diff options
18 files changed, 197 insertions, 399 deletions
diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java index 03e4b7c9..9fc21df8 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java @@ -38,7 +38,7 @@ import java.util.List; import javax.xml.namespace.QName; /** - * + * * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> */ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { @@ -48,7 +48,8 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { protected String sessionId; protected STALPortType stalPort; - public AppletBKUWorker(BKUGUIFacade gui, AppletContext ctx, AppletParameterProvider paramProvider) { + public AppletBKUWorker(BKUGUIFacade gui, AppletContext ctx, + AppletParameterProvider paramProvider) { super(gui); if (ctx == null) { throw new NullPointerException("Applet context not provided"); @@ -76,7 +77,7 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { actionCommandList.clear(); actionCommandList.add("ok"); gui.showErrorDialog(BKUGUIFacade.ERR_SERVICE_UNREACHABLE, - new Object[]{e.getMessage()}); + new Object[] { e.getMessage() }); try { waitForAction(); } catch (InterruptedException e1) { @@ -92,8 +93,10 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { GetNextRequestResponseType nextRequestResp = stalPort.connect(sessionId); do { - List<RequestType> requests = nextRequestResp.getInfoboxReadRequestOrSignRequestOrQuitRequest(); - List<STALRequest> stalRequests = STALTranslator.translateRequests(requests); + List<RequestType> requests = nextRequestResp + .getInfoboxReadRequestOrSignRequestOrQuitRequest(); + List<STALRequest> stalRequests = STALTranslator + .translateRequests(requests); if (log.isInfoEnabled()) { StringBuilder sb = new StringBuilder("Received "); @@ -142,64 +145,76 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { } if (!finished) { - log.info("Not finished yet (BKUWorker: " + this + "), sending responses"); + log.info("Not finished yet (BKUWorker: " + this + + "), sending responses"); GetNextRequestType nextRequest = of.createGetNextRequestType(); nextRequest.setSessionId(sessionId); - nextRequest.getInfoboxReadResponseOrSignResponseOrErrorResponse().addAll(responses); + nextRequest.getInfoboxReadResponseOrSignResponseOrErrorResponse() + .addAll(responses); nextRequestResp = stalPort.getNextRequest(nextRequest); } } while (!finished); log.info("Done " + Thread.currentThread().getName()); } catch (Exception ex) { log.error(ex.getMessage(), ex); - gui.showErrorDialog(BKUGUIFacade.ERR_UNKNOWN, new Object[]{ex.getMessage()}); + gui.showErrorDialog(BKUGUIFacade.ERR_UNKNOWN, new Object[] { ex + .getMessage() }); try { waitForAction(); } catch (InterruptedException e) { log.error(e); } - } - if (signatureCard != null) { - signatureCard.disconnect(false); + if (signatureCard != null) { + signatureCard.disconnect(false); + } } sendRedirect(); } protected void sendRedirect() { try { - URL redirectURL = params.getURLParameter(BKUApplet.REDIRECT_URL, sessionId); - String redirectTarget = params.getAppletParameter(BKUApplet.REDIRECT_TARGET); + URL redirectURL = params.getURLParameter(BKUApplet.REDIRECT_URL, + sessionId); + String redirectTarget = params + .getAppletParameter(BKUApplet.REDIRECT_TARGET); if (redirectTarget == null) { log.info("Done. Redirecting to " + redirectURL + " ..."); ctx.showDocument(redirectURL); } else { - log.info("Done. Redirecting to " + redirectURL + " (target=" + redirectTarget + ") ..."); + log.info("Done. Redirecting to " + redirectURL + " (target=" + + redirectTarget + ") ..."); ctx.showDocument(redirectURL, redirectTarget); } } catch (MalformedURLException ex) { log.warn("Failed to redirect: " + ex.getMessage(), ex); - // gui.showErrorDialog(errorMsg, okListener, actionCommand) + // gui.showErrorDialog(errorMsg, okListener, actionCommand) } } private STALPortType getSTALPort() throws MalformedURLException { URL wsdlURL = params.getURLParameter(BKUApplet.WSDL_URL); log.debug("STAL WSDL at " + wsdlURL); - QName endpointName = new QName(BKUApplet.STAL_WSDL_NS, BKUApplet.STAL_SERVICE); + QName endpointName = new QName(BKUApplet.STAL_WSDL_NS, + BKUApplet.STAL_SERVICE); STALService stal = new STALService(wsdlURL, endpointName); return stal.getSTALPort(); } private void registerSignRequestHandler() throws MalformedURLException { - String hashDataDisplayStyle = params.getAppletParameter(BKUApplet.HASHDATA_DISPLAY); + String hashDataDisplayStyle = params + .getAppletParameter(BKUApplet.HASHDATA_DISPLAY); if (BKUApplet.HASHDATA_DISPLAY_BROWSER.equals(hashDataDisplayStyle)) { - URL hashDataURL = params.getURLParameter(BKUApplet.HASHDATA_URL, sessionId); + URL hashDataURL = params.getURLParameter(BKUApplet.HASHDATA_URL, + sessionId); log.debug("register SignRequestHandler for HashDataURL " + hashDataURL); - addRequestHandler(SignRequest.class, new BrowserHashDataDisplay(ctx, hashDataURL)); + addRequestHandler(SignRequest.class, new BrowserHashDataDisplay(ctx, + hashDataURL)); } else { - //BKUApplet.HASHDATA_DISPLAY_FRAME - log.debug("register SignRequestHandler for STAL port " + BKUApplet.WSDL_URL); - AppletHashDataDisplay handler = new AppletHashDataDisplay(stalPort, sessionId); + // BKUApplet.HASHDATA_DISPLAY_FRAME + log.debug("register SignRequestHandler for STAL port " + + BKUApplet.WSDL_URL); + AppletHashDataDisplay handler = new AppletHashDataDisplay(stalPort, + sessionId); addRequestHandler(SignRequest.class, handler); } } diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java index c3417d63..a02e56eb 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java @@ -36,121 +36,122 @@ import org.apache.commons.logging.LogFactory; public class InternalSSLSocketFactory extends SSLSocketFactory { - private final static String GOV_DOMAIN = ".gv.at"; - - private static InternalSSLSocketFactory instance = new InternalSSLSocketFactory(); - - private final static Log log = LogFactory - .getLog(InternalSSLSocketFactory.class); - - private SSLSocket sslSocket; - - private SSLSocketFactory proxy; - - private InternalSSLSocketFactory() { - proxy = HttpsURLConnection.getDefaultSSLSocketFactory(); - } - - public static InternalSSLSocketFactory getInstance() { - return instance; - } - - @Override - public Socket createSocket() throws IOException { - sslSocket = (SSLSocket) proxy.createSocket(); - return sslSocket; - } - - @Override - public Socket createSocket(String arg0, int arg1) throws IOException, - UnknownHostException { - sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1); - - return sslSocket; - } - - @Override - public Socket createSocket(InetAddress arg0, int arg1) throws IOException { - sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1); - return sslSocket; - } - - @Override - public Socket createSocket(String arg0, int arg1, InetAddress arg2, int arg3) - throws IOException, UnknownHostException { - sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3); - return sslSocket; - } - - @Override - public Socket createSocket(InetAddress arg0, int arg1, InetAddress arg2, - int arg3) throws IOException { - sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3); - return sslSocket; - } - - @Override - public Socket createSocket(Socket arg0, String arg1, int arg2, boolean arg3) - throws IOException { - sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3); - return sslSocket; - } - - @Override - public String[] getDefaultCipherSuites() { - return proxy.getDefaultCipherSuites(); - } - - @Override - public String[] getSupportedCipherSuites() { - return proxy.getSupportedCipherSuites(); - } - - public boolean isEgovAgency() { - log.info("Checking if server is egov agency"); - if (sslSocket != null) { - try { - X509Certificate cert = (X509Certificate) sslSocket.getSession() - .getPeerCertificates()[0]; - log.info("Server cert: " + cert); - return isGovAgency(cert); - } catch (SSLPeerUnverifiedException e) { - log.error(e); - return false; - } - } - log.info("Not a SSL connection"); - return false; - } - - public static boolean isGovAgency(X509Certificate cert) { - String[] rdns = (cert.getSubjectX500Principal().getName()).split(","); - for (String rdn : rdns) { - if (rdn.startsWith("CN=")) { - String dns = rdn.split("=")[1]; - if (dns.endsWith(GOV_DOMAIN)) { - return true; - } - } - } - try { - Collection<List<?>> sanList = cert.getSubjectAlternativeNames(); - if (sanList != null) { - for (List<?