From 9e50f1a103a37d9dcfbeb5ea45bcf6c6c0c0f6dd Mon Sep 17 00:00:00 2001 From: Tobias Kellner Date: Thu, 27 Nov 2014 20:57:33 +0100 Subject: Implement PDF-AS 4 changes --- .../main/java/at/asit/pdfover/gui/Constants.java | 13 +- .../java/at/asit/pdfover/gui/bku/BKUHelper.java | 63 +++++ .../at/asit/pdfover/gui/bku/LocalBKUConnector.java | 158 +++++++++++ .../asit/pdfover/gui/bku/MobileBKUConnector.java | 128 +++++++++ .../asit/pdfover/gui/bku/mobile/ATrustHandler.java | 238 ++++++++++++++++ .../asit/pdfover/gui/bku/mobile/ATrustStatus.java | 86 ++++++ .../bku/mobile/AbstractMobileBKUStatusImpl.java | 138 +++++++++ .../asit/pdfover/gui/bku/mobile/IAIKHandler.java | 312 +++++++++++++++++++++ .../at/asit/pdfover/gui/bku/mobile/IAIKStatus.java | 80 ++++++ .../pdfover/gui/bku/mobile/MobileBKUHandler.java | 264 +++++++++++++++++ .../pdfover/gui/bku/mobile/MobileBKUHelper.java | 158 +++++++++++ .../pdfover/gui/bku/mobile/MobileBKUStatus.java | 140 +++++++++ .../at/asit/pdfover/gui/bku/mobile/MobileBKUs.java | 27 ++ .../gui/bku/mobile/SimpleXMLTrustManager.java | 225 +++++++++++++++ .../gui/bku/mobile/TrustedSocketFactory.java | 192 +++++++++++++ .../pdfover/gui/cliarguments/PasswordArgument.java | 2 +- .../gui/cliarguments/PhoneNumberArgument.java | 2 +- .../composites/MobileBKUEnterNumberComposite.java | 4 +- .../gui/composites/MobileBKUEnterTANComposite.java | 2 +- .../java/at/asit/pdfover/gui/utils/Unzipper.java | 75 ----- .../asit/pdfover/gui/workflow/PDFSignerImpl.java | 2 +- .../gui/workflow/config/ConfigProvider.java | 2 +- .../gui/workflow/config/ConfigProviderImpl.java | 6 +- .../workflow/config/ConfigurationContainer.java | 2 +- .../config/ConfigurationContainerImpl.java | 4 +- .../workflow/config/PersistentConfigProvider.java | 2 +- .../pdfover/gui/workflow/states/LocalBKUState.java | 56 +--- .../gui/workflow/states/MobileBKUState.java | 281 ++++++++++--------- .../workflow/states/PrepareConfigurationState.java | 6 +- .../pdfover/gui/workflow/states/SigningState.java | 19 +- .../workflow/states/mobilebku/ATrustHandler.java | 223 --------------- .../workflow/states/mobilebku/ATrustStatus.java | 86 ------ .../mobilebku/AbstractMobileBKUStatusImpl.java | 138 --------- .../gui/workflow/states/mobilebku/IAIKHandler.java | 305 -------------------- .../gui/workflow/states/mobilebku/IAIKStatus.java | 80 ------ .../mobilebku/MobileBKUCommunicationState.java | 37 --- .../states/mobilebku/MobileBKUHandler.java | 252 ----------------- .../workflow/states/mobilebku/MobileBKUHelper.java | 188 ------------- .../workflow/states/mobilebku/MobileBKUStatus.java | 140 --------- .../gui/workflow/states/mobilebku/MobileBKUs.java | 27 -- .../states/mobilebku/PostCredentialsThread.java | 68 ----- .../states/mobilebku/PostSLRequestThread.java | 80 ------ .../workflow/states/mobilebku/PostTanThread.java | 71 ----- .../states/mobilebku/SimpleXMLTrustManager.java | 225 --------------- .../states/mobilebku/TrustedSocketFactory.java | 192 ------------- .../at/asit/pdfover/gui/messages.properties | 1 + .../at/asit/pdfover/gui/messages_de.properties | 1 + 47 files changed, 2404 insertions(+), 2397 deletions(-) create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/BKUHelper.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/LocalBKUConnector.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/AbstractMobileBKUStatusImpl.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/IAIKHandler.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/IAIKStatus.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHelper.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUStatus.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUs.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/SimpleXMLTrustManager.java create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/TrustedSocketFactory.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/utils/Unzipper.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/ATrustHandler.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/ATrustStatus.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/AbstractMobileBKUStatusImpl.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/IAIKHandler.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/IAIKStatus.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUCommunicationState.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUHandler.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUHelper.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUStatus.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUs.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostCredentialsThread.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostSLRequestThread.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostTanThread.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/SimpleXMLTrustManager.java delete mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/TrustedSocketFactory.java (limited to 'pdf-over-gui/src') diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/Constants.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/Constants.java index 3b848647..060329c9 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/Constants.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/Constants.java @@ -23,7 +23,7 @@ import java.util.Properties; import org.eclipse.swt.graphics.Color; import org.eclipse.swt.widgets.Display; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUs; +import at.asit.pdfover.gui.bku.mobile.MobileBKUs; /** * Various constants @@ -51,7 +51,7 @@ public class Constants { public static final Locale[] SUPPORTED_LOCALES = { Locale.GERMAN, Locale.ENGLISH }; /** Configuration directory */ - public static String CONFIG_DIRECTORY = System.getProperty("user.home") + File.separator + ".pdf-over"; //$NON-NLS-1$ //$NON-NLS-2$ + public static final String CONFIG_DIRECTORY = System.getProperty("user.home") + File.separator + ".pdf-over"; //$NON-NLS-1$ //$NON-NLS-2$ /** The default configuration file name */ public static final String DEFAULT_CONFIG_FILENAME = "PDF-Over.config"; //$NON-NLS-1$ @@ -62,6 +62,9 @@ public class Constants { /** File suffix for the signed document */ public final static String SIGNED_SUFFIX = "_signed"; //$NON-NLS-1$ + /** Local BKU URL */ + public static final String LOCAL_BKU_URL = "http://127.0.0.1:3495/http-security-layer-request"; //$NON-NLS-1$ + /** Default Mobile BKU URL */ public static final String DEFAULT_MOBILE_BKU_URL = "https://www.a-trust.at/mobile/https-security-layer-request/default.aspx"; //$NON-NLS-1$ @@ -112,6 +115,9 @@ public class Constants { /** The signature note config parameter */ public static final String CFG_SIGNATURE_NOTE = "SIGNATURE_NOTE"; //$NON-NLS-1$ + /** The signature locale config parameter */ + public static final String CFG_SIGNATURE_LOCALE = "SIGNLOCALE"; //$NON-NLS-1$ + /** Mobile bku url config parameter */ public static final String CFG_MOBILE_BKU_URL = "MOBILE_BKU_URL"; //$NON-NLS-1$ @@ -124,9 +130,6 @@ public class Constants { /** The locale config parameter */ public static final String CFG_LOCALE = "LOCALE"; //$NON-NLS-1$ - /** The signature locale config parameter */ - public static final String CFG_SIGN_LOCALE = "SIGNLOCALE"; //$NON-NLS-1$ - /** The update check config parameter */ public static final String CFG_UPDATE_CHECK = "UPDATE_CHECK"; //$NON-NLS-1$ diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/BKUHelper.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/BKUHelper.java new file mode 100644 index 00000000..20cc04bb --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/BKUHelper.java @@ -0,0 +1,63 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku; + +// Imports +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.UsernamePasswordCredentials; +import org.apache.commons.httpclient.auth.AuthScope; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asit.pdfover.gui.Constants; + +/** + * + */ +public class BKUHelper { + /** + * SLF4J Logger instance + **/ + @SuppressWarnings("unused") + private static final Logger log = LoggerFactory.getLogger(BKUHelper.class); + + /** + * Get a HTTP Client instance + * @return the HttpClient + */ + public static HttpClient getHttpClient() { + HttpClient client = new HttpClient(); + client.getParams().setParameter("http.useragent", //$NON-NLS-1$ + Constants.USER_AGENT_STRING); + + String host = System.getProperty("http.proxyHost"); //$NON-NLS-1$ + String port = System.getProperty("http.proxyPort"); //$NON-NLS-1$ + if (host != null && !host.isEmpty() && + port != null && !port.isEmpty()) { + int p = Integer.parseInt(port); + client.getHostConfiguration().setProxy(host, p); + String user = System.getProperty("http.proxyUser"); //$NON-NLS-1$ + String pass = System.getProperty("http.proxyPassword"); //$NON-NLS-1$ + if (user != null && !user.isEmpty() && pass != null) { + client.getState().setProxyCredentials(new AuthScope(host, p), + new UsernamePasswordCredentials(user, pass)); + } + } + + return client; + } + +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/LocalBKUConnector.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/LocalBKUConnector.java new file mode 100644 index 00000000..f862455c --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/LocalBKUConnector.java @@ -0,0 +1,158 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku; + +// Imports +import java.io.IOException; + +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.HttpException; +import org.apache.commons.httpclient.HttpMethod; +import org.apache.commons.httpclient.HttpStatus; +import org.apache.commons.httpclient.methods.PostMethod; +import org.apache.commons.httpclient.methods.multipart.FilePart; +import org.apache.commons.httpclient.methods.multipart.MultipartRequestEntity; +import org.apache.commons.httpclient.methods.multipart.Part; +import org.apache.commons.httpclient.methods.multipart.StringPart; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asit.pdfover.gui.Constants; +import at.asit.pdfover.gui.utils.FileUploadSource; +import at.asit.pdfover.signator.BkuSlConnector; +import at.asit.pdfover.signator.SLRequest; +import at.asit.pdfover.signator.SLResponse; +import at.asit.pdfover.signator.SignatureException; + +/** + * + */ +public class LocalBKUConnector implements BkuSlConnector { + /** + * SLF4J Logger instance + **/ + private static final Logger log = LoggerFactory + .getLogger(LocalBKUConnector.class); + + /** Whether to use Base64 or FileUpload Request */ + private boolean useBase64Request = false; + + /** + * HTTP Response server HEADER + */ + public final static String BKU_RESPONSE_HEADER_SERVER = "server"; //$NON-NLS-1$ + + /** + * HTTP Response user-agent HEADER + */ + public final static String BKU_RESPONSE_HEADER_USERAGENT = "user-agent"; //$NON-NLS-1$ + + /** + * HTTP Response SignatureLayout HEADER + */ + public final static String BKU_RESPONSE_HEADER_SIGNATURE_LAYOUT = "SignatureLayout"; //$NON-NLS-1$ + + /** + * Null-Operation SL-Request + */ + private final static String NULL_OPERATION_REQUEST = "" + //$NON-NLS-1$ + ""; //$NON-NLS-1$ + + /* (non-Javadoc) + * @see at.asit.pdfover.signator.BkuSlConnector#handleSLRequest(java.lang.String) + */ + @Override + public SLResponse handleSLRequest(SLRequest request) throws SignatureException { + try { + HttpClient client = BKUHelper.getHttpClient(); + + PostMethod method = new PostMethod(Constants.LOCAL_BKU_URL); + + String sl_request = NULL_OPERATION_REQUEST; + method.addParameter("XMLRequest", sl_request); //$NON-NLS-1$ + int returnCode = client.executeMethod(method); + + String userAgent = getResponseHeader(method, BKU_RESPONSE_HEADER_USERAGENT); + String server = getResponseHeader(method, BKU_RESPONSE_HEADER_SERVER); + if (server != null && server.contains("trustDeskbasic")) //$NON-NLS-1$ + this.useBase64Request = true; // TDB doesn't support MultiPart requests + + method = new PostMethod(Constants.LOCAL_BKU_URL); + + if (request.getSignatureData() != null) { + if (this.useBase64Request) + { + sl_request = request.getBase64Request(); + method.addParameter("XMLRequest", sl_request); //$NON-NLS-1$ + } else { + sl_request = request.getFileUploadRequest(); + StringPart xmlpart = new StringPart( + "XMLRequest", sl_request, "UTF-8"); //$NON-NLS-1$ //$NON-NLS-2$ + + FilePart filepart = new FilePart("fileupload", //$NON-NLS-1$ + new FileUploadSource(request.getSignatureData())); + + Part[] parts = { xmlpart, filepart }; + + method.setRequestEntity(new MultipartRequestEntity(parts, method + .getParams())); + } + } else { + method.addParameter("XMLRequest", request.getRequest()); //$NON-NLS-1$ + } + log.debug("SL REQUEST: " + sl_request); //$NON-NLS-1$ + + returnCode = client.executeMethod(method); + + if (returnCode != HttpStatus.SC_OK) { + throw new HttpException( + method.getResponseBodyAsString()); + } + + server = getResponseHeader(method, BKU_RESPONSE_HEADER_SERVER); + if (server == null) + server = ""; //$NON-NLS-1$ + userAgent = getResponseHeader(method, BKU_RESPONSE_HEADER_USERAGENT); + if (userAgent == null) + userAgent = ""; //$NON-NLS-1$ + String signatureLayout = getResponseHeader(method, BKU_RESPONSE_HEADER_SIGNATURE_LAYOUT); + + String response = method.getResponseBodyAsString(); + log.debug("SL Response: " + response); //$NON-NLS-1$ + SLResponse slResponse = new SLResponse(response, server, + userAgent, signatureLayout); + return slResponse; + } catch (HttpException e) { + log.error("LocalBKUConnector: ", e); //$NON-NLS-1$ + throw new SignatureException(e); + } catch (IOException e) { + log.error("LocalBKUConnector: ", e); //$NON-NLS-1$ + throw new SignatureException(e); + } + } + + /** + * Returns the value corresponding to the given header name + * @param method the HTTP method + * @param headerName the header name + * @return the header value (or null if not found) + */ + private static String getResponseHeader(HttpMethod method, String headerName) { + if (method.getResponseHeader(headerName) == null) + return null; + return method.getResponseHeader(headerName).getValue(); + } +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java new file mode 100644 index 00000000..f08c885e --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java @@ -0,0 +1,128 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku; + +// Imports +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asit.pdfover.gui.bku.mobile.MobileBKUHandler; +import at.asit.pdfover.gui.workflow.states.MobileBKUState; +import at.asit.pdfover.signator.BkuSlConnector; +import at.asit.pdfover.signator.SLRequest; +import at.asit.pdfover.signator.SLResponse; +import at.asit.pdfover.signator.SignatureException; +import at.asit.pdfover.signer.pdfas.PdfAs4SigningState; + +/** + * + */ +public class MobileBKUConnector implements BkuSlConnector { + /** + * SLF4J Logger instance + **/ + private static final Logger log = LoggerFactory + .getLogger(MobileBKUConnector.class); + + private MobileBKUState state; + + /** + * + * @param state + */ + public MobileBKUConnector(MobileBKUState state) { + this.state = state; + } + + /* (non-Javadoc) + * @see at.asit.pdfover.signator.BkuSlConnector#handleSLRequest(java.lang.String) + */ + @Override + public SLResponse handleSLRequest(SLRequest request) throws SignatureException { + PdfAs4SigningState signingState = (PdfAs4SigningState) this.state.getSigningState(); + signingState.setSignatureRequest(request); + + MobileBKUHandler