diff options
| author | Bonato, Martin <martin.bonato@prime-sign.com> | 2018-02-08 22:19:55 +0100 | 
|---|---|---|
| committer | Bonato, Martin <martin.bonato@prime-sign.com> | 2018-02-08 22:19:55 +0100 | 
| commit | b9ccb62d35a755efb505d426ce924d5a8fbe937a (patch) | |
| tree | 00d17aa7dc660eb0e90ae753e36a623d672fc0e0 /smccSTAL/src/main/java | |
| parent | 84794c877062fe0424f357be0e83bdd045d75d52 (diff) | |
| download | mocca-b9ccb62d35a755efb505d426ce924d5a8fbe937a.tar.gz mocca-b9ccb62d35a755efb505d426ce924d5a8fbe937a.tar.bz2 mocca-b9ccb62d35a755efb505d426ce924d5a8fbe937a.zip | |
BulkSignature implementationfb-bulksignature
Diffstat (limited to 'smccSTAL/src/main/java')
7 files changed, 470 insertions, 66 deletions
| diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/BulkSignPINGUI.java b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/BulkSignPINGUI.java new file mode 100644 index 00000000..b792fed2 --- /dev/null +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/BulkSignPINGUI.java @@ -0,0 +1,172 @@ +/* + * Copyright 2015 Datentechnik Innovation GmbH and Prime Sign GmbH, Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.gv.egiz.bku.pin.gui; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.gui.viewer.SecureViewer; +import at.gv.egiz.smcc.BulkSignException; +import at.gv.egiz.smcc.CancelledException; +import at.gv.egiz.smcc.PinInfo; +import at.gv.egiz.smcc.pin.gui.OverrulePinpadPINGUI; +import at.gv.egiz.stal.SignatureInfo; + +import java.security.DigestException; +import java.util.List; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * This PinProvider is used for BulkSignatureRequests. + * The pin input field is called once and the pin is stored for further sign requests.  + * + * + * @author szoescher + */ +public class BulkSignPINGUI extends SignPINGUI implements OverrulePinpadPINGUI { + +  private final Logger log = LoggerFactory.getLogger(BulkSignPINGUI.class); + +  private boolean retry = false; + +  private char[] pin; +   +  private boolean showSignaturePINDialog; +   +  private int maxSignatures; +   +  private int signatureCount; +   +  List<SignatureInfo> signedInfo; +   + +   +  public BulkSignPINGUI(BKUGUIFacade gui, SecureViewer viewer, List<SignatureInfo> signedInfo, int maxSignatures) { +    super(gui, viewer, null); + +    this.signedInfo = signedInfo; +    this.maxSignatures = maxSignatures; + +    showSignaturePINDialog = true; +    signatureCount = 0; +  } + +  public int getSignatureCount() { +    return signatureCount; +  } + +  public boolean isShowSignaturePINDialog() { +    return showSignaturePINDialog; +  } + +  public void setShowSignaturePINDialog(boolean showSignaturePINDialog) { +    this.showSignaturePINDialog = showSignaturePINDialog; +  } +   + +   +  @Override +  public char[] providePIN(PinInfo spec, int retries) throws CancelledException, InterruptedException, BulkSignException { + +    if (showSignaturePINDialog) { +       +      signatureCount = 1; +      gui.showSignaturePINDialog(spec, (retry) ? retries : -1, maxSignatures, this, "sign", this, "cancel", this, "secureViewer"); + +      do { +        log.trace("[{}] wait for action.", Thread.currentThread().getName()); +        waitForAction(); +        log.trace("[{}] received action {}.", Thread.currentThread().getName(), action); + +        if ("secureViewer".equals(action)) { +          try { +             +            viewer.displayDataToBeSigned(signedInfo, this, "pinEntry"); +             +          } catch (DigestException ex) { +            log.error("Bad digest value: {}", ex.getMessage()); +            gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, new Object[] { ex.getMessage() }, this, "error"); +          } catch (Exception ex) { +            log.error("Could not display hashdata inputs: {}", ex.getMessage()); +            gui.showErrorDialog(BKUGUIFacade.ERR_DISPLAY_HASHDATA, new Object[] { ex.getMessage() }, this, "error"); +          } +        } else if ("sign".equals(action)) { +            gui.showMessageDialog(BKUGUIFacade.TITLE_BULKSIGNATURE, BKUGUIFacade.MESSAGE_BULKSIGN, new Object[]{signatureCount,maxSignatures}, BKUGUIFacade.BUTTON_CANCEL, this, "cancel"); +          