From 578ad0d6bc408edf9e6c875156054374f5fd8337 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Mon, 22 Mar 2021 18:40:26 +0100
Subject: change to EGIZ codestyle
---
.../cmssign/CMSSignatureCreationProfileImpl.java | 288 ++++++++++-----------
1 file changed, 143 insertions(+), 145 deletions(-)
(limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign')
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java
index a465049..d660c7a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java
@@ -21,17 +21,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.cmssign;
-import iaik.server.modules.algorithms.SignatureAlgorithms;
-import iaik.server.modules.cmssign.CMSSignatureCreationProfile;
-import iaik.server.modules.keys.AlgorithmUnavailableException;
-import iaik.server.modules.keys.KeyEntryID;
-import iaik.server.modules.keys.KeyModule;
-import iaik.server.modules.keys.KeyModuleFactory;
-import iaik.server.modules.keys.UnknownKeyException;
-
import java.util.List;
import java.util.Set;
@@ -39,61 +30,71 @@ import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
import at.gv.egovernment.moaspss.logging.Logger;
+import iaik.server.modules.algorithms.SignatureAlgorithms;
+import iaik.server.modules.cmssign.CMSSignatureCreationProfile;
+import iaik.server.modules.keys.AlgorithmUnavailableException;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
+import iaik.server.modules.keys.UnknownKeyException;
/**
* An object providing auxiliary information for creating a CMS signature.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class CMSSignatureCreationProfileImpl
- implements CMSSignatureCreationProfile {
+ implements CMSSignatureCreationProfile {
/** The set of keys available to the signing process. */
private Set keySet;
- /** The MIME type of the data to be signed*/
- private String mimeType;
- /** Whether the created signature is to be Security Layer conform. */
+ /** The MIME type of the data to be signed */
+ private final String mimeType;
+ /** Whether the created signature is to be Security Layer conform. */
private boolean securityLayerConform;
- /** Properties to be signed during signature creation. */
- private List signedProperties;
- /** Specifies whether the content data shall be included in the CMS SignedData or shall be not included. */
- private boolean includeData;
- /** Digest Method algorithm */
+ /** Properties to be signed during signature creation. */
+ private final List signedProperties;
+ /**
+ * Specifies whether the content data shall be included in the CMS SignedData or
+ * shall be not included.
+ */
+ private final boolean includeData;
+ /** Digest Method algorithm */
private String digestMethod;
- private boolean isPAdESConform;
-
-
+ private final boolean isPAdESConform;
+
/**
* Create a new XMLSignatureCreationProfileImpl.
- *
- * @param createProfileCount Provides external information about the
- * number of calls to the signature creation module, using the same request.
- * @param reservedIDs The set of IDs that must not be used while generating
- * new IDs.
+ *
+ * @param createProfileCount Provides external information about the number of
+ * calls to the signature creation module, using the
+ * same request.
+ * @param reservedIDs The set of IDs that must not be used while
+ * generating new IDs.
*/
public CMSSignatureCreationProfileImpl(
- Set keySet,
- String digestMethod,
- List signedProperties,
- boolean securityLayerConform,
- boolean includeData,
- String mimeType,
- boolean isPAdESConform) {
- this.keySet = keySet;
- this.signedProperties = signedProperties;
- this.securityLayerConform = securityLayerConform;
- this.includeData = includeData;
- this.mimeType = mimeType;
- this.digestMethod = digestMethod;
- this.isPAdESConform = isPAdESConform;
+ Set keySet,
+ String digestMethod,
+ List signedProperties,
+ boolean securityLayerConform,
+ boolean includeData,
+ String mimeType,
+ boolean isPAdESConform) {
+ this.keySet = keySet;
+ this.signedProperties = signedProperties;
+ this.securityLayerConform = securityLayerConform;
+ this.includeData = includeData;
+ this.mimeType = mimeType;
+ this.digestMethod = digestMethod;
+ this.isPAdESConform = isPAdESConform;
}
-
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getKeySet()
*/
+ @Override
public Set getKeySet() {
return keySet;
}
@@ -101,119 +102,116 @@ public class CMSSignatureCreationProfileImpl
/**
* Set the set of KeyEntryIDs which may be used for signature
* creation.
