From d89f36b67ea1d838a78523538a24e044518f3587 Mon Sep 17 00:00:00 2001 From: mcentner Date: Tue, 26 Jan 2010 16:22:56 +0000 Subject: MOCCA 1.2.11 with SHA-2 enabled. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/branches/mocca-1.2.11-sha2@599 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../accesscontroller/SpringSecurityManager.java | 65 ++++++++++ .../gv/egiz/bku/local/conf/SpringConfigurator.java | 142 +++++++++++++++++++++ .../java/at/gv/egiz/bku/local/gui/GUIProxy.java | 55 ++++++++ .../gv/egiz/bku/local/gui/LocalHelpListener.java | 61 +++++++++ .../at/gv/egiz/bku/local/stal/LocalBKUWorker.java | 64 ++++++++++ .../gv/egiz/bku/local/stal/LocalSTALFactory.java | 126 ++++++++++++++++++ .../gv/egiz/bku/local/stal/LocalSecureViewer.java | 129 +++++++++++++++++++ .../bku/local/stal/LocalSignRequestHandler.java | 63 +++++++++ .../egiz/bku/local/webapp/BKURequestHandler.java | 113 ++++++++++++++++ .../bku/local/webapp/PINManagementServlet.java | 114 +++++++++++++++++ .../gv/egiz/bku/local/webapp/SpringBKUServlet.java | 39 ++++++ 11 files changed, 971 insertions(+) create mode 100644 mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java create mode 100644 mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java create mode 100644 mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java create mode 100644 mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java create mode 100644 mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java create mode 100644 mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java create mode 100644 mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java create mode 100644 mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java create mode 100644 mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java create mode 100644 mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java create mode 100644 mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java (limited to 'mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local') diff --git a/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java new file mode 100644 index 00000000..3f50fc78 --- /dev/null +++ b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java @@ -0,0 +1,65 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.accesscontroller; + +import java.io.IOException; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.context.ResourceLoaderAware; +import org.springframework.core.io.Resource; +import org.springframework.core.io.ResourceLoader; + +import at.gv.egiz.bku.accesscontroller.SecurityManagerFacade; +import at.gv.egiz.bku.conf.Configurator; + +public class SpringSecurityManager extends SecurityManagerFacade implements + ResourceLoaderAware { + + private ResourceLoader resourceLoader; + + private static Log log = LogFactory.getLog(SpringSecurityManager.class); + + protected Configurator config; + + public void setConfig(Configurator config) { + this.config = config; + } + + public void init() { + String noMatch = config.getProperty("AccessController.acceptNoMatch"); + if (noMatch != null) { + log.debug("Setting allow now match to: " + noMatch); + setAllowUnmatched(Boolean.getBoolean(noMatch)); + } + String policy = config.getProperty("AccessController.policyResource"); + policy = policy.replace("${user.home}", System.getProperty("user.home")); + log.info("Loading resource: " + policy); + try { + Resource res = resourceLoader.getResource(policy); + init(res.getInputStream()); + } catch (IOException e) { + log.error(e); + } + } + + @Override + public void setResourceLoader(ResourceLoader loader) { + this.resourceLoader = loader; + } + +} diff --git a/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java new file mode 100644 index 00000000..7b2641ff --- /dev/null +++ b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java @@ -0,0 +1,142 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.conf; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.Properties; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.context.ResourceLoaderAware; +import org.springframework.core.io.Resource; +import org.springframework.core.io.ResourceLoader; + +import at.gv.egiz.bku.conf.Configurator; +import at.gv.egiz.bku.local.webapp.SpringBKUServlet; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; + +public class SpringConfigurator extends Configurator implements + ResourceLoaderAware { + + private final static Log log = LogFactory.getLog(SpringConfigurator.class); + + private