retry = true; +          pin = gui.getPin(); +          return pin; +        } else if ("pinEntry".equals(action)) { +          gui.showSignaturePINDialog(spec, (retry) ? retries : -1, this, "sign", this, "cancel", this, "secureViewer"); +        } else if ("cancel".equals(action) || "error".equals(action)) { +          gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, BKUGUIFacade.MESSAGE_WAIT); +          throw new CancelledException(spec.getLocalizedName() + " entry cancelled"); +        } else { +          log.error("Unknown action command {}.", action); +        } +      } while (true); +    } else { +       +      signatureCount ++; +       +      if(signatureCount > maxSignatures) {      +        throw new BulkSignException("Limit of "+ signatureCount + "Signatures exceeded."); +      } +       +      gui.updateMessageDialog(BKUGUIFacade.TITLE_BULKSIGNATURE, BKUGUIFacade.MESSAGE_BULKSIGN, new Object[]{signatureCount,maxSignatures}, BKUGUIFacade.BUTTON_CANCEL, this, "cancel"); +      +      if ("cancel".equals(action) || "error".equals(action)) { +        gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, BKUGUIFacade.MESSAGE_WAIT); +        throw new CancelledException(spec.getLocalizedName() + " entry cancelled"); +        } +       +      return pin; +    } +  } + +  @Override +  public boolean allowOverrulePinpad() throws InterruptedException { + +    if (showSignaturePINDialog) { +      gui.showPinPadDeactivationDialog(this, "cancel", this, "ok"); + +      do { +        log.trace("[{}] wait for action.", Thread.currentThread().getName()); +        waitForAction(); +        log.trace("[{}] received action {}.", Thread.currentThread().getName(), action); + +        if ("cancel".equals(action)) { + +          return false; + +        } else if ("ok".equals(action)) { + +          return true; + +        } else { +          log.error("Unknown action command {}.", action); +        } +      } while (true); +    } + +    return true; +  } +} diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINGUI.java b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINGUI.java index bc49b85e..da6c39b0 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINGUI.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINGUI.java @@ -25,12 +25,14 @@  package at.gv.egiz.bku.pin.gui;  import at.gv.egiz.bku.gui.BKUGUIFacade; -import at.gv.egiz.bku.smccstal.SecureViewer; +import at.gv.egiz.bku.gui.viewer.SecureViewer;  import at.gv.egiz.smcc.CancelledException;  import at.gv.egiz.smcc.PinInfo;  import at.gv.egiz.smcc.pin.gui.PINGUI; -import at.gv.egiz.stal.signedinfo.SignedInfoType; +import at.gv.egiz.stal.SignatureInfo; +  import java.security.DigestException; +  import org.slf4j.Logger;  import org.slf4j.LoggerFactory; @@ -51,7 +53,7 @@ public class SignPINGUI extends SignPINProvider implements PINGUI {    private boolean retry = false; -  public SignPINGUI(BKUGUIFacade gui, SecureViewer viewer, SignedInfoType signedInfo) { +  public SignPINGUI(BKUGUIFacade gui, SecureViewer viewer, SignatureInfo signedInfo) {      super(gui, viewer, signedInfo);    } diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINProvider.java b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINProvider.java index f9dfe068..efda713c 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINProvider.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINProvider.java @@ -25,12 +25,15 @@  package at.gv.egiz.bku.pin.gui;  import at.gv.egiz.bku.gui.BKUGUIFacade; -import at.gv.egiz.bku.smccstal.SecureViewer; +import at.gv.egiz.bku.gui.viewer.SecureViewer; +import at.gv.egiz.smcc.BulkSignException;  import at.gv.egiz.smcc.CancelledException;  import at.gv.egiz.smcc.PinInfo;  import at.gv.egiz.smcc.pin.gui.PINProvider; -import at.gv.egiz.stal.signedinfo.SignedInfoType; +import at.gv.egiz.stal.SignatureInfo; +  import java.security.DigestException; +  import org.slf4j.Logger;  import org.slf4j.LoggerFactory; @@ -51,10 +54,10 @@ public class SignPINProvider extends AbstractPINProvider implements PINProvider    protected BKUGUIFacade gui;    protected SecureViewer viewer; -  protected SignedInfoType