summaryrefslogtreecommitdiff
path: root/bkucommon/src/main/java/at/gv
diff options
context:
space:
mode:
authorAndreas Abraham <andreas.abraham@egiz.gv.at>2018-09-17 15:59:57 +0200
committerAndreas Abraham <andreas.abraham@egiz.gv.at>2018-09-17 15:59:57 +0200
commit3977af1e555a5cc54811f668065a97354fd4178d (patch)
treea17beb9e10efe2c23215229ad7c8252c80e4349f /bkucommon/src/main/java/at/gv
parent6b9c41a422b93a0f98275cbe9c90b2773864b2ae (diff)
parented4a32e8f29c17e659a6ef3f5b8720b005cb833c (diff)
downloadmocca-3977af1e555a5cc54811f668065a97354fd4178d.tar.gz
mocca-3977af1e555a5cc54811f668065a97354fd4178d.tar.bz2
mocca-3977af1e555a5cc54811f668065a97354fd4178d.zip
Merge branch 'master' into PKIModuleUpdate
Diffstat (limited to 'bkucommon/src/main/java/at/gv')
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java658
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java16
2 files changed, 340 insertions, 334 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java
index 18857118..1624fb91 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java
@@ -1,329 +1,329 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * MOCCA has been developed by the E-Government Innovation Center EGIZ, a joint
- * initiative of the Federal Chancellery Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egiz.bku.slcommands.impl;
-
-import java.io.InputStream;
-import java.net.URL;
-import java.net.URLConnection;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Date;
-import java.util.List;
-import java.util.Scanner;
-
-import javax.xml.crypto.MarshalException;
-import javax.xml.crypto.URIReferenceException;
-import javax.xml.crypto.dsig.XMLSignatureException;
-
-import org.apache.commons.configuration.Configuration;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.w3c.dom.ls.DOMImplementationLS;
-import org.w3c.dom.ls.LSSerializer;
-
-import at.buergerkarte.namespaces.securitylayer._1_2_3.CreateXMLSignatureRequestType;
-import at.buergerkarte.namespaces.securitylayer._1_2_3.DataObjectInfoType;
-import at.gv.egiz.bku.binding.HTTPBindingProcessorImpl;
-import at.gv.egiz.bku.conf.MoccaConfigurationFacade;
-import at.gv.egiz.bku.slcommands.CreateXMLSignatureCommand;
-import at.gv.egiz.bku.slcommands.SLCommandContext;
-import at.gv.egiz.bku.slcommands.SLResult;
-import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory;
-import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactoryImpl;
-import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactory;
-import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactoryImpl;
-import at.gv.egiz.bku.slcommands.impl.xsect.Signature;
-import at.gv.egiz.bku.slexceptions.SLCommandException;
-import at.gv.egiz.bku.slexceptions.SLException;
-import at.gv.egiz.bku.slexceptions.SLRequestException;
-import at.gv.egiz.bku.slexceptions.SLViewerException;
-import at.gv.egiz.dom.DOMUtils;
-import at.gv.egiz.stal.InfoboxReadRequest;
-import at.gv.egiz.stal.STALRequest;
-
-/**
- * This class implements the security layer command
- * <code>CreateXMLSignatureRequest</code>.
- *
- * @author mcentner
- */
-public class CreateXMLSignatureCommandImpl extends
- SLCommandImpl<CreateXMLSignatureRequestType> implements
- CreateXMLSignatureCommand {
-
- /**
- * Logging facility.
- */
- private final static Logger log = LoggerFactory.getLogger(CreateXMLSignatureCommandImpl.class);
-
- /**
- * The signing certificate.
- */
- protected X509Certificate signingCertificate;
-
- /**
- * The keybox identifier of the key used for signing.
- */
- protected String keyboxIdentifier;
-
- /**
- * The to-be signed signature.
- */
- protected Signature signature;
-
- /**
- * The configuration facade used to access the MOCCA configuration.
