summaryrefslogtreecommitdiff
path: root/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java
diff options
context:
space:
mode:
Diffstat (limited to 'smcc/src/main/java/at/gv/egiz/smcc/SWCard.java')
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/SWCard.java79
1 files changed, 69 insertions, 10 deletions
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java b/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java
index 68a6f6df..22a66c3f 100644
--- a/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java
+++ b/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java
@@ -25,6 +25,8 @@ import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
+import java.io.InputStreamReader;
+import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
@@ -52,16 +54,20 @@ import org.apache.commons.logging.LogFactory;
*/
public class SWCard implements SignatureCard {
- private static final String BKU_USER_DIR = ".bku";
+ private static final String BKU_USER_DIR = ".mocca";
private static final String SWCARD_DIR = "smcc";
private static final String KEYSTORE_CERTIFIED_KEYPAIR = "certified.p12";
+ private static final String KEYSTORE_PASSWORD_CERTIFIED_KEYPAIR = "certified.pwd";
+
private static final String CERTIFICATE_CERTIFIED_KEYPAIR = "certified.cer";
private static final String KEYSTORE_SECURE_KEYPAIR = "secure.p12";
+ private static final String KEYSTORE_PASSWORD_SECURE_KEYPAIR = "secure.pwd";
+
private static final String CERTIFICATE_SECURE_KEYPAIR = "secure.cer";
private static String swCardDir;
@@ -70,8 +76,12 @@ public class SWCard implements SignatureCard {
private KeyStore certifiedKeyStore;
+ private String certifiedKeyStorePassword;
+
private KeyStore secureKeyStore;
+ private String secureKeyStorePassword;
+
private Certificate certifiedCertificate;
private Certificate secureCertificate;
@@ -168,7 +178,7 @@ public class SWCard implements SignatureCard {
}
try {
- keyStore.load(keyStoreFile, null);
+ keyStore.load(keyStoreFile, password);
} catch (Exception e) {
String msg = "Failed to load KeyStore from file '" + fileName + "'.";
log.info(msg, e);
@@ -176,10 +186,33 @@ public class SWCard implements SignatureCard {
}
return keyStore;
-
}
+ private String loadKeyStorePassword(String passwordFileName) throws SignatureCardException {
+
+ String fileName = getFileName(passwordFileName);
+ FileInputStream keyStorePasswordFile;
+ try {
+ keyStorePasswordFile = new FileInputStream(fileName);
+ } catch (FileNotFoundException e) {
+ return null;
+ }
+
+ try {
+ InputStreamReader reader = new InputStreamReader(keyStorePasswordFile, Charset.forName("UTF-8"));
+ StringBuilder sb = new StringBuilder();
+ char b[] = new char[16];
+ for (int l; (l = reader.read(b)) != -1;) {
+ sb.append(b, 0, l);
+ }
+ return sb.toString();
+ } catch (IOException e) {
+ throw new SignatureCardException("Failed to read file '" + passwordFileName + "'.");
+ }
+
+ }
+
private KeyStore getKeyStore(KeyboxName keyboxName, char[] password) throws SignatureCardException {
if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) {
@@ -198,6 +231,23 @@ public class SWCard implements SignatureCard {
}
+ private String getPassword(KeyboxName keyboxName) throws SignatureCardException {
+
+ if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) {
+ if (certifiedKeyStorePassword == null) {
+ certifiedKeyStorePassword = loadKeyStorePassword(KEYSTORE_PASSWORD_CERTIFIED_KEYPAIR);
+ }
+ return certifiedKeyStorePassword;
+ } else if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) {
+ if (secureKeyStorePassword == null) {
+ secureKeyStorePassword = loadKeyStorePassword(KEYSTORE_PASSWORD_SECURE_KEYPAIR);
+ }
+ return secureKeyStorePassword;
+ } else {
+ throw new SignatureCardException("Keybox of type '" + keyboxName + "' not supported.");
+ }
+
+ }
public byte[] getCertificate(KeyboxName keyboxName)
throws SignatureCardException {
@@ -254,9 +304,21 @@ public class SWCard implements SignatureCard {
public byte[] createSignature(byte[] hash, KeyboxName keyboxName, PINProvider provider) throws SignatureCardException {
// KeyStore password
- PINSpec pinSpec = new PINSpec(0, -1, ".", "KeyStore-Password");
-
- KeyStore keyStore = getKeyStore(keyboxName, null);
+ String password = getPassword(keyboxName);
+
+ if (password == null) {
+
+ PINSpec pinSpec = new PINSpec(0, -1, ".", "KeyStore-Password");
+
+ password = provider.providePIN(pinSpec, -1);
+
+ if (password == null) {
+ return null;
+ }
+
+ }
+
+ KeyStore keyStore = getKeyStore(keyboxName, password.toCharArray());
PrivateKey privateKey = null;
@@ -269,8 +331,7 @@ public class SWCard implements SignatureCard {
Key key = null;
while (key == null) {
try {
- String pin = provider.providePIN(pinSpec, -1);
- key = keyStore.getKey(alias, pin.toCharArray());
+ key = keyStore.getKey(alias, password.toCharArray());
} catch (UnrecoverableKeyException e) {
log.info("Failed to get Key from KeyStore. Wrong password?", e);
}
@@ -315,8 +376,6 @@ public class SWCard implements SignatureCard {
@Override
public void setLocale(Locale locale) {
- // TODO Auto-generated method stub
- throw new UnsupportedOperationException("Not supported yet.");
}
@Override
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-20 01:00:52 +0000