handler = this.state.getHandler(); + + do { + // Post SL Request + try { + String responseData = handler.postSLRequest(this.state.getURL(), request); + + // Now we have received some data lets check it: + log.debug("Response from mobile BKU: " + responseData); //$NON-NLS-1$ + + handler.handleSLRequestResponse(responseData); + } catch (Exception ex) { + log.error("Error in PostSLRequestThread", ex); //$NON-NLS-1$ + this.state.setThreadException(ex); + this.state.displayError(ex); + throw new SignatureException(ex); + } + + do { + // Check if credentials are available, get them from user if not + this.state.checkCredentials(); + + // Post credentials + try { + String responseData = handler.postCredentials(); + + // Now we have received some data lets check it: + log.debug("Response from mobile BKU: " + responseData); //$NON-NLS-1$ + + handler.handleCredentialsResponse(responseData); + } catch (Exception ex) { + log.error("Error in PostCredentialsThread", ex); //$NON-NLS-1$ + this.state.setThreadException(ex); + this.state.displayError(ex); + throw new SignatureException(ex); + } + } while(this.state.getStatus().getErrorMessage() != null); + + // Check if response is already available + if (signingState.hasSignatureResponse()) { + SLResponse response = signingState.getSignatureResponse(); + signingState.setSignatureResponse(null); + return response; + } + + do { + // Get TAN + this.state.checkTAN(); + + // Post TAN + try { + String responseData = handler.postTAN(); + + // Now we have received some data lets check it: + log.debug("Response from mobile BKU: " + responseData); //$NON-NLS-1$ + + handler.handleTANResponse(responseData); + } catch (Exception ex) { + log.error("Error in PostTanThread", ex); //$NON-NLS-1$ + this.state.setThreadException(ex); + this.state.displayError(ex); + throw new SignatureException(ex); + } + } while (this.state.getStatus().getErrorMessage() != null); + if (this.state.getStatus().getTanTries() == -1) + throw new SignatureException(new IllegalStateException()); + } while (this.state.getStatus().getTanTries() == -2); + + return signingState.getSignatureResponse(); + } +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java new file mode 100644 index 00000000..3af0bd1d --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java @@ -0,0 +1,238 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku.mobile; + +// Imports +import java.io.IOException; + +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.methods.PostMethod; +import org.eclipse.swt.SWT; +import org.eclipse.swt.widgets.Display; +import org.eclipse.swt.widgets.Shell; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asit.pdfover.gui.bku.BKUHelper; +import at.asit.pdfover.gui.controls.Dialog; +import at.asit.pdfover.gui.controls.Dialog.BUTTONS; +import at.asit.pdfover.gui.controls.Dialog.ICON; +import at.asit.pdfover.gui.utils.Messages; +import at.asit.pdfover.gui.workflow.states.MobileBKUState; +import at.asit.pdfover.signator.SLResponse; + +/** + * A-Trust mobile BKU handler + */ +public class ATrustHandler extends MobileBKUHandler { + Shell shell; + + /** + * @param state + * @param shell + */ + public ATrustHandler(MobileBKUState state, Shell shell) { + super(state); + this.shell = shell; + } + + /** + * SLF4J Logger instance + **/ + private static final Logger log = LoggerFactory + .getLogger(ATrustHandler.class); + + /* (non-Javadoc) + * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#handleSLRequestResponse(java.lang.String) + */ + @Override + public void handleSLRequestResponse(String responseData) throws Exception { + ATrustStatus status = getStatus(); + + // Extract infos: + String sessionID = MobileBKUHelper.extractTag(responseData, + "identification.aspx?sid=", "\""); //$NON-NLS-1$ //$NON-NLS-2$ + + String viewState = MobileBKUHelper.extractTag(responseData, + "id=\"__VIEWSTATE\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ + + String eventValidation = MobileBKUHelper.extractTag(responseData, + "id=\"__EVENTVALIDATION\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ + + log.info("sessionID: " + sessionID); //$NON-NLS-1$ + log.info("viewState: " + viewState); //$NON-NLS-1$ + log.info("eventValidation: " + eventValidation); //$NON-NLS-1$ + + status.setSessionID(sessionID); + + status.setViewstate(viewState); + + status.setEventvalidation(eventValidation); + } + + /* (non-Javadoc) + * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#postCredentials() + */ + @Override + public String postCredentials() throws Exception { + ATrustStatus status = getStatus(); + + MobileBKUHelper.registerTrustedSocketFactory(); + HttpClient client = BKUHelper.getHttpClient(); + + PostMethod post = new PostMethod(status.getBaseURL() + "/identification.aspx?sid=" + status.getSessionID()); //$NON-NLS-1$ + post.getParams().setContentCharset("utf-8"); //$NON-NLS-1$ + post.addParameter("__VIEWSTATE", status.getViewstate()); //$NON-NLS-1$ + post.addParameter("__EVENTVALIDATION", status.getEventvalidation()); //$NON-NLS-1$ + post.addParameter("handynummer", status.getPhoneNumber()); //$NON-NLS-1$ + post.addParameter("signaturpasswort", status.getMobilePassword()); //$NON-NLS-1$ + post.addParameter("Button_Identification", "Identifizieren"); //$NON-NLS-1$ //$NON-NLS-2$ + + return executePost(client, post); + } + + /* (non-Javadoc) + * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#handleCredentialsResponse(java.lang.String) + */ + @Override + public void handleCredentialsResponse(String responseData) throws Exception { + ATrustStatus status = getStatus(); + String viewState = status.getViewstate(); + String eventValidation = status.getEventvalidation(); + String sessionID = status.getSessionID(); + String refVal = null; + String signatureDataURL = null; + + status.setErrorMessage(null); + + if (responseData.contains("signature.aspx?sid=")) { //$NON-NLS-1$ + // credentials ok! TAN entry + sessionID = MobileBKUHelper.extractTag(responseData, "signature.aspx?sid=", "\""); //$NON-NLS-1$ //$NON-NLS-2$ + viewState = MobileBKUHelper.extractTag(responseData, "id=\"__VIEWSTATE\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ + eventValidation = MobileBKUHelper.extractTag(responseData, "id=\"__EVENTVALIDATION\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ + refVal = MobileBKUHelper.extractTag(responseData, "id='vergleichswert'>Vergleichswert:", ""); //$NON-NLS-1$//$NON-NLS-2$ + signatureDataURL = status.getBaseURL() + "/ShowSigobj.aspx" + //$NON-NLS-1$ + MobileBKUHelper.extractTag(responseData, "ShowSigobj.aspx", "'"); //$NON-NLS-1$//$NON-NLS-2$ + } else if (responseData.contains("sl:InfoboxReadResponse")) { //$NON-NLS-1$ + // credentials ok! InfoboxReadResponse + getSigningState().setSignatureResponse( + new SLResponse(responseData, getStatus().getServer(), null, null)); + return; + } else { + + // error page + // extract error text! + String errorMessage = MobileBKUHelper.extractTag(responseData, "", ""); //$NON-NLS-1$ //$NON-NLS-2$ + + status.setErrorMessage(errorMessage); + + // force UI again! + status.setMobilePassword(null); + } + + log.info("sessionID: " + sessionID); //$NON-NLS-1$ + log.info("Vergleichswert: " + refVal); //$NON-NLS-1$ + log.info("viewState: " + viewState); //$NON-NLS-1$ + log.info("eventValidation: " + eventValidation); //$NON-NLS-1$ + log.info("signatureDataURL: " + signatureDataURL); //$NON-NLS-1$ + + status.setSessionID(sessionID); + status.setRefVal(refVal); + status.setViewstate(viewState); + status.setEventvalidation(eventValidation); + status.setSignatureDataURL(signatureDataURL); + } + + /* (non-Javadoc) + * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#postTAN() + */ + @Override + public String postTAN() throws IOException { + ATrustStatus status = getStatus(); + + MobileBKUHelper.registerTrustedSocketFactory(); + HttpClient client = BKUHelper.getHttpClient(); + + PostMethod post = new PostMethod(status.getBaseURL() + + "/signature.aspx?sid=" + status.getSessionID()); //$NON-NLS-1$ + post.getParams().setContentCharset("utf-8"); //$NON-NLS-1$ + post.addParameter("__VIEWSTATE", status.getViewstate()); //$NON-NLS-1$ + post.addParameter( + "__EVENTVALIDATION", status.getEventvalidation()); //$NON-NLS-1$ + post.addParameter("input_tan", status.getTan()); //$NON-NLS-1$ + post.addParameter("SignButton", "Signieren"); //$NON-NLS-1$ //$NON-NLS-2$ + post.addParameter("Button1", "Identifizieren"); //$NON-NLS-1$ //$NON-NLS-2$ + + return executePost(client, post); + } + + /* (non-Javadoc) + * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#handleTANResponse(java.lang.String) + */ + @Override + public void handleTANResponse(String responseData) { + getStatus().setErrorMessage(null); + if (responseData.contains("sl:CreateXMLSignatureResponse xmlns:sl") || //$NON-NLS-1$ + responseData.contains("sl:CreateCMSSignatureResponse xmlns:sl")) { //$NON-NLS-1$ + // success !! + + getSigningState().setSignatureResponse( + new SLResponse(responseData, getStatus().getServer(), null, null)); + } else { + try { + String tries = MobileBKUHelper.extractTag( + responseData, "Sie haben noch", "Versuch"); //$NON-NLS-1$ //$NON-NLS-2$ + getStatus().setTanTries(Integer.parseInt(tries.trim())); + getStatus().setErrorMessage("mobileBKU.wrong_tan"); //$NON-NLS-1$ + } catch (Exception e) { + getStatus().setTanTries(getStatus().getTanTries() - 1); + log.debug("Error parsing TAN response", e); //$NON-NLS-1$ + } + + if (getStatus().getTanTries() <= 0) { + getStatus().setErrorMessage(null); + Display.getDefault().syncExec(new Runnable() { + @Override + public void run() { + Dialog dialog = new Dialog(ATrustHandler.this.shell, Messages.getString("common.warning"), //$NON-NLS-1$ + Messages.getString("mobileBKU.tan_tries_exceeded"), //$NON-NLS-1$ + BUTTONS.OK_CANCEL, ICON.QUESTION); + if (dialog.open() == SWT.CANCEL) { + // Go back to BKU Selection + getStatus().setTanTries(-1); + } else { + // Start signature process over + getStatus().setTanTries(-2); + } + } + }); + } + } + } + + @Override + public ATrustStatus getStatus() { + return (ATrustStatus) getState().getStatus(); + } + + /* (non-Javadoc) + * @see at.asit.pdfover.gui.bku.mobile.MobileBKUHandler#useBase64Request() + */ + @Override + protected boolean useBase64Request() { + return false; + } +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java new file mode 100644 index 00000000..3fedf73e --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java @@ -0,0 +1,86 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku.mobile; + +// Imports +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asit.pdfover.gui.workflow.config.ConfigProvider; + +/** + * A-Trust MobileBKUStatus implementation + */ +public class ATrustStatus extends AbstractMobileBKUStatusImpl { + /** + * SLF4J Logger instance + **/ + @SuppressWarnings("unused") + private static final Logger log = LoggerFactory + .getLogger(ATrustStatus.class); + + /** Maximum number of TAN tries */ + public static final int MOBILE_MAX_TAN_TRIES = 3; + + private String viewstate; + private String eventvalidation; + + /** + * Constructor + * @param provider the ConfigProvider + */ + public ATrustStatus(ConfigProvider provider) { + setPhoneNumber(provider.getDefaultMobileNumber()); + setMobilePassword(provider.getDefaultMobilePassword()); + } + + /* (non-Javadoc) + * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUStatus#getMaxTanTries() + */ + @Override + public int getMaxTanTries() { + return MOBILE_MAX_TAN_TRIES; + } + + /** + * @return the viewstate + */ + public String getViewstate() { + return this.viewstate; + } + + /** + * @param viewstate + * the viewstate to set + */ + public void setViewstate(String viewstate) { + this.viewstate = viewstate; + } + + /** + * @return the eventvalidation + */ + public String getEventvalidation() { + return this.eventvalidation; + } + + /** + * @param eventvalidation the eventvalidation to set + */ + public void setEventvalidation(String eventvalidation) { + this.eventvalidation = eventvalidation; + } +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/AbstractMobileBKUStatusImpl.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/AbstractMobileBKUStatusImpl.java new file mode 100644 index 00000000..e27fda6a --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/AbstractMobileBKUStatusImpl.java @@ -0,0 +1,138 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku.mobile; + +/** + * Basic implementation of a MobileBKUStatus + */ +public abstract class AbstractMobileBKUStatusImpl implements MobileBKUStatus { + + private String sessionID; + private String phoneNumber; + private String mobilePassword; + private String baseURL; + private String refVal; + private String errorMessage; + private String tan; + private String server; + private String signatureDataURL; + private int tanTries = getMaxTanTries(); + + @Override + public int getTanTries() { + return this.tanTries; + } + + @Override + public void setTanTries(int tries) { + this.tanTries = tries; + } + + @Override + public String getTan() { + return this.tan; + } + + @Override + public void setTan(String tan) { + this.tan = tan; + } + + @Override + public String getErrorMessage() { + return this.errorMessage; + } + + @Override + public void setErrorMessage(String errorMessage) { + this.errorMessage = errorMessage; + } + + @Override + public String getRefVal() { + return this.refVal; + } + + @Override + public void setRefVal(String refVal) { + this.refVal = refVal; + } + + @Override + public String getBaseURL() { + return this.baseURL; + } + + @Override + public void setBaseURL(String baseURL) { + this.baseURL = baseURL; + } + + @Override + public String getPhoneNumber() { + return this.phoneNumber; + } + + @Override + public void setPhoneNumber(String phoneNumber) { + this.phoneNumber = phoneNumber; + } + + @Override + public String getMobilePassword() { + return this.mobilePassword; + } + + @Override + public void setMobilePassword(String mobilePassword) { + this.mobilePassword = mobilePassword; + } + + @Override + public String getSessionID() { + return this.sessionID; + } + + @Override + public void setSessionID(String sessionID) { + this.sessionID = sessionID; + } + + @Override + public String getServer() { + return this.server; + } + + @Override + public void setServer(String server) { + this.server = server; + } + + @Override + public String getSignatureDataURL() { + return this.signatureDataURL; + } + + @Override + public void setSignatureDataURL(String signatureDataURL) { + this.signatureDataURL = signatureDataURL; + } + + @Override + public String ensureSessionID(String url) { + return url; + } +} \ No newline at end of file diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/IAIKHandler.