summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTobias Kellner <tobias.kellner@iaik.tugraz.at>2016-11-03 16:17:03 +0100
committerTobias Kellner <tobias.kellner@iaik.tugraz.at>2016-11-03 16:17:03 +0100
commit33dfef091acd2d28e68658c8e0bcb4e67027d1e1 (patch)
tree220e38349c809d87bd2a91a8767033aeff81f71b
parent0022a997e90bb9554b62853222b4aad7fbde1e11 (diff)
downloadmocca-33dfef091acd2d28e68658c8e0bcb4e67027d1e1.tar.gz
mocca-33dfef091acd2d28e68658c8e0bcb4e67027d1e1.tar.bz2
mocca-33dfef091acd2d28e68658c8e0bcb4e67027d1e1.zip
Workaround for finding EC OID if ECCelerate not loaded first
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java4
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java4
-rw-r--r--utils/src/main/java/at/gv/egiz/idlink/CompressedIdentityLinkFactory.java16
-rw-r--r--utils/src/main/java/at/gv/egiz/idlink/asn1/CitizenPublicKey.java (renamed from utils/src/main/java/at/gv/egiz/idlink/ans1/CitizenPublicKey.java)2
-rw-r--r--utils/src/main/java/at/gv/egiz/idlink/asn1/IdentityLink.java (renamed from utils/src/main/java/at/gv/egiz/idlink/ans1/IdentityLink.java)2
-rw-r--r--utils/src/main/java/at/gv/egiz/idlink/asn1/PersonData.java (renamed from utils/src/main/java/at/gv/egiz/idlink/ans1/PersonData.java)2
-rw-r--r--utils/src/main/java/at/gv/egiz/idlink/asn1/PhysicalPersonData.java (renamed from utils/src/main/java/at/gv/egiz/idlink/ans1/PhysicalPersonData.java)2
-rw-r--r--utils/src/main/java/at/gv/egiz/xmldsig/KeyValueFactory.java62
-rw-r--r--utils/src/test/java/at/gv/egiz/idlink/CompressIdentityLink.java2
9 files changed, 73 insertions, 23 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java
index b2643d8e..f1032f7f 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java
@@ -60,7 +60,7 @@ import at.gv.egiz.bku.slexceptions.SLCommandException;
import at.gv.egiz.bku.slexceptions.SLExceptionMessages;
import at.gv.egiz.bku.slexceptions.SLRuntimeException;
import at.gv.egiz.idlink.CompressedIdentityLinkFactory;
-import at.gv.egiz.idlink.ans1.IdentityLink;
+import at.gv.egiz.idlink.asn1.IdentityLink;
import at.gv.egiz.stal.InfoboxReadRequest;
import at.gv.egiz.stal.STALRequest;
@@ -216,7 +216,7 @@ public class IdentityLinkInfoboxImpl extends AbstractBinaryFileInfobox {
xmlResult = new StreamResult(resultBytes);
}
}
-
+
try {
log.trace("Trying to transform identitylink");
identityLinkTransformer.transformIdLink(issuerTemplate, new DOMSource(document), xmlResult);
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java
index 384521df..d521dd37 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java
@@ -46,7 +46,7 @@ import org.slf4j.LoggerFactory;
import at.gv.egiz.bku.slexceptions.SLCommandException;
import at.gv.egiz.bku.slexceptions.SLExceptionMessages;
import at.gv.egiz.bku.slexceptions.SLRuntimeException;
-import at.gv.egiz.idlink.ans1.IdentityLink;
+import at.gv.egiz.idlink.asn1.IdentityLink;
import at.gv.egiz.stal.ErrorResponse;
import at.gv.egiz.stal.InfoboxReadResponse;
import at.gv.egiz.stal.STAL;
@@ -198,7 +198,7 @@ public class STALHelper {
writer.write("\n-----END CERTIFICATE-----");
writer.flush();
} catch (IOException e1) {
- log.info("Failed to decode certificate.", e);
+ log.debug("Failed to decode certificate.", e1);
}
log.debug("Failed to decode certificate.\n{}", certDump.toString(), e);
} else {
diff --git a/utils/src/main/java/at/gv/egiz/idlink/CompressedIdentityLinkFactory.java b/utils/src/main/java/at/gv/egiz/idlink/CompressedIdentityLinkFactory.java
index 510f303e..11908540 100644
--- a/utils/src/main/java/at/gv/egiz/idlink/CompressedIdentityLinkFactory.java
+++ b/utils/src/main/java/at/gv/egiz/idlink/CompressedIdentityLinkFactory.java
@@ -51,14 +51,14 @@ import org.w3c.dom.NodeList;
import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType;
import at.gv.e_government.reference.namespace.persondata._20020228_.AbstractPersonType;
import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType;
-import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType;
-import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType;
