diff options
Diffstat (limited to 'bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java')
-rw-r--r-- | bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java | 452 |
1 files changed, 226 insertions, 226 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java index 93e0eee8..6c5125aa 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.java @@ -1,226 +1,226 @@ -/* - * Copyright 2013 by Graz University of Technology, Austria - * MOCCA has been developed by the E-Government Innovation Center EGIZ, a joint - * initiative of the Federal Chancellery Austria and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egiz.bku.slcommands.impl; - -import iaik.cms.CMSException; -import iaik.cms.CMSSignatureException; - -import java.security.InvalidParameterException; -import java.security.cert.X509Certificate; -import java.util.Collections; -import java.util.Date; -import java.util.List; - -import org.apache.commons.configuration.Configuration; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.buergerkarte.namespaces.securitylayer._1_2_3.CreateCMSSignatureRequestType; -import at.gv.egiz.bku.conf.MoccaConfigurationFacade; -import at.gv.egiz.bku.slcommands.CreateCMSSignatureCommand; -import at.gv.egiz.bku.slcommands.SLCommandContext; -import at.gv.egiz.bku.slcommands.SLResult; -import at.gv.egiz.bku.slcommands.impl.cms.Signature; -import at.gv.egiz.bku.slexceptions.SLCommandException; -import at.gv.egiz.bku.slexceptions.SLException; -import at.gv.egiz.bku.slexceptions.SLRequestException; -import at.gv.egiz.bku.slexceptions.SLViewerException; -import at.gv.egiz.stal.InfoboxReadRequest; -import at.gv.egiz.stal.STALRequest; - -/** - * This class implements the security layer command - * <code>CreateCMSSignatureRequest</code>. - * - * @author tkellner - */ -public class CreateCMSSignatureCommandImpl extends - SLCommandImpl<CreateCMSSignatureRequestType> implements - CreateCMSSignatureCommand { - - /** - * Logging facility. - */ - private final Logger log = LoggerFactory.getLogger(CreateCMSSignatureCommandImpl.class); - - /** - * The signing certificate. - */ - protected X509Certificate signingCertificate; - - /** - * The keybox identifier of the key used for signing. - */ - protected String keyboxIdentifier; - - /** - * The to-be signed signature. - */ - protected Signature signature; - - /** - * The configuration facade used to access the MOCCA configuration. - */ - private ConfigurationFacade configurationFacade = new ConfigurationFacade(); - - private class ConfigurationFacade implements MoccaConfigurationFacade { - private Configuration configuration; - - public static final String USE_STRONG_HASH = "UseStrongHash"; - - public void setConfiguration(Configuration configuration) { - this.configuration = configuration; - } - - public boolean getUseStrongHash() { - return configuration.getBoolean(USE_STRONG_HASH, true); - } -} - - public void setConfiguration(Configuration configuration) { - configurationFacade.setConfiguration(configuration); - } - - @Override - public void prepareCMSSignature(SLCommandContext commandContext) throws SLCommandException, - SLRequestException { - - CreateCMSSignatureRequestType request = getRequestValue(); - - try { - if (request.isPAdESCompatibility()) - { - //PAdES Compatibility Request - signature = new Signature(request.getDataObject(), request.getStructure(), - signingCertificate, commandContext.getURLDereferencer(), - configurationFacade.getUseStrongHash()); - - } - else - { - // DataObject, SigningCertificate, SigningTime - - Date signingTime = request.isPAdESCompatibility() ? null : new Date(); - signature = new Signature(request.getDataObject() != null ? request.getDataObject() - : request.getReferenceObject(), request.getStructure(), signingCertificate, signingTime, - commandContext.getURLDereferencer(), - configurationFacade.getUseStrongHash()); - } - } catch (SLCommandException e) { - log.error("Error creating CMS Signature.", e); - throw e; - } catch (InvalidParameterException e) { - log.error("Error creating CMS Signature.", e); - throw new SLCommandException(3004); - } catch (Exception e) { - log.error("Error creating CMS Signature.", e); - throw new SLCommandException(4000); - } - } - - /** - * Gets the signing certificate from STAL. - * @param commandContext TODO - * - * @throws SLCommandException - * if getting the singing certificate fails - */ - private void getSigningCertificate(SLCommandContext commandContext) throws SLCommandException { - - CreateCMSSignatureRequestType request = getRequestValue(); - keyboxIdentifier = request.getKeyboxIdentifier(); - - InfoboxReadRequest stalRequest = new InfoboxReadRequest(); - stalRequest.setInfoboxIdentifier(keyboxIdentifier); - - STALHelper stalHelper = new STALHelper(commandContext.getSTAL()); - - stalHelper.transmitSTALRequest(Collections.singletonList((STALRequest) stalRequest)); - List<X509Certificate> certificates = stalHelper.getCertificatesFromResponses(); - if (certificates == null || certificates.size() != 1) { - log.info("Got an unexpected number of certificates from STAL."); - throw new SLCommandException(4000); - } - signingCertificate = certificates.get(0); - - } - - /** - * Signs the signature. - * @param commandContext TODO - * @return the CMS signature - * @throws SLCommandException - * if signing the signature fails - * @throws SLViewerException - */ - private byte[] signCMSSignature(SLCommandContext commandContext) throws SLCommandException, SLViewerException { - - try { - return signature.sign(commandContext.getSTAL(), keyboxIdentifier); - } catch (CMSException e) { - log.error("Error creating CMSSignature", e); - throw new SLCommandException(4000); - } catch (CMSSignatureException e) { - log.error("Error creating CMSSignature", e); - throw new SLCommandException(4000); - } - } - - @Override - public SLResult execute(SLCommandContext commandContext) { - try { - - // get certificate in order to select appropriate algorithms for hashing - // and signing - log.info("Requesting signing certificate."); - getSigningCertificate(commandContext); - if (log.isDebugEnabled()) { - log.debug("Got signing certificate. {}", signingCertificate); - } else { - log.info("Got signing certificate."); - } - - // prepare the CMSSignature for signing - log.info("Preparing CMS signature."); - prepareCMSSignature(commandContext); - - // sign the CMSSignature - log.info("Signing CMS signature."); - byte[] sig = signCMSSignature(commandContext); - log.info("CMS signature signed."); - - return new CreateCMSSignatureResultImpl(sig); - - } catch (SLException e) { - return new ErrorResultImpl(e, commandContext.getLocale()); - } - } - - @Override - public String getName() { - return "CreateCMSSignatureRequest"; - } - -} +/*
+ * Copyright 2013 by Graz University of Technology, Austria
+ * MOCCA has been developed by the E-Government Innovation Center EGIZ, a joint
+ * initiative of the Federal Chancellery Austria and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egiz.bku.slcommands.impl;
+
+import iaik.cms.CMSException;
+import iaik.cms.CMSSignatureException;
+
+import java.security.InvalidParameterException;
+import java.security.cert.X509Certificate;
+import java.util.Collections;
+import java.util.Date;
+import java.util.List;
+
+import org.apache.commons.configuration.Configuration;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.buergerkarte.namespaces.securitylayer._1_2_3.CreateCMSSignatureRequestType;
+import at.gv.egiz.bku.conf.MoccaConfigurationFacade;
+import at.gv.egiz.bku.slcommands.CreateCMSSignatureCommand;
+import at.gv.egiz.bku.slcommands.SLCommandContext;
+import at.gv.egiz.bku.slcommands.SLResult;
+import at.gv.egiz.bku.slcommands.impl.cms.Signature;
+import at.gv.egiz.bku.slexceptions.SLCommandException;
+import at.gv.egiz.bku.slexceptions.SLException;
+import at.gv.egiz.bku.slexceptions.SLRequestException;
+import at.gv.egiz.bku.slexceptions.SLViewerException;
+import at.gv.egiz.stal.InfoboxReadRequest;
+import at.gv.egiz.stal.STALRequest;
+
+/**
+ * This class implements the security layer command
+ * <code>CreateCMSSignatureRequest</code>.
+ *
+ * @author tkellner
+ */
+public class CreateCMSSignatureCommandImpl extends
+ SLCommandImpl<CreateCMSSignatureRequestType> implements
+ CreateCMSSignatureCommand {
+
+ /**
+ * Logging facility.
+ */
+ protected final Logger log = LoggerFactory.getLogger(CreateCMSSignatureCommandImpl.class);
+
+ /**
+ * The signing certificate.
+ */
+ protected X509Certificate signingCertificate;
+
+ /**
+ * The keybox identifier of the key used for signing.
+ */
+ protected String keyboxIdentifier;
+
+ /**
+ * The to-be signed signature.
+ */
+ protected Signature signature;
+
+ /**
+ * The configuration facade used to access the MOCCA configuration.