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/IAIKHandler.java new file mode 100644 index 00000000..04338f8b --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/IAIKHandler.java @@ -0,0 +1,312 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku.mobile; + +// Imports +import java.io.IOException; +import java.net.URL; + +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.HttpException; +import org.apache.commons.httpclient.HttpStatus; +import org.apache.commons.httpclient.methods.GetMethod; +import org.apache.commons.httpclient.methods.PostMethod; +import org.eclipse.swt.SWT; +import org.eclipse.swt.widgets.Display; +import org.eclipse.swt.widgets.Shell; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asit.pdfover.gui.bku.BKUHelper; +import at.asit.pdfover.gui.controls.Dialog; +import at.asit.pdfover.gui.controls.Dialog.BUTTONS; +import at.asit.pdfover.gui.controls.Dialog.ICON; +import at.asit.pdfover.gui.utils.Messages; +import at.asit.pdfover.gui.workflow.states.MobileBKUState; +import at.asit.pdfover.signator.SLResponse; + +/** + * + */ +public class IAIKHandler extends MobileBKUHandler { + /** + * SLF4J Logger instance + **/ + private static final Logger log = LoggerFactory + .getLogger(IAIKHandler.class); + + Shell shell; + + /** + * Constructor + * @param state the MobileBKUState + * @param shell the Shell + */ + public IAIKHandler(MobileBKUState state, Shell shell) { + super(state); + this.shell = shell; + } + + /* (non-Javadoc) + * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#handleSLRequestResponse(java.lang.String) + */ + @Override + public void handleSLRequestResponse(String responseData) throws Exception { + IAIKStatus status = getStatus(); + + // Extract infos: + String credentialURL = MobileBKUHelper.extractTag(responseData, + "name=\"userCredLogon\" method=\"post\" action=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ + URL baseURL = new URL(status.getBaseURL()); + int p = baseURL.getPort(); + String port = ((p != -1) && (p != baseURL.getDefaultPort())) ? ":" + p : ""; //$NON-NLS-1$ //$NON-NLS-2$ + credentialURL = baseURL.getProtocol() + "://" + baseURL.getHost() + port + //$NON-NLS-1$ + (credentialURL.startsWith("/") ? "" : "/") + credentialURL; //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ + + String viewState = MobileBKUHelper.extractTag(responseData, + "id=\"javax.faces.ViewState\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ + + String sessionID = credentialURL.substring(credentialURL.indexOf("jsessionid=") + 11); //$NON-NLS-1$ + + log.info("credentialURL: " + credentialURL); //$NON-NLS-1$ + log.info("sessionID: " + sessionID); //$NON-NLS-1$ + log.info("viewState: " + viewState); //$NON-NLS-1$ + + status.setBaseURL(credentialURL); + status.setSessionID(sessionID); + status.setViewState(viewState); + } + + /* (non-Javadoc) + * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#postCredentials() + */ + @Override + public String postCredentials() throws Exception { + IAIKStatus status = getStatus(); + + MobileBKUHelper.registerTrustedSocketFactory(); + HttpClient client = BKUHelper.getHttpClient(); + + PostMethod post = new PostMethod(status.getBaseURL()); + post.getParams().setContentCharset("utf-8"); //$NON-NLS-1$ + post.addParameter("javax.faces.ViewState", status.getViewState()); //$NON-NLS-1$ + post.addParameter("userCredLogon:phoneNR", status.getPhoneNumber()); //$NON-NLS-1$ + post.addParameter("userCredLogon:pwd", status.getMobilePassword()); //$NON-NLS-1$ + post.addParameter("userCredLogon:logonButton", "userCredLogon:logonButton"); //$NON-NLS-1$ //$NON-NLS-2$ + post.addParameter("javax.faces.partial.ajax", "true"); //$NON-NLS-1$ //$NON-NLS-2$ + post.addParameter("javax.faces.source", "userCredLogon:logonButton"); //$NON-NLS-1$ //$NON-NLS-2$ + post.addParameter("javax.faces.partial.execute", "@all"); //$NON-NLS-1$ //$NON-NLS-2$ + post.addParameter("javax.faces.partial.render", "userCredLogon:errorMessagePanel userCredLogon:errorMessage"); //$NON-NLS-1$ //$NON-NLS-2$ + post.addParameter("userCredLogon", "userCredLogon"); //$NON-NLS-1$ //$NON-NLS-2$ + post.addParameter("userCredLogon:j_idt20_input", "de"); //$NON-NLS-1$ //$NON-NLS-2$ + + return executePost(client, post); +} + + /* (non-Javadoc) + * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#handleCredentialsResponse(java.lang.String) + */ + @Override + public void handleCredentialsResponse(String responseData) throws Exception { + IAIKStatus status = getStatus(); + + String refVal = null; + String signatureDataURL = null; + + status.setErrorMessage(null); + + if (!responseData.contains("referenceValueLogon.jsf")) { //$NON-NLS-1$ + // Assume that an error occurred + + String errorMessage; + try { + errorMessage = MobileBKUHelper.extractTag(responseData, ":errorMessage\">", ""); //$NON-NLS-1$ //$NON-NLS-2$ + } catch (Exception e) { + errorMessage = Messages.getString("error.Unexpected"); //$NON-NLS-1$ + } + status.setErrorMessage(errorMessage); + + // force UI again! + status.setMobilePassword(null); + return; + } + + HttpClient client = BKUHelper.getHttpClient(); + + String redirectURL = status.getBaseURL().substring(0, + status.getBaseURL().lastIndexOf('/', + status.getBaseURL().lastIndexOf('/') - 1) + 1); //Cut off last directory + redirectURL += MobileBKUHelper.extractTag(responseData, + "redirection_url\":\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ + redirectURL = status.ensureSessionID(redirectURL); + + responseData = getRedirect(client, redirectURL); + + refVal = MobileBKUHelper.extractTag(responseData, + "id=\"j_idt6:refValue\" class=\"strong\">", "", ""); //$NON-NLS-1$ //$NON-NLS-2$ + getStatus().setErrorMessage(errorMessage); + } catch (Exception e) { + // Assume that wrong TAN was entered too many times + Display.getDefault().syncExec(new Runnable() { + @Override + public void run() { + Dialog dialog = new Dialog(IAIKHandler.this.shell, Messages.getString("common.warning"), //$NON-NLS-1$ + Messages.getString("mobileBKU.tan_tries_exceeded"), //$NON-NLS-1$ + BUTTONS.OK_CANCEL, ICON.QUESTION); + if (dialog.open() == SWT.CANCEL) { + // Go back to BKU Selection + getStatus().setTanTries(-1); + } else { + // Start signature process over + getStatus().setTanTries(-2); + } + } + }); + } + } + } + + @Override + public IAIKStatus getStatus() { + return (IAIKStatus) getState().getStatus(); + } + + private String getRedirect(HttpClient client, String redirectURL) throws HttpException, IOException { + redirectURL = getStatus().ensureSessionID(redirectURL); + log.debug("Sending get request to URL " + redirectURL); //$NON-NLS-1$ + + GetMethod get = new GetMethod(redirectURL); + int returnCode = client.executeMethod(get); + if (returnCode != HttpStatus.SC_OK) { + throw new HttpException(HttpStatus.getStatusText(returnCode)); + } + String responseData = get.getResponseBodyAsString(); + log.debug("Response: " + responseData); //$NON-NLS-1$ + return responseData; + } + + /* (non-Javadoc) + * @see at.asit.pdfover.gui.bku.mobile.MobileBKUHandler#useBase64Request() + */ + @Override + protected boolean useBase64Request() { + return false; + } +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/IAIKStatus.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/IAIKStatus.java new file mode 100644 index 00000000..3f354f94 --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/IAIKStatus.java @@ -0,0 +1,80 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku.mobile; + +// Imports +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asit.pdfover.gui.workflow.config.ConfigProvider; + +/** + * IAIK MobileBKUStatus implementation + */ +public class IAIKStatus extends AbstractMobileBKUStatusImpl { + /** + * SLF4J Logger instance + **/ + @SuppressWarnings("unused") + private static final Logger log = LoggerFactory.getLogger(IAIKStatus.class); + + /** Maximum number of TAN tries */ + public static final int MOBILE_MAX_TAN_TRIES = 3; + + private String viewState; + + /** + * Constructor + * @param provider the ConfigProvider + */ + public IAIKStatus(ConfigProvider provider) { + setPhoneNumber(provider.getDefaultMobileNumber()); + setMobilePassword(provider.getDefaultMobilePassword()); + } + + /* (non-Javadoc) + * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUStatus#getMaxTanTries() + */ + @Override + public int getMaxTanTries() { + return MOBILE_MAX_TAN_TRIES; + } + + /** + * @return the viewstate + */ + public String getViewState() { + return this.viewState; + } + + /** + * @param viewState + * the viewState to set + */ + public void setViewState(String viewState) { + this.viewState = viewState; + } + + @Override + public String ensureSessionID(String url) + { + if (url.contains("jsessionid=")) //$NON-NLS-1$ + return url; + + url += ";jsessionid=" + getSessionID(); //$NON-NLS-1$ + return url; + } +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java new file mode 100644 index 00000000..3c2609a7 --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java @@ -0,0 +1,264 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku.mobile; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import org.apache.commons.httpclient.Header; +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.HttpException; +import org.apache.commons.httpclient.HttpStatus; +import org.apache.commons.httpclient.methods.GetMethod; +import org.apache.commons.httpclient.methods.PostMethod; +import org.apache.commons.httpclient.methods.multipart.FilePart; +import org.apache.commons.httpclient.methods.multipart.MultipartRequestEntity; +import org.apache.commons.httpclient.methods.multipart.Part; +import org.apache.commons.httpclient.methods.multipart.StringPart; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asit.pdfover.gui.bku.BKUHelper; +import at.asit.pdfover.gui.utils.FileUploadSource; +import at.asit.pdfover.gui.workflow.states.LocalBKUState; +import at.asit.pdfover.gui.workflow.states.MobileBKUState; +import at.asit.pdfover.signator.SLRequest; +import at.asit.pdfover.signator.SigningState; + +/** + * A mobile BKU Handler + */ +public abstract class MobileBKUHandler { + /** + * SLF4J Logger instance + **/ + static final Logger log = LoggerFactory + .getLogger(MobileBKUHandler.class); + + private MobileBKUState state; + + /** + * Constructor + * @param state the MobileBKUState + */ + public MobileBKUHandler(MobileBKUState state) + { + this.state = state; + } + + /** + * Post the SL request + * @param mobileBKUUrl mobile BKU URL + * @param request SLRequest + * @return the response + * @throws IOException IO error + */ + public String postSLRequest(String mobileBKUUrl, SLRequest request) throws IOException { + MobileBKUHelper.registerTrustedSocketFactory(); + HttpClient client = BKUHelper.getHttpClient(); + + PostMethod post = new PostMethod(mobileBKUUrl); + String sl_request; + if (request.getSignatureData() != null) { + if (useBase64Request()) + { + sl_request = request.getBase64Request(); + post.addParameter("XMLRequest", sl_request); //$NON-NLS-1$ + } else { + sl_request = request.getFileUploadRequest(); + StringPart xmlpart = new StringPart( + "XMLRequest", sl_request, "UTF-8"); //$NON-NLS-1$ //$NON-NLS-2$ + + FilePart filepart = new FilePart("fileupload", //$NON-NLS-1$ + new FileUploadSource(request.getSignatureData())); + + Part[] parts = { xmlpart, filepart }; + + post.setRequestEntity(new MultipartRequestEntity(parts, post + .getParams())); + } + } else { + sl_request = request.getRequest(); + post.addParameter("XMLRequest", sl_request); //$NON-NLS-1$ + } + log.debug("SL Request: " + sl_request); //$NON-NLS-1$ + + getState().getStatus().setBaseURL( + MobileBKUHelper.stripQueryString(mobileBKUUrl)); + + return executePost(client, post); + } + + /** + * Handle the response to the SL request post + * @param responseData response data + * @throws Exception Error during handling + */ + public abstract void handleSLRequestResponse(String responseData) throws Exception; + + + /** + * Post the credentials + * @return the response + * @throws Exception Error during posting + */ + public abstract String postCredentials() throws Exception; + + /** + * Handle the response to credentials post + * @param responseData response data + * @throws Exception Error during handling + */ + public abstract void handleCredentialsResponse(String responseData) throws Exception; + + /** + * Post the TAN + * @return the response + * @throws Exception Error during posting + */ + public abstract String postTAN() throws Exception; + + /** + * Handle the response to TAN post + * @param responseData response data + * @throws Exception Error during handling + */ + public abstract void handleTANResponse(String responseData) throws Exception; + + /** + * Get the MobileBKUState + * @return the MobileBKUState + */ + protected MobileBKUState getState() { + return this.state; + } + + /** + * Get the MobileBKUStatus + * @return the MobileBKUStatus + */ + protected MobileBKUStatus getStatus() { + return this.state.getStatus(); + } + + /** + * Get the SigningState + * @return the SigningState + */ + protected SigningState getSigningState() { + return getState().getSigningState(); + } + + /** + * Whether to use a Base64 request + * @return true if base64 request shall be used + */ + protected abstract boolean useBase64Request(); + + /** + * Execute a post to the mobile BKU, following redirects + * @param client the HttpClient + * @param post the PostMethod + * @return the response + * @throws IOException IO error + */ + protected String executePost(HttpClient client, PostMethod post) throws IOException { + if (log.isDebugEnabled()) { + String req; + if (post.getRequestEntity().getContentLength() < 1024) { + ByteArrayOutputStream os = new ByteArrayOutputStream(); + post.getRequestEntity().writeRequest(os); + req = os.toString(); + if (req.contains("passwort=")) //$NON-NLS-1$ + req = req.replaceAll("passwort=[^&]*", "passwort=******"); //$NON-NLS-1$ //$NON-NLS-2$ + if (req.contains(":pwd=")) //$NON-NLS-1$ + req = req.replaceAll(":pwd=[^&]*", ":pwd=******"); //$NON-NLS-1$ //$NON-NLS-2$ + os.close(); + } else { + req = post.getRequestEntity().getContentLength() + " bytes"; //$NON-NLS-1$ + } + log.debug("Posting to " + post.getURI() + ": " + req); //$NON-NLS-1$ //$NON-NLS-2$ + } + int returnCode = client.executeMethod(post); + + String redirectLocation = null; + + GetMethod get = null; + + String responseData = null; + + String server = null; + + // Follow redirects + do { + // check return code + if (returnCode == HttpStatus.SC_MOVED_TEMPORARILY || + returnCode == HttpStatus.SC_MOVED_PERMANENTLY) { + + Header locationHeader = post.getResponseHeader("location"); //$NON-NLS-1$ + if (locationHeader != null) { + redirectLocation = locationHeader.getValue(); + } else { + throw new IOException( + "Got HTTP 302 but no location to follow!"); //$NON-NLS-1$ + } + } else if (returnCode == HttpStatus.SC_OK) { + if (get != null) { + responseData = get.getResponseBodyAsString(); + Header serverHeader = get.getResponseHeader( + LocalBKUState.BKU_RESPONSE_HEADER_SERVER); + if (serverHeader != null) + server = serverHeader.getValue(); + } else { + responseData = post.getResponseBodyAsString(); + + Header serverHeader = post.getResponseHeader( + LocalBKUState.BKU_RESPONSE_HEADER_SERVER); + if (serverHeader != null) + server = serverHeader.getValue(); + } + redirectLocation = null; + String p = "]*http-equiv=\"refresh\" [^>]*content=\"([^\"]*)\""; //$NON-NLS-1$ + Pattern pat = Pattern.compile(p); + Matcher m = pat.matcher(responseData); + if (m.find()) { + String content = m.group(1); + int start = content.indexOf("URL=") +9; //$NON-NLS-1$ + redirectLocation = content.substring(start, content.length() - 5); + } + } else { + throw new HttpException( + HttpStatus.getStatusText(returnCode)); + } + + if (redirectLocation != null) { + redirectLocation = getStatus().ensureSessionID(redirectLocation); + log.debug("Redirected to " + redirectLocation); //$NON-NLS-1$ + get = new GetMethod(redirectLocation); + get.setFollowRedirects(true); + returnCode = client.executeMethod(get); + } + } while (redirectLocation != null); + + getStatus().setServer(server); + if (server != null) + log.info("Server: " + server); //$NON-NLS-1$ + + return responseData; + } +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHelper.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHelper.java new file mode 100644 index 00000000..5e96366f --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHelper.java @@ -0,0 +1,158 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku.mobile; + +// Imports +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import org.apache.commons.httpclient.protocol.Protocol; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asit.pdfover.gui.exceptions.InvalidNumberException; +import at.asit.pdfover.gui.exceptions.InvalidPasswordException; +import at.asit.pdfover.gui.exceptions.PasswordTooLongException; +import at.asit.pdfover.gui.exceptions.PasswordTooShortException; + +/** + * + */ +public class MobileBKUHelper { + /** + * SLF4J Logger instance + **/ + private static final Logger log = LoggerFactory + .getLogger(MobileBKUHelper.class); + + /** + * Regular expression for mobile phone numbers: this allows the entry of + * mobile numbers in the following formats: + * + * +(countryCode)99999999999 00(countryCode)99999999999 099999999999 + * 1030199999999999 (A-Trust Test bku) + */ + private static final String NUMBER_REGEX = "^((\\+[\\d]{2})|(00[\\d]{2})|(0)|(10301))([1-9][\\d]+)$"; //$NON-NLS-1$ + + /** + * Extracts a substring from data starting after start and ending with end + * + * @param data + * the whole data string + * @param start + * the start marker + * @param end + * the end marker + * @return the substring + * @throws Exception + */ + public static String extractTag(String data, String start, String end) + throws Exception { + int startidx = data.indexOf(start); + if (startidx > 0) { + startidx = startidx + start.length(); + int endidx = data.indexOf(end, startidx); + if (endidx > startidx) { + return data.substring(startidx, endidx); + } + log.error("extracting Tag: end tag not valid!: " + start + " ... " + end); //$NON-NLS-1$//$NON-NLS-2$ + throw new Exception("end tag not available!"); //$NON-NLS-1$ + } + log.error("extracting Tag: start tag not valid!: " + start + " ... " + end); //$NON-NLS-1$//$NON-NLS-2$ + throw new Exception("start tag not available!"); //$NON-NLS-1$ + } + + /** + * Validates the Mobile phone number + * + * @param number + * @return the normalized Phone number + * @throws InvalidNumberException + */ + public static String normalizeMobileNumber(String number) + throws InvalidNumberException { + // Verify number and normalize + + // Compile and use regular expression + Pattern pattern = Pattern.compile(NUMBER_REGEX); + Matcher matcher = pattern.matcher(number); + + if (!matcher.find()) { + throw new InvalidNumberException(); + } + + if (matcher.groupCount() != 6) { + throw new InvalidNumberException(); + } + + String countryCode = matcher.group(1); + + String normalNumber = matcher.group(6); + + if (countryCode.equals("10301")) { //$NON-NLS-1$ + // A-Trust Testnumber! Don't change + return number; + } + + countryCode = countryCode.replace("00", "+"); //$NON-NLS-1$ //$NON-NLS-2$ + + if (countryCode.equals("0")) { //$NON-NLS-1$ + countryCode = "+43"; //$NON-NLS-1$ + } + + return countryCode + normalNumber; + } + + /** + * Validate given Password for Mobile BKU + * + * @param password + * @throws InvalidPasswordException + */ + public static void validatePassword(String password) + throws InvalidPasswordException { + if (password.length() < 6 || password.length() > 20) { + if (password.length() < 6) { + throw new PasswordTooShortException(); + } + throw new PasswordTooLongException(); + } + } + + /** + * Removes file extension from URL + * + * @param query + * the url string + * @return the stripped url + */ + public static String stripQueryString(String query) { + int pathidx = query.lastIndexOf('/'); + if (pathidx > 0) { + return query.substring(0, pathidx); + } + return query; + } + + /** + * Register our TrustedSocketFactory for https connections + */ + @SuppressWarnings("deprecation") + public static void registerTrustedSocketFactory() { + Protocol.registerProtocol("https", //$NON-NLS-1$ + new Protocol("https", new TrustedSocketFactory(), 443)); //$NON-NLS-1$ + } +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUStatus.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUStatus.java new file mode 100644 index 00000000..321faac5 --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUStatus.java @@ -0,0 +1,140 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku.mobile; + +/** + * + */ +public interface MobileBKUStatus { + /** + * @return the identification_url + */ + public String getSessionID(); + + /** + * @param sessionID the identification_url to set + */ + public void setSessionID(String sessionID); + + /** + * @return the phoneNumber + */ + public String getPhoneNumber(); + + /** + * @param phoneNumber the phoneNumber to set + */ + public void setPhoneNumber(String phoneNumber); + + /** + * @return the mobilePassword + */ + public String getMobilePassword(); + + /** + * @param mobilePassword the mobilePassword to set + */ + public void setMobilePassword(String mobilePassword); + + /** + * @return the reference value + */ + public String getRefVal(); + + /** + * @param refVal the reference value to set + */ + public void setRefVal(String refVal); + + /** + * @return the tan + */ + public String getTan(); + + /** + * @param tan the tan to set + */ + public void setTan(String tan); + + /** + * Get maximum number of TAN tries + * @return the maximum number of TAN tries + */ + public int getMaxTanTries(); + + /** + * Get number of TAN tries left + * @return the number of TAN tries left + */ + public int getTanTries(); + + /** + * Set number of TAN tries left + * @param tries the number of TAN tries left + */ + public void setTanTries(int tries); + + /** + * @return the errorMessage + */ + public String getErrorMessage(); + + /** + * @param errorMessage the errorMessage to set + */ + public void setErrorMessage(String errorMessage); + + /** + * @return the baseURL + */ + public String getBaseURL(); + + /** + * @param baseURL + */ + public void setBaseURL(String baseURL); + + /** + * Return the SL request server + * @return the SL request server + */ + public String getServer(); + + /** + * Set the SL request server + * @param server the SL request server + */ + public void setServer(String server); + + /** + * Get the signature data URL + * @return the signature data URL + */ + public String getSignatureDataURL(); + + /** + * Set the signature data URL + * @param signatureDataURL the signature data URL + */ + public void setSignatureDataURL(String signatureDataURL); + + /** + * Ensure that given URL contains a session ID (if necessary) + * @param url URL to check for session ID + * @return resulting URL + */ + public String ensureSessionID(String url); +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUs.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUs.java new file mode 100644 index 00000000..e0c890da --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUs.java @@ -0,0 +1,27 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku.mobile; + +/** + * Available mobile BKUs + */ +public enum MobileBKUs { + /** A-Trust BKU */ + A_TRUST, + + /** IAIK */ + IAIK +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/SimpleXMLTrustManager.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/SimpleXMLTrustManager.java new file mode 100644 index 00000000..bceb59fb --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/SimpleXMLTrustManager.java @@ -0,0 +1,225 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku.mobile; + +// Imports +import java.security.KeyStore; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.Arrays; + +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactory; +import javax.net.ssl.X509TrustManager; +import javax.xml.parsers.DocumentBuilderFactory; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +import at.asit.pdfover.gui.Constants; + +/** + * + */ +public class SimpleXMLTrustManager implements X509TrustManager { + /** + * SLF4J Logger instance + **/ + private static final Logger log = LoggerFactory + .getLogger(SimpleXMLTrustManager.class); + + /* + * The default X509TrustManager returned by SunX509. We'll delegate + * decisions to it, and fall back to the logic in this class if the default + * X509TrustManager doesn't trust it. + */ + X509TrustManager sunJSSEX509TrustManager; + + /** + * Trust Manager for A-Trust Certificates + */ + X509TrustManager atrustTrustManager; + + /** + * Constructs the TrustManager + * + * @throws Exception + */ + public SimpleXMLTrustManager() throws Exception { + // create a "default" JSSE X509TrustManager. + + TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); //$NON-NLS-1$ + tmf.init((KeyStore) null); + + TrustManager tms[] = tmf.getTrustManagers(); + + /* + * Iterate over the returned trustmanagers, look for an instance of + * X509TrustManager. If found, use that as our "default" trust manager. + */ + for (int i = 0; i < tms.length; i++) { + if (tms[i] instanceof X509TrustManager) { + this.sunJSSEX509TrustManager = (X509TrustManager) tms[i]; + break; + } + } + + /* + * A-Trust Certificates + */ + + KeyStore myKeyStore = KeyStore.getInstance(KeyStore + .getDefaultType()); + + myKeyStore.load(null); + + Document doc = DocumentBuilderFactory.newInstance() + .newDocumentBuilder() + .parse(this.getClass().getResourceAsStream(Constants.RES_CERT_LIST)); + + Node certificates = doc.getFirstChild(); + + if (!certificates.getNodeName().equals("certificates")) { //$NON-NLS-1$ + throw new Exception( + "Used certificates xml is invalid! no certificates node"); //$NON-NLS-1$ + } + + NodeList certificateList = certificates.getChildNodes(); + + for (int i = 0; i < certificateList.getLength(); i++) { + try { + + Node certificateNode = certificateList.item(i); + + if (certificateNode.getNodeName().equals("#text")) { //$NON-NLS-1$ + continue; // Ignore dummy text node .. + } + + if (!certificateNode.getNodeName().equals("certificate")) { //$NON-NLS-1$ + log.warn("Ignoring XML node: " + certificateNode.getNodeName()); //$NON-NLS-1$ + continue; + } + + String certResource = Constants.RES_CERT_PATH + certificateNode.getTextContent(); + + X509Certificate cert = (X509Certificate) CertificateFactory + .getInstance("X509"). //$NON-NLS-1$ + generateCertificate( + this.getClass().getResourceAsStream( + certResource)); + + myKeyStore.setCertificateEntry(certificateNode.getTextContent(), cert); + + log.debug("Loaded certificate : " + certResource); //$NON-NLS-1$ + + } catch (Exception ex) { + log.error("Failed to load certificate [" + "]", ex); //$NON-NLS-1$ //$NON-NLS-2$ + } + } + + tmf.init(myKeyStore); + + tms = tmf.getTrustManagers(); + + /* + * Iterate over the returned trustmanagers, look for an instance of + * X509TrustManager. If found, use that as our "default" trust manager. + */ + for (int i = 0; i < tms.length; i++) { + if (tms[i] instanceof X509TrustManager) { + this.atrustTrustManager = (X509TrustManager) tms[i]; + break; + } + } + + if (this.sunJSSEX509TrustManager != null + && this.atrustTrustManager != null) { + return; + } + + /* + * Find some other way to initialize, or else we have to fail the + * constructor. + */ + throw new Exception("Couldn't initialize ASITTrustManager"); //$NON-NLS-1$ + } + + /* + * (non-Javadoc) + * + * @see + * javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert. + * X509Certificate[], java.lang.String) + */ + @Override + public void checkClientTrusted(X509Certificate[] arg0, String arg1) + throws CertificateException { + try { + this.atrustTrustManager.checkServerTrusted(arg0, arg1); + } catch (CertificateException ex) { + try { + this.sunJSSEX509TrustManager.checkClientTrusted(arg0, arg1); + } catch (CertificateException ex2) { + log.info("checkClientTrusted: ", ex2); //$NON-NLS-1$ + throw ex2; + } + } + } + + /* + * (non-Javadoc) + * + * @see + * javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert. + * X509Certificate[], java.lang.String) + */ + @Override + public void checkServerTrusted(X509Certificate[] arg0, String arg1) + throws CertificateException { + try { + this.atrustTrustManager.checkServerTrusted(arg0, arg1); + } catch (CertificateException ex) { + try { + this.sunJSSEX509TrustManager.checkServerTrusted(arg0, arg1); + } catch (CertificateException ex2) { + log.info("checkServerTrusted: ", ex2); //$NON-NLS-1$ + throw ex2; + } + } + } + + /* + * (non-Javadoc) + * + * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers() + */ + @Override + public X509Certificate[] getAcceptedIssuers() { + + X509Certificate[] default_certs = this.sunJSSEX509TrustManager.getAcceptedIssuers(); + + X509Certificate[] atrust_certs = this.atrustTrustManager.getAcceptedIssuers(); + + X509Certificate[] all_certs = Arrays.copyOf(default_certs, default_certs.length + atrust_certs.length); + System.arraycopy(atrust_certs, 0, all_certs, default_certs.length, atrust_certs.length); + return all_certs; + } + +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/TrustedSocketFactory.