- */
- private ConfigurationFacade configurationFacade = new ConfigurationFacade();
-
- private class ConfigurationFacade implements MoccaConfigurationFacade {
- private Configuration configuration;
-
- public static final String USE_STRONG_HASH = "UseStrongHash";
- public static final String USE_XADES_1_4 =
- HTTPBindingProcessorImpl.ConfigurationFacade.USE_XADES_1_4;
- public static final String USE_XADES_1_4_BLACKLIST =
- HTTPBindingProcessorImpl.ConfigurationFacade.USE_XADES_1_4_BLACKLIST;
- public static final String XADES_1_4_BLACKLIST_URL =
- HTTPBindingProcessorImpl.ConfigurationFacade.XADES_1_4_BLACKLIST_URL;
- public static final int XADES_1_4_BLACKLIST_EXPIRY =
- HTTPBindingProcessorImpl.ConfigurationFacade.XADES_1_4_BLACKLIST_EXPIRY;
-
- public void setConfiguration(Configuration configuration) {
- this.configuration = configuration;
- }
-
- public boolean getUseStrongHash() {
- return configuration.getBoolean(USE_STRONG_HASH, true);
- }
-
- public boolean getUseXAdES14() {
- return configuration.getBoolean(USE_XADES_1_4, true);
- }
-
- public boolean getUseXAdES14Blacklist() {
- return configuration.getBoolean(USE_XADES_1_4_BLACKLIST, true);
- }
- }
-
- private static long XADES_1_4_BLACKLIST_TS;
- private static final List<String> XADES_1_4_BLACKLIST;
- static {
- XADES_1_4_BLACKLIST = new ArrayList<String>();
- loadXAdES14Blacklist();
- }
-
- private static void loadXAdES14Blacklist() {
- XADES_1_4_BLACKLIST_TS = System.currentTimeMillis();
- XADES_1_4_BLACKLIST.clear();
- try {
- URLConnection blc = new URL(ConfigurationFacade.XADES_1_4_BLACKLIST_URL).openConnection();
- blc.setUseCaches(false);
- InputStream in = blc.getInputStream();
- Scanner s = new Scanner(in);
- while (s.hasNext()){
- XADES_1_4_BLACKLIST.add(s.next());
- }
- s.close();
- } catch (Exception e) {
- log.error("Blacklist load error", e);
- }
- }
-
- private static boolean matchesXAdES14Blacklist(String url) {
- log.debug("Checking DataURL against XAdES14 blacklist: {}", url);
- if ((System.currentTimeMillis() - XADES_1_4_BLACKLIST_TS) >
- (ConfigurationFacade.XADES_1_4_BLACKLIST_EXPIRY * 1000)) {
- log.debug("Updating XAdES14 blacklist");
- loadXAdES14Blacklist();
- }
- if (url != null) {
- for (String bl_entry : XADES_1_4_BLACKLIST) {
- if (url.matches(bl_entry)) {
- log.debug("XAdES14 blacklist match");
- return true;
- }
- }
- }
- return false;
- }
-
- public void setConfiguration(Configuration configuration) {
- configurationFacade.setConfiguration(configuration);
- }
-
- @Override
- public void prepareXMLSignature(SLCommandContext commandContext) throws SLCommandException,
- SLRequestException {
-
- CreateXMLSignatureRequestType request = getRequestValue();
-
- // TODO: make configurable?
- IdValueFactory idValueFactory = new IdValueFactoryImpl();
-
- // TODO: make configurable?
- AlgorithmMethodFactory algorithmMethodFactory;
- try {
- algorithmMethodFactory = new AlgorithmMethodFactoryImpl(
- signingCertificate, configurationFacade.getUseStrongHash());
- } catch (NoSuchAlgorithmException e) {
- log.error("Failed to get DigestMethod.", e);
- throw new SLCommandException(4006);
- }
-
- boolean useXAdES14 = configurationFacade.getUseXAdES14();
- if (useXAdES14 && configurationFacade.getUseXAdES14Blacklist()) {
- String dataURL = commandContext.getDataURL();
- if (matchesXAdES14Blacklist(dataURL))
- useXAdES14 = false;
- }
-
- signature = new Signature(commandContext.getURLDereferencer(),
- idValueFactory, algorithmMethodFactory, useXAdES14);
-
- // SigningTime
- signature.setSigningTime(new Date());
-
- // SigningCertificate
- signature.setSignerCertificate(signingCertificate);
-
- // SignatureInfo
- if (request.getSignatureInfo() != null) {
- signature.setSignatureInfo(request.getSignatureInfo());
- }
-
- // DataObjects
- for (DataObjectInfoType dataObjectInfo : request.getDataObjectInfo()) {
- signature.addDataObject(dataObjectInfo);
- }
-
- signature.buildXMLSignature();
-
- }
-
- /**
- * Gets the signing certificate from STAL.
