From d89f36b67ea1d838a78523538a24e044518f3587 Mon Sep 17 00:00:00 2001
From: mcentner <mcentner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>
Date: Tue, 26 Jan 2010 16:22:56 +0000
Subject: MOCCA 1.2.11 with SHA-2 enabled.

git-svn-id: https://joinup.ec.europa.eu/svn/mocca/branches/mocca-1.2.11-sha2@599 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
---
 .../bku/slcommands/impl/xsect/STALSignature.java   | 184 +++++++++++++++++++++
 1 file changed, 184 insertions(+)
 create mode 100644 mocca-1.2.11/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java

(limited to 'mocca-1.2.11/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java')

diff --git a/mocca-1.2.11/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java b/mocca-1.2.11/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java
new file mode 100644
index 00000000..dd7c7d8a
--- /dev/null
+++ b/mocca-1.2.11/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java
@@ -0,0 +1,184 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egiz.bku.slcommands.impl.xsect;
+
+import at.gv.egiz.bku.slcommands.impl.DataObjectHashDataInput;
+import at.gv.egiz.bku.slexceptions.SLViewerException;
+
+import java.io.ByteArrayOutputStream;
+import java.security.InvalidKeyException;
+import java.security.InvalidParameterException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SignatureException;
+import java.security.SignatureSpi;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egiz.stal.ErrorResponse;
+import at.gv.egiz.stal.HashDataInput;
+import at.gv.egiz.stal.STAL;
+import at.gv.egiz.stal.STALRequest;
+import at.gv.egiz.stal.STALResponse;
+import at.gv.egiz.stal.SignRequest;
+import at.gv.egiz.stal.SignResponse;
+//import at.gv.egiz.stal.HashDataInputCallback;
+import java.util.ArrayList;
+
+/**
+ * A signature service provider implementation that uses STAL to sign.
+ * 
+ * @author mcentner
+ */
+public class STALSignature extends SignatureSpi {
+
+//    private static final Log log = LogFactory.getLog(STALSignature.class);
+    
+  /**
+   * The private key.
+   */
+  protected STALPrivateKey privateKey;
+  
+  /**
+   * The to-be signed data.
+   */
+  protected ByteArrayOutputStream data = new ByteArrayOutputStream();
+  
+  /* (non-Javadoc)
+   * @see java.security.SignatureSpi#engineGetParameter(java.lang.String)
+   */
+  @Override
+  protected Object engineGetParameter(String param)
+      throws InvalidParameterException {
+    throw new InvalidParameterException();
+  }
+
+  /* (non-Javadoc)
+   * @see java.security.SignatureSpi#engineInitSign(java.security.PrivateKey)
+   */
+  @Override
+  protected void engineInitSign(PrivateKey privateKey)
+      throws InvalidKeyException {
+
+    if (!(privateKey instanceof STALPrivateKey)) {
+      throw new InvalidKeyException("STALSignature supports STALKeys only.");
+    }
+    
+    this.privateKey = (STALPrivateKey) privateKey;
+
+  }
+
+  /* (non-Javadoc)
+   * @see java.security.SignatureSpi#engineInitVerify(java.security.PublicKey)
+   */
+  @Override
+  protected void engineInitVerify(PublicKey publicKey)
+      throws InvalidKeyException {
+    
+    throw new UnsupportedOperationException("STALSignature does not support signature verification.");
+  }
+
+  /* (non-Javadoc)
+   * @see java.security.SignatureSpi#engineSetParameter(java.lang.String, java.lang.Object)
+   */
+  @Override
+  protected void engineSetParameter(String param, Object value)
+      throws InvalidParameterException {
+  }
+
+  /* (non-Javadoc)
+   * @see java.security.SignatureSpi#engineSign()
+   */
+  @Override
+  protected byte[] engineSign() throws SignatureException {
+   
+    STAL stal = privateKey.getStal();
+    
+    if (stal == null) {
+      throw new SignatureException("STALSignature requires the STALPrivateKey " +
+      		"to provide a STAL implementation reference.");
+    }
+    
+    String keyboxIdentifier = privateKey.getKeyboxIdentifier();
+    
+    if (keyboxIdentifier == null) {
+      throw new SignatureException("STALSignature requires the STALPrivateKey " + 
+          "to provide a KeyboxIdentifier.");
+    }
+    
+    // get hashDataInputs (DigestInputStreams) once slcommands.impl.xsect.Signature::sign() was called
+    List<DataObject> dataObjects = privateKey.getDataObjects();
+//    log.debug("got " + dataObjects.size() + " DataObjects, passing HashDataInputs to STAL SignRequest");
+    
+    List<HashDataInput> hashDataInputs = new ArrayList<HashDataInput>();
+    for (DataObject dataObject : dataObjects) {
+      try {
+        dataObject.validateHashDataInput();
+      } catch (SLViewerException e) {
+        throw new STALSignatureException(e);
+      }
+      hashDataInputs.add(new DataObjectHashDataInput(dataObject));
+    }
+    
+    SignRequest signRequest = new SignRequest();
+    signRequest.setKeyIdentifier(keyboxIdentifier);
+    signRequest.setSignedInfo(data.toByteArray());
+    signRequest.setHashDataInput(hashDataInputs);
+    
+    List<STALResponse> responses = stal.handleRequest(Collections.singletonList((STALRequest) signRequest));
+    
+    if (responses == null || responses.size() != 1) {
+      throw new SignatureException("Failed to access STAL.");
+    }
+
+    STALResponse response = responses.get(0);
+    if (response instanceof SignResponse) {
+      return ((SignResponse) response).getSignatureValue();
+    } else if (response instanceof ErrorResponse) {
+      throw new STALSignatureException(((ErrorResponse) response).getErrorCode());
+    } else {
+      throw new SignatureException("Failed to access STAL.");
+    }
+
+  }
+
+  /* (non-Javadoc)
+   * @see java.security.SignatureSpi#engineUpdate(byte)
+   */
+  @Override
+  protected void engineUpdate(byte b) throws SignatureException {
+    data.write(b);
+  }
+
+  /* (non-Javadoc)
+   * @see java.security.SignatureSpi#engineUpdate(byte[], int, int)
+   */
+  @Override
+  protected void engineUpdate(byte[] b, int off, int len)
+      throws SignatureException {
+    data.write(b, off, len);
+  }
+
+  /* (non-Javadoc)
+   * @see java.security.SignatureSpi#engineVerify(byte[])
+   */
+  @Override
+  protected boolean engineVerify(byte[] sigBytes) throws SignatureException {
+    throw new UnsupportedOperationException("STALSignature des not support signature verification.");
+  }
+
+}
-- 
cgit v1.2.3