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/TrustedSocketFactory.java new file mode 100644 index 00000000..4fa71703 --- /dev/null +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/TrustedSocketFactory.java @@ -0,0 +1,192 @@ +/* + * Copyright 2012 by A-SIT, Secure Information Technology Center Austria + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://joinup.ec.europa.eu/software/page/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + */ +package at.asit.pdfover.gui.bku.mobile; + +// Imports +import java.io.IOException; +import java.net.InetAddress; +import java.net.InetSocketAddress; +import java.net.Socket; +import java.net.SocketAddress; +import java.net.UnknownHostException; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; + +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSocket; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; + +import org.apache.commons.httpclient.ConnectTimeoutException; +import org.apache.commons.httpclient.params.HttpConnectionParams; +import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asit.pdfover.gui.utils.Messages; + +/** + * + */ +public class TrustedSocketFactory implements SecureProtocolSocketFactory { + /** + * SLF4J Logger instance + **/ + private static final Logger log = LoggerFactory + .getLogger(TrustedSocketFactory.class); + + private static final String ENABLED_CS[] = { + "TLS_RSA_WITH_AES_128_CBC_SHA", //$NON-NLS-1$ + "SSL_RSA_WITH_RC4_128_SHA", //$NON-NLS-1$ + "SSL_RSA_WITH_3DES_EDE_CBC_SHA", //$NON-NLS-1$ + "SSL_RSA_WITH_RC4_128_MD5" //$NON-NLS-1$ + }; + + private static SSLSocketFactory getFactory() throws NoSuchAlgorithmException, + KeyManagementException, Exception { + SSLContext sslContext = SSLContext.getInstance("TLS"); //$NON-NLS-1$ + sslContext.init(null, new TrustManager[] { new SimpleXMLTrustManager() }, + new java.security.SecureRandom()); + + return sslContext.getSocketFactory(); + } + + /* + * (non-Javadoc) + * + * @see + * org.apache.commons.httpclient.protocol.ProtocolSocketFactory#createSocket + * (java.lang.String, int) + */ + @Override + public Socket createSocket(String host, int port) throws IOException, + UnknownHostException { + try { + SSLSocket sslSocket = (SSLSocket) getFactory().createSocket(host, + port); + sslSocket.setEnabledCipherSuites(ENABLED_CS); + return sslSocket; + } catch (Exception ex) { + log.error("TrustedSocketFactory: ", ex); //$NON-NLS-1$ + if (ex instanceof IOException) { + throw (IOException) ex; + } else if (ex instanceof UnknownHostException) { + throw (UnknownHostException) ex; + } else { + throw new IOException( + Messages.getString("TrustedSocketFactory.FailedToCreateSecureConnection"), ex); //$NON-NLS-1$ + } + } + } + + /* + * (non-Javadoc) + * + * @see + * org.apache.commons.httpclient.protocol.ProtocolSocketFactory#createSocket + * (java.lang.String, int, java.net.InetAddress, int) + */ + @Override + public Socket createSocket(String host, int port, InetAddress clientHost, + int clientPort) throws IOException, UnknownHostException { + try { + SSLSocket sslSocket = (SSLSocket) getFactory().createSocket(host, + port, clientHost, clientPort); + sslSocket.setEnabledCipherSuites(ENABLED_CS); + return sslSocket; + } catch (Exception ex) { + log.error("TrustedSocketFactory: ", ex); //$NON-NLS-1$ + if (ex instanceof IOException) { + throw (IOException) ex; + } else if (ex instanceof UnknownHostException) { + throw (UnknownHostException) ex; + } else { + throw new IOException( + Messages.getString("TrustedSocketFactory.FailedToCreateSecureConnection"), ex); //$NON-NLS-1$ + } + } + } + + /* + * (non-Javadoc) + * + * @see + * org.apache.commons.httpclient.protocol.ProtocolSocketFactory#createSocket + * (java.lang.String, int, java.net.InetAddress, int, + * org.apache.commons.httpclient.params.HttpConnectionParams) + */ + @Override + public Socket createSocket(String host, int port, InetAddress clientHost, + int clientPort, HttpConnectionParams params) throws IOException, + UnknownHostException, ConnectTimeoutException { + try { + if (params == null) { + throw new IllegalArgumentException("Parameters may not be null"); //$NON-NLS-1$ + } + int timeout = params.getConnectionTimeout(); + SSLSocket sslSocket = null; + + SSLSocketFactory socketfactory = getFactory(); + if (timeout == 0) { + sslSocket = (SSLSocket) socketfactory.createSocket(host, port, clientHost, + clientPort); + } else { + sslSocket = (SSLSocket) socketfactory.createSocket(); + SocketAddress localaddr = new InetSocketAddress(clientHost, + clientPort); + SocketAddress remoteaddr = new InetSocketAddress(host, port); + sslSocket.bind(localaddr); + sslSocket.connect(remoteaddr, timeout); + } + sslSocket.setEnabledCipherSuites(ENABLED_CS); + return sslSocket; + } catch (Exception ex) { + log.error("TrustedSocketFactory: ", ex); //$NON-NLS-1$ + if (ex instanceof IOException) { + throw (IOException) ex; + } else if (ex instanceof UnknownHostException) { + throw (UnknownHostException) ex; + } else { + throw new IOException( + Messages.getString("TrustedSocketFactory.FailedToCreateSecureConnection"), ex); //$NON-NLS-1$ + } + } + } + + /* (non-Javadoc) + * @see org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory#createSocket(java.net.Socket, java.lang.String, int, boolean) + */ + @Override + public Socket createSocket(Socket socket, String host, int port, + boolean autoClose) throws IOException, UnknownHostException { + try { + SSLSocket sslSocket = (SSLSocket) getFactory().createSocket(socket, host, port, autoClose); + sslSocket.setEnabledCipherSuites(ENABLED_CS); + return sslSocket; + } catch (Exception ex) { + log.error("TrustedSocketFactory: ", ex); //$NON-NLS-1$ + if (ex instanceof IOException) { + throw (IOException) ex; + } else if (ex instanceof UnknownHostException) { + throw (UnknownHostException) ex; + } else { + throw new IOException( + Messages.getString("TrustedSocketFactory.FailedToCreateSecureConnection"), ex); //$NON-NLS-1$ + } + } + } + +} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/cliarguments/PasswordArgument.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/cliarguments/PasswordArgument.java index 268468d9..a6442395 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/cliarguments/PasswordArgument.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/cliarguments/PasswordArgument.java @@ -19,9 +19,9 @@ package at.asit.pdfover.gui.cliarguments; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.asit.pdfover.gui.bku.mobile.MobileBKUHelper; import at.asit.pdfover.gui.exceptions.InitializationException; import at.asit.pdfover.gui.utils.Messages; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHelper; /** * CLI Argument to provide Mobile BKU password diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/cliarguments/PhoneNumberArgument.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/cliarguments/PhoneNumberArgument.java index afaa01c7..c7f23e02 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/cliarguments/PhoneNumberArgument.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/cliarguments/PhoneNumberArgument.java @@ -19,9 +19,9 @@ package at.asit.pdfover.gui.cliarguments; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.asit.pdfover.gui.bku.mobile.MobileBKUHelper; import at.asit.pdfover.gui.exceptions.InitializationException; import at.asit.pdfover.gui.utils.Messages; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHelper; /** * CLI Argument to provide Mobile BKU phone number to use diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/MobileBKUEnterNumberComposite.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/MobileBKUEnterNumberComposite.java index 4cf7ec83..17e82d07 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/MobileBKUEnterNumberComposite.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/MobileBKUEnterNumberComposite.java @@ -35,11 +35,11 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.asit.pdfover.gui.Constants; +import at.asit.pdfover.gui.bku.mobile.MobileBKUHelper; import at.asit.pdfover.gui.exceptions.InvalidNumberException; import at.asit.pdfover.gui.exceptions.InvalidPasswordException; import at.asit.pdfover.gui.utils.Messages; import at.asit.pdfover.gui.workflow.states.State; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHelper; /** * Composite for entering the phone number for the mobile BKU @@ -101,7 +101,7 @@ public class MobileBKUEnterNumberComposite extends StateComposite { return; } - MobileBKUEnterNumberComposite.this.state.updateStateMachine(); + //MobileBKUEnterNumberComposite.this.state.updateStateMachine(); } /* (non-Javadoc) diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/MobileBKUEnterTANComposite.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/MobileBKUEnterTANComposite.java index 1d198e30..28f8b65e 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/MobileBKUEnterTANComposite.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/MobileBKUEnterTANComposite.java @@ -87,7 +87,7 @@ public class MobileBKUEnterTANComposite extends StateComposite { MobileBKUEnterTANComposite.this.tan = tan; MobileBKUEnterTANComposite.this.setUserAck(true); MobileBKUEnterTANComposite.this.btn_ok.setEnabled(false); - MobileBKUEnterTANComposite.this.state.updateStateMachine(); + //MobileBKUEnterTANComposite.this.state.updateStateMachine(); //MobileBKUEnterTANComposite.this.btn_ok.setEnabled(true); } } diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/utils/Unzipper.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/utils/Unzipper.java deleted file mode 100644 index 1c638f0d..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/utils/Unzipper.java +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.utils; - -// Imports -import java.io.BufferedOutputStream; -import java.io.File; -import java.io.FileOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.zip.ZipEntry; -import java.util.zip.ZipInputStream; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * Unzipper to extract default configuration - */ -public class Unzipper { - /** - * SLF4J Logger instance - **/ - private static final Logger log = LoggerFactory.getLogger(Unzipper.class); - - /** - * Extracts Zip File input stream to target path - * @param is - * @param targetPath - * @throws IOException - */ - public static void unzip(InputStream is, String targetPath) throws IOException { - ZipInputStream zis = new ZipInputStream(is); - ZipEntry entry; - // while there are entries I process them - while ((entry = zis.getNextEntry()) != null) { - log.debug("entry: " + entry.getName() + ", " //$NON-NLS-1$//$NON-NLS-2$ - + entry.getSize()); - // consume all the data from this entry - - if (entry.isDirectory()) { - log.debug("Extracting directory: " + entry.getName()); //$NON-NLS-1$ - - File nDir = new File(targetPath + File.separator + entry.getName()); - if(!nDir.exists()) { - if(!nDir.mkdir()) { - throw new IOException("Failed to create dir: " + entry.getName()); //$NON-NLS-1$ - } - } - continue; - } - byte[] buffer = new byte[1024]; - int len; - BufferedOutputStream out = new BufferedOutputStream( - new FileOutputStream(targetPath + File.separator + entry.getName())); - while ((len = zis.read(buffer)) >= 0) - out.write(buffer, 0, len); - - out.close(); - } - } -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/PDFSignerImpl.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/PDFSignerImpl.java index 812e6ba0..9750a0b1 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/PDFSignerImpl.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/PDFSignerImpl.java @@ -34,7 +34,7 @@ public class PDFSignerImpl implements PDFSigner { private static final Logger log = LoggerFactory .getLogger(PDFSignerImpl.class); - private Signers signer = Signator.Signers.PDFAS; + private Signers signer = Signator.Signers.PDFAS4; /* (non-Javadoc) * @see at.asit.pdfover.gui.workflow.PDFSigner#getPDFSignerType() diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigProvider.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigProvider.java index 0e3bda77..c9a8d616 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigProvider.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigProvider.java @@ -21,7 +21,7 @@ import java.util.Locale; import org.eclipse.swt.graphics.Point; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUs; +import at.asit.pdfover.gui.bku.mobile.MobileBKUs; import at.asit.pdfover.signator.BKUs; import at.asit.pdfover.signator.SignaturePosition; diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigProviderImpl.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigProviderImpl.java index 0d860ea0..b5175141 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigProviderImpl.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigProviderImpl.java @@ -30,12 +30,12 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.asit.pdfover.gui.Constants; +import at.asit.pdfover.gui.bku.mobile.MobileBKUs; import at.asit.pdfover.gui.exceptions.InvalidEmblemFile; import at.asit.pdfover.gui.exceptions.InvalidNumberException; import at.asit.pdfover.gui.exceptions.InvalidPortException; import at.asit.pdfover.gui.utils.LocaleSerializer; import at.asit.pdfover.gui.utils.Messages; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUs; import at.asit.pdfover.signator.BKUs; import at.asit.pdfover.signator.SignaturePosition; @@ -120,7 +120,7 @@ public class ConfigProviderImpl implements ConfigProvider, ConfigManipulator, setLocale(targetLocale); } - String signlocalString = config.getProperty(Constants.CFG_SIGN_LOCALE); + String signlocalString = config.getProperty(Constants.CFG_SIGNATURE_LOCALE); Locale signtargetLocale = LocaleSerializer.parseFromString(signlocalString); if (signtargetLocale != null) { @@ -311,7 +311,7 @@ public class ConfigProviderImpl implements ConfigProvider, ConfigManipulator, Locale signLocale = this.getSignLocale(); if(signLocale != null) { - props.setProperty(Constants.CFG_SIGN_LOCALE, LocaleSerializer.getParsableString(signLocale)); + props.setProperty(Constants.CFG_SIGNATURE_LOCALE, LocaleSerializer.getParsableString(signLocale)); } SignaturePosition pos = getDefaultSignaturePositionPersistent(); diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigurationContainer.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigurationContainer.java index 46ae32c6..24cd46bb 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigurationContainer.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigurationContainer.java @@ -19,10 +19,10 @@ import java.util.Locale; import org.eclipse.swt.graphics.Point; +import at.asit.pdfover.gui.bku.mobile.MobileBKUs; import at.asit.pdfover.gui.exceptions.InvalidEmblemFile; import at.asit.pdfover.gui.exceptions.InvalidNumberException; import at.asit.pdfover.gui.exceptions.InvalidPortException; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUs; import at.asit.pdfover.signator.BKUs; import at.asit.pdfover.signator.SignaturePosition; diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigurationContainerImpl.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigurationContainerImpl.java index 630b22e9..83f35b65 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigurationContainerImpl.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/ConfigurationContainerImpl.java @@ -28,12 +28,12 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.asit.pdfover.gui.Constants; +import at.asit.pdfover.gui.bku.mobile.MobileBKUHelper; +import at.asit.pdfover.gui.bku.mobile.MobileBKUs; import at.asit.pdfover.gui.exceptions.InvalidEmblemFile; import at.asit.pdfover.gui.exceptions.InvalidNumberException; import at.asit.pdfover.gui.exceptions.InvalidPortException; import at.asit.pdfover.gui.utils.Messages; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHelper; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUs; import at.asit.pdfover.signator.BKUs; import at.asit.pdfover.signator.SignaturePosition; diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/PersistentConfigProvider.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/PersistentConfigProvider.java index 9dcb38e5..9b857fa7 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/PersistentConfigProvider.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/config/PersistentConfigProvider.java @@ -19,7 +19,7 @@ import java.util.Locale; import org.eclipse.swt.graphics.Point; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUs; +import at.asit.pdfover.gui.bku.mobile.MobileBKUs; import at.asit.pdfover.signator.BKUs; import at.asit.pdfover.signator.SignaturePosition; diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/LocalBKUState.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/LocalBKUState.java index 4ca27896..3962d836 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/LocalBKUState.