> san : sanList) { - if ((Integer) san.get(0) == 2) { - String dns = (String) san.get(1); - if (dns.endsWith(GOV_DOMAIN)) { - return true; - } - } - } - } - } catch (CertificateParsingException e) { - log.error(e); - } - if (cert.getExtensionValue("1.2.40.0.10.1.1.1") != null) { - return true; - } - return false; - } + private final static String GOV_DOMAIN = ".gv.at"; + + private static InternalSSLSocketFactory instance = new InternalSSLSocketFactory(); + + private final static Log log = LogFactory + .getLog(InternalSSLSocketFactory.class); + + private SSLSocket sslSocket; + + private SSLSocketFactory proxy; + + private InternalSSLSocketFactory() { + proxy = HttpsURLConnection.getDefaultSSLSocketFactory(); + } + + public static InternalSSLSocketFactory getInstance() { + return instance; + } + + @Override + public Socket createSocket() throws IOException { + sslSocket = (SSLSocket) proxy.createSocket(); + return sslSocket; + } + + @Override + public Socket createSocket(String arg0, int arg1) throws IOException, + UnknownHostException { + sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1); + + return sslSocket; + } + + @Override + public Socket createSocket(InetAddress arg0, int arg1) throws IOException { + sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1); + return sslSocket; + } + + @Override + public Socket createSocket(String arg0, int arg1, InetAddress arg2, int arg3) + throws IOException, UnknownHostException { + sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3); + return sslSocket; + } + + @Override + public Socket createSocket(InetAddress arg0, int arg1, InetAddress arg2, + int arg3) throws IOException { + sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3); + return sslSocket; + } + + @Override + public Socket createSocket(Socket arg0, String arg1, int arg2, boolean arg3) + throws IOException { + sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3); + return sslSocket; + } + + @Override + public String[] getDefaultCipherSuites() { + return proxy.getDefaultCipherSuites(); + } + + @Override + public String[] getSupportedCipherSuites() { + return proxy.getSupportedCipherSuites(); + } + + public boolean isEgovAgency() { + log.info("Checking if server is egov agency"); + if (sslSocket != null) { + try { + X509Certificate cert = (X509Certificate) sslSocket.getSession() + .getPeerCertificates()[0]; + log.info("Server cert: " + cert); + return isGovAgency(cert); + } catch (SSLPeerUnverifiedException e) { + log.error(e); + return false; + } + } + log.info("Not a SSL connection"); + return false; + } + + public static boolean isGovAgency(X509Certificate cert) { + String[] rdns = (cert.getSubjectX500Principal().getName()).split(","); + for (String rdn : rdns) { + if (rdn.startsWith("CN=")) { + String dns = rdn.split("=")[1]; + if (dns.endsWith(GOV_DOMAIN)) { + return true; + } + } + } + try { + Collection<List<?>> sanList = cert.getSubjectAlternativeNames(); + if (sanList != null) { + for (List<?> san : sanList) { + if ((Integer) san.get(0) == 2) { + String dns = (String) san.get(1); + if (dns.endsWith(GOV_DOMAIN)) { + return true; + } + } + } + } + } catch (CertificateParsingException e) { + log.error(e); + } + if ((cert.getExtensionValue("1.2.40.0.10.1.1.1") != null) + || (cert.getExtensionValue("1.2.40.0.10.1.1.2") != null)) { + return true; + } + return false; + } } diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/CACerts/A-CERT GLOBALTRUST.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/CACerts/A-CERT GLOBALTRUST.cer Binary files differnew file mode 100644 index 00000000..9a25e57d --- /dev/null +++ b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/CACerts/A-CERT GLOBALTRUST.cer diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT ADVANCED.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT ADVANCED.cer Binary files differnew file mode 100644 index 00000000..66ff251b --- /dev/null +++ b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT ADVANCED.cer diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT GLOBALTRUST.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT GLOBALTRUST.cer Binary files differnew file mode 100644 index 00000000..9a25e57d --- /dev/null +++ b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT GLOBALTRUST.cer diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-01a.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-01a.cer Binary files differnew file mode 100644 index 00000000..f9fef65f --- /dev/null +++ b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-01a.cer diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-02a.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-02a.cer Binary files differnew file mode 100644 index 00000000..36a442b8 --- /dev/null +++ b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-02a.cer diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-03a.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-03a.cer Binary files differnew file mode 100644 index 00000000..ab9e0cd7 --- /dev/null +++ b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-03a.cer diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-01a.