signedInfo; +  protected SignatureInfo signedInfo;    private boolean retry = false; -  public SignPINProvider(BKUGUIFacade gui, SecureViewer viewer, SignedInfoType signedInfo) { +  public SignPINProvider(BKUGUIFacade gui, SecureViewer viewer, SignatureInfo signedInfo) {      this.gui = gui;      this.viewer = viewer;      this.signedInfo = signedInfo; @@ -62,7 +65,7 @@ public class SignPINProvider extends AbstractPINProvider implements PINProvider    @Override    public char[] providePIN(PinInfo spec, int retries) -          throws CancelledException, InterruptedException { +          throws CancelledException, InterruptedException, BulkSignException {      gui.showSignaturePINDialog(spec, (retry) ? retries : -1,              this, "sign", diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/VerifyPINProvider.java b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/VerifyPINProvider.java index 59ee0593..77528ecb 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/VerifyPINProvider.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/VerifyPINProvider.java @@ -25,9 +25,11 @@  package at.gv.egiz.bku.pin.gui;  import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.smcc.BulkSignException;  import at.gv.egiz.smcc.CancelledException;  import at.gv.egiz.smcc.PinInfo;  import at.gv.egiz.smcc.pin.gui.PINProvider; +  import org.slf4j.Logger;  import org.slf4j.LoggerFactory; @@ -55,7 +57,7 @@ public class VerifyPINProvider extends AbstractPINProvider implements PINProvide    @Override    public char[] providePIN(PinInfo spec, int retries) -          throws CancelledException, InterruptedException { +          throws CancelledException, InterruptedException, BulkSignException {      gui.showVerifyPINDialog(spec, (retry) ? retries : -1,              this, "verify", diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/BulkSignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/BulkSignRequestHandler.java new file mode 100644 index 00000000..6d0403f7 --- /dev/null +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/BulkSignRequestHandler.java @@ -0,0 +1,273 @@ +/* + * Copyright 2015 Datentechnik Innovation GmbH and Prime Sign GmbH, Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egiz.bku.smccstal; + +import iaik.me.asn1.ASN1; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.security.SignatureException; +import java.util.LinkedList; +import java.util.List; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.gui.viewer.SecureViewer; +import at.gv.egiz.bku.pin.gui.BulkSignPINGUI; +import at.gv.egiz.smcc.BulkSignException; +import at.gv.egiz.smcc.CancelledException; +import at.gv.egiz.smcc.LockedException; +import at.gv.egiz.smcc.NotActivatedException; +import at.gv.egiz.smcc.SignatureCard; +import at.gv.egiz.smcc.SignatureCard.KeyboxName; +import at.gv.egiz.smcc.SignatureCardException; +import at.gv.egiz.smcc.TimeoutException; +import at.gv.egiz.stal.BulkSignRequest; +import at.gv.egiz.stal.BulkSignResponse; +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.HashDataInput; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; +import at.gv.egiz.stal.SignResponse; +import at.gv.egiz.stal.SignatureInfo; +import at.gv.egiz.stal.signedinfo.CanonicalizationMethodType; +import at.gv.egiz.stal.signedinfo.DigestMethodType; +import at.gv.egiz.stal.signedinfo.ObjectFactory; +import at.gv.egiz.stal.signedinfo.ReferenceType; +import at.gv.egiz.stal.signedinfo.SignatureMethodType; +import at.gv.egiz.stal.signedinfo.SignedInfoType; + +/** + * @author szoescher + */ +public class BulkSignRequestHandler extends AbstractRequestHandler { + +  private final static Logger log = LoggerFactory.getLogger(BulkSignRequestHandler.class); + +  private final static String CMS_DEF_SIGNEDINFO_ID = "SignedInfo-1"; +  private final static String OID_MESSAGEDIGEST = "1.2.840.113549.1.9.4"; + +  private static JAXBContext jaxbContext; + +  static { +    try { +      jaxbContext = JAXBContext.newInstance(ObjectFactory.class.getPackage().getName()); +    } catch (JAXBException e) { +      Logger log = LoggerFactory.getLogger(BulkSignRequestHandler.class); +      log.error("Cannot init jaxbContext", e); +    } +  } + +  protected SecureViewer secureViewer; + +  public BulkSignRequestHandler(SecureViewer secureViewer) { +    this.secureViewer = secureViewer; +  } + +  private static ErrorResponse errorResponse(int errorCode, String errorMessage, Exception e) { +    log.error(errorMessage, e); +    ErrorResponse err = new ErrorResponse(errorCode); +    err.setErrorMessage(errorMessage + (e == null ? "" : " " + e)); +    return err; +  } + +  @Override +  public STALResponse handleRequest(STALRequest request) throws InterruptedException { +    if (request instanceof BulkSignRequest) { +      BulkSignRequest bulkSignRequest = (BulkSignRequest) request; +      BulkSignResponse stalResp = new BulkSignResponse(); + + +      LinkedList<SignatureInfo> signatureInfoList = new LinkedList<SignatureInfo>(); +      try { +         +        for(SignRequest signRequest : bulkSignRequest.getSignRequests()){ +           +          byte[] signedInfoData = signRequest.getSignedInfo().getValue(); + +            SignatureInfo signatureInfo; +            if (signRequest.getSignedInfo().isIsCMSSignedAttributes()) { +              signatureInfo = createCMSSignedInfo(signRequest); +            } else { +               +              Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); +              InputStream is = new ByteArrayInputStream(signedInfoData); +              @SuppressWarnings("unchecked") +              JAXBElement<SignedInfoType> si = (JAXBElement<SignedInfoType>) unmarshaller.unmarshal(is); +               +              signatureInfo = new SignatureInfo(si.getValue(), signRequest.getDisplayName(), signRequest.getMimeType()); +            } +            signatureInfoList.add(signatureInfo);       +        } + +      BulkSignPINGUI pinGUI = new BulkSignPINGUI(gui, secureViewer, signatureInfoList, bulkSignRequest.getSignRequests().size()); +       +       +        for (int i = 0; i < bulkSignRequest.getSignRequests().size(); i++) { +          SignRequest signRequest = bulkSignRequest.getSignRequests().get(i); +          STALResponse response = handleSignRequest(signRequest, pinGUI, signatureInfoList.get(i)); +          pinGUI.setShowSignaturePINDialog(false); + +          if (response instanceof SignResponse) { +            stalResp.getSignResponse().add((SignResponse) response); +          } + +          if (response instanceof ErrorResponse) { +            return response; +          } + +        } +      } catch (SignatureException e) { +        return errorResponse(4000, "Error while parsing CMS signature.", e); +      } catch (JAXBException e) { +        return errorResponse(1000, "Cannot unmarshal signed info.", e); +      } + +      return stalResp; +    } else { +      return errorResponse(1000, "Got unexpected STAL request: " + request + ".", null); +    } +  } + +  @Override +  public boolean requireCard() { +    return true; +  } + +  private STALResponse handleSignRequest(SignRequest request, BulkSignPINGUI pinGUI, SignatureInfo signatureInfo) throws InterruptedException { +    if (request instanceof SignRequest) { + +      SignRequest signReq = (SignRequest) request; +      byte[] signedInfoData = signReq.getSignedInfo().getValue(); +      try { +         +        String signatureMethod = signatureInfo.getSignatureMethod().getAlgorithm(); +        log.debug("Found signature method: {}.", signatureMethod); +        KeyboxName kb = SignatureCard.KeyboxName.getKeyboxName(signReq.getKeyIdentifier()); + +        byte[] resp = card.createSignature(new ByteArrayInputStream(signedInfoData), kb, pinGUI, signatureMethod); + +        if (resp == null) { +          return errorResponse(6001, "Response is null", null); +        } + +        SignResponse stalResp = new SignResponse(); +        stalResp.setSignatureValue(resp); +        return stalResp; +      } catch (NotActivatedException e) { +        gui.showErrorDialog(BKUGUIFacade.ERR_CARD_NOTACTIVATED, null, this, null); +        waitForAction(); +        gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, BKUGUIFacade.MESSAGE_WAIT); +        return errorResponse(6001, "Citizen card not activated.", e); +      } catch (LockedException e) { +        