- *
+ *
* @param keySet The set of KeyEntryIDs to set.
*/
public void setKeySet(Set keySet) {
this.keySet = keySet;
}
-
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureAlgorithmName(KeyEntryID)
*/
+ @Override
public String getSignatureAlgorithmName(KeyEntryID selectedKeyID)
- throws AlgorithmUnavailableException {
+ throws AlgorithmUnavailableException {
-
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- TransactionId tid = new TransactionId(context.getTransactionID());
- KeyModule module = KeyModuleFactory.getInstance(tid);
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final TransactionId tid = new TransactionId(context.getTransactionID());
+ final KeyModule module = KeyModuleFactory.getInstance(tid);
Set algorithms;
try {
algorithms = module.getSupportedSignatureAlgorithms(selectedKeyID);
- } catch (UnknownKeyException e) {
+ } catch (final UnknownKeyException e) {
throw new AlgorithmUnavailableException(
- "Unknown key entry: " + selectedKeyID,
- e,
- null);
+ "Unknown key entry: " + selectedKeyID,
+ e,
+ null);
}
-
- if (digestMethod.compareTo("SHA-1") == 0) {
- Logger.warn("SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)");
-
- if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) {
- return SignatureAlgorithms.SHA1_WITH_RSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) {
- return SignatureAlgorithms.ECDSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
-
- } else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
- }
-
- } else if (digestMethod.compareTo("SHA-256") == 0) {
- if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
- return SignatureAlgorithms.SHA256_WITH_RSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) {
- return SignatureAlgorithms.SHA256_WITH_ECDSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
-
- } else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
- }
- } else if (digestMethod.compareTo("SHA-384") == 0) {
- if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) {
- return SignatureAlgorithms.SHA384_WITH_RSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) {
- return SignatureAlgorithms.SHA384_WITH_ECDSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
-
- } else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
- }
- } else if (digestMethod.compareTo("SHA-512") == 0) {
- if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) {
- return SignatureAlgorithms.SHA512_WITH_RSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) {
- return SignatureAlgorithms.SHA512_WITH_ECDSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
-
- } else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
- }
- }
- else {
- throw new AlgorithmUnavailableException(
- "No signature algorithm found for digest algorithm '" + digestMethod,
- null,
- null);
- }
-
- }
+ if (digestMethod.compareTo("SHA-1") == 0) {
+ Logger.warn(
+ "SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)");
+
+ if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) {
+ return SignatureAlgorithms.SHA1_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) {
+ return SignatureAlgorithms.ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+
+ } else if (digestMethod.compareTo("SHA-256") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
+ return SignatureAlgorithms.SHA256_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA256_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else if (digestMethod.compareTo("SHA-384") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) {
+ return SignatureAlgorithms.SHA384_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA384_WITH_ECDSA;
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else if (digestMethod.compareTo("SHA-512") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) {
+ return SignatureAlgorithms.SHA512_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA512_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No signature algorithm found for digest algorithm '" + digestMethod,
+ null,
+ null);
+ }
+
+ }
-
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedProperties()
*/
+ @Override
public List getSignedProperties() {
return signedProperties;
}
@@ -221,38 +219,38 @@ public class CMSSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#isSecurityLayerConform()
*/
+ @Override
public boolean isSecurityLayerConform() {
return securityLayerConform;
}
/**
* Sets the security layer conformity.
- *
- * @param securityLayerConform true, if the created signature
- * is to be conform to the Security Layer specification.
+ *
+ * @param securityLayerConform true, if the created signature is to
+ * be conform to the Security Layer specification.
*/
public void setSecurityLayerConform(boolean securityLayerConform) {
this.securityLayerConform = securityLayerConform;
}
-
public void setDigestMethod(String digestMethod) {
- this.digestMethod = digestMethod;
+ this.digestMethod = digestMethod;
}
-
+ @Override
public String getMimeType() {
- return mimeType;
+ return mimeType;
}
+ @Override
public boolean includeData() {
- return this.includeData;
+ return this.includeData;
}
-
-@Override
-public boolean isPAdESConform() {
- return this.isPAdESConform;
-}
+ @Override
+ public boolean isPAdESConform() {
+ return this.isPAdESConform;
+ }
}
--
cgit v1.2.3