- * @param commandContext TODO
- *
- * @throws SLCommandException
- * if getting the singing certificate fails
- */
- private void getSigningCertificate(SLCommandContext commandContext) throws SLCommandException {
-
- CreateXMLSignatureRequestType request = getRequestValue();
- keyboxIdentifier = request.getKeyboxIdentifier();
-
- InfoboxReadRequest stalRequest = new InfoboxReadRequest();
- stalRequest.setInfoboxIdentifier(keyboxIdentifier);
-
- STALHelper stalHelper = new STALHelper(commandContext.getSTAL());
-
- stalHelper.transmitSTALRequest(Collections.singletonList((STALRequest) stalRequest));
- List<X509Certificate> certificates = stalHelper.getCertificatesFromResponses();
- if (certificates == null || certificates.size() != 1) {
- log.info("Got an unexpected number of certificates from STAL.");
- throw new SLCommandException(4000);
- }
- signingCertificate = certificates.get(0);
-
- }
-
- /**
- * Signs the signature.
- * @param commandContext TODO
- *
- * @throws SLCommandException
- * if signing the signature fails
- * @throws SLViewerException
- */
- private void signXMLSignature(SLCommandContext commandContext) throws SLCommandException, SLViewerException {
-
- try {
- signature.sign(commandContext.getSTAL(), keyboxIdentifier);
- } catch (MarshalException e) {
- log.error("Failed to marshall XMLSignature.", e);
- throw new SLCommandException(4000);
- } catch (XMLSignatureException e) {
- if (e.getCause() instanceof URIReferenceException) {
- URIReferenceException uriReferenceException = (URIReferenceException) e
- .getCause();
- if (uriReferenceException.getCause() instanceof SLCommandException) {
- throw (SLCommandException) uriReferenceException.getCause();
- }
- }
- log.error("Failed to sign XMLSignature.", e);
- throw new SLCommandException(4000);
- }
-
- }
-
- @Override
- public SLResult execute(SLCommandContext commandContext) {
- try {
-
- // get certificate in order to select appropriate algorithms for hashing
- // and signing
- log.info("Requesting signing certificate.");
- getSigningCertificate(commandContext);
- if (log.isDebugEnabled()) {
- log.debug("Got signing certificate. {}", signingCertificate);
- } else {
- log.info("Got signing certificate.");
- }
-
- // prepare the XMLSignature for signing
- log.info("Preparing XML signature.");
- prepareXMLSignature(commandContext);
-
- // sign the XMLSignature
- log.info("Signing XML signature.");
- signXMLSignature(commandContext);
- if (log.isDebugEnabled()) {
-
- DOMImplementationLS domImplLS = DOMUtils.getDOMImplementationLS();
- LSSerializer serializer = domImplLS.createLSSerializer();
- String debugString = serializer.writeToString(signature.getDocument());
-
- log.debug(debugString);
-
- } else {
- log.info("XML signature signed.");
- }
-
- return new CreateXMLSignatureResultImpl(signature.getDocument());
-
- } catch (SLException e) {
- return new ErrorResultImpl(e, commandContext.getLocale());
- }
- }
-
- @Override
- public String getName() {
- return "CreateXMLSignatureRequest";
- }
-
-}
+/*
+ * Copyright 2011 by Graz University of Technology, Austria
+ * MOCCA has been developed by the E-Government Innovation Center EGIZ, a joint
