From 0872d2d8a64fd701776b272f49222428d8def07f Mon Sep 17 00:00:00 2001 From: Andreas Fitzek Date: Tue, 3 Nov 2015 14:38:34 +0100 Subject: initial commit --- .../cmssign/CMSSignatureCreationProfileImpl.java | 249 +++++++++++++ .../CMSSignatureVerificationProfileImpl.java | 61 ++++ .../config/AbstractKeyModuleConfigurationImpl.java | 60 ++++ .../config/AbstractObservableConfiguration.java | 72 ++++ .../iaik/config/ArchiveConfigurationImpl.java | 121 +++++++ .../moa/spss/server/iaik/config/CRLRetriever.java | 93 +++++ .../iaik/config/CertStoreConfigurationImpl.java | 81 +++++ .../server/iaik/config/ConfigurationDataImpl.java | 145 ++++++++ .../iaik/config/DataBaseArchiveParameterImpl.java | 57 +++ .../config/DirectoryCertStoreParametersImpl.java | 115 ++++++ .../HardwareCryptoModuleConfigurationImpl.java | 75 ++++ .../config/HardwareKeyModuleConfigurationImpl.java | 79 ++++ .../spss/server/iaik/config/IaikConfigurator.java | 217 +++++++++++ .../spss/server/iaik/config/LoggerConfigImpl.java | 58 +++ .../server/iaik/config/PKIConfigurationImpl.java | 113 ++++++ .../iaik/config/RevocationConfigurationImpl.java | 112 ++++++ .../config/SoftwareKeyModuleConfigurationImpl.java | 99 +++++ .../iaik/config/ValidationConfigurationImpl.java | 80 +++++ .../moa/spss/server/iaik/pki/PKIProfileImpl.java | 158 ++++++++ .../pki/pathvalidation/ValidationProfileImpl.java | 131 +++++++ .../iaik/pki/revocation/RevocationProfileImpl.java | 88 +++++ .../store/truststore/TrustStoreProfileImpl.java | 159 ++++++++ .../server/iaik/xml/Base64TransformationImpl.java | 67 ++++ .../server/iaik/xml/ByteArrayDataObjectImpl.java | 78 ++++ .../server/iaik/xml/ByteStreamDataObjectImpl.java | 73 ++++ .../spss/server/iaik/xml/CanonicalizationImpl.java | 67 ++++ .../moa/spss/server/iaik/xml/DataObjectImpl.java | 111 ++++++ .../xml/EnvelopedSignatureTransformationImpl.java | 66 ++++ .../iaik/xml/ExclusiveCanonicalizationImpl.java | 100 ++++++ .../moa/spss/server/iaik/xml/SigningTimeImpl.java | 58 +++ .../spss/server/iaik/xml/TransformationImpl.java | 67 ++++ .../spss/server/iaik/xml/XMLDataObjectImpl.java | 70 ++++ .../server/iaik/xml/XMLNodeListDataObjectImpl.java | 71 ++++ .../moa/spss/server/iaik/xml/XMLSignatureImpl.java | 67 ++++ .../moa/spss/server/iaik/xml/XPath2FilterImpl.java | 140 ++++++++ .../server/iaik/xml/XPath2TransformationImpl.java | 106 ++++++ .../server/iaik/xml/XPathTransformationImpl.java | 122 +++++++ .../server/iaik/xml/XSLTTransformationImpl.java | 217 +++++++++++ .../iaik/xmlsign/DataObjectTreatmentImpl.java | 174 +++++++++ .../xmlsign/XMLSignatureCreationProfileImpl.java | 399 +++++++++++++++++++++ .../xmlsign/XMLSignatureInsertionLocationImpl.java | 69 ++++ .../XMLSignatureVerificationProfileImpl.java | 177 +++++++++ 42 files changed, 4722 insertions(+) create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java new file mode 100644 index 0000000..49e5ecc --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java @@ -0,0 +1,249 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.cmssign; + +import iaik.server.modules.algorithms.SignatureAlgorithms; +import iaik.server.modules.cmssign.CMSSignatureCreationProfile; +import iaik.server.modules.keys.AlgorithmUnavailableException; +import iaik.server.modules.keys.KeyEntryID; +import iaik.server.modules.keys.KeyModule; +import iaik.server.modules.keys.KeyModuleFactory; +import iaik.server.modules.keys.UnknownKeyException; + +import java.util.List; +import java.util.Set; + +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.spss.server.logging.TransactionId; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; + +/** + * An object providing auxiliary information for creating a CMS signature. + * + * @author Patrick Peck + * @version $Id$ + */ +public class CMSSignatureCreationProfileImpl + implements CMSSignatureCreationProfile { + + /** The set of keys available to the signing process. */ + private Set keySet; + /** The MIME type of the data to be signed*/ + private String mimeType; + /** Whether the created signature is to be Security Layer conform. */ + private boolean securityLayerConform; + /** Properties to be signed during signature creation. */ + private List signedProperties; + /** Specifies whether the content data shall be included in the CMS SignedData or shall be not included. */ + private boolean includeData; + /** Digest Method algorithm */ + private String digestMethod; + + + /** + * Create a new XMLSignatureCreationProfileImpl. + * + * @param createProfileCount Provides external information about the + * number of calls to the signature creation module, using the same request. + * @param reservedIDs The set of IDs that must not be used while generating + * new IDs. + */ + public CMSSignatureCreationProfileImpl( + Set keySet, + String digestMethod, + List signedProperties, + boolean securityLayerConform, + boolean includeData, + String mimeType) { + this.keySet = keySet; + this.signedProperties = signedProperties; + this.securityLayerConform = securityLayerConform; + this.includeData = includeData; + this.mimeType = mimeType; + this.digestMethod = digestMethod; + + } + + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getKeySet() + */ + public Set getKeySet() { + return keySet; + } + + /** + * Set the set of KeyEntryIDs which may be used for signature + * creation. + * + * @param keySet The set of KeyEntryIDs to set. + */ + public void setKeySet(Set keySet) { + this.keySet = keySet; + } + + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureAlgorithmName(KeyEntryID) + */ + public String getSignatureAlgorithmName(KeyEntryID selectedKeyID) + throws AlgorithmUnavailableException { + + + TransactionContext context = + TransactionContextManager.getInstance().getTransactionContext(); + TransactionId tid = new TransactionId(context.getTransactionID()); + KeyModule module = KeyModuleFactory.getInstance(tid); + Set algorithms; + + try { + algorithms = module.getSupportedSignatureAlgorithms(selectedKeyID); + } catch (UnknownKeyException e) { + throw new AlgorithmUnavailableException( + "Unknown key entry: " + selectedKeyID, + e, + null); + } + + if (digestMethod.compareTo("SHA-1") == 0) { + Logger.warn("SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)"); + + if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) { + return SignatureAlgorithms.SHA1_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) { + return SignatureAlgorithms.ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + + } else if (digestMethod.compareTo("SHA-256") == 0) { + if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) { + return SignatureAlgorithms.SHA256_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) { + return SignatureAlgorithms.SHA256_WITH_ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } else if (digestMethod.compareTo("SHA-384") == 0) { + if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) { + return SignatureAlgorithms.SHA384_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) { + return SignatureAlgorithms.SHA384_WITH_ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } else if (digestMethod.compareTo("SHA-512") == 0) { + if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) { + return SignatureAlgorithms.SHA512_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) { + return SignatureAlgorithms.SHA512_WITH_ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } + else { + throw new AlgorithmUnavailableException( + "No signature algorithm found for digest algorithm '" + digestMethod, + null, + null); + } + + + } + + + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedProperties() + */ + public List getSignedProperties() { + return signedProperties; + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#isSecurityLayerConform() + */ + public boolean isSecurityLayerConform() { + return securityLayerConform; + } + + /** + * Sets the security layer conformity. + * + * @param securityLayerConform true, if the created signature + * is to be conform to the Security Layer specification. + */ + public void setSecurityLayerConform(boolean securityLayerConform) { + this.securityLayerConform = securityLayerConform; + } + + + public void setDigestMethod(String digestMethod) { + this.digestMethod = digestMethod; + } + + + public String getMimeType() { + return mimeType; + } + + public boolean includeData() { + return this.includeData; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java new file mode 100644 index 0000000..972b540 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java @@ -0,0 +1,61 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.cmsverify; + +import iaik.pki.PKIProfile; +import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile; + +/** + * An implementation of the CMSSignatureVerificationProfile + * interface. + * + * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile + * @author Patrick Peck + * @version $Id$ + */ +public class CMSSignatureVerificationProfileImpl + implements CMSSignatureVerificationProfile { + + /** The profile for validating the certificate. */ + private PKIProfile certificateValidationProfile; + + /** + * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile#getCertificateValidationProfile() + */ + public PKIProfile getCertificateValidationProfile() { + return certificateValidationProfile; + } + + /** + * Sets the profile for validating the signer certificate. + * + * @param certificateValidationProfile The certificate validation profile to + * set. + */ + public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) { + this.certificateValidationProfile = certificateValidationProfile; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java new file mode 100644 index 0000000..90e6793 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java @@ -0,0 +1,60 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.server.modules.keys.KeyModuleConfiguration; + +/** + * Base implementation class for the KeyModuleConfiguration + * interface and the interfaces derived from it. + * + * @see iaik.server.modules.keys.KeyModuleConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public abstract class AbstractKeyModuleConfigurationImpl + implements KeyModuleConfiguration { + + /** The module ID. */ + private String moduleID; + + /** + * Creata new AbstractKeyModuleConfigurationImpl. + * + * @param moduleID The key module ID of this + * KeyModuleConfiguration. + */ + public AbstractKeyModuleConfigurationImpl(String moduleID) { + this.moduleID = moduleID; + } + + /** + * @see iaik.server.modules.keys.KeyModuleConfiguration#getModuleID() + */ + public String getModuleID() { + return moduleID; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java new file mode 100644 index 0000000..e2d828b --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java @@ -0,0 +1,72 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import iaik.pki.store.observer.NotificationData; +import iaik.pki.store.observer.Observable; +import iaik.pki.store.observer.Observer; + +/** + * A base class for observable configuration data. + * + * @author Patrick Peck + * @version $Id$ + */ +public abstract class AbstractObservableConfiguration implements Observable { + + /** The observers registered with this Observable. */ + private List observers = new ArrayList(); + + /** + * @see iaik.pki.store.observer.Observable#addObserver(iaik.pki.store.observer.Observer) + */ + public void addObserver(Observer observer) { + observers.add(observer); + } + + /** + * @see iaik.pki.store.observer.Observable#removeObserver(iaik.pki.store.observer.Observer) + */ + public boolean removeObserver(Observer observer) { + return observers.remove(observer); + } + + /** + * @see iaik.pki.store.observer.Observable#notify(iaik.pki.store.observer.NotificationData) + */ + public void notify(NotificationData data) { + Iterator iter = observers.iterator(); + + for (iter = observers.iterator(); iter.hasNext();) { + Observer observer = (Observer) iter.next(); + observer.notify(data); + } + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java new file mode 100644 index 0000000..4a300a2 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java @@ -0,0 +1,121 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.pki.store.revocation.archive.ArchiveConfiguration; +import iaik.pki.store.revocation.archive.ArchiveParameters; +import iaik.pki.store.revocation.archive.ArchiveTypes; + +import java.sql.Driver; +import java.sql.DriverManager; +import java.util.Enumeration; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; + +/** + * An implementation of the ArchiveConfiguration interface + * using configuration data provided by the MOA configuration file. + * + * @see iaik.pki.store.revocation.archive.ArchiveConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class ArchiveConfigurationImpl + extends AbstractObservableConfiguration + implements ArchiveConfiguration { + + /** The configuration parameters of the archive. */ + private ArchiveParameters archiveParameters; + + /** + * Create a new ArchiveConfigurationImpl. + * + * @param config The MOA configuration from which the configuration data is being read. + */ + public ArchiveConfigurationImpl(ConfigurationProvider config) + { + String jdbcUrl = config.getRevocationArchiveJDBCURL(); + this.archiveParameters = new DataBaseArchiveParameterImpl(jdbcUrl); + + // Register JDBC driver class + if (jdbcUrl != null) + { + String jdbcDriverClass = config.getRevocationArchiveJDBCDriverClass(); + try + { + Class.forName(jdbcDriverClass); + } + catch (ClassNotFoundException e) + { + // TODO 20030709 GK Improve exception handling + throw new RuntimeException("JDBC driver class \"" + jdbcDriverClass + " could not be found."); + } + + Enumeration regDrivers = DriverManager.getDrivers(); + boolean isRegistered = false; + while (regDrivers.hasMoreElements()) + { + Object currentDriver = regDrivers.nextElement(); + if (jdbcDriverClass.equals(currentDriver.getClass().getName())) isRegistered = true; + } + if (!isRegistered) + { + // Workaround for a driver which does not register itselve at invocation of Class.forName(drvname) + try + { + DriverManager.registerDriver((Driver)Class.forName(jdbcDriverClass).newInstance()); + } + catch (Exception e) + { + // TODO 20030709 GK Improve exception handling + throw new RuntimeException("Registering JDBC driver \"" + jdbcDriverClass + " failed."); + } + } + } + } + + /** + * Return the type of archive. + * + * This will always return ArchiveTypes.DATABASE. + * @return ArchiveTypes.DATABASE. + * @see iaik.pki.store.revocation.archive.ArchiveConfiguration#getType() + */ + public String getType() { + return ArchiveTypes.DATABASE; + } + + /** + * Return the ArchiveParameters describing this + * ArchiveConfiguration. + * + * @return The archive parameters. + * @see iaik.pki.store.revocation.archive.ArchiveConfiguration#getArchiveParameters() + */ + public ArchiveParameters getArchiveParameters() { + return archiveParameters; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java new file mode 100644 index 0000000..981ea05 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java @@ -0,0 +1,93 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.logging.TransactionId; +import iaik.pki.revocation.RevocationSourceTypes; +import iaik.pki.store.revocation.RevocationInfoRetriever; +import iaik.pki.store.revocation.RevocationSource; +import iaik.pki.store.revocation.RevocationStoreException; +import iaik.pki.ldap.Handler; + +import java.io.InputStream; +import java.net.MalformedURLException; +import java.net.URL; +import java.net.URLStreamHandler; +import java.util.Collection; +import java.util.Date; + +import at.gv.egovernment.moa.logging.Logger; + +/** + * A customized implementation of + * {@link iaik.pki.store.revocation.RevocationInfoRetriever}. Will be used + * instead of the default implementation + * {@link iaik.pki.store.revocation.CRLRetriever} to overcome a classloader + * problem in connection with the {@link java.net.URL} class in a Tomcat + * deployment environment. + * + * @author Gregor Karlinger + * @version $$ + */ +public class CRLRetriever implements RevocationInfoRetriever { + public void update(RevocationSource source, Collection supplementalRequestData, TransactionId tid) + throws RevocationStoreException { + if (source == null) { + throw new NullPointerException("RevocationSource parameter mustn't be null."); + } + Logger.info("Downloading crl from " + source.getUri()); + if (!source.getType().equals(RevocationSourceTypes.CRL)) { + throw new RevocationStoreException(source.getType() + " not supported", null, getClass().getName() + ":1"); + } + try { + URL crlUrl; + try { + crlUrl = new URL(source.getUri()); + } catch (MalformedURLException e) { + // Workaround for classloader problem with deployment in Tomcat + // 4.1 + URLStreamHandler handler = new Handler(); + crlUrl = new URL(null, source.getUri(), handler); + } + + InputStream crlInputStream = crlUrl.openStream(); + source.readFrom(crlInputStream, tid); + source.setDownloadTime(new Date()); + crlInputStream.close(); + } catch (Exception iox) { + Logger.warn("Cannot retrieve crl", iox); + throw new RevocationStoreException("Cannot retrieve CRL", iox, getClass().getName() + ":1"); + } + } + + @Override + public void setConnectTimeout(int arg0) { + // TODO AFITZEK TODO IMPLEMENT THIS METHOD + } + + @Override + public void setReadTimeout(int arg0) { + // TODO AFITZEK TODO IMPLEMENT THIS METHOD + } +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java new file mode 100644 index 0000000..a4f7660 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java @@ -0,0 +1,81 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.io.File; +import java.io.IOException; + +import org.apache.commons.io.FileUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.logging.IaikLog; +import at.gv.egovernment.moa.spss.server.logging.TransactionId; +import iaik.logging.Log; +import iaik.pki.store.certstore.CertStoreConfiguration; +import iaik.pki.store.certstore.CertStoreParameters; +import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters; +import iaik.pki.store.certstore.directory.DirectoryStoreException; +import iaik.pki.store.certstore.utils.DirectoryCertStoreConverter; + +/** + * An implementation of the CertStoreConfiguration interface based + * on MOA configuration data. + * + * @see iaik.pki.store.certstore.CertStoreConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class CertStoreConfigurationImpl extends AbstractObservableConfiguration implements CertStoreConfiguration { + + private static final Logger logger = LoggerFactory.getLogger(CertStoreConfigurationImpl.class); + + /** The configuration parameters of the CertStore. */ + private CertStoreParameters[] parameters; + + /** + * Create a new CertStoreConfigurationImpl. + * + * @param config + * The MOA configuration from which the configuration data is + * being read. + */ + public CertStoreConfigurationImpl(ConfigurationProvider config) { + String certStoreRoot = config.getCertStoreLocation(); + + DirectoryCertStoreParameters dirParameters = new DirectoryCertStoreParametersImpl("MOA Directory CertStore", + certStoreRoot, true, false); + + parameters = new CertStoreParameters[] { dirParameters }; + } + + /** + * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters() + */ + public CertStoreParameters[] getParameters() { + return parameters; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java new file mode 100644 index 0000000..dff78d6 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java @@ -0,0 +1,145 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import iaik.logging.LoggerConfig; +import iaik.pki.PKIConfiguration; +import iaik.server.ConfigurationData; + +import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule; +import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule; + +/** + * An implementation of the ConfigurationData interface using + * MOA configuration data. + * + * @see iaik.server.ConfigurationData + * @author Patrick Peck + * @version $Id$ + */ +public class ConfigurationDataImpl implements ConfigurationData { + /** PKI configuration data. */ + private PKIConfiguration pkiConfiguration; + /** Crypto modules configuration data. */ + private List cryptoModuleConfigurations; + /** Key modules configuration data. */ + private List keyModuleConfigurations; + /** Logging configuration data. */ + private LoggerConfig loggerConfig; + + /** + * Create a new ConfigurationDataImpl. + * + * @param config The underlying MOA configuration data. + */ + public ConfigurationDataImpl(ConfigurationProvider config) { + this.pkiConfiguration = new PKIConfigurationImpl(config); + this.cryptoModuleConfigurations = buildCryptoModuleConfigurations(config); + this.keyModuleConfigurations = buildKeyModuleConfigurations(config); + this.loggerConfig = new LoggerConfigImpl(); + } + + /** + * Build the list of CryptoModuleConfigurations. + * + * @param config The underlying MOA configuration data. + * @return The list of CryptoModuleConfigurations configured in + * the MOA configuration. + */ + private List buildCryptoModuleConfigurations(ConfigurationProvider config) { + List modules = new ArrayList(); + Iterator iter = config.getHardwareCryptoModules().iterator(); + + while (iter.hasNext()) { + HardwareCryptoModule module = (HardwareCryptoModule) iter.next(); + modules.add(new HardwareCryptoModuleConfigurationImpl(module)); + } + + return modules; + } + + /** + * Build the list of KeyModuleConfigurations. + * + * @param config The underlying MOA configuration data. + * @return The list of KeyModuleConfigurations configured in the + * MOA configuration. + */ + private List buildKeyModuleConfigurations(ConfigurationProvider config) { + List keys = new ArrayList(); + Iterator iter; + + // add the hardware keys + iter = config.getHardwareKeyModules().iterator(); + while (iter.hasNext()) { + HardwareKeyModule key = (HardwareKeyModule) iter.next(); + keys.add(new HardwareKeyModuleConfigurationImpl(key)); + } + + // add the software keys + iter = config.getSoftwareKeyModules().iterator(); + while (iter.hasNext()) { + SoftwareKeyModule key = (SoftwareKeyModule) iter.next(); + keys.add(new SoftwareKeyModuleConfigurationImpl(key)); + } + + return keys; + } + + /** + * @see iaik.server.ConfigurationData#getPKIConfiguration() + */ + public PKIConfiguration getPKIConfiguration() { + return pkiConfiguration; + } + + /** + * @see iaik.server.ConfigurationData#getCryptoModuleConfigurations() + */ + public List getCryptoModuleConfigurations() { + return cryptoModuleConfigurations; + } + + /** + * @see iaik.server.ConfigurationData#getKeyModuleConfigurations() + */ + public List getKeyModuleConfigurations() { + return keyModuleConfigurations; + } + + /** + * @see iaik.server.ConfigurationData#getLoggerConfig() + */ + public LoggerConfig getLoggerConfig() { + return loggerConfig; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java new file mode 100644 index 0000000..f4658a2 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java @@ -0,0 +1,57 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.pki.store.revocation.archive.DataBaseArchiveParameters; + +/** + * An implementation of the DataBaseArchiveParameter interface. + * + * @see iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter + * @author Patrick Peck + * @version $Id$ + */ +public class DataBaseArchiveParameterImpl implements DataBaseArchiveParameters { + + /** The JDBC URL for accessing the archive. */ + private String jDBCUrl; + + /** + * Create a new DataBaseArchiveParameterImpl. + * + * @param jDBCUrl The JDBC URL of the archive. + */ + public DataBaseArchiveParameterImpl(String jDBCUrl) { + this.jDBCUrl = jDBCUrl; + } + + /** + * @see iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter#getJDBCUrl() + */ + public String getJDBCUrl() { + return jDBCUrl; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java new file mode 100644 index 0000000..9dd0ffe --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java @@ -0,0 +1,115 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.util.Collections; +import java.util.Set; + +import iaik.pki.store.certstore.CertStoreParameters; +import iaik.pki.store.certstore.CertStoreTypes; +import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters; + +/** + * An implementation of the DirectoryCertStoreParameters interface. + * + * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters + * @author Patrick Peck + * @version $Id$ + */ +public class DirectoryCertStoreParametersImpl + implements DirectoryCertStoreParameters { + + /** The root directory of the CertStore. */ + private String rootDirectory; + /** Whether a new directory may be created. */ + private boolean createNew; + /** The CertStore ID. */ + private String id; + /** Whether the CertStore is read-only. */ + private boolean readOnly; + + /** + * Create a new DirectoryCertStoreParameterImpl. + * + * @param id The CertStore ID. + * @param rootDirectory The root directory of the CertStore. + * @param createNew Whether a new directory may be created. + * @param readOnly Whether the CertStore is read-only. + */ + public DirectoryCertStoreParametersImpl( + String id, + String rootDirectory, + boolean createNew, + boolean readOnly) { + + this.id = id; + this.rootDirectory = rootDirectory; + this.createNew = createNew; + this.readOnly = readOnly; + } + + /** + * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getRootDirectory() + */ + public String getRootDirectory() { + return rootDirectory; + } + + /** + * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew() + */ + public boolean createNew() { + return createNew; + } + + /** + * @see iaik.pki.store.certstore.CertStoreParameters#getId() + */ + public String getId() { + return id; + } + + /** + * @see iaik.pki.store.certstore.CertStoreParameters#isReadOnly() + */ + public boolean isReadOnly() { + return readOnly; + } + + /** + * @return CertStoreTypes.DIRECTORY + * @see iaik.pki.store.certstore.CertStoreParameters#getType() + */ + public String getType() { + return CertStoreTypes.DIRECTORY; + } + +@Override +public Set getVirtualStores() { + // TODO AFITZEK TODO IMPLEMENT THIS METHOD + return Collections.EMPTY_SET; +} + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java new file mode 100644 index 0000000..c9904c5 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java @@ -0,0 +1,75 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.server.modules.crypto.HardwareCryptoModuleConfiguration; + +import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule; + +/** + * An implementation of the HardwareCryptoModuleConfiguration + * wrapping a HardwareCryptoModule from the MOA configuration. + * + * @author Patrick Peck + * @version $Id$ + */ +public class HardwareCryptoModuleConfigurationImpl + implements HardwareCryptoModuleConfiguration { + + /** The wrapped HardwareCryptoModule. */ + private HardwareCryptoModule module; + + /** + * Create a new HardwareCryptoModuleConfigurationImpl. + * + * @param module The HardwareCryptoModule from the underlying MOA + * configuration. + */ + public HardwareCryptoModuleConfigurationImpl(HardwareCryptoModule module) { + this.module = module; + } + + /** + * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getModuleName() + */ + public String getModuleName() { + return module.getName(); + } + + /** + * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getSlotID() + */ + public String getSlotID() { + return module.getSlotID(); + } + + /** + * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getUserPIN() + */ + public char[] getUserPIN() { + return module.getUserPIN().toCharArray(); + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java new file mode 100644 index 0000000..05f5633 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java @@ -0,0 +1,79 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.server.modules.keys.HardwareKeyModuleConfiguration; + +import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule; + +/** + * An implementation of the HardwareKeyModuleConfiguration + * interface wrapping a HardwareKeyModule from the MOA + * configuration. + * + * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class HardwareKeyModuleConfigurationImpl + extends AbstractKeyModuleConfigurationImpl + implements HardwareKeyModuleConfiguration { + + /** The wrapped HardwareKeyModule. */ + private HardwareKeyModule keyModule; + + /** + * Create a new HardwareKeyModuleConfigurationImpl. + * + * @param keyModule The HardwareKeyModule from the underlying + * MOA configuration. + */ + public HardwareKeyModuleConfigurationImpl(HardwareKeyModule keyModule) { + super(keyModule.getId()); + this.keyModule = keyModule; + } + + /** + * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getModuleName() + */ + public String getModuleName() { + return keyModule.getName(); + } + + /** + * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getSlotID() + */ + public String getSlotID() { + return keyModule.getSlotID(); + } + + /** + * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getUserPIN() + */ + public char[] getUserPIN() { + return keyModule.getUserPIN().toCharArray(); + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java new file mode 100644 index 0000000..87dd572 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java @@ -0,0 +1,217 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.pki.store.revocation.RevocationFactory; +import iaik.pki.store.revocation.RevocationSourceStore; +import iaik.pki.store.truststore.TrustStoreFactory; +import iaik.security.ec.provider.ECCelerate; +import iaik.server.ConfigurationData; +import iaik.server.Configurator; +import iaik.server.modules.keys.KeyEntryID; +import iaik.server.modules.keys.KeyModule; +import iaik.server.modules.keys.KeyModuleFactory; + +import java.security.Security; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import at.gv.egovernment.moa.logging.LogMsg; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.spss.server.config.ConfigurationException; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.config.KeyGroup; +import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry; +import at.gv.egovernment.moa.spss.server.logging.TransactionId; +import at.gv.egovernment.moa.spss.util.CertStoreConverter; +import at.gv.egovernment.moa.spss.util.MessageProvider; +import at.gv.egovernment.moa.spss.util.SecProviderUtils; + +/** + * A class responsible for configuring the IAIK MOA modules. + * + * @author Patrick Peck + * @version $Id$ + */ +public class IaikConfigurator { + + /** The warnings encountered during configuration. */ + private List warnings = new ArrayList(); + + /** + * Configure the IAIK MOA subsystem. + * + * + * @param moaConfig The underlying MOA configuration. + * @return Returns the config data of the underlying MOA subsystem + * @throws ConfigurationException An error occurred configuring the IAIK + * MOA subsystem. + */ + public ConfigurationData configure(ConfigurationProvider moaConfig) + throws ConfigurationException { + ConfigurationData configData = new ConfigurationDataImpl(moaConfig); + + warnings = new ArrayList(); + + try { + TransactionId transId = new TransactionId("IaikConfigurator"); + + //SecProviderUtils.dumpSecProviders("Starting configuration"); + + try { + iaik.pki.Configurator.initCommon(configData.getLoggerConfig(), + transId); + //SecProviderUtils.dumpSecProviders("initCommon"); + String certStoreRoot = moaConfig.getCertStoreLocation(); + CertStoreConverter.convert(certStoreRoot, transId); + } finally { + //Security.removeProvider(ECCelerate.getInstance().getName()); + } + + Configurator.init(configData, transId); + + SecProviderUtils.dumpSecProviders("Fully configured!"); + + // Set customized CRL retriever to overcome a classloader problem when MOA is deployed in Tomcat + RevocationSourceStore rss = RevocationFactory.getInstance(transId).getRevocationSourceStore(); + //rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL); + if ((moaConfig.getSoftwareKeyModules().size() > 0) || (moaConfig.getHardwareKeyModules().size() > 0)) { + dumpKeyEntryIDs(); + } + checkKeyGroupConfig(moaConfig); + TrustStoreFactory.reset(); + + return configData; + } catch (iaik.server.ConfigurationException e) { + throw new ConfigurationException("config.08", null, e); + } catch (Throwable t) { + throw new ConfigurationException("config.08", null, t); + } + } + + /** + * Return the warnings encountered during configuration. + * + * @return The warnings. + */ + public List getWarnings() { + return warnings; + } + + /** + * Dump all KeyEntryIDs contained in the configured + * KeyModules to the log file. + */ + private void dumpKeyEntryIDs() { + MessageProvider msg = MessageProvider.getInstance(); + KeyModule module = KeyModuleFactory.getInstance(new TransactionId("dump")); + Set keyEntryIds = module.getPrivateKeyEntryIDs(); + Iterator iter; + + for (iter = keyEntryIds.iterator(); iter.hasNext();) { + KeyEntryID keyEntryId = (KeyEntryID) iter.next(); + Logger.info( + new LogMsg(msg.getMessage("config.19", new Object[] { keyEntryId }))); + } + } + + /** + * Check that each key group entry in each key group can be resolved to a + * KeyEntryID. + * + * Logs a warning for each key group entry that cannot be resolved. + * + * @param moaConfig The MOA configuration to check. + */ + private void checkKeyGroupConfig(ConfigurationProvider moaConfig) { + Map keyGroups = moaConfig.getKeyGroups(); + Iterator iter; + + for (iter = keyGroups.values().iterator(); iter.hasNext();) { + KeyGroup keyGroup = (KeyGroup) iter.next(); + Set keyGroupEntries = keyGroup.getKeyGroupEntries(); + Iterator kgIter; + + for (kgIter = keyGroupEntries.iterator(); kgIter.hasNext();) { + KeyGroupEntry entry = (KeyGroupEntry) kgIter.next(); + + if (!findKeyEntryID(entry)) { + warn( + "config.31", + new Object[] { + keyGroup.getId(), + entry.getModuleID(), + entry.getIssuerDN(), + entry.getSerialNumber()}); + } + } + } + } + + /** + * Find out that a certain KeyGroupEntry could be resolved to a KeyEntryID + * by the Configurator. + * + * @param keyGroupEntry The key group entry to find. + * @return true, if the keyGroupEntry could be + * resolved to a KeyEntryID; otherwise false. + */ + private boolean findKeyEntryID(KeyGroupEntry keyGroupEntry) { + KeyModule module = KeyModuleFactory.getInstance(new TransactionId("check")); + Set keyEntryIDs = module.getPrivateKeyEntryIDs(); + Iterator iter; + + for (iter = keyEntryIDs.iterator(); iter.hasNext();) { + KeyEntryID entry = (KeyEntryID) iter.next(); + + if (entry.getCertificateIssuer().equals(keyGroupEntry.getIssuerDN()) + && entry.getCertificateSerialNumber().equals( + keyGroupEntry.getSerialNumber()) + && entry.getModuleID().equals(keyGroupEntry.getModuleID())) { + return true; + } + } + + return false; + } + + /** + * Log a warning. + * + * @param messageId The message ID. + * @param args Additional parameters for the message. + * @see at.gv.egovernment.moa.spss.server.util.MessageProvider + */ + private void warn(String messageId, Object[] args) { + MessageProvider msg = MessageProvider.getInstance(); + String txt = msg.getMessage(messageId, args); + + Logger.warn(new LogMsg(txt)); + warnings.add(txt); + } +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java new file mode 100644 index 0000000..3fb842f --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java @@ -0,0 +1,58 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.util.Properties; + +import iaik.logging.LogConfigurationException; +import iaik.logging.LoggerConfig; + +import at.gv.egovernment.moa.logging.LoggingContextManager; + +/** + * Default implementation of the LoggerConfig interface. + * + * @author Patrick Peck + * @version $Id$ + */ +public class LoggerConfigImpl implements LoggerConfig { + + /** The implementation of iaik.logging.LogFactory. */ + private static final String DEFAULT_IMPLEMENTATION = + "at.gv.egovernment.moa.spss.server.logging.IaikLogFactory"; + + public String getFactory() { + return DEFAULT_IMPLEMENTATION; + } + + public Properties getProperties() throws LogConfigurationException { + return new Properties(); + } + + public String getNodeId() { + return LoggingContextManager.getInstance().getLoggingContext().getNodeID(); + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java new file mode 100644 index 0000000..5e29b5c --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java @@ -0,0 +1,113 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.pki.PKIConfiguration; +import iaik.pki.pathvalidation.ValidationConfiguration; +import iaik.pki.revocation.RevocationConfiguration; +import iaik.pki.store.certstore.CertStoreConfiguration; +import iaik.pki.store.revocation.archive.ArchiveConfiguration; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; + +/** + * An implementation of the PKIConfiguration interface using data + * from the MOA configuration. + * + * @see iaik.pki.PKIConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class PKIConfigurationImpl implements PKIConfiguration { + /** The CertStore configuration. */ + private CertStoreConfiguration certStoreConfiguration; + /** The revocation checking configuration. */ + private RevocationConfiguration revocationConfiguration; + /** The revocation archive configuration. */ + private ArchiveConfiguration archiveConfiguration; + /** The certificate validation configuration. */ + private ValidationConfiguration validationConfiguration; + + /** + * Create a new PKIConfigurationImpl. + * + * @param config + * The underlying MOA configuration which will be used to build + * the configuration data contained in this object. + */ + public PKIConfigurationImpl(ConfigurationProvider config) { + + this.certStoreConfiguration = new CertStoreConfigurationImpl(config); + this.revocationConfiguration = new RevocationConfigurationImpl(config); + + boolean archiveInfo = config.getEnableRevocationArchiving(); + if (archiveInfo) { + this.archiveConfiguration = new ArchiveConfigurationImpl(config); + } else { + this.archiveConfiguration = null; + } + + this.validationConfiguration = new ValidationConfigurationImpl(config); + } + + /** + * @see iaik.pki.PKIConfiguration#getCertStoreConfiguration() + */ + public CertStoreConfiguration getCertStoreConfiguration() { + return certStoreConfiguration; + } + + /** + * @see iaik.pki.PKIConfiguration#getRevocationConfiguration() + */ + public RevocationConfiguration getRevocationConfiguration() { + return revocationConfiguration; + } + + /** + * @see iaik.pki.PKIConfiguration#getArchiveConfiguration() + */ + public ArchiveConfiguration getArchiveConfiguration() { + return archiveConfiguration; + } + + /** + * @see iaik.pki.PKIConfiguration#getValidationConfiguration() + */ + public ValidationConfiguration getValidationConfiguration() { + return validationConfiguration; + } + + @Override + public int getConnectTimeout() { + // TODO AFITZEK TODO IMPLEMENT THIS METHOD + return 0; + } + + @Override + public int getReadTimeout() { + // TODO AFITZEK TODO IMPLEMENT THIS METHOD + return 0; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java new file mode 100644 index 0000000..b03c4a2 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java @@ -0,0 +1,112 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.pki.revocation.RevocationConfiguration; +import iaik.pki.revocation.dbcrl.config.DBCrlConfig; + +import java.security.cert.X509Certificate; +import java.util.Date; +import java.util.Map; +import java.util.Set; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; + +/** + * An implementation of the RevocationConfiguration interface using + * MOA configuration data. + * + * @see iaik.pki.revocation.RevocationConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class RevocationConfigurationImpl extends AbstractObservableConfiguration implements RevocationConfiguration { + + /** + * The ConfigurationProvider to read the configuration data + * from. + */ + private ConfigurationProvider config; + + /** + * Create a new RevocationConfigurationImpl. + * + * @param config + * The underlying MOA configuration containing the configuration + * data. + */ + public RevocationConfigurationImpl(ConfigurationProvider config) { + this.config = config; + } + + /** + * @see iaik.pki.revocation.RevocationConfiguration#getAlternativeDistributionPoints + */ + public Set getAlternativeDistributionPoints(X509Certificate cert, X509Certificate issuer, Date date) { + return config.getDistributionPoints(cert); + } + + /** + * @see iaik.pki.revocation.RevocationConfiguration#archiveRevocationInfo(java.lang.String, + * java.lang.String) + */ + public boolean archiveRevocationInfo(String type, String uri) { + return config.getEnableRevocationArchiving(); + } + + /** + * @see iaik.pki.revocation.RevocationConfiguration#getCrlRetentionInterval(java.lang.String) + */ + public Integer getCrlRetentionInterval(String issuername) { + Map map = config.getCrlRetentionIntervals(); + Integer interval = (Integer) map.get(issuername); + + return interval; + } + + @Override + public DBCrlConfig getDataBaseCRLConfig() { + // TODO AFITZEK TODO IMPLEMENT THIS METHOD + return null; + } + + @Override + public boolean getKeepRevocationInfo() { + // TODO AFITZEK TODO IMPLEMENT THIS METHOD + return false; + } + + @Override + public Set getPositiveOCSPResponders() { + // TODO AFITZEK TODO IMPLEMENT THIS METHOD + return null; + } + + @Override + public boolean skipIndirectCRLCheckForAlternativeDistributionPoints() { + // TODO AFITZEK TODO IMPLEMENT THIS METHOD + return false; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java new file mode 100644 index 0000000..937f32f --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java @@ -0,0 +1,99 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.InputStream; + +import iaik.server.modules.keys.ConfigurationException; +import iaik.server.modules.keys.SoftwareKeyModuleConfiguration; + +import at.gv.egovernment.moa.logging.LogMsg; +import at.gv.egovernment.moa.logging.Logger; + +import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule; +import at.gv.egovernment.moa.spss.util.MessageProvider; + +/** + * An implementation of the SoftwareKeyModuleConfiguration wrapping + * a SoftwareKeyModule from the MOA configuration. + * + * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class SoftwareKeyModuleConfigurationImpl + extends AbstractKeyModuleConfigurationImpl + implements SoftwareKeyModuleConfiguration { + + /** The wrapped SoftwareKeyModule. */ + private SoftwareKeyModule keyModule; + + /** + * Create a new SoftwareKeyModuleConfigurationImpl. + * + * @param keyModule The SoftwareKeyModule from the underlying MOA + * configuration. + */ + public SoftwareKeyModuleConfigurationImpl(SoftwareKeyModule keyModule) { + super(keyModule.getId()); + this.keyModule = keyModule; + } + + /** + * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreTypeName() + */ + public String getKeyStoreTypeName() { + return KEY_STORE_TYPE_NAME_PKCS12; + } + + /** + * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreAsStream() + */ + public InputStream getKeyStoreAsStream() { + MessageProvider msg = MessageProvider.getInstance(); + + try { + String message = + msg.getMessage("config.18", new Object[] { keyModule.getFileName()}); + Logger.info(new LogMsg(message)); + return new FileInputStream(keyModule.getFileName()); + } catch (FileNotFoundException e) { + String message = + msg.getMessage("config.09", new Object[] { keyModule.getFileName()}); + + throw new ConfigurationException(message, e, null); + } + } + + /** + * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreAuthenticationData() + */ + public char[] getKeyStoreAuthenticationData() { + return keyModule.getPassWord().toCharArray(); + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java new file mode 100644 index 0000000..9e26fb8 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java @@ -0,0 +1,80 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.security.cert.X509Certificate; +import java.security.spec.AlgorithmParameterSpec; + +import iaik.pki.pathvalidation.ValidationConfiguration; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; + +/** + * An implementation of the ValidationConfiguration interface using + * MOA configuration data. + * + * @see iaik.pki.pathvalidation.ValidationConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class ValidationConfigurationImpl + extends AbstractObservableConfiguration + implements ValidationConfiguration { + + /** The ConfigurationProvider to read the configuration data + * from. */ + private ConfigurationProvider config; + + /** + * Create a new ValidationConfigurationImpl. + * + * @param config The underlying MOA configuration data. + */ + public ValidationConfigurationImpl(ConfigurationProvider config) { + this.config = config; + } + + /** + * @see iaik.pki.pathvalidation.ValidationConfiguration#getChainingMode(java.security.cert.X509Certificate) + */ + public String getChainingMode(X509Certificate cert) { + return config.getChainingMode(cert); + } + + /** + * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsSpec(java.security.cert.X509Certificate) + */ + public AlgorithmParameterSpec getPublicKeyParamsAsSpec(X509Certificate cert) { + return null; + } + + /** + * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsCert(java.security.cert.X509Certificate) + */ + public X509Certificate getPublicKeyParamsAsCert(X509Certificate cert) { + return null; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java new file mode 100644 index 0000000..491986b --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java @@ -0,0 +1,158 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.gv.egovernment.moa.spss.server.iaik.pki; + +import iaik.pki.PKIProfile; +import iaik.pki.pathvalidation.ValidationProfile; +import iaik.pki.revocation.RevocationProfile; +import iaik.pki.store.truststore.TrustStoreProfile; +import at.gv.egovernment.moa.spss.MOAApplicationException; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.iaik.pki.pathvalidation.ValidationProfileImpl; +import at.gv.egovernment.moa.spss.server.iaik.pki.revocation.RevocationProfileImpl; +import at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore.TrustStoreProfileImpl; + +/** + * Implementation of the PKIProfile interface containing + * information needed for certificate path validation. It uses configuration + * data from the MOA configuration. + * + * @author Patrick Peck + * @version $Id$ + */ +public class PKIProfileImpl implements PKIProfile { + + /** Profile information for revocation checking. */ + private RevocationProfile revocationProfile; + /** Profile information about the trust profile to use. */ + private TrustStoreProfile trustStoreProfile; + /** Profile information about the certificate validation. */ + private ValidationProfile validationProfile; + /** + * The ConfigurationProvider to read the MOA configuration data + * from. + */ + private ConfigurationProvider config; + + /** + * Create a new PKIProfileImpl. + * + * @param config + * The MOA configuration providing configuration data about + * certificate path validation. + * @param trustProfileID + * The trust profile ID denoting the location of the trust store. + * @throws MOAApplicationException + * An error occurred building the profile. + */ + public PKIProfileImpl(ConfigurationProvider config, String trustProfileID) throws MOAApplicationException { + + this.config = config; + setRevocationProfile(new RevocationProfileImpl(config)); + setTrustStoreProfile(new TrustStoreProfileImpl(config, trustProfileID)); + setValidationProfile(new ValidationProfileImpl(config)); + } + + /** + * @see iaik.pki.PKIProfile#autoAddCertificates() + */ + /*public boolean autoAddCertificates() { + return useAuthorityInfoAccess() ? true : config.getAutoAddCertificates(); + }*/ + + /** + * @see iaik.pki.PKIProfile#getRevocationProfile() + */ + public RevocationProfile getRevocationProfile() { + return revocationProfile; + } + + /** + * Sets the RevocationProfile. + * + * @param revocationProfile + * The RevocationProfile used for revocation + * checking. + */ + protected void setRevocationProfile(RevocationProfile revocationProfile) { + this.revocationProfile = revocationProfile; + } + + /** + * @see iaik.pki.PKIProfile#getTrustStoreProfile() + */ + public TrustStoreProfile getTrustStoreProfile() { + return trustStoreProfile; + } + + /** + * Sets the TrustStoreProfile. + * + * @param trustStoreProfile + * The TrustStoreProfile. + */ + protected void setTrustStoreProfile(TrustStoreProfile trustStoreProfile) { + this.trustStoreProfile = trustStoreProfile; + } + + /** + * @see iaik.pki.PKIProfile#getValidationProfile() + */ + public ValidationProfile getValidationProfile() { + return validationProfile; + } + + /** + * Sets the ValidationProfile. + * + * @param validationProfile + * The ValidationProfile to set. + */ + protected void setValidationProfile(ValidationProfile validationProfile) { + this.validationProfile = validationProfile; + } + + /** + * @see iaik.pki.PKIProfile#useAuthorityInfoAccess() + */ + public boolean useAuthorityInfoAccess() { + return config.getUseAuthorityInfoAccess(); + } + + /** + * @see iaik.pki.PKIProfile#autoAddCertificates() + */ + @Override + public int autoAddCertificates() { + // TODO AFITZEK TODO IMPLEMENT THIS METHOD + return 0; + } + + @Override + public TrustStoreProfile getIndirectRevocationTrustStoreProfile() { + // TODO AFITZEK TODO IMPLEMENT THIS METHOD + return null; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java new file mode 100644 index 0000000..7e62d60 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java @@ -0,0 +1,131 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.pki.pathvalidation; + +import iaik.pki.pathvalidation.ValidationProfile; + +import java.util.Collections; +import java.util.Set; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; + +/** + * An implementation of the ValidationProfile interface providing + * information about certificat path validation. + * + * @author Patrick Peck + * @version $Id$ + */ +public class ValidationProfileImpl implements ValidationProfile { + + /** The ConfigurationProvider to read the configuration data + * from. */ + private ConfigurationProvider config; + private boolean initialAnyPolicyInhibit; + private boolean initialExplicitPolicy; + private boolean initialPolicyMappingInhibit; + private Set initialPolicySet; + private boolean nameConstraintsProcessing; + private boolean policyProcessing; + + /** + * Create a new ValidationProfileImpl object. + * + * This objects's fields are preset to the following values: + * + * + * + * @param config MOA configuration data for additional configuration + * information (currently unused). + */ + public ValidationProfileImpl(ConfigurationProvider config) { + this.config = config; + initialAnyPolicyInhibit = true; + initialExplicitPolicy = true; + initialPolicyMappingInhibit = true; + initialPolicySet = Collections.EMPTY_SET; + policyProcessing = false; + nameConstraintsProcessing = false; + } + + /** + * @see iaik.pki.pathvalidation.ValidationProfile#getInitialAnyPolicyInhibit() + */ + public boolean getInitialAnyPolicyInhibit() { + return initialAnyPolicyInhibit; + } + + /** + * @see iaik.pki.pathvalidation.ValidationProfile#getInitialExplicitPolicy() + */ + public boolean getInitialExplicitPolicy() { + return initialExplicitPolicy; + } + + /** + * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicyMappingInhibit() + */ + public boolean getInitialPolicyMappingInhibit() { + return initialPolicyMappingInhibit; + } + + /** + * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicySet() + */ + public Set getInitialPolicySet() { + return initialPolicySet; + } + + /** + * @see iaik.pki.pathvalidation.ValidationProfile#getPolicyProcessing() + */ + public boolean getPolicyProcessing() { + return policyProcessing; + } + + /** + * @see iaik.pki.pathvalidation.ValidationProfile#getNameConstraintsProcessing() + */ + public boolean getNameConstraintsProcessing() { + return nameConstraintsProcessing; + } + + /** + * @see iaik.pki.pathvalidation.ValidationProfile#getRevocationChecking() + */ + public boolean getRevocationChecking() + { + return config.getEnableRevocationChecking(); + } + +} \ No newline at end of file diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java new file mode 100644 index 0000000..14627b2 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java @@ -0,0 +1,88 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.pki.revocation; + +import java.security.cert.X509Certificate; + +import iaik.pki.revocation.RevocationProfile; +import iaik.pki.revocation.RevocationSourceTypes; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; + +/** + * An implementation of the RevocationProfile interface providing + * information about revocation status checking, based on MOA configuration + * data. + * + * @author Patrick Peck + * @version $Id$ + */ +public class RevocationProfileImpl implements RevocationProfile { + /** The default service order. */ + private static final String[] DEFAULT_SERVICE_ORDER = + { RevocationSourceTypes.CRL, RevocationSourceTypes.OCSP }; + /** The ConfigurationProvider to read the MOA configuration data + * from. */ + private ConfigurationProvider config; + /** The OCSP request hash algorithm. Currently only "SHA" is supported. */ + private static final String oCSPRequestHashAlgorithm = "SHA"; + + /** + * Create a new RevocationProfileImpl. + * + * @param config The MOA configuration data. + */ + public RevocationProfileImpl(ConfigurationProvider config) { + this.config = config; + // currently only "SHA" is supported +// this.oCSPRequestHashAlgorithm = ""; + } + + /** + * @see iaik.pki.revocation.RevocationProfile#getMaxRevocationAge(String) + */ + public long getMaxRevocationAge(String distributionPointUri) + { + return config.getMaxRevocationAge(); + } + + /** + * @see iaik.pki.revocation.RevocationProfile#getOCSPRequestHashAlgorithm() + */ + public String getOCSPRequestHashAlgorithm() { + return oCSPRequestHashAlgorithm; + } + + /** + * @see iaik.pki.revocation.RevocationProfile#getPreferredServiceOrder(java.security.cert.X509Certificate) + */ + public String[] getPreferredServiceOrder(X509Certificate cert) + { + String[] serviceOrder = config.getServiceOrder(); + if (serviceOrder == null || serviceOrder.length == 0) return DEFAULT_SERVICE_ORDER; + return serviceOrder; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java new file mode 100644 index 0000000..50f237a --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java @@ -0,0 +1,159 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import iaik.pki.store.truststore.TrustStoreProfile; +import iaik.pki.store.truststore.TrustStoreTypes; +import iaik.pki.store.observer.NotificationData; +import iaik.pki.store.observer.Observer; + +import at.gv.egovernment.moa.spss.MOAApplicationException; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.config.TrustProfile; + +/** + * An implementation of the TrustStoreProfile interface, using data + * from the MOA configuration. + * + * @see iaik.pki.store.truststore.TrustStoreProfile + * @author Patrick Peck + * @version $Id$ + */ +public class TrustStoreProfileImpl implements TrustStoreProfile { + + /** The observers of this profile. */ + private List observers = new ArrayList(); + + /** + * The trust profile identifier. + */ + private String id_; + + /** The type of the trust profile. */ + private String type; + /** The URI of the trust profile.