ResourceLoader resourceLoader; + + public SpringConfigurator() { + // File configDir = new File(System.getProperty("user.home") + + // "/.bku/conf"); + // if (configDir.exists()) { + // log.debug("Found existing config directory: " + configDir); + // } else { + // log.info("Config dir not existing, creating new"); + // if (!configDir.mkdirs()) { + // log.error("Cannot create directory: " + configDir); + // } + // } + } + + public void setResource(Resource resource) { + log.debug("Loading config from: " + resource); + if (resource != null) { + Properties props = new Properties(); + try { + props.load(resource.getInputStream()); + super.setConfiguration(props); + } catch (IOException e) { + log.error("Cannot load config", e); + } + } else { + log.warn("Cannot load properties, resource: " + resource); + } + } + + @Override + public void configure() { + if (properties == null) { + defaultInit(); + } + super.configure(); + SpringBKUServlet.setConfigurator(this); + } + + public void defaultInit() { + Properties props = new Properties(); + try { + props.load(new FileInputStream(System.getProperty("user.home") + + "/.mocca/war/mocca.war")); + super.setConfiguration(props); + } catch (IOException e) { + log.error("Cannot load config", e); + } + } + + @Override + public void setResourceLoader(ResourceLoader loader) { + this.resourceLoader = loader; + } + + private File getDirectory(String property) { + property = property + .replace("${user.home}", System.getProperty("user.home")); + if (property != null) { + Resource certDirRes = resourceLoader.getResource(property); + File certDir; + try { + certDir = certDirRes.getFile(); + } catch (IOException e) { + log.error("Cannot get cert directory", e); + throw new SLRuntimeException(e); + } + if (!certDir.isDirectory()) { + log.error("Expecting directory as SSL.certDirectory parameter"); + throw new SLRuntimeException( + "Expecting directory as SSL.certDirectory parameter"); + } + return certDir; + } + return null; + + } + + @Override + protected File getCADir() { + String caDirectory = getProperty("SSL.caDirectory"); + return getDirectory(caDirectory); + } + + @Override + protected File getCertDir() { + String certDirectory = getProperty("SSL.certDirectory"); + return getDirectory(certDirectory); + } + + @Override + protected InputStream getManifest() { + Resource r = resourceLoader.getResource("META-INF/MANIFEST.MF"); + if ((r != null) && r.isReadable()) { + try { + return r.getInputStream(); + } catch (IOException e) { + log.error("Cannot read manifest data: " + e); + } + } + return null; + } +} \ No newline at end of file diff --git a/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java new file mode 100644 index 00000000..38dd04d9 --- /dev/null +++ b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java @@ -0,0 +1,55 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.gui; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import java.lang.reflect.InvocationHandler; +import java.lang.reflect.Method; +import javax.swing.JFrame; + +/** + * + * @author Clemens Orthacker + */ +public class GUIProxy implements InvocationHandler { + + JFrame frame; + BKUGUIFacade delegate; + + static public Object newInstance(BKUGUIFacade gui, JFrame frame, Class[] interfaces) { + return java.lang.reflect.Proxy.newProxyInstance(gui.getClass().getClassLoader(), + interfaces, + new GUIProxy(gui, frame)); + } + + private GUIProxy(BKUGUIFacade delegate, JFrame frame) { + this.frame = frame; + this.delegate = delegate; + } + + @Override + public Object invoke(Object proxy, Method method, Object[] args) throws Throwable { + + if (method.getName().startsWith("show")) { + frame.setVisible(true); + frame.toFront(); + return method.invoke(delegate, args); + } else { //if (method.getName().startsWith("get")) { + return method.invoke(delegate, args); + } + } +} diff --git a/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java new file mode 100644 index 00000000..c957e132 --- /dev/null +++ b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java @@ -0,0 +1,61 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.gui; + +import at.gv.egiz.bku.gui.AbstractHelpListener; +import at.gv.egiz.bku.gui.DefaultHelpListener; +import java.awt.Desktop; +import java.io.IOException; +import java.net.URISyntaxException; +import java.net.URL; +import java.util.Locale; + +/** + * Open help document in browser, fallback to default (swing dialog) if Java