = new BigDecimal("0");
 			  BigDecimal one = new BigDecimal("1");
 			  
+			  ByteArrayOutputStream filteredStream = new ByteArrayOutputStream();
+			  
 			  while ((byteRead=contentIs.read()) >= 0) {
 				  //System.out.println("counterXX: " + counter);
 				  
-				  if (inRange(counter, dataobject)) {
-					  //System.out.println("Lösche...");
-					  // set byte to 0x00
-					  signedDataStream.write(0);
-				  }
-				  else
-					  signedDataStream.write(byteRead);
+				  // Wrong behaviour < 3
+				  // excluded bytes should not be part of the signature as 0 bytes
+				  // they should be not part of the signature at all!
+				  
+//				  if (inRange(counter, dataobject))
+//					  filteredStream.write(0);
+//				  else
+//					  filteredStream.write(byteRead);
+//				  
 				  
-				  counter = counter.add(one);				  
+				  // correct behaviour
+				  if (!inRange(counter, dataobject)) {
+					  filteredStream.write(byteRead);
+				  }
+
+				  counter = counter.add(one);
 			  }
+			  byte[] data = filteredStream.toByteArray();
+			  signedDataStream.write(data, 0, data.length);
+			  */
+			  // Stream based, this should have a better performance
+			  FilteredOutputStream filteredOuputStream = new FilteredOutputStream(
+					  signedDataStream, 4096, dataobject.getExcludeByteRangeFrom(),
+					  dataobject.getExcludeByteRangeTo());
 			  
-			  
+			  IOUtils.copyLarge(contentIs, filteredOuputStream);
+			  filteredOuputStream.flush();
 //			  byte[] buf = new byte[4096];
 //			  int bytesRead;
 //			  while ((bytesRead = contentIs.read(buf)) >= 0) {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/FilteredOutputStream.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/FilteredOutputStream.java
new file mode 100644
index 0000000..3a9fe51
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/FilteredOutputStream.java
@@ -0,0 +1,76 @@
+package at.gv.egovernment.moa.spss.util;
+
+import java.io.BufferedOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.math.BigDecimal;
+
+public class FilteredOutputStream extends BufferedOutputStream {
+	private BigDecimal from = null;
+	private BigDecimal to = null;
+	private BigDecimal counter = new BigDecimal("0");
+	BigDecimal one = new BigDecimal("1");
+	
+	public FilteredOutputStream(OutputStream innerStream, 
+			int bufferSize, BigDecimal from, 
+			BigDecimal to) {
+		super(innerStream, bufferSize);
+		this.from = from;
+		this.to = to;
+	}
+
+	@Override
+	public synchronized void write(int b) throws IOException {
+		if(!inRange(counter)) {
+			super.write(b);
+		}
+		counter = counter.add(one);
+	}
+
+	@Override
+	public synchronized void write(byte[] b, int off, int len) throws IOException {
+		this.filteredWrite(b, off, len);
+	}
+
+	@Override
+	public synchronized void flush() throws IOException {
+		super.flush();
+	}
+
+	@Override
+	public void write(byte[] b) throws IOException {
+		if(b != null) {
+			this.filteredWrite(b, 0, b.length);
+		}
+	}
+
+	@Override
+	public void close() throws IOException {
+		super.close();
+	}
+	
+	private synchronized void filteredWrite(byte[] b, int off, int len) throws IOException {
+		for(int i = 0; i < len; i++) {
+			if(!inRange(counter)) {
+				super.write(b[off+i]);
+			}
+			counter = counter.add(one);
+		}
+	}
+	
+	private boolean inRange(BigDecimal counter) {
+		  if ( (from == null) || (to == null))
+			  return false;
+		  
+		  int compare = counter.compareTo(from);
+		  if (compare == -1)
+			  return false;
+		  else {
+			  compare = counter.compareTo(to);
+			  if (compare == 1)
+				  return false;
+			  else
+				  return true;
+		  }
+	  }
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/TransformerUtils.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/TransformerUtils.java
index b069a60..676c95c 100644
--- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/TransformerUtils.java
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/TransformerUtils.java
@@ -89,7 +89,6 @@ public class TransformerUtils {
 	public CreateSignatureInfo buildCreateSignatureInfo(
 			at.gv.egiz.moasig.CreateXMLSignatureRequestType.SingleSignatureInfo.CreateSignatureInfo createSignatureInfo)
 					throws MOAApplicationException {
-		// TODO:
 		if (createSignatureInfo == null) {
 			return null;
 		} else {
@@ -136,6 +135,10 @@ public class TransformerUtils {
 	 */
 	public CreateTransformsInfoProfile parseCreateTransformsInfoProfile(
 			at.gv.egiz.moasig.CreateTransformsInfoProfile createTransformsInfoProfile) throws MOAApplicationException {
+		if(createTransformsInfoProfile == null) {
+			return null;
+		}
+		
 		CreateTransformsInfo createTransformsInfo = parseCreateTransformsInfo(
 				createTransformsInfoProfile.getCreateTransformsInfo());
 		List supplements = parseSupplements(createTransformsInfoProfile.getSupplement());
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/XMLVerifySignatureBindingImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/XMLVerifySignatureBindingImpl.java
index 8295aed..44dc2c2 100644
--- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/XMLVerifySignatureBindingImpl.java
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/XMLVerifySignatureBindingImpl.java
@@ -74,7 +74,7 @@ public class XMLVerifySignatureBindingImpl implements XMLVerifySignatureBinding
 		List supplementProfiles = parseSupplementProfiles(verifyXMLSignatureRequest);
 
 		SignatureManifestCheckParams signatureManifestCheckParams = this
-				.parseSignatureManifestCheckParams(verifyXMLSignatureRequest.getSignatureManifestCheckParams()); // TODO
+				.parseSignatureManifestCheckParams(verifyXMLSignatureRequest.getSignatureManifestCheckParams()); 
 		return factory.createVerifyXMLSignatureRequest(dateTime, verifySignatureInfo, supplementProfiles,
 				signatureManifestCheckParams, returnHashInputData, trustProfileID);
 	}
author	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2015-12-04 13:12:24 +0100
committer	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2015-12-04 13:12:24 +0100
commit	7510ab5173001711ecb5d6c8834878e7cce63ff9 (patch)
tree	e07bba24e87b9b3d1e8d8275c68809a59c3e067d
parent	191ba3411f2db0a48ae8d4243926b33a063bf769 (diff)
download	moa-sig-7510ab5173001711ecb5d6c8834878e7cce63ff9.tar.gz moa-sig-7510ab5173001711ecb5d6c8834878e7cce63ff9.tar.bz2 moa-sig-7510ab5173001711ecb5d6c8834878e7cce63ff9.zip