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/LocalBKUState.java @@ -21,24 +21,20 @@ import org.apache.commons.httpclient.HttpException; import org.apache.commons.httpclient.HttpMethod; import org.apache.commons.httpclient.HttpStatus; import org.apache.commons.httpclient.methods.PostMethod; -import org.apache.commons.httpclient.methods.multipart.FilePart; -import org.apache.commons.httpclient.methods.multipart.MultipartRequestEntity; -import org.apache.commons.httpclient.methods.multipart.Part; -import org.apache.commons.httpclient.methods.multipart.StringPart; import org.eclipse.swt.SWT; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.asit.pdfover.gui.MainWindow.Buttons; +import at.asit.pdfover.gui.Constants; import at.asit.pdfover.gui.MainWindowBehavior; +import at.asit.pdfover.gui.bku.BKUHelper; +import at.asit.pdfover.gui.bku.LocalBKUConnector; import at.asit.pdfover.gui.controls.Dialog.BUTTONS; import at.asit.pdfover.gui.controls.ErrorDialog; -import at.asit.pdfover.gui.utils.FileUploadSource; import at.asit.pdfover.gui.utils.Messages; import at.asit.pdfover.gui.workflow.StateMachine; import at.asit.pdfover.gui.workflow.Status; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHelper; -import at.asit.pdfover.signator.SLRequest; import at.asit.pdfover.signator.SLResponse; /** @@ -91,9 +87,6 @@ public class LocalBKUState extends State { private LocalBKUState state; - /** Whether to use Base64 or FileUpload Request */ - private boolean useBase64Request = false; - /** * @param localBKUState @@ -105,13 +98,10 @@ public class LocalBKUState extends State { @Override public void run() { try { - SLRequest request = this.state.signingState - .getSignatureRequest(); - HttpClient client = MobileBKUHelper.getHttpClient(); + HttpClient client = BKUHelper.getHttpClient(); - PostMethod method = new PostMethod( - "http://127.0.0.1:3495/http-security-layer-request"); //$NON-NLS-1$ + PostMethod method = new PostMethod(Constants.LOCAL_BKU_URL); String sl_request = NULL_OPERATION_REQUEST; method.addParameter("XMLRequest", sl_request); //$NON-NLS-1$ @@ -119,34 +109,11 @@ public class LocalBKUState extends State { String userAgent = getResponseHeader(method, BKU_RESPONSE_HEADER_USERAGENT); String server = getResponseHeader(method, BKU_RESPONSE_HEADER_SERVER); - if (server != null && server.contains("trustDeskbasic")) //$NON-NLS-1$ - this.useBase64Request = true; // TDB doesn't support MultiPart requests - - method = new PostMethod( - "http://127.0.0.1:3495/http-security-layer-request"); //$NON-NLS-1$ - if (this.useBase64Request) - { - sl_request = request.getBase64Request(); - method.addParameter("XMLRequest", sl_request); //$NON-NLS-1$ + if (returnCode != HttpStatus.SC_OK) { + this.state.threadException = new HttpException( + method.getResponseBodyAsString()); } else { - sl_request = request.getFileUploadRequest(); - StringPart xmlpart = new StringPart( - "XMLRequest", sl_request, "UTF-8"); //$NON-NLS-1$ //$NON-NLS-2$ - - FilePart filepart = new FilePart("fileupload", //$NON-NLS-1$ - new FileUploadSource(request.getSignatureData())); - - Part[] parts = { xmlpart, filepart }; - - method.setRequestEntity(new MultipartRequestEntity(parts, method - .getParams())); - } - //log.debug("SL REQUEST: " + sl_request); //$NON-NLS-1$ - - returnCode = client.executeMethod(method); - - if (returnCode == HttpStatus.SC_OK) { server = getResponseHeader(method, BKU_RESPONSE_HEADER_SERVER); if (server == null) server = ""; //$NON-NLS-1$ @@ -160,14 +127,10 @@ public class LocalBKUState extends State { SLResponse slResponse = new SLResponse(response, server, userAgent, signatureLayout); this.state.signingState.setSignatureResponse(slResponse); - } else { - this.state.threadException = new HttpException( - method.getResponseBodyAsString()); } - } catch (Exception e) { log.error("SignLocalBKUThread: ", e); //$NON-NLS-1$ - // + this.state.threadException = e; } finally { this.state.updateStateMachine(); @@ -206,6 +169,7 @@ public class LocalBKUState extends State { t.start(); return; } + this.signingState.setBKUConnector(new LocalBKUConnector()); if (this.threadException != null) { ErrorDialog dialog = new ErrorDialog( diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/MobileBKUState.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/MobileBKUState.java index 823edae8..4a825d17 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/MobileBKUState.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/MobileBKUState.java @@ -17,28 +17,26 @@ package at.asit.pdfover.gui.workflow.states; // Imports import org.eclipse.swt.SWT; +import org.eclipse.swt.widgets.Display; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.asit.pdfover.gui.MainWindow.Buttons; import at.asit.pdfover.gui.MainWindowBehavior; +import at.asit.pdfover.gui.bku.MobileBKUConnector; +import at.asit.pdfover.gui.bku.mobile.ATrustHandler; +import at.asit.pdfover.gui.bku.mobile.ATrustStatus; +import at.asit.pdfover.gui.bku.mobile.IAIKHandler; +import at.asit.pdfover.gui.bku.mobile.IAIKStatus; +import at.asit.pdfover.gui.bku.mobile.MobileBKUHandler; +import at.asit.pdfover.gui.bku.mobile.MobileBKUStatus; import at.asit.pdfover.gui.composites.MobileBKUEnterNumberComposite; import at.asit.pdfover.gui.composites.MobileBKUEnterTANComposite; import at.asit.pdfover.gui.composites.WaitingComposite; -import at.asit.pdfover.gui.controls.ErrorDialog; import at.asit.pdfover.gui.controls.Dialog.BUTTONS; +import at.asit.pdfover.gui.controls.ErrorDialog; import at.asit.pdfover.gui.utils.Messages; import at.asit.pdfover.gui.workflow.StateMachine; -import at.asit.pdfover.gui.workflow.states.mobilebku.ATrustHandler; -import at.asit.pdfover.gui.workflow.states.mobilebku.IAIKHandler; -import at.asit.pdfover.gui.workflow.states.mobilebku.IAIKStatus; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUCommunicationState; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler; -import at.asit.pdfover.gui.workflow.states.mobilebku.ATrustStatus; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUStatus; -import at.asit.pdfover.gui.workflow.states.mobilebku.PostCredentialsThread; -import at.asit.pdfover.gui.workflow.states.mobilebku.PostSLRequestThread; -import at.asit.pdfover.gui.workflow.states.mobilebku.PostTanThread; /** * Logical state for performing the BKU Request to the A-Trust Mobile BKU @@ -73,8 +71,6 @@ public class MobileBKUState extends State { Exception threadException = null; - MobileBKUCommunicationState communicationState = MobileBKUCommunicationState.POST_REQUEST; - MobileBKUStatus status = null; MobileBKUHandler handler = null; @@ -85,7 +81,7 @@ public class MobileBKUState extends State { WaitingComposite waitingComposite = null; - private WaitingComposite getWaitingComposite() { + WaitingComposite getWaitingComposite() { if (this.waitingComposite == null) { this.waitingComposite = getStateMachine().getGUIProvider() .createComposite(WaitingComposite.class, SWT.RESIZE, this); @@ -94,7 +90,7 @@ public class MobileBKUState extends State { return this.waitingComposite; } - private MobileBKUEnterTANComposite getMobileBKUEnterTANComposite() { + MobileBKUEnterTANComposite getMobileBKUEnterTANComposite() { if (this.mobileBKUEnterTANComposite == null) { this.mobileBKUEnterTANComposite = getStateMachine() .getGUIProvider().createComposite( @@ -104,7 +100,7 @@ public class MobileBKUState extends State { return this.mobileBKUEnterTANComposite; } - private MobileBKUEnterNumberComposite getMobileBKUEnterNumberComposite() { + MobileBKUEnterNumberComposite getMobileBKUEnterNumberComposite() { if (this.mobileBKUEnterNumberComposite == null) { this.mobileBKUEnterNumberComposite = getStateMachine() .getGUIProvider().createComposite( @@ -139,22 +135,6 @@ public class MobileBKUState extends State { return getStateMachine().getConfigProvider().getMobileBKUURL(); } - /** - * @return the communicationState - */ - public MobileBKUCommunicationState getCommunicationState() { - return this.communicationState; - } - - /** - * @param communicationState - * the communicationState to set - */ - public void setCommunicationState( - MobileBKUCommunicationState communicationState) { - this.communicationState = communicationState; - } - /** * @return the signingState */ @@ -170,93 +150,63 @@ public class MobileBKUState extends State { this.threadException = threadException; } - /* - * (non-Javadoc) + /** + * Display an error message * - * @see - * at.asit.pdfover.gui.workflow.WorkflowState#update(at.asit.pdfover.gui - * .workflow.Workflow) + * @param e + * the exception */ - @Override - public void run() { - - this.signingState = getStateMachine().getStatus().getSigningState(); + public void displayError(Exception e) { + String message = Messages.getString("error.Unexpected"); //$NON-NLS-1$ + log.error(message, e); + String errormsg = e.getLocalizedMessage(); + if (errormsg != null && !errormsg.isEmpty()) + message += ": " + errormsg; //$NON-NLS-1$ + displayError(message); + } - MobileBKUStatus mobileStatus = this.getStatus(); + /** + * Display an error message + * + * @param message + * the error message + */ + public void displayError(final String message) { + log.error(message); + Display.getDefault().syncExec(new Runnable() { + @Override + public void run() { + ErrorDialog error = new ErrorDialog(getStateMachine().getGUIProvider() + .getMainShell(), message, BUTTONS.OK); + error.open(); + } + }); + } - if (this.threadException != null) { - String message = Messages.getString("error.Unexpected"); //$NON-NLS-1$ - log.error(message, this.threadException); - String errormsg = this.threadException.getLocalizedMessage(); - if (errormsg != null && !errormsg.isEmpty()) - message += ": " + errormsg; //$NON-NLS-1$ - ErrorDialog error = new ErrorDialog( - getStateMachine().getGUIProvider().getMainShell(), - message, BUTTONS.OK); - // error.setException(this.threadException); - // this.setNextState(error); - error.open(); - getStateMachine().exit(); + /** + * Make sure phone number and password are set in the MobileBKUStatus + */ + public void checkCredentials() { + final MobileBKUStatus mobileStatus = this.getStatus(); + // check if we have everything we need! + if (mobileStatus.getPhoneNumber() != null && !mobileStatus.getPhoneNumber().isEmpty() && + mobileStatus.getMobilePassword() != null && !mobileStatus.getMobilePassword().isEmpty()) return; - } - switch (this.communicationState) { - case POST_REQUEST: - getStateMachine().getGUIProvider().display( - this.getWaitingComposite()); - Thread postSLRequestThread = new Thread( - new PostSLRequestThread(this)); - postSLRequestThread.start(); - break; - - case POST_NUMBER: - // Check if number and password is set ... - // if not show UI - // else start thread - - // check if we have everything we need! - if (mobileStatus.getPhoneNumber() != null - && !mobileStatus.getPhoneNumber().isEmpty() - && mobileStatus.getMobilePassword() != null - && !mobileStatus.getMobilePassword().isEmpty()) { - // post to bku - Thread postCredentialsThread = new Thread( - new PostCredentialsThread(this)); - postCredentialsThread.start(); - // resets password if incorrect to null - } else { - - MobileBKUEnterNumberComposite ui = this + Display.getDefault().syncExec(new Runnable() { + @Override + public void run() { + MobileBKUEnterNumberComposite ui = MobileBKUState.this .getMobileBKUEnterNumberComposite(); - - if (ui.isUserAck()) { - // user hit ok - - ui.setUserAck(false); - - // get number and password from UI - mobileStatus.setPhoneNumber(ui.getMobileNumber()); - mobileStatus.setMobilePassword(ui.getMobilePassword()); - - // show waiting composite - getStateMachine().getGUIProvider().display( - this.getWaitingComposite()); - - // post to BKU - Thread postCredentialsThread = new Thread( - new PostCredentialsThread(this)); - postCredentialsThread.start(); - - } else { + + if (!ui.isUserAck()) { // We need number and password => show UI! - if (mobileStatus.getErrorMessage() != null && !mobileStatus.getErrorMessage().isEmpty()) { // set possible error message ui.setErrorMessage(mobileStatus.getErrorMessage()); mobileStatus.setErrorMessage(null); } - if (ui.getMobileNumber() == null || ui.getMobileNumber().isEmpty()) { @@ -271,17 +221,64 @@ public class MobileBKUState extends State { } ui.enableButton(); getStateMachine().getGUIProvider().display(ui); + + Display display = getStateMachine().getGUIProvider().getMainShell().getDisplay(); + while (!ui.isUserAck()) { + if (!display.readAndDispatch()) { + display.sleep(); + } + } } - } - break; - case POST_TAN: - // Get TAN from UI + // user hit ok + ui.setUserAck(false); - MobileBKUEnterTANComposite tan = this - .getMobileBKUEnterTANComposite(); + // get number and password from UI + mobileStatus.setPhoneNumber(ui.getMobileNumber()); + mobileStatus.setMobilePassword(ui.getMobilePassword()); + + // show waiting composite + getStateMachine().getGUIProvider().display( + MobileBKUState.this.getWaitingComposite()); + } + }); + } + + /** + * Make sure TAN is set in the MobileBKUStatus + */ + public void checkTAN() { + final MobileBKUStatus mobileStatus = this.getStatus(); + + Display.getDefault().syncExec(new Runnable() { + @Override + public void run() { + MobileBKUEnterTANComposite tan = MobileBKUState.this + .getMobileBKUEnterTANComposite(); + + if (!tan.isUserAck()) { + // we need the TAN + tan.setRefVal(mobileStatus.getRefVal()); + tan.setSignatureData(mobileStatus.getSignatureDataURL()); + tan.setErrorMessage(mobileStatus.getErrorMessage()); + if (mobileStatus.getTanTries() < mobileStatus.getMaxTanTries() + && mobileStatus.getTanTries() > 0) { + // show warning message x tries left! + // overrides error message + + tan.setTries(mobileStatus.getTanTries()); + } + tan.enableButton(); + getStateMachine().getGUIProvider().display(tan); + + Display display = getStateMachine().getGUIProvider().getMainShell().getDisplay(); + while (!tan.isUserAck()) { + if (!display.readAndDispatch()) { + display.sleep(); + } + } + } - if (tan.isUserAck()) { // user hit ok! tan.setUserAck(false); @@ -289,36 +286,44 @@ public class MobileBKUState extends State { // show waiting composite getStateMachine().getGUIProvider().display( - this.getWaitingComposite()); - - // post to BKU! - Thread postTanThread = new Thread(new PostTanThread(this)); - postTanThread.start(); - - } else { - tan.setRefVal(mobileStatus.getRefVal()); - tan.setSignatureData(mobileStatus.getSignatureDataURL()); - tan.setErrorMessage(mobileStatus.getErrorMessage()); - if (mobileStatus.getTanTries() < mobileStatus.getMaxTanTries() - && mobileStatus.getTanTries() > 0) { - // show warning message x tries left! - // overrides error message - - tan.setTries(mobileStatus.getTanTries()); - } - tan.enableButton(); - getStateMachine().getGUIProvider().display(tan); + MobileBKUState.this.getWaitingComposite()); } - break; + }); + } + + /* + * (non-Javadoc) + * + * @see + * at.asit.pdfover.gui.workflow.WorkflowState#update(at.asit.pdfover.gui + * .workflow.Workflow) + */ + @Override + public void run() { + this.signingState = getStateMachine().getStatus().getSigningState(); - case FINAL: - this.setNextState(new SigningState(getStateMachine())); - break; + this.signingState.setBKUConnector(new MobileBKUConnector(this)); - case CANCEL: - this.setNextState(new BKUSelectionState(getStateMachine())); - break; + if (this.threadException != null) { + String message = Messages.getString("error.Unexpected"); //$NON-NLS-1$ + log.error(message, this.threadException); + String errormsg = this.threadException.getLocalizedMessage(); + if (errormsg != null && !errormsg.isEmpty()) + message += ": " + errormsg; //$NON-NLS-1$ + ErrorDialog error = new ErrorDialog( + getStateMachine().getGUIProvider().getMainShell(), + message, BUTTONS.OK); + // error.setException(this.threadException); + // this.setNextState(error); + error.open(); + getStateMachine().exit(); + return; } + + getStateMachine().getGUIProvider().display( + this.getWaitingComposite()); + + this.setNextState(new SigningState(getStateMachine())); } /* diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/PrepareConfigurationState.