import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType.Value;
+import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType;
import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType.FamilyName;
-import at.gv.egiz.idlink.ans1.CitizenPublicKey;
-import at.gv.egiz.idlink.ans1.IdentityLink;
-import at.gv.egiz.idlink.ans1.PersonData;
-import at.gv.egiz.idlink.ans1.PhysicalPersonData;
+import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType;
+import at.gv.egiz.idlink.asn1.CitizenPublicKey;
+import at.gv.egiz.idlink.asn1.IdentityLink;
+import at.gv.egiz.idlink.asn1.PersonData;
+import at.gv.egiz.idlink.asn1.PhysicalPersonData;
import at.gv.egiz.marshal.MarshallerFactory;
import at.gv.egiz.xmldsig.KeyTypeNotSupportedException;
import at.gv.egiz.xmldsig.KeyValueFactory;
@@ -201,7 +201,7 @@ public class CompressedIdentityLinkFactory {
* of the <code>certificates</code> list
*/
public JAXBElement<CompressedIdentityLinkType> createCompressedIdentityLink(
- at.gv.egiz.idlink.ans1.IdentityLink idLink,
+ at.gv.egiz.idlink.asn1.IdentityLink idLink,
List<X509Certificate> certificates, String domainId) {
at.gv.e_government.reference.namespace.persondata._20020228_.ObjectFactory prFactory =
@@ -254,7 +254,7 @@ public class CompressedIdentityLinkFactory {
X509Certificate certificate = certificates.get(__citizenPublicKey.getOnToken());
PublicKey publicKey = certificate.getPublicKey();
-
+
JAXBElement<?> keyValue;
try {
keyValue = keyValueFactory.createKeyValue(publicKey);
diff --git a/utils/src/main/java/at/gv/egiz/idlink/ans1/CitizenPublicKey.java b/utils/src/main/java/at/gv/egiz/idlink/asn1/CitizenPublicKey.java
index 5e342b8d..f89511ff 100644
--- a/utils/src/main/java/at/gv/egiz/idlink/ans1/CitizenPublicKey.java
+++ b/utils/src/main/java/at/gv/egiz/idlink/asn1/CitizenPublicKey.java
@@ -22,7 +22,7 @@
*/
-package at.gv.egiz.idlink.ans1;
+package at.gv.egiz.idlink.asn1;
import java.math.BigInteger;
diff --git a/utils/src/main/java/at/gv/egiz/idlink/ans1/IdentityLink.java b/utils/src/main/java/at/gv/egiz/idlink/asn1/IdentityLink.java
index 6a250b9a..c2663971 100644
--- a/utils/src/main/java/at/gv/egiz/idlink/ans1/IdentityLink.java
+++ b/utils/src/main/java/at/gv/egiz/idlink/asn1/IdentityLink.java
@@ -22,7 +22,7 @@
*/
-package at.gv.egiz.idlink.ans1;
+package at.gv.egiz.idlink.asn1;
import iaik.asn1.ASN1Object;
import iaik.asn1.ASN1Type;
diff --git a/utils/src/main/java/at/gv/egiz/idlink/ans1/PersonData.java b/utils/src/main/java/at/gv/egiz/idlink/asn1/PersonData.java
index 6204e370..786486f1 100644
--- a/utils/src/main/java/at/gv/egiz/idlink/ans1/PersonData.java
+++ b/utils/src/main/java/at/gv/egiz/idlink/asn1/PersonData.java
@@ -22,7 +22,7 @@
*/
-package at.gv.egiz.idlink.ans1;
+package at.gv.egiz.idlink.asn1;
import iaik.asn1.*;
diff --git a/utils/src/main/java/at/gv/egiz/idlink/ans1/PhysicalPersonData.java b/utils/src/main/java/at/gv/egiz/idlink/asn1/PhysicalPersonData.java
index 995a40f6..be92ac30 100644
--- a/utils/src/main/java/at/gv/egiz/idlink/ans1/PhysicalPersonData.java
+++ b/utils/src/main/java/at/gv/egiz/idlink/asn1/PhysicalPersonData.java
@@ -22,7 +22,7 @@
*/
-package at.gv.egiz.idlink.ans1;
+package at.gv.egiz.idlink.asn1;
import iaik.asn1.*;
diff --git a/utils/src/main/java/at/gv/egiz/xmldsig/KeyValueFactory.java b/utils/src/main/java/at/gv/egiz/xmldsig/KeyValueFactory.java
index 6377bf9f..2388405f 100644
--- a/utils/src/main/java/at/gv/egiz/xmldsig/KeyValueFactory.java
+++ b/utils/src/main/java/at/gv/egiz/xmldsig/KeyValueFactory.java
@@ -24,6 +24,7 @@
package at.gv.egiz.xmldsig;
+import iaik.security.ec.common.ECStandardizedParameterFactory;
import iaik.security.ec.errorhandling.InvalidCurveParameterSpecException;
import java.math.BigInteger;
@@ -39,6 +40,7 @@ import java.security.spec.ECFieldFp;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.EllipticCurve;
+import java.util.Enumeration;
import javax.xml.bind.JAXBElement;
@@ -48,6 +50,7 @@ import org.w3._2001._04.xmldsig_more_.BasePointParamsType;