Desktop API not supported. + * + * @author Clemens Orthacker + */ +public class LocalHelpListener extends AbstractHelpListener { + + protected Desktop desktop; + protected DefaultHelpListener fallback; + + public LocalHelpListener(URL baseURL, Locale locale) { + super(baseURL, locale); + if (Desktop.isDesktopSupported()) { + desktop = Desktop.getDesktop(); + } else { + log.info("Java Desktop API not available on current platform (libgnome installed?), falling back to DefaultHelpListener"); + fallback = new DefaultHelpListener(baseURL, locale); + } + } + + @Override + public void showDocument(URL helpDocument, String helpTopic) throws IOException, URISyntaxException { + if (desktop != null) { + if (!desktop.isSupported(Desktop.Action.BROWSE)) { + log.error("Failed to open default browser: The system provides the Desktop API, but does not support the BROWSE action"); + } else { + Desktop.getDesktop().browse(helpDocument.toURI()); + } + } else if (fallback != null) { + fallback.showDocument(helpDocument, helpTopic); + } else { + log.error("failed to display help document"); + } + } +} diff --git a/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java new file mode 100644 index 00000000..1e3f9a1d --- /dev/null +++ b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java @@ -0,0 +1,64 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.stal; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.smccstal.AbstractBKUWorker; +import at.gv.egiz.bku.smccstal.PINManagementRequestHandler; +import at.gv.egiz.stal.QuitRequest; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; + +import at.gv.egiz.stal.ext.PINManagementRequest; +import java.util.List; +import javax.swing.JFrame; + +/** + * + * @author Clemens Orthacker + */ +public class LocalBKUWorker extends AbstractBKUWorker { + + private JFrame container; + + public LocalBKUWorker(BKUGUIFacade gui, JFrame container) { + super(gui); + this.container = container; + addRequestHandler(SignRequest.class, + new LocalSignRequestHandler(new LocalSecureViewer(gui))); + addRequestHandler(PINManagementRequest.class, new PINManagementRequestHandler()); + } + + /** does not change container's visibility (use quit request to close) */ + @Override + public List handleRequest(List requestList) { + signatureCard = null; + List responses = super.handleRequest(requestList); + container.setVisible(false); + return responses; + } + + /** overrides handle quit from abstract bku worker, make container invisible */ + @Override + public STALResponse handleRequest(STALRequest request) { + if (request instanceof QuitRequest) { + container.setVisible(false); + } + return null; + } +} diff --git a/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java new file mode 100644 index 00000000..44322a07 --- /dev/null +++ b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java @@ -0,0 +1,126 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.stal; + +import at.gv.egiz.bku.viewer.ResourceFontLoader; +import java.awt.Dimension; +import java.awt.Toolkit; +import java.net.MalformedURLException; +import java.util.Locale; + + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.gui.BKUIcons; +import at.gv.egiz.bku.gui.PINManagementGUI; +import at.gv.egiz.bku.gui.PINManagementGUIFacade; +import at.gv.egiz.bku.local.gui.GUIProxy; +import at.gv.egiz.bku.local.gui.LocalHelpListener; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALFactory; +import java.net.URL; +import javax.swing.JFrame; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * Creates a PINManagementGUI and a LocalBKUWorker, which in turn registers + * PINManagementRequestHandler from smccSTALExt. + * The RequestHandler expects PINManagementGUIFacade, therefore BKUGUIProxy has to implement the extended GUI. + * @author clemens + */ +public class LocalSTALFactory implements STALFactory { + + protected static final Log log = LogFactory.getLog(LocalSTALFactory.class); + protected static final Dimension PREFERRED_SIZE = new Dimension(318, 200); + protected String helpURL; + protected Locale locale; + + @Override + public STAL createSTAL() { + + LocalBKUWorker stal; + //http://java.sun.com/docs/books/tutorial/uiswing/misc/focus.html + // use undecorated JFrame instead of JWindow, + // which creates an invisible owning frame and therefore cannot getFocusInWindow() + JFrame dialog = new JFrame("Bürgerkarte"); + if (log.isTraceEnabled()) { + log.debug("alwaysOnTop supported: " + dialog.isAlwaysOnTopSupported()); + } + // [#439] make