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-01a.cer Binary files differnew file mode 100644 index 00000000..efa28178 --- /dev/null +++ b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-01a.cer diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-03.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-03.cer Binary files differnew file mode 100644 index 00000000..33e77636 --- /dev/null +++ b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-03.cer diff --git a/BKUOnline/pom.xml b/BKUOnline/pom.xml index 1ea2c1a1..5e6ac8ad 100644 --- a/BKUOnline/pom.xml +++ b/BKUOnline/pom.xml @@ -121,6 +121,7 @@ </artifactItems>--> <includeGroupIds>at.gv.egiz</includeGroupIds> <includeArtifactIds>BKUApplet</includeArtifactIds> + <stripVersion>true</stripVersion> <excludeTransitive>true</excludeTransitive> </configuration> </execution> diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java index 3aa6bc19..12166a5a 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java @@ -24,6 +24,7 @@ import java.util.HashMap; import java.util.Locale; import java.util.Map; +import javax.servlet.RequestDispatcher; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -32,12 +33,12 @@ import javax.servlet.http.HttpSession; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import at.gv.egiz.bku.binding.BindingProcessor; import at.gv.egiz.bku.binding.HTTPBindingProcessor; import at.gv.egiz.bku.binding.HttpUtil; import at.gv.egiz.bku.binding.IdFactory; import at.gv.egiz.bku.utils.StreamUtil; import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; -import javax.servlet.RequestDispatcher; /** * Handles SL requests and instantiates BindingProcessors @@ -52,7 +53,8 @@ public class BKURequestHandler extends SpringBKUServlet { protected Log log = LogFactory.getLog(BKURequestHandler.class); - private static String getStringFromStream(InputStream is, String encoding) throws IOException { + private static String getStringFromStream(InputStream is, String encoding) + throws IOException { if (is == null) { return null; } @@ -63,8 +65,7 @@ public class BKURequestHandler extends SpringBKUServlet { StreamUtil.copyStream(is, os); return new String(os.toByteArray(), encoding); } - - + protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, java.io.IOException { log.debug("Got new request"); @@ -75,21 +76,28 @@ public class BKURequestHandler extends SpringBKUServlet { HttpSession session = req.getSession(false); if (session != null) { log.warn("Already a session with id: " + session.getId() - + " active, continuing"); - RequestDispatcher dispatcher = getServletContext().getNamedDispatcher(BKU_APPLET_JSP); - log.debug("forward to applet"); - dispatcher.forward(req, resp); - return; + + " active, trying to get Bindingprocessor"); + BindingProcessor bp = getBindingProcessorManager().getBindingProcessor( + IdFactory.getInstance().createId(session.getId())); + if (bp != null) { + log.debug("Found binding processor, using this one"); + RequestDispatcher dispatcher = getServletContext().getNamedDispatcher( + BKU_APPLET_JSP); + log.debug("forward to applet"); + dispatcher.forward(req, resp); + return; + } + log.debug("Did not find a binding processor, creating new ..."); } session = req.getSession(true); if (log.isDebugEnabled()) { log.debug("Using session id: " + session.getId()); } - - HTTPBindingProcessor bindingProcessor; + HTTPBindingProcessor bindingProcessor; bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() - .createBindingProcessor(req.getRequestURL().toString(), session.getId(), locale); + .createBindingProcessor(req.getRequestURL().toString(), + session.getId(), locale); Map<String, String> headerMap = new HashMap<String, String>(); for (Enumeration<String> headerName = req.getHeaderNames(); headerName @@ -109,14 +117,20 @@ public class BKURequestHandler extends SpringBKUServlet { bindingProcessor.consumeRequestStream(req.getInputStream()); req.getInputStream().close(); getBindingProcessorManager().process(bindingProcessor); - + log.trace("Trying to find applet parameters in request"); - String width = getStringFromStream(bindingProcessor.getFormData("appletWidth"), charset); - String height = getStringFromStream(bindingProcessor.getFormData("appletHeight"), charset); - String background = getStringFromStream(bindingProcessor.getFormData("appletBackground"), charset); - String guiStyle = getStringFromStream(bindingProcessor.getFormData("appletGuiStyle"), charset); - String