gui.showErrorDialog(BKUGUIFacade.ERR_CARD_LOCKED, null, this, null); +        waitForAction(); +        gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, BKUGUIFacade.MESSAGE_WAIT); +        return errorResponse(6001, "Citizen card locked.", e); +      } catch (CancelledException cx) { +        return errorResponse(6001, "User cancelled request.", null); +      }catch (BulkSignException cx) { +        return errorResponse(6001, "Limit of Signatures exceeded.", null); +      }  catch (TimeoutException ex) { +        gui.showMessageDialog(BKUGUIFacade.TITLE_ENTRY_TIMEOUT, BKUGUIFacade.ERR_PIN_TIMEOUT, null, +            BKUGUIFacade.BUTTON_CANCEL, this, null); +        waitForAction(); +        gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, BKUGUIFacade.MESSAGE_WAIT); +        return errorResponse(6001, "Timeout during pin entry.", null); +      } catch (SignatureCardException e) { +        return errorResponse(4000, "Error while creating signature.", e); +      } catch (IOException e) { +        return errorResponse(4000, "Error while creating signature.", e); +      } +    } else { +      return errorResponse(1000, "Got unexpected STAL request: " + request + ".", null); +    } +  } + +  private static SignatureInfo createCMSSignedInfo(SignRequest signReq) throws SignatureException { +    SignedInfoType signedInfo = new SignedInfoType(); +     +    log.trace("createCMSSignedInfo from SignRequest"); +    byte[] signedInfoData = signReq.getSignedInfo().getValue(); + +    CanonicalizationMethodType canonicalizationMethod = new CanonicalizationMethodType(); +    canonicalizationMethod.setAlgorithm(""); +    signedInfo.setCanonicalizationMethod(canonicalizationMethod); + +    SignatureMethodType signatureMethod = new SignatureMethodType(); +    signatureMethod.setAlgorithm(signReq.getSignatureMethod()); +    signedInfo.setSignatureMethod(signatureMethod); + +    signedInfo.setId(CMS_DEF_SIGNEDINFO_ID); + +    List<ReferenceType> references = signedInfo.getReference(); +    ReferenceType reference = new ReferenceType(); +    reference.setId(HashDataInput.CMS_DEF_REFERENCE_ID); +    DigestMethodType digestMethod = new DigestMethodType(); +    digestMethod.setAlgorithm(signReq.getDigestMethod()); +    reference.setDigestMethod(digestMethod); +    byte[] messageDigest = null; +    try { +      ASN1 signedAttributes = new ASN1(signedInfoData); +      if (!signedAttributes.isConstructed()) +        throw new SignatureException("Error while parsing CMS signature"); +      for (int i = 0; i < signedAttributes.getSize(); ++i) { +        ASN1 signedAttribute = signedAttributes.getElementAt(i); +        if (!signedAttribute.isConstructed()) +          throw new SignatureException("Error while parsing CMS signature"); +        ASN1 oid = signedAttribute.getElementAt(0); +        if (oid.gvObjectId().equals(OID_MESSAGEDIGEST)) { +          ASN1 value = signedAttribute.getElementAt(1); +          if (!value.isConstructed()) +            throw new SignatureException("Error while parsing CMS signature"); +          messageDigest = value.getElementAt(0).gvByteArray(); +          break; +        } +      } +    } catch (IOException e) { +      throw new SignatureException(e); +    } +    reference.setDigestValue(messageDigest); +    if (signReq.getExcludedByteRange() != null) { +      // Abuse URI to store ExcludedByteRange +      String range = "CMSExcludedByteRange:" + signReq.getExcludedByteRange().getFrom() + "-" +          + signReq.getExcludedByteRange().getTo(); +      reference.setURI(range); +    } +     +    references.add(reference); +     +    log.trace("Added SignatureInfo {} with name {} of type{}", new Object[] { signedInfo.getId(), signReq.getDisplayName(), signReq.getMimeType() }); +    return new SignatureInfo(signedInfo, signReq.getDisplayName(), signReq.getMimeType()); +  } + +} diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SecureViewer.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SecureViewer.java deleted file mode 100644 index ea279f40..00000000 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SecureViewer.