mocca dialog alwaysOnTop + dialog.setAlwaysOnTop(true); + dialog.setIconImages(BKUIcons.icons); + dialog.setUndecorated(true); +// dialog.getRootPane().setWindowDecorationStyle(JRootPane.NONE); +// dialog.addWindowListener(new WindowAdapter() { +// +// @Override +// public void windowClosing(WindowEvent e) { +// super.windowClosing(e); +// log.debug("closing window ********************"); +// } +// +// }); + if (locale != null) { + dialog.setLocale(locale); + } + LocalHelpListener helpListener = null; + try { + if (helpURL != null) { + helpListener = new LocalHelpListener(new URL(helpURL), locale); + } else { + log.warn("no HELP URL configured, help system disabled"); + } + } catch (MalformedURLException ex) { + log.error("failed to configure help listener: " + ex.getMessage(), ex); + } + PINManagementGUIFacade gui = new PINManagementGUI(dialog.getContentPane(), + dialog.getLocale(), + BKUGUIFacade.Style.advanced, + null, + new ResourceFontLoader(), + helpListener, + null); + BKUGUIFacade proxy = (BKUGUIFacade) GUIProxy.newInstance(gui, dialog, new Class[] { PINManagementGUIFacade.class} ); + stal = new LocalBKUWorker(proxy, dialog); + dialog.setPreferredSize(PREFERRED_SIZE); + dialog.pack(); + Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize(); + Dimension frameSize = dialog.getSize(); + if (frameSize.height > screenSize.height) { + frameSize.height = screenSize.height; + } + if (frameSize.width > screenSize.width) { + frameSize.width = screenSize.width; + } + dialog.setLocation((screenSize.width - frameSize.width) / 2, + (screenSize.height - frameSize.height) / 2); + return stal; + } + + @Override + public void setLocale(Locale locale) { + this.locale = locale; + } + + public String getHelpURL() { + return helpURL; + } + + public void setHelpURL(String helpURL) { + this.helpURL = helpURL; + } +} diff --git a/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java new file mode 100644 index 00000000..ae58526c --- /dev/null +++ b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java @@ -0,0 +1,129 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.stal; + +import at.gv.egiz.bku.slcommands.impl.DataObjectHashDataInput; +import at.gv.egiz.bku.smccstal.SecureViewer; +import java.io.IOException; +import java.util.ArrayList; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.stal.HashDataInput; +import at.gv.egiz.stal.impl.ByteArrayHashDataInput; +import at.gv.egiz.stal.signedinfo.ReferenceType; +import at.gv.egiz.stal.signedinfo.SignedInfoType; +import java.awt.event.ActionListener; +import java.io.ByteArrayOutputStream; +import java.io.InputStream; +import java.util.Collections; +import java.util.List; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * + * @author Clemens Orthacker + */ +public class LocalSecureViewer implements SecureViewer { + + private static final Log log = LogFactory.getLog(LocalSignRequestHandler.class); + private List hashDataInputs = Collections.EMPTY_LIST; + + protected BKUGUIFacade gui; + + public LocalSecureViewer(BKUGUIFacade gui) { + this.gui = gui; + } + + public void setDataToBeSigned(List dataToBeSigned) { + this.hashDataInputs = dataToBeSigned; + } + + /** + * + * @param dsigReferences + * @throws java.lang.Exception + */ + @Override + public void displayDataToBeSigned(SignedInfoType signedInfo, + ActionListener okListener, String okCommand) + throws Exception { + if (signedInfo.getReference().size() == 0) { + log.error("No hashdata input selected to be displayed: null"); + throw new Exception("No HashData Input selected to be displayed"); + } + + ArrayList selectedHashDataInputs = new ArrayList(); + for (ReferenceType dsigRef : signedInfo.getReference()) { + // don't get Manifest, QualifyingProperties, ... + if (dsigRef.getType() == null) { + String dsigRefId = dsigRef.getId(); + if (dsigRefId != null) { + boolean hdiAvailable = false; + for (HashDataInput hashDataInput : hashDataInputs) { + if (dsigRefId.equals(hashDataInput.getReferenceId())) { + log.debug("display hashdata input for dsig:SignedReference " + + dsigRefId); + selectedHashDataInputs.add( + ensureCachedHashDataInput(hashDataInput)); + hdiAvailable = true; + break; + } + } + if (!hdiAvailable) { + log.error("no hashdata input for dsig:SignedReference " + dsigRefId); + throw new Exception( + "No HashDataInput available for dsig:SignedReference " + dsigRefId); + } + } else { + throw new Exception( + "Cannot get HashDataInput for dsig:Reference without Id attribute"); + } + } + } + + if (selectedHashDataInputs.size() < 1) { + log.error("dsig:SignedInfo does not contain a data reference"); + throw new Exception("dsig:SignedInfo does not contain a data reference"); + } + gui.showSecureViewer(selectedHashDataInputs, okListener, okCommand); + } + + + private HashDataInput ensureCachedHashDataInput(HashDataInput hashDataInput) + throws IOException { + if (!