hashDataDisplay = getStringFromStream(bindingProcessor.getFormData("appletHashDataDisplay"), charset); - String localeFormParam = getStringFromStream(bindingProcessor.getFormData("locale"), charset); + String width = getStringFromStream(bindingProcessor + .getFormData("appletWidth"), charset); + String height = getStringFromStream(bindingProcessor + .getFormData("appletHeight"), charset); + String background = getStringFromStream(bindingProcessor + .getFormData("appletBackground"), charset); + String guiStyle = getStringFromStream(bindingProcessor + .getFormData("appletGuiStyle"), charset); + String hashDataDisplay = getStringFromStream(bindingProcessor + .getFormData("appletHashDataDisplay"), charset); + String localeFormParam = getStringFromStream(bindingProcessor + .getFormData("locale"), charset); if (width != null) { try { log.trace("Found applet width parameter: " + width); @@ -148,7 +162,8 @@ public class BKURequestHandler extends SpringBKUServlet { session.setAttribute("appletHashDataDisplay", hashDataDisplay); } if (localeFormParam != null) { - log.debug("overrule accept-language locale " + locale + " with form param " + localeFormParam); + log.debug("overrule accept-language locale " + locale + + " with form param " + localeFormParam); locale = new Locale(localeFormParam); } if (locale != null) { @@ -156,8 +171,9 @@ public class BKURequestHandler extends SpringBKUServlet { session.setAttribute("locale", locale.toString()); } - //TODO error if no dispatcher found - RequestDispatcher dispatcher = getServletContext().getNamedDispatcher(BKU_APPLET_JSP); + // TODO error if no dispatcher found + RequestDispatcher dispatcher = getServletContext().getNamedDispatcher( + BKU_APPLET_JSP); log.debug("forward to applet"); dispatcher.forward(req, resp); } diff --git a/BKUOnline/src/main/webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar b/BKUOnline/src/main/webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar Binary files differdeleted file mode 100644 index 74f00509..00000000 --- a/BKUOnline/src/main/webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar +++ /dev/null diff --git a/BKUOnline/src/main/webapp/appletPage.jsp b/BKUOnline/src/main/webapp/appletPage.jsp index ee5f429c..b73ed2f4 100644 --- a/BKUOnline/src/main/webapp/appletPage.jsp +++ b/BKUOnline/src/main/webapp/appletPage.jsp @@ -47,7 +47,7 @@ var attributes = { codebase :'applet', code :'at.gv.egiz.bku.online.applet.BKUApplet.class', - archive :'BKUApplet-1.0.2-SNAPSHOT.jar, commons-logging-1.1.1.jar, iaik_jce_me4se-3.04.jar', + archive :'BKUApplet.jar, commons-logging-1.1.1.jar, iaik_jce_me4se-3.04.jar', width : <%=width%>, height :<%=height%> }; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java index ed4b9bda..61d3d7a5 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java @@ -65,7 +65,8 @@ public class AuthenticationClassifier { } catch (CertificateParsingException e) {
log.error(e);
}
- if (cert.getExtensionValue("1.2.40.0.10.1.1.1") != null) {
+ if ((cert.getExtensionValue("1.2.40.0.10.1.1.1") != null)
+ || (cert.getExtensionValue("1.2.40.0.10.1.1.2") != null)) {
return true;
}
return false;
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/SMCCApplication.java b/smcc/src/test/java/at/gv/egiz/smcc/SMCCApplication.java deleted file mode 100644 index 4835865f..00000000 --- a/smcc/src/test/java/at/gv/egiz/smcc/SMCCApplication.java +++ /dev/null @@ -1,49 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc;
-
-import java.util.Locale; - -import org.junit.Ignore; - -import at.gv.egiz.smcc.util.SMCCHelper; - -@Ignore
-public class SMCCApplication {
-
- /**
- * @param args
- */
- public static void main(String[] args) {
-
- SignatureCard sc = null;
- SMCCHelper smccHelper = new SMCCHelper();
- while (smccHelper.getResultCode() != SMCCHelper.CARD_FOUND) {
- System.out.println("Did not get a signature card ... "+smccHelper.getResultCode());
- smccHelper.update();
- try {
- Thread.sleep(1000);
- } catch (InterruptedException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
- sc = smccHelper.getSignatureCard(Locale.getDefault());
- System.out.println("Found supported siganture card: "+sc);
- }
-
-}
