From e8b488d309f94321d374883368389f3206007495 Mon Sep 17 00:00:00 2001 From: Andreas Abraham Date: Wed, 19 Sep 2018 10:07:27 +0200 Subject: mac mocca.app template renewed, important crypto libraries updated --- .../slcommands/impl/xsect/STALSignatureMethod.java | 283 +++++++++++---------- 1 file changed, 144 insertions(+), 139 deletions(-) (limited to 'bkucommon/src/main/java/at') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignatureMethod.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignatureMethod.java index 1a6f6df9..a9eba7e8 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignatureMethod.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignatureMethod.java @@ -1,139 +1,144 @@ -/* - * Copyright 2011 by Graz University of Technology, Austria - * MOCCA has been developed by the E-Government Innovation Center EGIZ, a joint - * initiative of the Federal Chancellery Austria and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - - -package at.gv.egiz.bku.slcommands.impl.xsect; - -import iaik.xml.crypto.dsig.AbstractSignatureMethodImpl; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.InvalidAlgorithmParameterException; -import java.security.Key; -import java.security.NoSuchAlgorithmException; -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import javax.xml.crypto.XMLCryptoContext; -import javax.xml.crypto.dsig.XMLSignatureException; -import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec; - -import at.gv.egiz.bku.slcommands.impl.DataObjectHashDataInput; -import at.gv.egiz.bku.slexceptions.SLViewerException; -import at.gv.egiz.bku.utils.StreamUtil; -import at.gv.egiz.stal.ErrorResponse; -import at.gv.egiz.stal.HashDataInput; -import at.gv.egiz.stal.STAL; -import at.gv.egiz.stal.STALRequest; -import at.gv.egiz.stal.STALResponse; -import at.gv.egiz.stal.SignRequest; -import at.gv.egiz.stal.SignRequest.SignedInfo; -import at.gv.egiz.stal.SignResponse; - -public class STALSignatureMethod extends AbstractSignatureMethodImpl { - - /** - * Creates a new instance of this STALSignatureMethod - * with the given algorithm and params. - * - * @param algorithm the algorithm URI - * @param params optional algorithm parameters - * @throws InvalidAlgorithmParameterException if the specified parameters - * are inappropriate for the requested algorithm - * @throws NoSuchAlgorithmException if an implementation of the specified - * algorithm cannot be found - * @throws NullPointerException if algorithm is null - */ - public STALSignatureMethod(String algorithm, - SignatureMethodParameterSpec params) - throws InvalidAlgorithmParameterException, NoSuchAlgorithmException { - super(algorithm, params); - } - - @Override - public byte[] calculateSignatureValue(XMLCryptoContext context, Key key, InputStream message) - throws XMLSignatureException, IOException { - - if (!(key instanceof STALPrivateKey)) { - throw new XMLSignatureException("STALSignatureMethod expects STALPrivateKey."); - } - - STAL stal = ((STALPrivateKey) key).getStal(); - String keyboxIdentifier = ((STALPrivateKey) key).getKeyboxIdentifier(); - List dataObjects = ((STALPrivateKey) key).getDataObjects(); - - List hashDataInputs = new ArrayList(); - for (DataObject dataObject : dataObjects) { - try { - dataObject.validateHashDataInput(); - } catch (SLViewerException e) { - throw new XMLSignatureException(e); - } - hashDataInputs.add(new DataObjectHashDataInput(dataObject)); - } - - ByteArrayOutputStream m = new ByteArrayOutputStream(); - StreamUtil.copyStream(message, m); - - SignRequest signRequest = new SignRequest(); - signRequest.setKeyIdentifier(keyboxIdentifier); - SignedInfo signedInfo = new SignedInfo(); - signedInfo.setValue(m.toByteArray()); - signRequest.setSignedInfo(signedInfo); - signRequest.setHashDataInput(hashDataInputs); - - List responses = - stal.handleRequest(Collections.singletonList((STALRequest) signRequest)); - - if (responses == null || responses.size() != 1) { - throw new XMLSignatureException("Failed to access STAL."); - } - - STALResponse response = responses.get(0); - if (response instanceof SignResponse) { - return ((SignResponse) response).getSignatureValue(); - } else if (response instanceof ErrorResponse) { - ErrorResponse err = (ErrorResponse) response; - STALSignatureException se = new STALSignatureException(err.getErrorCode(), err.getErrorMessage()); - throw new XMLSignatureException(se); - } else { - throw new XMLSignatureException("Failed to access STAL."); - } - - } - - @Override - public boolean