+ * initiative of the Federal Chancellery Austria and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egiz.bku.slcommands.impl;
+
+import java.io.InputStream;
+import java.net.URL;
+import java.net.URLConnection;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Date;
+import java.util.List;
+import java.util.Scanner;
+
+import javax.xml.crypto.MarshalException;
+import javax.xml.crypto.URIReferenceException;
+import javax.xml.crypto.dsig.XMLSignatureException;
+
+import org.apache.commons.configuration.Configuration;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.ls.DOMImplementationLS;
+import org.w3c.dom.ls.LSSerializer;
+
+import at.buergerkarte.namespaces.securitylayer._1_2_3.CreateXMLSignatureRequestType;
+import at.buergerkarte.namespaces.securitylayer._1_2_3.DataObjectInfoType;
+import at.gv.egiz.bku.binding.HTTPBindingProcessorImpl;
+import at.gv.egiz.bku.conf.MoccaConfigurationFacade;
+import at.gv.egiz.bku.slcommands.CreateXMLSignatureCommand;
+import at.gv.egiz.bku.slcommands.SLCommandContext;
+import at.gv.egiz.bku.slcommands.SLResult;
+import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory;
+import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactoryImpl;
+import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactory;
+import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactoryImpl;
+import at.gv.egiz.bku.slcommands.impl.xsect.Signature;
+import at.gv.egiz.bku.slexceptions.SLCommandException;
+import at.gv.egiz.bku.slexceptions.SLException;
+import at.gv.egiz.bku.slexceptions.SLRequestException;
+import at.gv.egiz.bku.slexceptions.SLViewerException;
+import at.gv.egiz.dom.DOMUtils;
+import at.gv.egiz.stal.InfoboxReadRequest;
+import at.gv.egiz.stal.STALRequest;
+
+/**
+ * This class implements the security layer command
+ * <code>CreateXMLSignatureRequest</code>.
+ *
+ * @author mcentner
+ */
+public class CreateXMLSignatureCommandImpl extends
+ SLCommandImpl<CreateXMLSignatureRequestType> implements
+ CreateXMLSignatureCommand {
+
+ /**
+ * Logging facility.
+ */
+ protected final static Logger log = LoggerFactory.getLogger(CreateXMLSignatureCommandImpl.class);
+
+ /**
+ * The signing certificate.
+ */
+ protected X509Certificate signingCertificate;
+
+ /**
+ * The keybox identifier of the key used for signing.
+ */
+ protected String keyboxIdentifier;
+
+ /**
+ * The to-be signed signature.
+ */
+ protected Signature signature;
+
+ /**
+ * The configuration facade used to access the MOCCA configuration.
+ */
+ protected ConfigurationFacade configurationFacade = new ConfigurationFacade();
+
+ protected class ConfigurationFacade implements MoccaConfigurationFacade {
+ protected Configuration configuration;
+
+ public static final String USE_STRONG_HASH = "UseStrongHash";
+ public static final String USE_XADES_1_4 =
+ HTTPBindingProcessorImpl.ConfigurationFacade.USE_XADES_1_4;
+ public static final String USE_XADES_1_4_BLACKLIST =
+ HTTPBindingProcessorImpl.ConfigurationFacade.USE_XADES_1_4_BLACKLIST;
+ public static final String XADES_1_4_BLACKLIST_URL =
+ HTTPBindingProcessorImpl.ConfigurationFacade.XADES_1_4_BLACKLIST_URL;
+ public static final int XADES_1_4_BLACKLIST_EXPIRY =
+ HTTPBindingProcessorImpl.ConfigurationFacade.XADES_1_4_BLACKLIST_EXPIRY;
+