import org.w3._2001._04.xmldsig_more_.CharTwoFieldElemType;
import org.w3._2001._04.xmldsig_more_.CurveParamsType;
import org.w3._2001._04.xmldsig_more_.DomainParamsType;
+import org.w3._2001._04.xmldsig_more_.DomainParamsType.NamedCurve;
import org.w3._2001._04.xmldsig_more_.ECDSAKeyValueType;
import org.w3._2001._04.xmldsig_more_.ECPointType;
import org.w3._2001._04.xmldsig_more_.ExplicitParamsType;
@@ -57,10 +60,8 @@ import org.w3._2001._04.xmldsig_more_.PnBFieldParamsType;
import org.w3._2001._04.xmldsig_more_.PrimeFieldElemType;
import org.w3._2001._04.xmldsig_more_.PrimeFieldParamsType;
import org.w3._2001._04.xmldsig_more_.TnBFieldParamsType;
-import org.w3._2001._04.xmldsig_more_.DomainParamsType.NamedCurve;
public class KeyValueFactory {
-
private static byte[] bigInteger2byteArray(BigInteger bigPositiveInt) {
if (bigPositiveInt == null)
throw new NullPointerException("Argument 'bigPositiveInt' must not be null");
@@ -216,7 +217,53 @@ public class KeyValueFactory {
}
}
-
+
+ private boolean fieldsEqual(ECField f1, ECField f2) {
+ if (f1 instanceof ECFieldF2m) {
+ if (!(f2 instanceof ECFieldF2m)) {
+ return false;
+ }
+ ECFieldF2m f2m1 = (ECFieldF2m) f1;
+ ECFieldF2m f2m2 = (ECFieldF2m) f2;
+ return (f2m1.getM() == f2m2.getM() && f2m1.getReductionPolynomial().equals(f2m2.getReductionPolynomial()));
+ } else if (f1 instanceof ECFieldFp) {
+ if (!(f2 instanceof ECFieldFp)) {
+ return false;
+ }
+ ECFieldFp fp1 = (ECFieldFp) f1;
+ ECFieldFp fp2 = (ECFieldFp) f2;
+ return (fp1.getP().equals(fp2.getP()));
+ }
+ return false;
+ }
+
+ private boolean curvesEqual(EllipticCurve c1, EllipticCurve c2) {
+ if (c1.getA().equals(c2.getA()) && c1.getB().equals(c2.getB()))
+ return fieldsEqual(c1.getField(), c2.getField());
+ return false;
+ }
+
+ private String findOID(ECParameterSpec params) {
+ EllipticCurve curve = params.getCurve();
+ Enumeration<String> oids = ECStandardizedParameterFactory.getPrimeCurveOIDs();
+ while (oids.hasMoreElements()) {
+ String oid = oids.nextElement();
+ iaik.security.ec.common.ECParameterSpec params2 = ECStandardizedParameterFactory.getParametersByOID(oid);
+ if (curvesEqual(curve, params2.getCurve())) {
+ return oid;
+ }
+ }
+ oids = ECStandardizedParameterFactory.getBinaryCurveOIDs();
+ while (oids.hasMoreElements()) {
+ String oid = oids.nextElement();
+ iaik.security.ec.common.ECParameterSpec params2 = ECStandardizedParameterFactory.getParametersByOID(oid);
+ if (curvesEqual(curve, params2.getCurve())) {
+ return oid;
+ }
+ }
+ return null;
+ }
+
public DomainParamsType createDomainParamsType(ECParameterSpec params) throws KeyTypeNotSupportedException {
iaik.security.ec.common.ECParameterSpec params2;
try {
@@ -225,16 +272,19 @@ public class KeyValueFactory {
throw new KeyTypeNotSupportedException(e);
}
DomainParamsType domainParamsType = ecFactory.createDomainParamsType();
- EllipticCurve curve = params.getCurve();
-
String oid = params2.getOID();
- if (oid != null) {
+ if (oid == null) {
+ oid = findOID(params);
+ }
+ if (oid != null) {
// NamedCurve
NamedCurve namedCurve = ecFactory.createDomainParamsTypeNamedCurve();
namedCurve.setURN("urn:oid:" + oid);
domainParamsType.setNamedCurve(namedCurve);
} else {
// Explicit parameters
+ EllipticCurve curve = params.getCurve();
+
ExplicitParamsType explicitParamsType = ecFactory.createExplicitParamsType();
explicitParamsType.setFieldParams(createFieldParamsType(curve.getField()));
diff --git a/utils/src/test/java/at/gv/egiz/idlink/CompressIdentityLink.java b/utils/src/test/java/at/gv/egiz/idlink/CompressIdentityLink.java
index 562b4660..0d7624d9 100644
--- a/utils/src/test/java/at/gv/egiz/idlink/CompressIdentityLink.java
+++ b/utils/src/test/java/at/gv/egiz/idlink/CompressIdentityLink.java
@@ -33,7 +33,7 @@ import javax.xml.transform.Source;
import javax.xml.transform.stream.StreamSource;
import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType;
-import at.gv.egiz.idlink.ans1.IdentityLink;
+import at.gv.egiz.idlink.asn1.IdentityLink;
public class CompressIdentityLink {