validateSignatureValue(XMLCryptoContext context, Key key, byte[] value, - InputStream message) throws XMLSignatureException, IOException { - throw new XMLSignatureException("The STALSignatureMethod does not support validation."); - } - - @Override - protected Class getParameterSpecClass() { - return null; - } - -} +/* + * Copyright 2011 by Graz University of Technology, Austria + * MOCCA has been developed by the E-Government Innovation Center EGIZ, a joint + * initiative of the Federal Chancellery Austria and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.gv.egiz.bku.slcommands.impl.xsect; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.security.InvalidAlgorithmParameterException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import javax.xml.crypto.XMLCryptoContext; +import javax.xml.crypto.dsig.XMLSignatureException; +import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec; + +import at.gv.egiz.bku.slcommands.impl.DataObjectHashDataInput; +import at.gv.egiz.bku.slexceptions.SLViewerException; +import at.gv.egiz.bku.utils.StreamUtil; +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.HashDataInput; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; +import at.gv.egiz.stal.SignRequest.SignedInfo; +import at.gv.egiz.stal.SignResponse; +import iaik.xml.crypto.dsig.SignatureMethodImpl; + +public class STALSignatureMethod extends SignatureMethodImpl { + + /** + * Creates a new instance of this STALSignatureMethod with the + * given algorithm and params. + * + * @param algorithm + * the algorithm URI + * @param params + * optional algorithm parameters + * @throws InvalidAlgorithmParameterException + * if the specified parameters are inappropriate for the requested + * algorithm + * @throws NoSuchAlgorithmException + * if an implementation of the specified algorithm cannot be found + * @throws NullPointerException + * if algorithm is null + */ + public STALSignatureMethod(String algorithm, SignatureMethodParameterSpec params) + throws InvalidAlgorithmParameterException, NoSuchAlgorithmException { + super(algorithm, params); + } + + @Override + public byte[] calculateSignatureValue(XMLCryptoContext context, Key key, InputStream message) + throws XMLSignatureException, IOException { + + if (!(key instanceof STALPrivateKey)) { + throw new XMLSignatureException("STALSignatureMethod expects STALPrivateKey."); + } + + STAL stal = ((STALPrivateKey) key).getStal(); + String keyboxIdentifier = ((STALPrivateKey) key).getKeyboxIdentifier(); + List dataObjects = ((STALPrivateKey) key).getDataObjects(); + + List hashDataInputs = new ArrayList(); + for (DataObject dataObject : dataObjects) { + try { + dataObject.validateHashDataInput(); + } catch (SLViewerException e) { + throw new XMLSignatureException(e); + } + hashDataInputs.add(new DataObjectHashDataInput(dataObject)); + } + + ByteArrayOutputStream m = new ByteArrayOutputStream(); + StreamUtil.copyStream(message, m); + + SignRequest signRequest = new SignRequest(); + signRequest.setKeyIdentifier(keyboxIdentifier); + SignedInfo signedInfo = new SignedInfo(); + signedInfo.setValue(m.toByteArray()); + signRequest.setSignedInfo(signedInfo); + signRequest.setHashDataInput(hashDataInputs); + + List responses = stal.handleRequest(Collections.singletonList((STALRequest) signRequest)); + + if (responses == null || responses.size() != 1) { + throw new XMLSignatureException("Failed to access STAL."); + } + + STALResponse response = responses.get(0); + if (response instanceof SignResponse) { + return ((SignResponse) response).getSignatureValue(); + } else if (response instanceof ErrorResponse) { + ErrorResponse err = (ErrorResponse) response; + STALSignatureException se = new STALSignatureException(err.getErrorCode(), err.getErrorMessage()); + throw new XMLSignatureException(se); + } else { + throw new XMLSignatureException("Failed to access STAL."); + } + + } + + @Override + public boolean validateSignatureValue(XMLCryptoContext context, Key key, byte[] value, InputStream message) + throws XMLSignatureException, IOException { + throw new XMLSignatureException("The STALSignatureMethod does not support validation."); + } + +// @Override +// protected Class getParameterSpecClass() { +// return null; +// } + + @Override + public boolean validateSignatureValue(Key key, byte[] value, InputStream message) throws XMLSignatureException, IOException { + throw new XMLSignatureException("The STALSignatureMethod does not support validation."); + } + + +} -- cgit v1.2.3