diff --git a/smcc/src/test/java/at/gv/egiz/smcc/STARCOSCardTest.java b/smcc/src/test/java/at/gv/egiz/smcc/STARCOSCardTest.java deleted file mode 100644 index 7f421474..00000000 --- a/smcc/src/test/java/at/gv/egiz/smcc/STARCOSCardTest.java +++ /dev/null @@ -1,121 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.io.PrintWriter; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.Locale; - -import javax.smartcardio.CardException; -import javax.smartcardio.CommandAPDU; -import javax.smartcardio.ResponseAPDU; - -import org.junit.Ignore; - -import sun.misc.HexDumpEncoder; - -import at.gv.egiz.smcc.SignatureCard.KeyboxName; -import at.gv.egiz.smcc.util.SMCCHelper; - -@Ignore -public class STARCOSCardTest { - - /** - * @param args - * @throws Exception - */ - public static void main(String[] args) throws Exception { - - SMCCHelper helper = new SMCCHelper(); - while (helper.getResultCode() != SMCCHelper.CARD_FOUND) { - System.out.println("Did not get a signature card ... " + helper.getResultCode()); - helper.update(); - try { - Thread.sleep(1000); - } catch (InterruptedException e) { - e.printStackTrace(); - } - } - - SignatureCard signatureCard = helper.getSignatureCard(Locale.getDefault()); - - System.out.println("Found '" + signatureCard + "'."); - - try { -// printJavaByteArray( -// signatureCard.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR), System.out); -// printJavaByteArray( -// signatureCard.getCertificate(KeyboxName.CERITIFIED_KEYPAIR), System.out); -// System.out. println(new String(signatureCard.getInfobox("IdentityLink", new CommandLinePINProvider(), null))); -// byte[] infobox = signatureCard.getInfobox("Status", new CommandLinePINProvider(), null); -// printJavaByteArray(infobox, System.out); - MessageDigest messageDigest = MessageDigest.getInstance("SHA-1"); - byte[] digest = messageDigest.digest("test".getBytes()); - byte[] signature = signatureCard.createSignature(digest, KeyboxName.SECURE_SIGNATURE_KEYPAIR, new CommandLinePINProvider()); - printJavaByteArray(signature, System.out); - } catch (SignatureCardException e) { - e.printStackTrace(); - } - - } - - public static void printJavaByteArray(byte[] bytes, OutputStream os) { - - PrintWriter w = new PrintWriter(os); - - w.write("new byte[] {"); - for (int i = 0; i < bytes.length;) { - if (i % 8 == 0) { - w.write("\n "); - } - w.write("(byte) 0x" + Integer.toHexString(0x0F & (bytes[i] >> 4)) + Integer.toHexString(0x0F & bytes[i])); - if (++i < bytes.length) { - w.write(", "); - } - } - w.write("\n};"); - w.flush(); - } - - private static class CommandLinePINProvider implements PINProvider { - - @Override - public String providePIN(PINSpec spec, int retries) { - - InputStreamReader inputStreamReader = new InputStreamReader(System.in); - BufferedReader in = new BufferedReader(inputStreamReader); - - System.out.print("Enter " + spec.getLocalizedName() + " [" - + spec.getMinLength() + "-" + spec.getMaxLength() + "] (" + retries - + " retries):"); - - try { - return in.readLine(); - } catch (IOException e) { - return null; - } - - } - - } - -} diff --git a/smcc/src/test/java/at/gv/egiz/smcc/SWCardTest.java b/smcc/src/test/java/at/gv/egiz/smcc/SWCardTest.java deleted file mode 100644 index 115edc16..00000000 --- a/smcc/src/test/java/at/gv/egiz/smcc/SWCardTest.java +++ /dev/null @@ -1,66 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import java.math.BigInteger; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -import org.junit.Ignore; - -import at.gv.egiz.smcc.SignatureCard.KeyboxName; - -@Ignore -public class SWCardTest implements PINProvider { - - SWCard swCard = new SWCard(); - - public static void main(String[] args) throws Exception { - - SWCardTest swCardTest = new SWCardTest(); - swCardTest.test(); - - } - - public void test() throws SignatureCardException, NoSuchAlgorithmException, InterruptedException { - - swCard.getCertificate(KeyboxName.CERITIFIED_KEYPAIR); - swCard.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR); - - BigInteger t = BigInteger.valueOf(System.currentTimeMillis()); - - MessageDigest messageDigest = MessageDigest.getInstance("SHA-1"); - byte[] hash = messageDigest.digest(t.toByteArray()); - - byte[] signature; - signature = swCard.createSignature(hash, KeyboxName.CERITIFIED_KEYPAIR, this); - System.out.println(SignatureCardFactory.toString(signature)); - - signature = swCard.createSignature(hash, KeyboxName.SECURE_SIGNATURE_KEYPAIR, this); - System.out.println(SignatureCardFactory.toString(signature)); - - byte[] infobox = swCard.getInfobox("IdentityLink", this, null); - System.out.println(SignatureCardFactory.toString(infobox)); - - } - - @Override - public String providePIN(PINSpec spec, int retries) { - return "buerger"; - } - -} |