+ public void setConfiguration(Configuration configuration) {
+ this.configuration = configuration;
+ }
+
+ public boolean getUseStrongHash() {
+ return configuration.getBoolean(USE_STRONG_HASH, true);
+ }
+
+ public boolean getUseXAdES14() {
+ return configuration.getBoolean(USE_XADES_1_4, true);
+ }
+
+ public boolean getUseXAdES14Blacklist() {
+ return configuration.getBoolean(USE_XADES_1_4_BLACKLIST, true);
+ }
+ }
+
+ protected static long XADES_1_4_BLACKLIST_TS;
+ protected static final List<String> XADES_1_4_BLACKLIST;
+ static {
+ XADES_1_4_BLACKLIST = new ArrayList<String>();
+ loadXAdES14Blacklist();
+ }
+
+ protected static void loadXAdES14Blacklist() {
+ XADES_1_4_BLACKLIST_TS = System.currentTimeMillis();
+ XADES_1_4_BLACKLIST.clear();
+ try {
+ URLConnection blc = new URL(ConfigurationFacade.XADES_1_4_BLACKLIST_URL).openConnection();
+ blc.setUseCaches(false);
+ InputStream in = blc.getInputStream();
+ Scanner s = new Scanner(in);
+ while (s.hasNext()){
+ XADES_1_4_BLACKLIST.add(s.next());
+ }
+ s.close();
+ } catch (Exception e) {
+ log.error("Blacklist load error", e);
+ }
+ }
+
+ protected static boolean matchesXAdES14Blacklist(String url) {
+ log.debug("Checking DataURL against XAdES14 blacklist: {}", url);
+ if ((System.currentTimeMillis() - XADES_1_4_BLACKLIST_TS) >
+ (ConfigurationFacade.XADES_1_4_BLACKLIST_EXPIRY * 1000)) {
+ log.debug("Updating XAdES14 blacklist");
+ loadXAdES14Blacklist();
+ }
+ if (url != null) {
+ for (String bl_entry : XADES_1_4_BLACKLIST) {
+ if (url.matches(bl_entry)) {
+ log.debug("XAdES14 blacklist match");
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ public void setConfiguration(Configuration configuration) {
+ configurationFacade.setConfiguration(configuration);
+ }
+
+ @Override
+ public void prepareXMLSignature(SLCommandContext commandContext) throws SLCommandException,
+ SLRequestException {
+
+ CreateXMLSignatureRequestType request = getRequestValue();
+
+ // TODO: make configurable?
+ IdValueFactory idValueFactory = new IdValueFactoryImpl();
+
+ // TODO: make configurable?
+ AlgorithmMethodFactory algorithmMethodFactory;
+ try {
+ algorithmMethodFactory = new AlgorithmMethodFactoryImpl(
+ signingCertificate, configurationFacade.getUseStrongHash());
+ } catch (NoSuchAlgorithmException e) {
+ log.error("Failed to get DigestMethod.", e);
+ throw new SLCommandException(4006);
+ }
+
+ boolean useXAdES14 = configurationFacade.getUseXAdES14();
+ if (useXAdES14 && configurationFacade.getUseXAdES14Blacklist()) {
+ String dataURL = commandContext.getDataURL();
+ if (matchesXAdES14Blacklist(dataURL))
+ useXAdES14 = false;
+ }
+
+ signature = new Signature(commandContext.getURLDereferencer(),
+ idValueFactory, algorithmMethodFactory, useXAdES14);
+
+ // SigningTime
+ signature.setSigningTime(new Date());
+
+ // SigningCertificate
+ signature.setSignerCertificate(signingCertificate);
+
+ // SignatureInfo
+ if (request.getSignatureInfo() != null) {
+ signature.setSignatureInfo(request.getSignatureInfo());
+ }
+
+ // DataObjects
+ for (DataObjectInfoType dataObjectInfo : request.getDataObjectInfo()) {
+ signature.addDataObject(dataObjectInfo);
+ }
+
+ signature.buildXMLSignature();
+
+ }
+
+ /**
+ * Gets the signing certificate from STAL.
