From c9421495bf0f6e5918cb17595a2fab677aec69a2 Mon Sep 17 00:00:00 2001 From: bschnalzer Date: Mon, 30 Oct 2017 08:09:48 +0100 Subject: Updated Certs in TrustStore, added Access-Controll-Allow-Origin (Response Header), applied Patch for Signature-Exception-Handling --- .../slcommands/impl/cms/STALSecurityProvider.java | 9 ++++-- .../gv/egiz/bku/slcommands/impl/cms/Signature.java | 35 +++++++--------------- 2 files changed, 18 insertions(+), 26 deletions(-) (limited to 'bkucommon') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALSecurityProvider.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALSecurityProvider.java index 77bfaaa7..87c00644 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALSecurityProvider.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALSecurityProvider.java @@ -67,6 +67,7 @@ public class STALSecurityProvider extends IaikProvider { private STAL stal; private List hashDataInput; private ExcludedByteRangeType excludedByteRange; + private STALSignatureException stalSignatureException; public STALSecurityProvider(STAL stal, String keyboxIdentifier, HashDataInput hashDataInput, ExcludedByteRangeType excludedByteRange) { @@ -106,8 +107,8 @@ public class STALSecurityProvider extends IaikProvider { return wrapSignatureValue(sig, signatureAlgorithm); } else if (response instanceof ErrorResponse) { ErrorResponse err = (ErrorResponse) response; - STALSignatureException se = new STALSignatureException(err.getErrorCode(), err.getErrorMessage()); - throw new SignatureException(se); + stalSignatureException = new STALSignatureException(err.getErrorCode(), err.getErrorMessage()); + throw new SignatureException(stalSignatureException); } else { throw new SignatureException("Failed to access STAL."); } @@ -151,4 +152,8 @@ public class STALSecurityProvider extends IaikProvider { return sig; } + public STALSignatureException getStalSignatureException() { + return stalSignatureException; + } + } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java index 9c89906e..7be546de 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java @@ -50,7 +50,6 @@ import java.security.InvalidParameterException; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.PublicKey; -import java.security.SignatureException; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; @@ -252,26 +251,6 @@ public class Signature { return data; } - private void setSignerInfo() throws SLCommandException, CMSException, CMSSignatureException { - try { - signedData.addSignerInfo(signerInfo); - } catch (NoSuchAlgorithmException e) { - if (e.getCause() instanceof CMSException) { - CMSException e2 = (CMSException) e.getCause(); - if (e2.getCause() instanceof SignatureException) - { - SignatureException e3 = (SignatureException) e2.getCause(); - if (e3.getCause() instanceof STALSignatureException) { - STALSignatureException e4 = (STALSignatureException) e3.getCause(); - throw new SLCommandException(e4.getErrorCode()); - } - } - throw e2; - } - throw new CMSSignatureException(e); - } - } - private void setAlgorithmIDs(X509Certificate signingCertificate, boolean useStrongHash) throws NoSuchAlgorithmException { PublicKey publicKey = signingCertificate.getPublicKey(); String algorithm = publicKey.getAlgorithm(); @@ -332,9 +311,17 @@ public class Signature { } public byte[] sign(STAL stal, String keyboxIdentifier) throws CMSException, CMSSignatureException, SLCommandException { - signedData.setSecurityProvider(new STALSecurityProvider( - stal, keyboxIdentifier, getHashDataInput(), this.excludedByteRange)); - setSignerInfo(); + STALSecurityProvider securityProvider = new STALSecurityProvider(stal, keyboxIdentifier, getHashDataInput(), this.excludedByteRange); + signedData.setSecurityProvider(securityProvider); + try { + signedData.addSignerInfo(signerInfo); + } catch (NoSuchAlgorithmException e) { + STALSignatureException stalSignatureException = securityProvider.getStalSignatureException(); + if (stalSignatureException != null) { + throw new SLCommandException(stalSignatureException.getErrorCode()); + } + throw new CMSSignatureException(e); + } ContentInfo contentInfo = new ContentInfo(signedData); return contentInfo.getEncoded(); } -- cgit v1.2.3