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/PrepareConfigurationState.java index 63c54c71..70895bfb 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/PrepareConfigurationState.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/PrepareConfigurationState.java @@ -34,6 +34,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.asit.pdfover.gui.Constants; +import at.asit.pdfover.gui.bku.BKUHelper; import at.asit.pdfover.gui.cliarguments.ArgumentHandler; import at.asit.pdfover.gui.cliarguments.AutomaticPositioningArgument; import at.asit.pdfover.gui.cliarguments.BKUArgument; @@ -58,7 +59,6 @@ import at.asit.pdfover.gui.utils.Messages; import at.asit.pdfover.gui.utils.Unzipper; import at.asit.pdfover.gui.utils.VersionComparator; import at.asit.pdfover.gui.workflow.StateMachine; -import at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHelper; import at.asit.pdfover.signator.Signator; /** @@ -340,7 +340,7 @@ public class PrepareConfigurationState extends State { // Check for updates if (getStateMachine().getConfigProvider().getUpdateCheck() && Constants.APP_VERSION != null) { - HttpClient client = MobileBKUHelper.getHttpClient(); + HttpClient client = BKUHelper.getHttpClient(); GetMethod method = new GetMethod(Constants.CURRENT_RELEASE_URL); try { client.executeMethod(method); @@ -370,7 +370,7 @@ public class PrepareConfigurationState extends State { // Set usedSignerLib ... getStateMachine().getPDFSigner().setUsedPDFSignerLibrary( - Signator.Signers.PDFAS); + Signator.Signers.PDFAS4); // Create PDF Signer getStateMachine().getStatus().setBKU( diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/SigningState.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/SigningState.java index ab77881a..66680fc8 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/SigningState.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/SigningState.java @@ -16,18 +16,21 @@ package at.asit.pdfover.gui.workflow.states; //Imports +import java.net.ConnectException; + import org.eclipse.swt.SWT; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import at.asit.pdfover.gui.controls.ErrorDialog; +import at.asit.pdfover.gui.MainWindowBehavior; +import at.asit.pdfover.gui.MainWindow.Buttons; import at.asit.pdfover.gui.controls.Dialog.BUTTONS; +import at.asit.pdfover.gui.controls.ErrorDialog; import at.asit.pdfover.gui.utils.Messages; import at.asit.pdfover.gui.workflow.StateMachine; import at.asit.pdfover.gui.workflow.Status; import at.asit.pdfover.signator.SignatureException; import at.asit.pdfover.signator.Signer; -import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException; /** * Logical state for signing process, usually show BKU Dialog during this state. @@ -92,9 +95,17 @@ public class SigningState extends State { if(this.threadException != null) { String message = Messages.getString("error.Signatur"); //$NON-NLS-1$ if (this.threadException instanceof SignatureException) { - Throwable cause = this.threadException.getCause(); - if (cause instanceof ConnectorException) + Throwable cause = this.threadException; + while (cause.getCause() != null) + cause = cause.getCause(); + if (cause instanceof ConnectException) message += ": " + cause.getMessage(); //$NON-NLS-1$ + if (cause instanceof IllegalStateException) { + // Dummy exception - don't display error, go back to BKU Selection + this.setNextState(new BKUSelectionState(getStateMachine())); + return; + } + } ErrorDialog error = new ErrorDialog(getStateMachine().getGUIProvider().getMainShell(), message, BUTTONS.RETRY_CANCEL); diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/ATrustHandler.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/ATrustHandler.java deleted file mode 100644 index 70502e64..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/ATrustHandler.java +++ /dev/null @@ -1,223 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -// Imports -import java.io.IOException; - -import org.apache.commons.httpclient.HttpClient; -import org.apache.commons.httpclient.methods.PostMethod; -import org.eclipse.swt.SWT; -import org.eclipse.swt.widgets.Display; -import org.eclipse.swt.widgets.Shell; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asit.pdfover.gui.controls.Dialog; -import at.asit.pdfover.gui.controls.Dialog.BUTTONS; -import at.asit.pdfover.gui.controls.Dialog.ICON; -import at.asit.pdfover.gui.utils.Messages; -import at.asit.pdfover.gui.workflow.states.MobileBKUState; -import at.asit.pdfover.signator.SLResponse; - -/** - * A-Trust mobile BKU handler - */ -public class ATrustHandler extends MobileBKUHandler { - Shell shell; - - /** - * @param state - * @param shell - */ - public ATrustHandler(MobileBKUState state, Shell shell) { - super(state); - this.shell = shell; - } - - /** - * SLF4J Logger instance - **/ - private static final Logger log = LoggerFactory - .getLogger(ATrustHandler.class); - - /* (non-Javadoc) - * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#handleSLRequestResponse(java.lang.String) - */ - @Override - public void handleSLRequestResponse(String responseData) throws Exception { - ATrustStatus status = getStatus(); - - // Extract infos: - String sessionID = MobileBKUHelper.extractTag(responseData, - "identification.aspx?sid=", "\""); //$NON-NLS-1$ //$NON-NLS-2$ - - String viewState = MobileBKUHelper.extractTag(responseData, - "id=\"__VIEWSTATE\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ - - String eventValidation = MobileBKUHelper.extractTag(responseData, - "id=\"__EVENTVALIDATION\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ - - log.info("sessionID: " + sessionID); //$NON-NLS-1$ - log.info("viewState: " + viewState); //$NON-NLS-1$ - log.info("eventValidation: " + eventValidation); //$NON-NLS-1$ - - status.setSessionID(sessionID); - - status.setViewstate(viewState); - - status.setEventvalidation(eventValidation); - } - - /* (non-Javadoc) - * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#postCredentials() - */ - @Override - public String postCredentials() throws Exception { - ATrustStatus status = getStatus(); - - MobileBKUHelper.registerTrustedSocketFactory(); - HttpClient client = MobileBKUHelper.getHttpClient(); - - PostMethod post = new PostMethod(status.getBaseURL() + "/identification.aspx?sid=" + status.getSessionID()); //$NON-NLS-1$ - post.getParams().setContentCharset("utf-8"); //$NON-NLS-1$ - post.addParameter("__VIEWSTATE", status.getViewstate()); //$NON-NLS-1$ - post.addParameter("__EVENTVALIDATION", status.getEventvalidation()); //$NON-NLS-1$ - post.addParameter("handynummer", status.getPhoneNumber()); //$NON-NLS-1$ - post.addParameter("signaturpasswort", status.getMobilePassword()); //$NON-NLS-1$ - post.addParameter("Button_Identification", "Identifizieren"); //$NON-NLS-1$ //$NON-NLS-2$ - - return executePost(client, post); - } - - /* (non-Javadoc) - * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#handleCredentialsResponse(java.lang.String) - */ - @Override - public void handleCredentialsResponse(String responseData) throws Exception { - ATrustStatus status = getStatus(); - String viewState = status.getViewstate(); - String eventValidation = status.getEventvalidation(); - String sessionID = status.getSessionID(); - String refVal = null; - String signatureDataURL = null; - - status.setErrorMessage(null); - - if(responseData.contains("signature.aspx?sid=")) { //$NON-NLS-1$ - // credentials ok! TAN entry - sessionID = MobileBKUHelper.extractTag(responseData, "signature.aspx?sid=", "\""); //$NON-NLS-1$ //$NON-NLS-2$ - viewState = MobileBKUHelper.extractTag(responseData, "id=\"__VIEWSTATE\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ - eventValidation = MobileBKUHelper.extractTag(responseData, "id=\"__EVENTVALIDATION\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ - refVal = MobileBKUHelper.extractTag(responseData, "id='vergleichswert'>Vergleichswert:", ""); //$NON-NLS-1$//$NON-NLS-2$ - signatureDataURL = status.getBaseURL() + "/ShowSigobj.aspx" + //$NON-NLS-1$ - MobileBKUHelper.extractTag(responseData, "ShowSigobj.aspx", "'"); //$NON-NLS-1$//$NON-NLS-2$ - - getState().setCommunicationState(MobileBKUCommunicationState.POST_TAN); - } else { - // error page - // extract error text! - String errorMessage = MobileBKUHelper.extractTag(responseData, "", ""); //$NON-NLS-1$ //$NON-NLS-2$ - - status.setErrorMessage(errorMessage); - - // force UI again! - status.setMobilePassword(null); - } - - log.info("sessionID: " + sessionID); //$NON-NLS-1$ - log.info("Vergleichswert: " + refVal); //$NON-NLS-1$ - log.info("viewState: " + viewState); //$NON-NLS-1$ - log.info("eventValidation: " + eventValidation); //$NON-NLS-1$ - log.info("signatureDataURL: " + signatureDataURL); //$NON-NLS-1$ - - status.setSessionID(sessionID); - status.setRefVal(refVal); - status.setViewstate(viewState); - status.setEventvalidation(eventValidation); - status.setSignatureDataURL(signatureDataURL); - } - - /* (non-Javadoc) - * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#postTAN() - */ - @Override - public String postTAN() throws IOException { - ATrustStatus status = getStatus(); - - MobileBKUHelper.registerTrustedSocketFactory(); - HttpClient client = MobileBKUHelper.getHttpClient(); - - PostMethod post = new PostMethod(status.getBaseURL() - + "/signature.aspx?sid=" + status.getSessionID()); //$NON-NLS-1$ - post.getParams().setContentCharset("utf-8"); //$NON-NLS-1$ - post.addParameter("__VIEWSTATE", status.getViewstate()); //$NON-NLS-1$ - post.addParameter( - "__EVENTVALIDATION", status.getEventvalidation()); //$NON-NLS-1$ - post.addParameter("input_tan", status.getTan()); //$NON-NLS-1$ - post.addParameter("SignButton", "Signieren"); //$NON-NLS-1$ //$NON-NLS-2$ - post.addParameter("Button1", "Identifizieren"); //$NON-NLS-1$ //$NON-NLS-2$ - - return executePost(client, post); - } - - /* (non-Javadoc) - * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#handleTANResponse(java.lang.String) - */ - @Override - public void handleTANResponse(String responseData) { - getStatus().setErrorMessage(null); - if (responseData.contains("sl:CreateXMLSignatureResponse xmlns:sl")) { //$NON-NLS-1$ - // success !! - - getSigningState().setSignatureResponse( - new SLResponse(responseData, getStatus().getServer(), null, null)); - getState().setCommunicationState(MobileBKUCommunicationState.FINAL); - } else { - try { - String tries = MobileBKUHelper.extractTag( - responseData, "Sie haben noch", "Versuch"); //$NON-NLS-1$ //$NON-NLS-2$ - getStatus().setTanTries(Integer.parseInt(tries.trim())); - } catch (Exception e) { - getStatus().setTanTries(getStatus().getTanTries() - 1); - log.debug("Error parsing TAN response", e); //$NON-NLS-1$ - } - - if (getStatus().getTanTries() <= 0) { - Display.getDefault().syncExec(new Runnable() { - @Override - public void run() { - Dialog dialog = new Dialog(ATrustHandler.this.shell, Messages.getString("common.warning"), //$NON-NLS-1$ - Messages.getString("mobileBKU.tan_tries_exceeded"), //$NON-NLS-1$ - BUTTONS.OK_CANCEL, ICON.QUESTION); - if (dialog.open() == SWT.CANCEL) { - // Cancel - getState().setCommunicationState(MobileBKUCommunicationState.CANCEL); - } else { - // move to POST_REQUEST again - getState().setCommunicationState(MobileBKUCommunicationState.POST_REQUEST); - } - } - }); - } - } - } - - @Override - public ATrustStatus getStatus() { - return (ATrustStatus) getState().getStatus(); - } -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/ATrustStatus.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/ATrustStatus.java deleted file mode 100644 index c4705227..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/ATrustStatus.java +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -// Imports -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asit.pdfover.gui.workflow.config.ConfigProvider; - -/** - * A-Trust MobileBKUStatus implementation - */ -public class ATrustStatus extends AbstractMobileBKUStatusImpl { - /** - * SLF4J Logger instance - **/ - @SuppressWarnings("unused") - private static final Logger log = LoggerFactory - .getLogger(ATrustStatus.class); - - /** Maximum number of TAN tries */ - public static final int MOBILE_MAX_TAN_TRIES = 3; - - private String viewstate; - private String eventvalidation; - - /** - * Constructor - * @param provider the ConfigProvider - */ - public ATrustStatus(ConfigProvider provider) { - setPhoneNumber(provider.getDefaultMobileNumber()); - setMobilePassword(provider.getDefaultMobilePassword()); - } - - /* (non-Javadoc) - * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUStatus#getMaxTanTries() - */ - @Override - public int getMaxTanTries() { - return MOBILE_MAX_TAN_TRIES; - } - - /** - * @return the viewstate - */ - public String getViewstate() { - return this.viewstate; - } - - /** - * @param viewstate - * the viewstate to set - */ - public void setViewstate(String viewstate) { - this.viewstate = viewstate; - } - - /** - * @return the eventvalidation - */ - public String getEventvalidation() { - return this.eventvalidation; - } - - /** - * @param eventvalidation the eventvalidation to set - */ - public void setEventvalidation(String eventvalidation) { - this.eventvalidation = eventvalidation; - } -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/AbstractMobileBKUStatusImpl.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/AbstractMobileBKUStatusImpl.java deleted file mode 100644 index 37b99fba..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/AbstractMobileBKUStatusImpl.java +++ /dev/null @@ -1,138 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -/** - * Basic implementation of a MobileBKUStatus - */ -public abstract class AbstractMobileBKUStatusImpl implements MobileBKUStatus { - - private String sessionID; - private String phoneNumber; - private String mobilePassword; - private String baseURL; - private String refVal; - private String errorMessage; - private String tan; - private String server; - private String signatureDataURL; - private int tanTries = getMaxTanTries(); - - @Override - public int getTanTries() { - return this.tanTries; - } - - @Override - public void setTanTries(int tries) { - this.tanTries = tries; - } - - @Override - public String getTan() { - return this.tan; - } - - @Override - public void setTan(String tan) { - this.tan = tan; - } - - @Override - public String getErrorMessage() { - return this.errorMessage; - } - - @Override - public void setErrorMessage(String errorMessage) { - this.errorMessage = errorMessage; - } - - @Override - public String getRefVal() { - return this.refVal; - } - - @Override - public void setRefVal(String refVal) { - this.refVal = refVal; - } - - @Override - public String getBaseURL() { - return this.baseURL; - } - - @Override - public void setBaseURL(String baseURL) { - this.baseURL = baseURL; - } - - @Override - public String getPhoneNumber() { - return this.phoneNumber; - } - - @Override - public void setPhoneNumber(String phoneNumber) { - this.phoneNumber = phoneNumber; - } - - @Override - public String getMobilePassword() { - return this.mobilePassword; - } - - @Override - public void setMobilePassword(String mobilePassword) { - this.mobilePassword = mobilePassword; - } - - @Override - public String getSessionID() { - return this.sessionID; - } - - @Override - public void setSessionID(String sessionID) { - this.sessionID = sessionID; - } - - @Override - public String getServer() { - return this.server; - } - - @Override - public void setServer(String server) { - this.server = server; - } - - @Override - public String getSignatureDataURL() { - return this.signatureDataURL; - } - - @Override - public void setSignatureDataURL(String signatureDataURL) { - this.signatureDataURL = signatureDataURL; - } - - @Override - public String ensureSessionID(String url) { - return url; - } -} \ No newline at end of file diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/IAIKHandler.