+ * @param commandContext TODO
+ *
+ * @throws SLCommandException
+ * if getting the singing certificate fails
+ */
+ protected void getSigningCertificate(SLCommandContext commandContext) throws SLCommandException {
+
+ CreateXMLSignatureRequestType request = getRequestValue();
+ keyboxIdentifier = request.getKeyboxIdentifier();
+
+ InfoboxReadRequest stalRequest = new InfoboxReadRequest();
+ stalRequest.setInfoboxIdentifier(keyboxIdentifier);
+
+ STALHelper stalHelper = new STALHelper(commandContext.getSTAL());
+
+ stalHelper.transmitSTALRequest(Collections.singletonList((STALRequest) stalRequest));
+ List<X509Certificate> certificates = stalHelper.getCertificatesFromResponses();
+ if (certificates == null || certificates.size() != 1) {
+ log.info("Got an unexpected number of certificates from STAL.");
+ throw new SLCommandException(4000);
+ }
+ signingCertificate = certificates.get(0);
+
+ }
+
+ /**
+ * Signs the signature.
+ * @param commandContext TODO
+ *
+ * @throws SLCommandException
+ * if signing the signature fails
+ * @throws SLViewerException
+ */
+ protected void signXMLSignature(SLCommandContext commandContext) throws SLCommandException, SLViewerException {
+
+ try {
+ signature.sign(commandContext.getSTAL(), keyboxIdentifier);
+ } catch (MarshalException e) {
+ log.error("Failed to marshall XMLSignature.", e);
+ throw new SLCommandException(4000);
+ } catch (XMLSignatureException e) {
+ if (e.getCause() instanceof URIReferenceException) {
+ URIReferenceException uriReferenceException = (URIReferenceException) e
+ .getCause();
+ if (uriReferenceException.getCause() instanceof SLCommandException) {
+ throw (SLCommandException) uriReferenceException.getCause();
+ }
+ }
+ log.error("Failed to sign XMLSignature.", e);
+ throw new SLCommandException(4000);
+ }
+
+ }
+
+ @Override
+ public SLResult execute(SLCommandContext commandContext) {
+ try {
+
+ // get certificate in order to select appropriate algorithms for hashing
+ // and signing
+ log.info("Requesting signing certificate.");
+ getSigningCertificate(commandContext);
+ if (log.isDebugEnabled()) {
+ log.debug("Got signing certificate. {}", signingCertificate);
+ } else {
+ log.info("Got signing certificate.");
+ }
+
+ // prepare the XMLSignature for signing
+ log.info("Preparing XML signature.");
+ prepareXMLSignature(commandContext);
+
+ // sign the XMLSignature
+ log.info("Signing XML signature.");
+ signXMLSignature(commandContext);
+ if (log.isDebugEnabled()) {
+
+ DOMImplementationLS domImplLS = DOMUtils.getDOMImplementationLS();
+ LSSerializer serializer = domImplLS.createLSSerializer();
+ String debugString = serializer.writeToString(signature.getDocument());
+
+ log.debug(debugString);
+
+ } else {
+ log.info("XML signature signed.");
+ }
+
+ return new CreateXMLSignatureResultImpl(signature.getDocument());
+
+ } catch (SLException e) {
+ return new ErrorResultImpl(e, commandContext.getLocale());
+ }
+ }
+
+ @Override
+ public String getName() {
+ return "CreateXMLSignatureRequest";
+ }
+
+}
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java
index c3fcd146..249172e7 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java
@@ -53,27 +53,33 @@ public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory {
/**
* The signature algorithm URI.
*/
- private String signatureAlgorithmURI;
+ protected String signatureAlgorithmURI;
/**
* The signature algorithm ID.
*/
- private AlgorithmID signatureAlgorithmID;
+ protected AlgorithmID signatureAlgorithmID;
/**
* the digest algorithm URI.
*/
- private String digestAlgorithmURI = DigestMethod.SHA1;
+ protected String digestAlgorithmURI = DigestMethod.SHA1;
/**
* The digest algorithm ID.
*/
- private AlgorithmID digestAlgorithmID = AlgorithmID.sha1;
+ protected AlgorithmID digestAlgorithmID = AlgorithmID.sha1;
/**
* The algorithm parameters for the signature algorithm.
*/
- private SignatureMethodParameterSpec signatureMethodParameterSpec;
+ protected SignatureMethodParameterSpec signatureMethodParameterSpec;
+
+ /**
+ * Default Constructor
+ */
+ public AlgorithmMethodFactoryImpl(){
+ }
/**
* Creates a new AlgorithmMethodFactory with the given