+ */
+ protected ConfigurationFacade configurationFacade = new ConfigurationFacade();
+
+ protected class ConfigurationFacade implements MoccaConfigurationFacade {
+ protected Configuration configuration;
+
+ public static final String USE_STRONG_HASH = "UseStrongHash";
+
+ public void setConfiguration(Configuration configuration) {
+ this.configuration = configuration;
+ }
+
+ public boolean getUseStrongHash() {
+ return configuration.getBoolean(USE_STRONG_HASH, true);
+ }
+}
+
+ public void setConfiguration(Configuration configuration) {
+ configurationFacade.setConfiguration(configuration);
+ }
+
+ @Override
+ public void prepareCMSSignature(SLCommandContext commandContext) throws SLCommandException,
+ SLRequestException {
+
+ CreateCMSSignatureRequestType request = getRequestValue();
+
+ try {
+ if (request.isPAdESCompatibility())
+ {
+ //PAdES Compatibility Request
+ signature = new Signature(request.getDataObject(), request.getStructure(),
+ signingCertificate, commandContext.getURLDereferencer(),
+ configurationFacade.getUseStrongHash());
+
+ }
+ else
+ {
+ // DataObject, SigningCertificate, SigningTime
+
+ Date signingTime = request.isPAdESCompatibility() ? null : new Date();
+ signature = new Signature(request.getDataObject() != null ? request.getDataObject()
+ : request.getReferenceObject(), request.getStructure(), signingCertificate, signingTime,
+ commandContext.getURLDereferencer(),
+ configurationFacade.getUseStrongHash());
+ }
+ } catch (SLCommandException e) {
+ log.error("Error creating CMS Signature.", e);
+ throw e;
+ } catch (InvalidParameterException e) {
+ log.error("Error creating CMS Signature.", e);
+ throw new SLCommandException(3004);
+ } catch (Exception e) {
+ log.error("Error creating CMS Signature.", e);
+ throw new SLCommandException(4000);
+ }
+ }
+
+ /**
+ * Gets the signing certificate from STAL.
+ * @param commandContext TODO
+ *
+ * @throws SLCommandException
+ * if getting the singing certificate fails
+ */
+ protected void getSigningCertificate(SLCommandContext commandContext) throws SLCommandException {
+
+ CreateCMSSignatureRequestType request = getRequestValue();
+ keyboxIdentifier = request.getKeyboxIdentifier();
+
+ InfoboxReadRequest stalRequest = new InfoboxReadRequest();
+ stalRequest.setInfoboxIdentifier(keyboxIdentifier);
+
+ STALHelper stalHelper = new STALHelper(commandContext.getSTAL());
+
+ stalHelper.transmitSTALRequest(Collections.singletonList((STALRequest) stalRequest));
+ List<X509Certificate> certificates = stalHelper.getCertificatesFromResponses();
+ if (certificates == null || certificates.size() != 1) {
+ log.info("Got an unexpected number of certificates from STAL.");
+ throw new SLCommandException(4000);
+ }
+ signingCertificate = certificates.get(0);
+
+ }
+
+ /**
+ * Signs the signature.
+ * @param commandContext TODO
+ * @return the CMS signature
+ * @throws SLCommandException
+ * if signing the signature fails
+ * @throws SLViewerException
+ */
+ protected byte[] signCMSSignature(SLCommandContext commandContext) throws SLCommandException, SLViewerException {
+
+ try {
+ return signature.sign(commandContext.getSTAL(), keyboxIdentifier);
+ } catch (CMSException e) {
+ log.error("Error creating CMSSignature", e);
+ throw new SLCommandException(4000);
+ } catch (CMSSignatureException e) {
+ log.error("Error creating CMSSignature", e);
+ throw new SLCommandException(4000);
+ }
+ }
+
+ @Override
+ public SLResult execute(SLCommandContext commandContext) {
+ try {
+
+ // get certificate in order to select appropriate algorithms for hashing
+ // and signing
+ log.info("Requesting signing certificate.");
+ getSigningCertificate(commandContext);
+ if (log.isDebugEnabled()) {
+ log.debug("Got signing certificate. {}", signingCertificate);
+ } else {
+ log.info("Got signing certificate.");
+ }
+
+ // prepare the CMSSignature for signing
+ log.info("Preparing CMS signature.");
+ prepareCMSSignature(commandContext);
+
+ // sign the CMSSignature
+ log.info("Signing CMS signature.");
+ byte[] sig = signCMSSignature(commandContext);
+ log.info("CMS signature signed.");
+
+ return new CreateCMSSignatureResultImpl(sig);
+
+ } catch (SLException e) {
+ return new ErrorResultImpl(e, commandContext.getLocale());
+ }
+ }
+
+ @Override
+ public String getName() {
+ return "CreateCMSSignatureRequest";
+ }
+
+}
|