*/ + private String URI; + + /** + * Create a new TrustStoreProfileImpl. + * + * @param config The MOA configuration data, from which trust store + * configuration data is read. + * @param trustProfileId The trust profile id on which this + * TrustStoreProfile is based. + * @throws MOAApplicationException The trustProfileId could not + * be found in the MOA configuration. + */ + public TrustStoreProfileImpl( + ConfigurationProvider config, + String trustProfileId) + throws MOAApplicationException { + + TrustProfile tp = (TrustProfile) config.getTrustProfile(trustProfileId); + if (tp != null) + { + id_ = trustProfileId; + setURI(tp.getUri()); + setType(TrustStoreTypes.DIRECTORY); + } + else + { + throw new MOAApplicationException("2203", new Object[] { trustProfileId }); + } + } + + /** + * @see iaik.pki.store.truststore.TrustStoreProfile#getType() + */ + public String getType() { + return type; + } + + /** + * Sets the the trust store type. + * + * @param type The trust store type to set. + */ + protected void setType(String type) { + this.type = type; + } + + /** + * @see iaik.pki.store.truststore.TrustStoreProfile#getURI() + */ + public String getURI() { + return URI; + } + + /** + * Sets the trust store URI. + * + * @param URI The trust store URI to set. + */ + protected void setURI(String URI) { + this.URI = URI; + } + + // + // Methods of iaik.pki.store.observer.Observable interface + // + + /** + * @see iaik.pki.store.observer.Observable#addObserver(iaik.pki.store.observer.Observer) + */ + public void addObserver(Observer observer) { + observers.add(observer); + } + + /** + * @see iaik.pki.store.observer.Observable#removeObserver(iaik.pki.store.observer.Observer) + */ + public boolean removeObserver(Observer observer) { + return observers.remove(observer); + } + + /** + * @see iaik.pki.store.observer.Observable#notify(iaik.pki.store.observer.NotificationData) + */ + public void notify(NotificationData notificationData) { + for (Iterator iter = observers.iterator(); iter.hasNext();) { + Observer observer = (Observer) iter.next(); + observer.notify(notificationData); + } + } + + /** + * @see iaik.pki.store.truststore.TrustStoreProfile#getId() + */ + public String getId() + { + return id_; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java new file mode 100644 index 0000000..cc12861 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java @@ -0,0 +1,67 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import iaik.server.modules.xml.Base64Transformation; + +/** + * An implementation of the Base64Transformation + * Transformation type. + * + * @author Patrick Peck + * @version $Id$ + */ +public class Base64TransformationImpl + extends TransformationImpl + implements Base64Transformation { + + /** + * Create a new Base64TransformationImpl. + * + * @see java.lang.Object#Object() + */ + public Base64TransformationImpl() { + setAlgorithmURI(Base64Transformation.BASE64_DECODING); + } + + /** + * Compare this Base64Transformation to another. + * + * @param other The object to compare thisBase64Transformation + * to. + * @return true, if other is a + * Base64Transformation and the algorithm URIs match, otherwise + * false. + * @see java.lang.Object#equals(Object) + */ + public boolean equals(Object other) { + if (other instanceof Base64Transformation) { + Base64Transformation transform = (Base64Transformation) other; + return getAlgorithmURI().equals(transform.getAlgorithmURI()); + } + return false; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java new file mode 100644 index 0000000..4d627d7 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java @@ -0,0 +1,78 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import java.io.ByteArrayInputStream; +import java.io.InputStream; + +import iaik.server.modules.xml.BinaryDataObject; + +/** + * A BinaryDataObject encapsulating Base64 data. + * + * @author Patrick Peck + * @version $Id$ + */ +public class ByteArrayDataObjectImpl + extends DataObjectImpl + implements BinaryDataObject { + + /** The binary data contained in this BinaryDataObject. */ + private byte[] bytes; + + /** + * Create a new ByteArrayDataObjectImpl. + * + * @param bytes The binary data contained in this + * BinaryDataObject. + */ + public ByteArrayDataObjectImpl(byte[] bytes) { + setBytes(bytes); + } + + /** + * Set the Base64 data. + * + * @param bytes The binary data contained in this + * BinaryDataObject. + */ + public void setBytes(byte[] bytes) { + this.bytes = bytes; + } + + /** + * Return the binary data encoded in the Base64 String as a + * stream. + * + * @return The binary data contained in this object, as a + * InputStream. Repeated calls to this function will return a + * new stream to the Base64 data. + * @see iaik.server.modules.xml.BinaryDataObject#getInputStream() + */ + public InputStream getInputStream() { + return new ByteArrayInputStream(bytes); + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java new file mode 100644 index 0000000..b982c8e --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java @@ -0,0 +1,73 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import java.io.InputStream; + +import iaik.server.modules.xml.BinaryDataObject; + +/** + * A BinaryDataObject encapsulating binary data from a stream. + * + * @author Patrick Peck + * @version $Id$ + */ +public class ByteStreamDataObjectImpl + extends DataObjectImpl + implements BinaryDataObject { + + /** The InputStream containing the binary data. */ + private InputStream inputStream; + + /** + * Create a new ByteStreamDataObjectImpl. + * + * @param inputStream The stream from which to read the binary data. + */ + public ByteStreamDataObjectImpl(InputStream inputStream) { + setInputStream(inputStream); + } + + /** + * Set the input stream from which to read the binary data. + * + * @param inputStream The input stream from which to read the binary data. + */ + public void setInputStream(InputStream inputStream) { + this.inputStream = inputStream; + } + + /** + * Return the binary data from this object as a stream. + * + * @return The stream containing the binary data. Calling this function + * repeatedly will always return the same InputStream. + * @see iaik.server.modules.xml.BinaryDataObject#getInputStream() + */ + public InputStream getInputStream() { + return inputStream; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java new file mode 100644 index 0000000..0c3a8da --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java @@ -0,0 +1,67 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import iaik.server.modules.xml.Canonicalization; + +/** + * An implementation of the CanonicalizationTransform + * Transformation type. + * + * @author Patrick Peck + * @version $Id$ + */ +public class CanonicalizationImpl + extends TransformationImpl + implements Canonicalization { + + /** + * Create a new CanonicalizationTransformImpl object. + * + * @param algorithmURI The canonicalization algorithm URI. + */ + public CanonicalizationImpl(String algorithmURI) { + setAlgorithmURI(algorithmURI); + } + + /** + * Compare this object to another Canonicalization. + * + * @param other The object to compare this + * Canonicalization to. + * @return true, if other is a + * Canonicalization and the algorithm URIs match, otherwise + * false. + * @see java.lang.Object#equals(Object) + */ + public boolean equals(Object other) { + if (other instanceof Canonicalization) { + Canonicalization c14n = (Canonicalization) other; + return getAlgorithmURI().equals(c14n.getAlgorithmURI()); + } + return false; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java new file mode 100644 index 0000000..702caaf --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java @@ -0,0 +1,111 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import iaik.server.modules.xml.DataObject; + +/** + * Abstract base implementation for the classes derived from + * DataObject. + * + * @author Patrick Peck + * @version $Id$ + */ +public abstract class DataObjectImpl implements DataObject { + + /** The MIME type of the data object. */ + private String mimeType; + /** The refernce ID. */ + private String referenceID; + /** The URI of the type. */ + private String typeURI; + /** The URI identifying the data. */ + private String URI; + + /** + * @see iaik.server.modules.xml.DataObject#getMimeType() + */ + public String getMimeType() { + return mimeType; + } + + /** + * Set the mime type. + * + * @param mimeType The mime type to set. + */ + public void setMimeType(String mimeType) { + this.mimeType = mimeType; + } + + /** + * @see iaik.server.modules.xml.DataObject#getReferenceID() + */ + public String getReferenceID() { + return referenceID; + } + + /** + * Set the reference ID. + * + * @param referenceID The reference ID. + */ + public void setReferenceID(String referenceID) { + this.referenceID = referenceID; + } + + /** + * @see iaik.server.modules.xml.DataObject#getTypeURI() + */ + public String getTypeURI() { + return typeURI; + } + + /** + * Set the type URI. + * + * @param typeURI The type URI. + */ + public void setTypeURI(String typeURI) { + this.typeURI = typeURI; + } + + /** + * @see iaik.server.modules.xml.DataObject#getURI() + */ + public String getURI() { + return URI; + } + + /** + * Set the URI. + * + * @param URI The URI. + */ + public void setURI(String URI) { + this.URI = URI; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java new file mode 100644 index 0000000..d582594 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java @@ -0,0 +1,66 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import iaik.server.modules.xml.EnvelopedSignatureTransformation; + +/** + * An implementation of the EnvelopedSignatureTransformation + * Transformation type. + * + * @author Patrick Peck + * @version $Id$ + */ +public class EnvelopedSignatureTransformationImpl + extends TransformationImpl + implements EnvelopedSignatureTransformation { + + /** + * Create a new EnvelopedSignatureTransformationImpl. + */ + public EnvelopedSignatureTransformationImpl() { + setAlgorithmURI(EnvelopedSignatureTransformation.ENVELOPED_SIGNATURE); + } + + /** + * Compare this object to another EnvelopedSignatureTransformation. + * + * @param other The object to compare this + * EnvelopedSignatureTransformation to. + * @return true, if other is a + * EnvelopedSignatureTransformation, otherwise + * false. + * @see java.lang.Object#equals(Object) + */ + public boolean equals(Object other) { + if (other instanceof EnvelopedSignatureTransformation) { + EnvelopedSignatureTransformation transform = + (EnvelopedSignatureTransformation) other; + return getAlgorithmURI().equals(transform.getAlgorithmURI()); + } + return false; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java new file mode 100644 index 0000000..dfadf0c --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java @@ -0,0 +1,100 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import java.util.List; + +import iaik.server.modules.xml.ExclusiveCanonicalization; + +/** + * An implementation of the ExclusiveCanonicalization type + * of Transformation. + * + * @author Patrick Peck + * @version $Id$ + */ +public class ExclusiveCanonicalizationImpl + extends TransformationImpl + implements ExclusiveCanonicalization { + + /** The prefixes of the namespaces to treat according to canonical XML. */ + private List inclusiveNamespacePrefixes; + + /** + * Create a new ExclusiveCanonicalizationImpl object. + * + * @param algorithmURI The exclusive canonicalization algorithm URI. + * @param inclusiveNamespacePrefixes The namespace prefixes to be processed + * according to canonical XML. + */ + public ExclusiveCanonicalizationImpl( + String algorithmURI, + List inclusiveNamespacePrefixes) { + setAlgorithmURI(algorithmURI); + setInclusiveNamespacePrefixes(inclusiveNamespacePrefixes); + } + + /** + * Sets the namespace prefixes to be processed according to canonical XML. + * + * @param inclusiveNamespacePrefixes The prefixes of the namespaces to treat + * according to canonical XML. + */ + protected void setInclusiveNamespacePrefixes(List inclusiveNamespacePrefixes) { + this.inclusiveNamespacePrefixes = inclusiveNamespacePrefixes; + } + + /** + * @see iaik.server.modules.xml.ExclusiveCanonicalization#getInclusiveNamespacePrefixes() + */ + public List getInclusiveNamespacePrefixes() { + return inclusiveNamespacePrefixes; + } + + /** + * Compare this object to another CanonicalizationTransform. + * + * @param other The object to compare this + * ExclusiveCanonicalization to. + * @return true, if other is a + * ExclusiveCanonicalization and the algorithm URIs match, + * otherwise false. + * @see java.lang.Object#equals(Object) + */ + public boolean equals(Object other) { + if (other instanceof ExclusiveCanonicalization) { + ExclusiveCanonicalization eC14n = + (ExclusiveCanonicalization) other; + boolean algURIEquals = getAlgorithmURI().equals(eC14n.getAlgorithmURI()); + boolean inclNSPrefs = + (getInclusiveNamespacePrefixes() == null || getInclusiveNamespacePrefixes().isEmpty()) + ? eC14n.getInclusiveNamespacePrefixes() == null || eC14n.getInclusiveNamespacePrefixes().isEmpty() + : getInclusiveNamespacePrefixes().equals(eC14n.getInclusiveNamespacePrefixes()); + return algURIEquals && inclNSPrefs; + } + return false; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java new file mode 100644 index 0000000..9026d33 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java @@ -0,0 +1,58 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import java.util.Date; + +import iaik.server.modules.xml.SigningTime; + +/** + * An implementation of the SigningTime Property. + * + * @author Patrick Peck + * @version $Id$ + */ +public class SigningTimeImpl implements SigningTime { + + /** The signing time. */ + private Date signingTime; + + /** + * Create a new SigningTimeImpl. + * + * @param signingTime The signing time. + */ + public SigningTimeImpl(Date signingTime) { + this.signingTime = signingTime; + } + + /** + * @see iaik.server.modules.xml.SigningTime#getSigningTime() + */ + public Date getSigningTime() { + return signingTime; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java new file mode 100644 index 0000000..1595446 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java @@ -0,0 +1,67 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import iaik.server.modules.xml.Transformation; + +/** + * Base implementation class for Transformation derived classes. + * + * @author Patrick Peck + * @version $Id$ + */ +public abstract class TransformationImpl implements Transformation { + + /** The algorithm URI identifying the transformation algorithm. */ + private String algorithmURI; + + /** + * @see iaik.server.modules.xml.Transformation#getAlgorithmURI() + */ + public String getAlgorithmURI() { + return algorithmURI; + } + + /** + * Sets the algorithm URI. + * + * @param algorithmURI The algorithm URI to set. + */ + protected void setAlgorithmURI(String algorithmURI) { + this.algorithmURI = algorithmURI; + } + + /** + * Returns the hash code of the algorithm URI. Should be overridden if a + * transformation distinguishes itself from others by more than just the + * algorithm URI. + * + * @see java.lang.Object#hashCode() + */ + public int hashCode() { + return getAlgorithmURI().hashCode(); + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java new file mode 100644 index 0000000..e8444b9 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java @@ -0,0 +1,70 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import org.w3c.dom.Element; + +import iaik.server.modules.xml.XMLDataObject; + +/** + * A DataObject containing a single DOM element. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XMLDataObjectImpl + extends DataObjectImpl + implements XMLDataObject { + + /** The XML data contained in this XMLDataObject. */ + private Element element; + + /** + * Create a new XMLDataObjectImpl. + * + * @param element The DOM element contained in this + * XMLDataObject. + */ + public XMLDataObjectImpl(Element element) { + setElement(element); + } + + /** + * @see iaik.server.modules.xml.XMLDataObject#getElement() + */ + public Element getElement() { + return element; + } + + /** + * Set the DOM element contained in this XMLDataObject. + * + * @param element The DOM element to set. + */ + public void setElement(Element element) { + this.element = element; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java new file mode 100644 index 0000000..2fb9df9 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java @@ -0,0 +1,71 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import org.w3c.dom.NodeList; + +import iaik.server.modules.xml.XMLNodeListDataObject; + +/** + * A DataObject containing a list of DOM nodes. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XMLNodeListDataObjectImpl + extends DataObjectImpl + implements XMLNodeListDataObject { + + /** The nodes contained in this XMLNodeListDataObject. */ + private NodeList nodeList; + + /** + * Create a new XMLNodeListDataObjectImpl. + * + * @param nodeList The list of DOM nodes contained in this + * XMLNodeListDataObject. + */ + public XMLNodeListDataObjectImpl(NodeList nodeList) { + setNodeList(nodeList); + } + + /** + * Set the list of DOM nodes contained in this + * XMLNodeListDataObject. + * + * @param nodeList The list of DOM nodes to set. + */ + public void setNodeList(NodeList nodeList) { + this.nodeList = nodeList; + } + + /** + * @see iaik.server.modules.xml.XMLNodeListDataObject#getNodeList() + */ + public NodeList getNodeList() { + return nodeList; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java new file mode 100644 index 0000000..0774726 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java @@ -0,0 +1,67 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import org.w3c.dom.Element; + +import iaik.server.modules.xml.XMLSignature; + +/** + * An object containing an XMLDsig signature in the form of a + * dsig:Signature DOM element. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XMLSignatureImpl implements XMLSignature { + /** The signature DOM element. */ + private Element element; + + /** + * Create a new XMLSignatureImpl. + * + * @param element The dsig:Signature DOM element. + */ + public XMLSignatureImpl(Element element) { + setElement(element); + } + + /** + * Set the dsig:Signature DOM element. + * + * @param element The dsig:Signature element to set. + */ + public void setElement(Element element) { + this.element = element; + } + + /** + * @see iaik.server.modules.xml.XMLSignature#getElement() + */ + public Element getElement() { + return element; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java new file mode 100644 index 0000000..d309302 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java @@ -0,0 +1,140 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import java.util.Map; + +import iaik.server.modules.xml.XPath2Transformation; +import iaik.server.modules.xml.XPath2Transformation.XPath2Filter; + +/** + * An object encapsulating an XPath-Filter2 expression. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XPath2FilterImpl implements XPath2Filter { + + /** The type of this filter. */ + private String filterType; + /** The XPath expression of this filter. */ + private String xPathExpression; + /** The namespace prefix to URI mapping to use for evaluating the XPath. */ + private Map namespaceDeclarations; + + /** + * Create a new XPath2FilterImpl object. + * + * @param filterType The type of filter. Must be one of the filter type + * constants declared in iaik.server.modules.xml.XPath2Transformation.XPath2Filter + * @param xPathExpression The XPath expression belonging to this filter. + * @param namespaceDeclarations The namespace declarations visible for this + * XPath2Filter. + */ + public XPath2FilterImpl( + String filterType, + String xPathExpression, + Map namespaceDeclarations) { + + setFilterType(filterType); + setXPathExpression(xPathExpression); + setNamespaceDeclarations(namespaceDeclarations); + } + + /** + * @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getFilterType() + */ + public String getFilterType() { + return filterType; + } + + /** + * Set the filter type. + * + * @param filterType The filter type to set. + */ + protected void setFilterType(String filterType) { + this.filterType = filterType; + } + + /** + * @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getXPathExpression() + */ + public String getXPathExpression() { + return xPathExpression; + } + + /** + * Set the XPath expression. + * + * @param xPathExpression The XPath expression to set. + */ + protected void setXPathExpression(String xPathExpression) { + this.xPathExpression = xPathExpression; + } + + /** + * @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getNamespaceDeclarations() + */ + public Map getNamespaceDeclarations() { + return namespaceDeclarations; + } + + /** + * Set the namespace declarations. + * + * @param namespaceDeclarations The mapping between namespace prefixes and + * their associated URI. + */ + protected void setNamespaceDeclarations(Map namespaceDeclarations) { + this.namespaceDeclarations = namespaceDeclarations; + } + + /** + * Compare this object to another. + * + * @param other The object to compare this XPath2Filter to. + * @return true, if other is a + * XPath2Filter and the filter types match and the XPath + * expressions match. Otherwise false is returned. + * @see java.lang.Object#equals(java.lang.Object) + */ + public boolean equals(Object other) { + if (other instanceof XPath2Transformation.XPath2Filter) { + XPath2Filter filter = (XPath2Transformation.XPath2Filter) other; + return getFilterType().equals(filter.getFilterType()) + && getXPathExpression().equals(filter.getXPathExpression()); + } + return false; + } + + /** + * @see java.lang.Object#hashCode() + */ + public int hashCode() { + return getXPathExpression().hashCode() * 31 + getFilterType().hashCode(); + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java new file mode 100644 index 0000000..f483b18 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java @@ -0,0 +1,106 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import iaik.server.modules.xml.XPath2Transformation; + +/** + * An object encapsulating a Transformation containing several + * XPath-Filter2 expressions. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XPath2TransformationImpl + extends TransformationImpl + implements XPath2Transformation { + + /** The filters contained in this XPath2Transformation */ + private List xPathFilters = new ArrayList(); + + /** + * Create a new XPath2TransformationImpl. + * + * The list of XPath-Filter2 expression is initially empty. + */ + public XPath2TransformationImpl() { + setAlgorithmURI(XPath2Transformation.XPATH2); + } + + /** + * @see iaik.server.modules.xml.XPath2Transformation#getXPathFilters() + */ + public List getXPathFilters() { + return xPathFilters; + } + + /** + * Add an XPath-Filter2 expression to the list of filters. + * + * @param filter The filter to add. + */ + public void addXPathFilter(XPath2Filter filter) { + xPathFilters.add(filter); + } + + /** + * Compare this XPath2Transformation to another. + * + * @param other The object to compare this + * XPath2Transformation to. + * @return true, if other is an + * XPath2Transformation and getXPathFilters() equals + * other.getXPathFilters(). Otherwise false is + * returned. + * @see java.lang.Object#equals(Object) + */ + public boolean equals(Object other) { + if (other instanceof XPath2Transformation) { + XPath2Transformation transform = (XPath2Transformation) other; + + return getXPathFilters().equals(transform.getXPathFilters()); + } + return false; + } + + /** + * @see java.lang.Object#hashCode() + */ + public int hashCode() { + Iterator iter = getXPathFilters().iterator(); + int hashCode = 0; + + while (iter.hasNext()) { + hashCode ^= iter.next().hashCode(); + } + + return hashCode; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java new file mode 100644 index 0000000..06cc319 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java @@ -0,0 +1,122 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import java.util.Map; + +import iaik.server.modules.xml.XPathTransformation; + +/** + * A Transformation containing an XPath expression. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XPathTransformationImpl + extends TransformationImpl + implements XPathTransformation { + + /** The XPath expression. */ + private String xPathExpression; + /** The namespace prefix to URI mapping to use for XPath evaluation. */ + private Map namespaceDeclarations; + + /** + * Create a new XPathTransformationImpl. + * + * The namespace declarations are initialized empty. + * + * @param xPathExpression The XPath expression this object will contain. + * @param namespaceDeclarations The namespace declarations visible for this + * XPath. + */ + public XPathTransformationImpl( + String xPathExpression, + Map namespaceDeclarations) { + + setAlgorithmURI(XPathTransformation.XPATH); + setXPathExpression(xPathExpression); + setNamespaceDeclarations(namespaceDeclarations); + } + + /** + * Set the XPath expression. + * + * @param xPathExpression The XPath expression. + */ + protected void setXPathExpression(String xPathExpression) { + this.xPathExpression = xPathExpression; + } + + /** + * @see iaik.server.modules.xml.XPathTransformation#getXPathExpression() + */ + public String getXPathExpression() { + return xPathExpression; + } + + /** + * @see iaik.server.modules.xml.XPathTransformation#getNamespaceDeclarations() + */ + public Map getNamespaceDeclarations() { + return namespaceDeclarations; + } + + /** + * Set the namespace declarations. + * + * @param namespaceDeclarations The mapping between namespace prefixes and + * their associated URI. + */ + protected void setNamespaceDeclarations(Map namespaceDeclarations) { + this.namespaceDeclarations = namespaceDeclarations; + } + + /** + * Compare this XPathTransformation to another. + * + * @param other The object to compare this + * XPathTransformation to. + * @return true, if other is an + * XPathTransformation and if this object contains the same XPath + * expression as other. Otherwise false is returned. + * @see java.lang.Object#equals(Object) + */ + public boolean equals(Object other) { + if (other instanceof XPathTransformation) { + XPathTransformation transform = (XPathTransformation) other; + return getXPathExpression().equals(transform.getXPathExpression()); + } + return false; + } + + /** + * @see java.lang.Object#hashCode() + */ + public int hashCode() { + return getXPathExpression().hashCode(); + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java new file mode 100644 index 0000000..1c5d26a --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java @@ -0,0 +1,217 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.gv.egovernment.moa.spss.server.iaik.xml; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.security.InvalidAlgorithmParameterException; +import java.security.NoSuchAlgorithmException; +import java.util.Collections; + +import javax.xml.crypto.dsig.CanonicalizationMethod; +import javax.xml.crypto.dsig.TransformException; +import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec; + +import org.w3c.dom.Element; +import org.w3c.dom.NodeList; + +import at.gv.egovernment.moa.spss.util.NodeListToNodeSetDataAdapter; +import at.gv.egovernment.moa.util.NodeListAdapter; +import at.gv.egovernment.moa.util.StreamUtils; +import at.gv.egovernment.moa.util.XPathException; +import at.gv.egovernment.moa.util.XPathUtils; +import iaik.server.modules.xml.XSLTTransformation; +import iaik.xml.crypto.dsig.XMLSignatureFactory; + +/** + * A Transformation containing an XSLT transformation. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XSLTTransformationImpl extends TransformationImpl implements XSLTTransformation { + + /** The XSLT stylesheet. */ + private Element styleSheetElement; + /** + * The hash code of the canonicalized stylesheet. If calculated, this value + * should be != 0. + */ + private int hashCode; + + /** + * Create a new XSLTTransformationImpl object. + * + * @param styleSheetElement + * The XSLT stylesheet element. + */ + public XSLTTransformationImpl(Element styleSheetElement) { + setAlgorithmURI(XSLTTransformation.XSLT); + setStyleSheetElement(styleSheetElement); + } + + /** + * Set the XSLT stylesheet element. + * + * @param styleSheetElement + * The XSLT stylesheet element to set. + */ + protected void setStyleSheetElement(Element styleSheetElement) { + this.styleSheetElement = styleSheetElement; + this.hashCode = 0; + } + + /** + * @see iaik.server.modules.xml.XSLTTransformation#getStylesheetElement() + */ + public Element getStylesheetElement() { + return styleSheetElement; + } + + /** + * Compare this XSLTTransformation to another. + * + * @param other + * The object to compare this XSLTTransformation to. + * @return true, if other is an + * XSLTTransformation and if the canonicalized + * representations of the stylesheets contained in this + * and other match. Otherwise, false is + * returned. + * @see java.lang.Object#equals(Object) + */ + public boolean equals(Object other) { + if (other instanceof XSLTTransformation) { + XSLTTransformation xslt = (XSLTTransformation) other; + + return compareElements(getStylesheetElement(), xslt.getStylesheetElement()); + } + return false; + } + + /** + * @see java.lang.Object#hashCode() + */ + public int hashCode() { + if (hashCode == 0) { + hashCode = calculateHashCode(getStylesheetElement()); + } + return hashCode; + } + + /** + * Calculate the hash code for a DOM element by canonicalizing it. + * + * @param element + * The DOM element for which the hash code is to be calculated. + * @return int The hash code, or 0, if it could not be + * calculated. + */ + private static int calculateHashCode(Element element) { + try { + InputStream is = canonicalize(element); + byte[] buf = new byte[256]; + int hashCode = 1; + int length; + int i; + + while ((length = is.read(buf)) > 0) { + for (i = 0; i < length; i++) { + hashCode += buf[i] * 31 + i; + } + } + is.close(); + return hashCode; + } catch (IOException e) { + return 0; + } catch (NoSuchAlgorithmException e) { + return 0; + } catch (InvalidAlgorithmParameterException e) { + return 0; + } catch (TransformException e) { + return 0; + } + } + + /** + * Compare two DOM elements by canonicalizing their contents and comparing + * the resulting byte stream. + * + * @param elem1 + * The 1st element to compare. + * @param elem2 + * The 2nd element to compare. + * @return boolean true, if the elements are considered equal + * after canonicalization. Otherwise false is returned. + */ + private static boolean compareElements(Element elem1, Element elem2) { + try { + InputStream is1 = canonicalize(elem1); + InputStream is2 = canonicalize(elem2); + return StreamUtils.compareStreams(is1, is2); + } catch (IOException e) { + return false; + } catch (NoSuchAlgorithmException e) { + return false; + } catch (InvalidAlgorithmParameterException e) { + return false; + } catch (TransformException e) { + return false; + } + } + + /** + * Canonicalize a DOM element. + * + * @param element The element to canonicalize. + * @return InputStream A stream with the canonicalized data. + * @throws InvalidAlgorithmParameterException + * @throws IOException + * @throws TransformException + * @throws AlgorithmException An error occurred canonicalizing the element. + */ + private static InputStream canonicalize(Element element) + throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, IOException, TransformException { + CanonicalizationMethod canonicalizationMethod = XMLSignatureFactory.getInstance().newCanonicalizationMethod( + CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec()); + + //CanonicalizationAlgorithm c14n = + // new CanonicalizationAlgorithmImplExclusiveCanonicalXML(); + NodeList nodeList; + + try { + nodeList = XPathUtils.selectNodeList(element, XPathUtils.ALL_NODES_XPATH); + } catch (XPathException e) { + nodeList = new NodeListAdapter(Collections.EMPTY_LIST); + } + //c14n.setInput(nodeList); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + canonicalizationMethod.transform(new NodeListToNodeSetDataAdapter(nodeList), null, baos); + baos.close(); + return new ByteArrayInputStream(baos.toByteArray()); + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java new file mode 100644 index 0000000..310f2dd --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java @@ -0,0 +1,174 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xmlsign; + +import java.util.List; + +import iaik.server.modules.xmlsign.DataObjectTreatment; + +import at.gv.egovernment.moa.spss.server.util.IdGenerator; + +/** + * An object encapsulating how to treat an associated DataObject + * when creating a signature. + * + * @author Patrick Peck + * @version $Id$ + */ +public class DataObjectTreatmentImpl implements DataObjectTreatment { + /** The final content MIME type. */ + private String finalContentType; + /** The name of the hash algorithm. */ + private String hashAlgorithmName; + /** This transformations to apply to the associated data object. */ + private List transformationList; + /** Supplemental information for the transformations. */ + private List transformationSupplements; + /** Whether to include the associated data object in the signature. */ + private boolean includedInSignature; + /** Whether to include the associated data object in the manifest. */ + private boolean referenceInManifest; + /** The object ID generator. */ + private IdGenerator objIdGen; + + /** + * Create a new DataObjectTreatmentImpl. + * + * @param objIdGen The IdGenerator for unique object IDs. + */ + public DataObjectTreatmentImpl(IdGenerator objIdGen) { + this.objIdGen = objIdGen; + } + + /** + * @see iaik.server.modules.xmlsign.DataObjectTreatment#getFinalContentType() + */ + public String getFinalContentType() { + return finalContentType; + } + + /** + * Sets the final content type. + * + * @param finalContentType The final content type to set (a MIME-type type of + * String). + */ + public void setFinalContentType(String finalContentType) { + this.finalContentType = finalContentType; + } + + /** + * @see iaik.server.modules.xmlsign.DataObjectTreatment#getHashAlgorithmName() + */ + public String getHashAlgorithmName() { + return hashAlgorithmName; + } + + /** + * Sets the hash algorithm name. + * + * @param hashAlgorithmName The hash algorithm name to set. + */ + public void setHashAlgorithmName(String hashAlgorithmName) { + this.hashAlgorithmName = hashAlgorithmName; + } + + /** + * @see iaik.server.modules.xmlsign.DataObjectTreatment#isIncludedInSignature() + */ + public boolean isIncludedInSignature() { + return includedInSignature; + } + + /** + * Sets whether the associated DataObject is to be included in + * the signature. + * + * @param includedInSignature If true, the associated + * DataObject will be included in the signature, otherwise not. + */ + public void setIncludedInSignature(boolean includedInSignature) { + this.includedInSignature = includedInSignature; + } + + /** + * @see iaik.server.modules.xmlsign.DataObjectTreatment#isReferenceInManifest() + */ + public boolean isReferenceInManifest() { + return referenceInManifest; + } + + /** + * Sets whether the associated DataObject is + * to be included in the dsig:Manifest. + * + * @param referenceInManifest If true, the associated + * DataObject will be included in the manifest, otherwise not. + */ + public void setReferenceInManifest(boolean referenceInManifest) { + this.referenceInManifest = referenceInManifest; + } + + /** + * @see iaik.server.modules.xmlsign.DataObjectTreatment#getTransformationList() + */ + public List getTransformationList() { + return transformationList; + } + + /** + * Set the list of transformations for the associated DataObject. + * + * @param transformationList The transformations to set. + */ + public void setTransformationList(List transformationList) { + this.transformationList = transformationList; + } + + /** + * @see iaik.server.modules.xmlsign.DataObjectTreatment#getTransformationSupplements() + */ + public List getTransformationSupplements() { + return transformationSupplements; + } + + /** + * Sets the transformation supplements for the associated + * DataObject. + * + * @param transformationSupplements The transformation supplements to set. + */ + public void setTransformationSupplements(List transformationSupplements) { + this.transformationSupplements = transformationSupplements; + } + + /** + * @see iaik.server.modules.xmlsign.DataObjectTreatment#getDsigDataObjectID() + */ + public String getDsigDataObjectID() { + return objIdGen.uniqueId(); + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java new file mode 100644 index 0000000..7d0c5a0 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java @@ -0,0 +1,399 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xmlsign; + +import iaik.server.modules.algorithms.SignatureAlgorithms; +import iaik.server.modules.keys.AlgorithmUnavailableException; +import iaik.server.modules.keys.KeyEntryID; +import iaik.server.modules.keys.KeyModule; +import iaik.server.modules.keys.KeyModuleFactory; +import iaik.server.modules.keys.UnknownKeyException; +import iaik.server.modules.xml.Canonicalization; +import iaik.server.modules.xmlsign.XMLSignatureCreationProfile; +import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation; + +import java.util.List; +import java.util.Set; + +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.spss.server.logging.TransactionId; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; +import at.gv.egovernment.moa.spss.server.util.IdGenerator; + +/** + * An object providing auxiliary information for creating an XML signature. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XMLSignatureCreationProfileImpl + implements XMLSignatureCreationProfile { + + /** The transformations to apply to a data object. */ + private List dataObjectTreatmentList; + /** The set of keys available to the signing process. */ + private Set keySet; + /** The type URI of the signature manifest. */ + private String securityLayerManifestTypeURI; + /** Whether the created signature is to be Security Layer conform. */ + private boolean securityLayerConform; + /** Where to insert the signature into the signature environment. */ + private XMLSignatureInsertionLocation signatureInsertionLocation; + /** The signature structur type. */ + private String signatureStructureType; + /** The type of Canonicalization to use for the signed info. */ + private Canonicalization signedInfoCanonicalization; + /** Properties to be signed during signature creation. */ + private List signedProperties; + /** The ID generator for signature IDs. */ + private IdGenerator signatureIDGenerator; + /** The ID generator for manifst IDs. */ + private IdGenerator manifestIDGenerator; + /** The ID generator for XMLDsig manifest IDs. */ + private IdGenerator dsigManifestIDGenerator; + /** The ID generator for signed property IDs. */ + private IdGenerator propertyIDGenerator; + /** The selected digest method algorithm if XAdES 1.4.2 is used */ + private String digestMethodXAdES142; + + + /** + * Create a new XMLSignatureCreationProfileImpl. + * + * @param createProfileCount Provides external information about the + * number of calls to the signature creation module, using the same request. + * @param reservedIDs The set of IDs that must not be used while generating + * new IDs. + */ + public XMLSignatureCreationProfileImpl( + int createProfileCount, + Set reservedIDs, + String digestMethodXAdES142) { + signatureIDGenerator = + new IdGenerator("signature-" + createProfileCount, reservedIDs); + manifestIDGenerator = + new IdGenerator("manifest-" + createProfileCount, reservedIDs); + dsigManifestIDGenerator = + new IdGenerator("dsig-manifest-" + createProfileCount, reservedIDs); + propertyIDGenerator = + new IdGenerator("etsi-signed-" + createProfileCount, reservedIDs); + this.digestMethodXAdES142 = digestMethodXAdES142; + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getDataObjectTreatmentList() + */ + public List getDataObjectTreatmentList() { + return dataObjectTreatmentList; + } + + /** + * Sets the list of DataObjectTreatments. + * + * @param dataObjectTreatmentList The DataObjectTreatments to + * set. + */ + public void setDataObjectTreatmentList(List dataObjectTreatmentList) { + this.dataObjectTreatmentList = dataObjectTreatmentList; + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getKeySet() + */ + public Set getKeySet() { + return keySet; + } + + /** + * Set the set of KeyEntryIDs which may be used for signature + * creation. + * + * @param keySet The set of KeyEntryIDs to set. + */ + public void setKeySet(Set keySet) { + this.keySet = keySet; + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSecurityLayerManifestTypeURI() + */ + public String getSecurityLayerManifestTypeURI() { + return securityLayerManifestTypeURI; + } + + /** + * Set the SecurityLayerManifestTypeURI. + * + * @param securityLayerManifestTypeURI The SecurityLayerManifestTypeURI to + * set. + */ + public void setSecurityLayerManifestTypeURI(String securityLayerManifestTypeURI) { + this.securityLayerManifestTypeURI = securityLayerManifestTypeURI; + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureAlgorithmName(KeyEntryID) + */ + public String getSignatureAlgorithmName(KeyEntryID selectedKeyID) + throws AlgorithmUnavailableException { + + TransactionContext context = + TransactionContextManager.getInstance().getTransactionContext(); + TransactionId tid = new TransactionId(context.getTransactionID()); + KeyModule module = KeyModuleFactory.getInstance(tid); + Set algorithms; + + try { + algorithms = module.getSupportedSignatureAlgorithms(selectedKeyID); + } catch (UnknownKeyException e) { + throw new AlgorithmUnavailableException( + "Unknown key entry: " + selectedKeyID, + e, + null); + } + + if (digestMethodXAdES142 == null) { + // XAdES 1.4.2 not enabled - legacy MOA + if (algorithms.contains(SignatureAlgorithms.MD2_WITH_RSA) + || algorithms.contains(SignatureAlgorithms.MD5_WITH_RSA) + || algorithms.contains(SignatureAlgorithms.RIPEMD128_WITH_RSA) + || algorithms.contains(SignatureAlgorithms.RIPEMD160_WITH_RSA) + || algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA) + || algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) { + + return SignatureAlgorithms.SHA1_WITH_RSA; + } else if ( + algorithms.contains(SignatureAlgorithms.ECDSA)) { + return SignatureAlgorithms.ECDSA; + } else if ( + algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } + else { + // XAdES 1.4.2 is enabled: select signature algorithm according to selected digest method + if (digestMethodXAdES142.compareTo("SHA-1") == 0) { + Logger.warn("XAdES version 1.4.2 is enabled, but SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)"); + + if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) { + return SignatureAlgorithms.SHA1_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) { + return SignatureAlgorithms.ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + + } else if (digestMethodXAdES142.compareTo("SHA-256") == 0) { + if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) { + return SignatureAlgorithms.SHA256_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) { + return SignatureAlgorithms.SHA256_WITH_ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } else if (digestMethodXAdES142.compareTo("SHA-384") == 0) { + if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) { + return SignatureAlgorithms.SHA384_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) { + return SignatureAlgorithms.SHA384_WITH_ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } else if (digestMethodXAdES142.compareTo("SHA-512") == 0) { + if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) { + return SignatureAlgorithms.SHA512_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) { + return SignatureAlgorithms.SHA512_WITH_ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } + else { + throw new AlgorithmUnavailableException( + "No signature algorithm found for digest algorithm '" + digestMethodXAdES142, + null, + null); + } + + } + + + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureInsertionLocation() + */ + public XMLSignatureInsertionLocation getSignatureInsertionLocation() { + return signatureInsertionLocation; + } + + /** + * Set the location where the signature is to be inserted into the signature + * parent. + * + * @param signatureInsertionLocation The location to set. + */ + public void setSignatureInsertionLocation(XMLSignatureInsertionLocation signatureInsertionLocation) { + this.signatureInsertionLocation = signatureInsertionLocation; + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureStructureType() + */ + public String getSignatureStructureType() { + return signatureStructureType; + } + + /** + * Set the signature structure type. + * @param signatureStructureType The signature structure type to set. + */ + public void setSignatureStructureType(String signatureStructureType) { + this.signatureStructureType = signatureStructureType; + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedInfoCanonicalization() + */ + public Canonicalization getSignedInfoCanonicalization() { + return signedInfoCanonicalization; + } + + /** + * Sets the canonicalization method to use for the SignedInfo object. + * + * @param signedInfoCanonicalization The canonicalization method to set. + */ + public void setSignedInfoCanonicalization(Canonicalization signedInfoCanonicalization) { + this.signedInfoCanonicalization = signedInfoCanonicalization; + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedProperties() + */ + public List getSignedProperties() { + return signedProperties; + } + + /** + * Set the signed properties. + * + * @param signedProperties The signed properties to set. + */ + public void setSignedProperties(List signedProperties) { + this.signedProperties = signedProperties; + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#isSecurityLayerConform() + */ + public boolean isSecurityLayerConform() { + return securityLayerConform; + } + + /** + * Sets the security layer conformity. + * + * @param securityLayerConform true, if the created signature + * is to be conform to the Security Layer specification. + */ + public void setSecurityLayerConform(boolean securityLayerConform) { + this.securityLayerConform = securityLayerConform; + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureID() + */ + public String getSignatureID() { + return signatureIDGenerator.uniqueId(); + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSecurityLayerManifestID() + */ + public String getSecurityLayerManifestID() { + return manifestIDGenerator.uniqueId(); + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getDsigManifestID() + */ + public String getDsigManifestID() { + return dsigManifestIDGenerator.uniqueId(); + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedPropertiesID() + */ + public String getSignedPropertiesID() { + return propertyIDGenerator.uniqueId(); + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getPermitFileURIs() + */ + public boolean getPermitFileURIs() { + return false; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java new file mode 100644 index 0000000..90c1f49 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java @@ -0,0 +1,69 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xmlsign; + +import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation; + +/** + * An object giving the location of where the signature will be + * inserted into the parent element. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XMLSignatureInsertionLocationImpl + implements XMLSignatureInsertionLocation { + + /** Where to put the signature into the signature parent element. */ + private int signatureChildIndex; + + /** + * Create a new XMLSignatureInsertLocationImpl. + * + * @param signatureChildIndex The position index at which to append the + * signature to the parent element. + */ + public XMLSignatureInsertionLocationImpl(int signatureChildIndex) { + setSignatureChildIndex(signatureChildIndex); + } + + /** + * @see iaik.server.modules.xmlsign.XMLSignatureInsertionLocation#getSignatureChildIndex() + */ + public int getSignatureChildIndex() { + return signatureChildIndex; + } + + /** + * Sets the position index at which to append the signature to the parent + * element. + * + * @param signatureChildIndex The position index to set. + */ + public void setSignatureChildIndex(int signatureChildIndex) { + this.signatureChildIndex = signatureChildIndex; + } + +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java new file mode 100644 index 0000000..f4c9126 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java @@ -0,0 +1,177 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-SPSS has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.spss.server.iaik.xmlverify; + +import java.util.List; + +import iaik.pki.PKIProfile; +import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile; + +/** + * An object providing auxiliary information for verifying an XML signature. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XMLSignatureVerificationProfileImpl + implements XMLSignatureVerificationProfile { + + /** Whether to check the Security Layer manifest. */ + private boolean checkSecurityLayerManifest; + /** Whether to check the XMLDsig manifest. */ + private boolean checkXMLDsigManifests; + /** The profile for validating the signer certificate. */ + private PKIProfile certificateValidationProfile; + /** Supplements for the transformations. */ + private List transformationSupplements; + /** Whether to include hash input data in the response. */ + private boolean includeHashInputData; + /** Whether to include reference input data in the response. */ + private boolean includeReferenceInputData; + /** Whether the file URIs are permitted */ + private boolean permitFileURIs; + /** + * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#checkSecurityLayerManifest() + */ + public boolean checkSecurityLayerManifest() { + return checkSecurityLayerManifest; + } + + /** + * Set whether to check the references in the Security Layer manifest. + * + * @param checkSecurityLayerManifest true, if the references + * in the Security Layer manifest must be checked. + */ + public void setCheckSecurityLayerManifest(boolean checkSecurityLayerManifest) { + this.checkSecurityLayerManifest = checkSecurityLayerManifest; + } + + /** + * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#checkXMLDsigManifests() + */ + public boolean checkXMLDsigManifests() { + return checkXMLDsigManifests; + } + + /** + * Sets whether to check the references of all XML Dsig manifests. + * + * @param checkXMLDSigManifests true, if the references in the + * XML Dsig manifest must be checked. + */ + public void setCheckXMLDsigManifests(boolean checkXMLDSigManifests) { + this.checkXMLDsigManifests = checkXMLDSigManifests; + } + + /** + * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getCertificateValidationProfile() + */ + public PKIProfile getCertificateValidationProfile() { + return certificateValidationProfile; + } + + /** + * Sets the profile for validating the signer certificate. + * + * @param certificateValidationProfile The certificate validation profile to + * set. + */ + public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) { + this.certificateValidationProfile = certificateValidationProfile; + } + + /** + * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getTransformationSupplements() + */ + public List getTransformationSupplements() { + return transformationSupplements; + } + + /** + * Sets the transformation supplements. + * + * @param transformationSupplements The transformation supplements to set. + */ + public void setTransformationSupplements(List transformationSupplements) { + this.transformationSupplements = transformationSupplements; + } + + /** + * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#includeHashInputData() + */ + public boolean includeHashInputData() { + return includeHashInputData; + } + + /** + * Set whether to include the hash input data in the result. + * + * @param includeHashInputData If true, the hash input data + * will be returned in the result. + */ + public void setIncludeHashInputData(boolean includeHashInputData) { + this.includeHashInputData = includeHashInputData; + } + + /** + * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#includeReferenceInputData() + */ + public boolean includeReferenceInputData() { + return includeReferenceInputData; + } + + /** + * Set whether to include the reference input data in the result. + * + * @param includeReferenceInputData If true, the reference + * input data will be included in the result. + */ + public void setIncludeReferenceInputData(boolean includeReferenceInputData) { + this.includeReferenceInputData = includeReferenceInputData; + } + + /** + * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getPermitFileURIs() + */ + public boolean getPermitFileURIs() { + return permitFileURIs; + } + + /** + * Set whether the file URIs are permitted or not + * + * @param permitFileURIs whether the file URIs are permitted or not + */ + public void setPermitFileURIs(boolean permitFileURIs) + { + this.permitFileURIs = permitFileURIs; + } + + @Override + public String getTargetLevel() { + return XMLSignatureVerificationProfile.LEVEL_B; + } +} -- cgit v1.2.3