(hashDataInput instanceof DataObjectHashDataInput)) { + + log.warn("expected DataObjectHashDataInput for LocalSignRequestHandler, got " + + hashDataInput.getClass().getName()); + + InputStream hdIs = hashDataInput.getHashDataInput(); + ByteArrayOutputStream baos = new ByteArrayOutputStream(hdIs.available()); + int b; + while ((b = hdIs.read()) != -1) { + baos.write(b); + } + hashDataInput = new ByteArrayHashDataInput(baos.toByteArray(), + hashDataInput.getReferenceId(), + hashDataInput.getMimeType(), + hashDataInput.getEncoding(), + hashDataInput.getFilename()); + } + return hashDataInput; + } + +} diff --git a/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java new file mode 100644 index 00000000..9ae1d9b9 --- /dev/null +++ b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java @@ -0,0 +1,63 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.stal; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.smccstal.SignRequestHandler; +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; + +/** + * + * @author Clemens Orthacker + */ +public class LocalSignRequestHandler extends SignRequestHandler { + + private static final Log log = LogFactory.getLog(LocalSignRequestHandler.class); + + public LocalSignRequestHandler(LocalSecureViewer secureViewer) { + super(secureViewer); + } + + /** + * If the request is a SIGN request, it contains a list of DataObjectHashDataInput + * providing the pre-digested input stream (that can be obtained repeatedly) if + * reference caching is enabled (or null otherwise). + * @param request + * @return + */ + @SuppressWarnings("unchecked") + @Override + public STALResponse handleRequest(STALRequest request) + throws InterruptedException { + + if (request instanceof SignRequest) { + SignRequest signReq = (SignRequest) request; + ((LocalSecureViewer) secureViewer).setDataToBeSigned(signReq.getHashDataInput()); + return super.handleRequest(request); + } else { + log.fatal("Got unexpected STAL request: " + request); + return new ErrorResponse(1000); + } + + + } +} diff --git a/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java new file mode 100644 index 00000000..98be4047 --- /dev/null +++ b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java @@ -0,0 +1,113 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.webapp; + +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Locale; +import java.util.Map; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.binding.HTTPBindingProcessor; +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.conf.Configurator; +import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; + +public class BKURequestHandler extends SpringBKUServlet { + + public final static String ENCODING = "UTF-8"; + + protected Log log = LogFactory.getLog(BKURequestHandler.class); + + protected void doPost(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + + log.debug("Received SecurityLayer request"); + + String acceptLanguage = req.getHeader("Accept-Language"); + Locale locale = AcceptLanguage.getLocale(acceptLanguage); + log.debug("Accept-Language locale: " + locale); + + HTTPBindingProcessor bindingProcessor; + bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() + .createBindingProcessor(req.getRequestURL().toString(), null, locale); + Map headerMap = new HashMap(); + for (Enumeration headerName = req.getHeaderNames(); headerName + .hasMoreElements();) { + String header = headerName.nextElement(); + if (header != null) { + headerMap.put(header, req.getHeader(header)); + } + } + String charset = req.getCharacterEncoding(); + String contentType = req.getContentType(); + if (charset != null) { + contentType += ";" + charset; + } + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); + bindingProcessor.setHTTPHeaders(headerMap); + bindingProcessor.consumeRequestStream(req.getInputStream()); + + // fixxme just for testing + bindingProcessor.run(); + if (bindingProcessor.getRedirectURL() != null) { + resp.sendRedirect(bindingProcessor.getRedirectURL()); + return; + } + resp.setStatus(bindingProcessor.getResponseCode()); + for (Iterator it = bindingProcessor.getResponseHeaders().keySet() + .iterator(); it.hasNext();) { + String header = it.next(); + resp.setHeader(header, bindingProcessor.getResponseHeaders().get(header)); + } + String version = configurator.getProperty(Configurator.SIGNATURE_LAYOUT); + if ((version != null) && (!"".equals(version.trim()))) { + log.debug("setting SignatureLayout header to " + version); + resp.setHeader(Configurator.SIGNATURE_LAYOUT, version); + } else { + log.debug("do not set SignatureLayout header"); + } + + if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, configurator + .getProperty(Configurator.USERAGENT_CONFIG_P)); + } else { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, + Configurator.USERAGENT_DEFAULT); + } + + resp.setContentType(bindingProcessor.getResultContentType()); + resp.setCharacterEncoding(ENCODING); + bindingProcessor.writeResultTo(resp.getOutputStream(), ENCODING); + req.getInputStream().close(); + resp.getOutputStream().flush(); + resp.getOutputStream().close(); + log.debug("Finished Request"); + } + + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + doPost(req, resp); + } +} diff --git a/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java new file mode 100644 index 00000000..0c35f1c9 --- /dev/null +++ b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java @@ -0,0 +1,114 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.webapp; + +import at.gv.egiz.bku.local.stal.LocalSTALFactory; +import at.gv.egiz.stal.QuitRequest; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.ext.PINManagementRequest; +import java.io.IOException; +import java.net.URL; +import java.util.Collections; +import java.util.List; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * PINManagementBKUWorker for non-applet version + * @author Clemens Orthacker + */ +public class PINManagementServlet extends HttpServlet { + + private static final Log log = LogFactory.getLog(PINManagementServlet.class); + + LocalSTALFactory stalFactory; + + public PINManagementServlet() { + stalFactory = new LocalSTALFactory(); + stalFactory.setHelpURL("http://localhost:3495/help/"); + } + + /** + * Processes requests for both HTTP GET and POST methods. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + protected void processRequest(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + + STAL pinMgmtSTAL = stalFactory.createSTAL(); + List stalResps = pinMgmtSTAL.handleRequest(Collections.singletonList(new PINManagementRequest())); + if (log.isDebugEnabled()) { + log.debug("received STAL reponse " + stalResps.get(0).getClass()); + } + pinMgmtSTAL.handleRequest(Collections.singletonList(new QuitRequest())); + + String redirect = request.getParameter("redirect"); + if (redirect != null) { + String referer = request.getHeader("Referer"); + if (referer != null) { + redirect = new URL(new URL(referer), redirect).toExternalForm(); + } + response.sendRedirect(redirect); + } else { + response.setStatus(HttpServletResponse.SC_OK); + } + } + + // + /** + * Handles the HTTP GET method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doGet(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + processRequest(request, response); + } + + /** + * Handles the HTTP POST method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doPost(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + processRequest(request, response); + } + + /** + * Returns a short description of the servlet. + * @return a String containing servlet description + */ + @Override + public String getServletInfo() { + return "Short description"; + }// +} diff --git a/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java new file mode 100644 index 00000000..3bd50ba7 --- /dev/null +++ b/mocca-1.2.11/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java @@ -0,0 +1,39 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.webapp; + +import javax.servlet.http.HttpServlet; + +import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.conf.Configurator; + +public abstract class SpringBKUServlet extends HttpServlet { + + public final static String BEAN_NAME = "bindingProcessorManager"; + + protected static Configurator configurator; + + protected BindingProcessorManager getBindingProcessorManager() { + return (BindingProcessorManager) getServletContext() + .getAttribute(BEAN_NAME); + } + + public static void setConfigurator(Configurator conf) { + configurator = conf; + } + +} -- cgit v1.2.3