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright 2011 by Graz University of Technology, Austria - * MOCCA has been developed by the E-Government Innovation Center EGIZ, a joint - * initiative of the Federal Chancellery Austria and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egiz.bku.smccstal; - -import at.gv.egiz.stal.signedinfo.SignedInfoType; -import java.awt.event.ActionListener; -import java.security.DigestException; - -/** - * - * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> - */ -public interface SecureViewer { - -  /** -   * Displays the hashdata inputs for all provided dsig:SignedReferences. -   * Implementations may verify the digest value if necessary. -   * (LocalSignRequestHandler operates on DataObjectHashDataInput, -   * other SignRequestHandlers should cache the HashDataInputs obtained by webservice calls, -   * or simply forward to a HashDataInputServlet.) -   * @param signedInfo The caller may select a subset of the references in SignedInfo to be displayed. -   * @param okListener -   * @param okCommand -   * @throws java.security.DigestException if digest values are verified and do not correspond -   * (or any other digest computation error occurs) -   * @throws java.lang.Exception -   */ -  void displayDataToBeSigned(SignedInfoType signedInfo, -          ActionListener okListener, String okCommand) -        throws DigestException, Exception; -} diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 3026d27a..31c63379 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -41,6 +41,7 @@ import org.slf4j.Logger;  import org.slf4j.LoggerFactory;  import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.gui.viewer.SecureViewer;  import at.gv.egiz.bku.pin.gui.SignPINGUI;  import at.gv.egiz.smcc.CancelledException;  import at.gv.egiz.smcc.LockedException; @@ -55,6 +56,7 @@ import at.gv.egiz.stal.STALRequest;  import at.gv.egiz.stal.STALResponse;  import at.gv.egiz.stal.SignRequest;  import at.gv.egiz.stal.SignResponse; +import at.gv.egiz.stal.SignatureInfo;  import at.gv.egiz.stal.signedinfo.CanonicalizationMethodType;  import at.gv.egiz.stal.signedinfo.DigestMethodType;  import at.gv.egiz.stal.signedinfo.ObjectFactory; @@ -97,10 +99,12 @@ public class SignRequestHandler extends AbstractRequestHandler {      @Override      public STALResponse handleRequest(STALRequest request) throws InterruptedException {          if (request instanceof SignRequest) { +                        SignRequest signReq = (SignRequest) request; +              byte[] signedInfoData = signReq.getSignedInfo().getValue();              try { -                SignedInfoType signedInfo; +                SignatureInfo signedInfo;                  if (signReq.getSignedInfo().isIsCMSSignedAttributes()) {                    signedInfo = createCMSSignedInfo(signReq);                  } else { @@ -109,7 +113,8 @@ public class SignRequestHandler extends AbstractRequestHandler {                    @SuppressWarnings("unchecked")                    JAXBElement<SignedInfoType> si =                        (JAXBElement<SignedInfoType>) unmarshaller.unmarshal(is); -                  signedInfo = si.getValue(); +                   +                  signedInfo = new SignatureInfo(si.getValue(), signReq.getDisplayName(), signReq.getMimeType());                  }                  String signatureMethod = signedInfo.getSignatureMethod().getAlgorithm();                  log.debug("Found signature method: {}.", signatureMethod); @@ -159,7 +164,7 @@ public class SignRequestHandler extends AbstractRequestHandler {          }      } -    private static SignedInfoType createCMSSignedInfo(SignRequest signReq) throws SignatureException { +    private static SignatureInfo createCMSSignedInfo(SignRequest signReq) throws SignatureException {        SignedInfoType signedInfo = new SignedInfoType();        byte[] signedInfoData = signReq.getSignedInfo().getValue(); @@ -210,7 +215,7 @@ public class SignRequestHandler extends AbstractRequestHandler {          reference.setURI(range);        }        references.add(reference); -      return signedInfo; +      return new SignatureInfo(signedInfo, signReq.getDisplayName(), signReq.getMimeType());      }      @Override | 