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/IAIKHandler.java deleted file mode 100644 index 21f5e318..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/IAIKHandler.java +++ /dev/null @@ -1,305 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -// Imports -import java.io.IOException; -import java.net.URL; - -import org.apache.commons.httpclient.HttpClient; -import org.apache.commons.httpclient.HttpException; -import org.apache.commons.httpclient.HttpStatus; -import org.apache.commons.httpclient.methods.GetMethod; -import org.apache.commons.httpclient.methods.PostMethod; -import org.eclipse.swt.SWT; -import org.eclipse.swt.widgets.Display; -import org.eclipse.swt.widgets.Shell; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asit.pdfover.gui.controls.Dialog; -import at.asit.pdfover.gui.controls.Dialog.BUTTONS; -import at.asit.pdfover.gui.controls.Dialog.ICON; -import at.asit.pdfover.gui.utils.Messages; -import at.asit.pdfover.gui.workflow.states.MobileBKUState; -import at.asit.pdfover.signator.SLResponse; - -/** - * - */ -public class IAIKHandler extends MobileBKUHandler { - /** - * SLF4J Logger instance - **/ - private static final Logger log = LoggerFactory - .getLogger(IAIKHandler.class); - - Shell shell; - - /** - * Constructor - * @param state the MobileBKUState - * @param shell the Shell - */ - public IAIKHandler(MobileBKUState state, Shell shell) { - super(state); - this.shell = shell; - } - - /* (non-Javadoc) - * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#handleSLRequestResponse(java.lang.String) - */ - @Override - public void handleSLRequestResponse(String responseData) throws Exception { - IAIKStatus status = getStatus(); - - // Extract infos: - String credentialURL = MobileBKUHelper.extractTag(responseData, - "name=\"userCredLogon\" method=\"post\" action=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ - URL baseURL = new URL(status.getBaseURL()); - int p = baseURL.getPort(); - String port = ((p != -1) && (p != baseURL.getDefaultPort())) ? ":" + p : ""; //$NON-NLS-1$ //$NON-NLS-2$ - credentialURL = baseURL.getProtocol() + "://" + baseURL.getHost() + port + //$NON-NLS-1$ - (credentialURL.startsWith("/") ? "" : "/") + credentialURL; //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ - - String viewState = MobileBKUHelper.extractTag(responseData, - "id=\"javax.faces.ViewState\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ - - String sessionID = credentialURL.substring(credentialURL.indexOf("jsessionid=") + 11); //$NON-NLS-1$ - - log.info("credentialURL: " + credentialURL); //$NON-NLS-1$ - log.info("sessionID: " + sessionID); //$NON-NLS-1$ - log.info("viewState: " + viewState); //$NON-NLS-1$ - - status.setBaseURL(credentialURL); - status.setSessionID(sessionID); - status.setViewState(viewState); - } - - /* (non-Javadoc) - * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#postCredentials() - */ - @Override - public String postCredentials() throws Exception { - IAIKStatus status = getStatus(); - - MobileBKUHelper.registerTrustedSocketFactory(); - HttpClient client = MobileBKUHelper.getHttpClient(); - - PostMethod post = new PostMethod(status.getBaseURL()); - post.getParams().setContentCharset("utf-8"); //$NON-NLS-1$ - post.addParameter("javax.faces.ViewState", status.getViewState()); //$NON-NLS-1$ - post.addParameter("userCredLogon:phoneNR", status.getPhoneNumber()); //$NON-NLS-1$ - post.addParameter("userCredLogon:pwd", status.getMobilePassword()); //$NON-NLS-1$ - post.addParameter("userCredLogon:logonButton", "userCredLogon:logonButton"); //$NON-NLS-1$ //$NON-NLS-2$ - post.addParameter("javax.faces.partial.ajax", "true"); //$NON-NLS-1$ //$NON-NLS-2$ - post.addParameter("javax.faces.source", "userCredLogon:logonButton"); //$NON-NLS-1$ //$NON-NLS-2$ - post.addParameter("javax.faces.partial.execute", "@all"); //$NON-NLS-1$ //$NON-NLS-2$ - post.addParameter("javax.faces.partial.render", "userCredLogon:errorMessagePanel userCredLogon:errorMessage"); //$NON-NLS-1$ //$NON-NLS-2$ - post.addParameter("userCredLogon", "userCredLogon"); //$NON-NLS-1$ //$NON-NLS-2$ - post.addParameter("userCredLogon:j_idt20_input", "de"); //$NON-NLS-1$ //$NON-NLS-2$ - - return executePost(client, post); -} - - /* (non-Javadoc) - * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUHandler#handleCredentialsResponse(java.lang.String) - */ - @Override - public void handleCredentialsResponse(String responseData) throws Exception { - IAIKStatus status = getStatus(); - - String refVal = null; - String signatureDataURL = null; - - status.setErrorMessage(null); - - if (!responseData.contains("referenceValueLogon.jsf")) { //$NON-NLS-1$ - // Assume that an error occurred - - String errorMessage; - try { - errorMessage = MobileBKUHelper.extractTag(responseData, ":errorMessage\">", ""); //$NON-NLS-1$ //$NON-NLS-2$ - } catch (Exception e) { - errorMessage = Messages.getString("error.Unexpected"); //$NON-NLS-1$ - } - status.setErrorMessage(errorMessage); - - // force UI again! - status.setMobilePassword(null); - return; - } - - HttpClient client = MobileBKUHelper.getHttpClient(); - - String redirectURL = status.getBaseURL().substring(0, - status.getBaseURL().lastIndexOf('/', - status.getBaseURL().lastIndexOf('/') - 1) + 1); //Cut off last directory - redirectURL += MobileBKUHelper.extractTag(responseData, - "redirection_url\":\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ - redirectURL = status.ensureSessionID(redirectURL); - - responseData = getRedirect(client, redirectURL); - - refVal = MobileBKUHelper.extractTag(responseData, - "id=\"j_idt6:refValue\" class=\"strong\">", "", ""); //$NON-NLS-1$ //$NON-NLS-2$ - getStatus().setErrorMessage(errorMessage); - } catch (Exception e) { - // Assume that wrong TAN was entered too many times - Display.getDefault().syncExec(new Runnable() { - @Override - public void run() { - Dialog dialog = new Dialog(IAIKHandler.this.shell, Messages.getString("common.warning"), //$NON-NLS-1$ - Messages.getString("mobileBKU.tan_tries_exceeded"), //$NON-NLS-1$ - BUTTONS.OK_CANCEL, ICON.QUESTION); - if (dialog.open() == SWT.CANCEL) { - // Cancel - getState().setCommunicationState(MobileBKUCommunicationState.CANCEL); - } else { - // move to POST_REQUEST again - getState().setCommunicationState(MobileBKUCommunicationState.POST_REQUEST); - } - } - }); - } - } - } - - @Override - public IAIKStatus getStatus() { - return (IAIKStatus) getState().getStatus(); - } - - private String getRedirect(HttpClient client, String redirectURL) throws HttpException, IOException { - redirectURL = getStatus().ensureSessionID(redirectURL); - log.debug("Sending get request to URL " + redirectURL); //$NON-NLS-1$ - - GetMethod get = new GetMethod(redirectURL); - int returnCode = client.executeMethod(get); - if (returnCode != HttpStatus.SC_OK) { - throw new HttpException(HttpStatus.getStatusText(returnCode)); - } - String responseData = get.getResponseBodyAsString(); - log.debug("Response: " + responseData); //$NON-NLS-1$ - return responseData; - } -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/IAIKStatus.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/IAIKStatus.java deleted file mode 100644 index 52aacf82..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/IAIKStatus.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -// Imports -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asit.pdfover.gui.workflow.config.ConfigProvider; - -/** - * IAIK MobileBKUStatus implementation - */ -public class IAIKStatus extends AbstractMobileBKUStatusImpl { - /** - * SLF4J Logger instance - **/ - @SuppressWarnings("unused") - private static final Logger log = LoggerFactory.getLogger(IAIKStatus.class); - - /** Maximum number of TAN tries */ - public static final int MOBILE_MAX_TAN_TRIES = 3; - - private String viewState; - - /** - * Constructor - * @param provider the ConfigProvider - */ - public IAIKStatus(ConfigProvider provider) { - setPhoneNumber(provider.getDefaultMobileNumber()); - setMobilePassword(provider.getDefaultMobilePassword()); - } - - /* (non-Javadoc) - * @see at.asit.pdfover.gui.workflow.states.mobilebku.MobileBKUStatus#getMaxTanTries() - */ - @Override - public int getMaxTanTries() { - return MOBILE_MAX_TAN_TRIES; - } - - /** - * @return the viewstate - */ - public String getViewState() { - return this.viewState; - } - - /** - * @param viewState - * the viewState to set - */ - public void setViewState(String viewState) { - this.viewState = viewState; - } - - @Override - public String ensureSessionID(String url) - { - if (url.contains("jsessionid=")) //$NON-NLS-1$ - return url; - - url += ";jsessionid=" + getSessionID(); //$NON-NLS-1$ - return url; - } -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUCommunicationState.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUCommunicationState.java deleted file mode 100644 index de6e777c..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUCommunicationState.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -/** - * Communication states for Mobile BKU - */ -public enum MobileBKUCommunicationState { - - /** POST SL Request to A-Trust BKU */ - POST_REQUEST, - - /** POST User informations (number, password) to A-Trust BKU */ - POST_NUMBER, - - /** POST tan to A-Trust BKU and retrieve SL Response */ - POST_TAN, - - /** Final state */ - FINAL, - - /** Cancel state */ - CANCEL -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUHandler.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUHandler.java deleted file mode 100644 index e9cee855..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUHandler.java +++ /dev/null @@ -1,252 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; - -import org.apache.commons.httpclient.Header; -import org.apache.commons.httpclient.HttpClient; -import org.apache.commons.httpclient.HttpException; -import org.apache.commons.httpclient.HttpStatus; -import org.apache.commons.httpclient.methods.GetMethod; -import org.apache.commons.httpclient.methods.PostMethod; -import org.apache.commons.httpclient.methods.multipart.FilePart; -import org.apache.commons.httpclient.methods.multipart.MultipartRequestEntity; -import org.apache.commons.httpclient.methods.multipart.Part; -import org.apache.commons.httpclient.methods.multipart.StringPart; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asit.pdfover.gui.utils.FileUploadSource; -import at.asit.pdfover.gui.workflow.states.LocalBKUState; -import at.asit.pdfover.gui.workflow.states.MobileBKUState; -import at.asit.pdfover.signator.SLRequest; -import at.asit.pdfover.signator.SigningState; - -/** - * A mobile BKU Handler - */ -public abstract class MobileBKUHandler { - /** - * SLF4J Logger instance - **/ - static final Logger log = LoggerFactory - .getLogger(MobileBKUHandler.class); - - private MobileBKUState state; - - /** - * Constructor - * @param state the MobileBKUState - */ - public MobileBKUHandler(MobileBKUState state) - { - this.state = state; - } - - /** - * Post the SL request - * @param mobileBKUUrl mobile BKU URL - * @return the response - * @throws IOException IO error - */ - public String postSLRequest(String mobileBKUUrl) throws IOException { - /* - * String sl_request = this.state.getSigningState() - * .getSignatureRequest().getBase64Request(); - */ - String sl_request = getSignatureRequest().getFileUploadRequest(); - - log.debug("SL Request: " + sl_request); //$NON-NLS-1$ - - MobileBKUHelper.registerTrustedSocketFactory(); - HttpClient client = MobileBKUHelper.getHttpClient(); - - PostMethod post = new PostMethod(mobileBKUUrl); - - //method.addParameter("XMLRequest", sl_request); //$NON-NLS-1$ - - StringPart xmlpart = new StringPart( - "XMLRequest", sl_request, "UTF-8"); //$NON-NLS-1$ //$NON-NLS-2$ - - FilePart filepart = new FilePart("fileupload", //$NON-NLS-1$ - new FileUploadSource(getSignatureRequest().getSignatureData())); - - Part[] parts = { xmlpart, filepart }; - - post.setRequestEntity(new MultipartRequestEntity(parts, post - .getParams())); - - getState().getStatus().setBaseURL( - MobileBKUHelper.stripQueryString(mobileBKUUrl)); - - return executePost(client, post); - } - - /** - * Handle the response to the SL request post - * @param responseData response data - * @throws Exception Error during handling - */ - public abstract void handleSLRequestResponse(String responseData) throws Exception; - - - /** - * Post the credentials - * @return the response - * @throws Exception Error during posting - */ - public abstract String postCredentials() throws Exception; - - /** - * Handle the response to credentials post - * @param responseData response data - * @throws Exception Error during handling - */ - public abstract void handleCredentialsResponse(String responseData) throws Exception; - - /** - * Post the TAN - * @return the response - * @throws Exception Error during posting - */ - public abstract String postTAN() throws Exception; - - /** - * Handle the response to TAN post - * @param responseData response data - * @throws Exception Error during handling - */ - public abstract void handleTANResponse(String responseData) throws Exception; - - /** - * Get the MobileBKUState - * @return the MobileBKUState - */ - protected MobileBKUState getState() { - return this.state; - } - - /** - * Get the MobileBKUStatus - * @return the MobileBKUStatus - */ - protected MobileBKUStatus getStatus() { - return this.state.getStatus(); - } - - /** - * Get the SigningState - * @return the SigningState - */ - protected SigningState getSigningState() { - return getState().getSigningState(); - } - - /** - * Get the SLRequest - * @return the SLRequest - */ - private SLRequest getSignatureRequest() { - return getSigningState().getSignatureRequest(); - } - - /** - * Execute a post to the mobile BKU, following redirects - * @param client the HttpClient - * @param post the PostMethod - * @return the response - * @throws IOException IO error - */ - protected String executePost(HttpClient client, PostMethod post) throws IOException { - if (log.isDebugEnabled()) { - String req; - if (post.getRequestEntity().getContentLength() < 1024) { - ByteArrayOutputStream os = new ByteArrayOutputStream(); - post.getRequestEntity().writeRequest(os); - req = os.toString(); - if (req.contains("passwort=")) //$NON-NLS-1$ - req = req.replaceAll("passwort=[^&]*", "passwort=******"); //$NON-NLS-1$ //$NON-NLS-2$ - if (req.contains(":pwd=")) //$NON-NLS-1$ - req = req.replaceAll(":pwd=[^&]*", ":pwd=******"); //$NON-NLS-1$ //$NON-NLS-2$ - os.close(); - } else { - req = post.getRequestEntity().getContentLength() + " bytes"; //$NON-NLS-1$ - } - log.debug("Posting to " + post.getURI() + ": " + req); //$NON-NLS-1$ //$NON-NLS-2$ - } - int returnCode = client.executeMethod(post); - - String redirectLocation = null; - - GetMethod get = null; - - String responseData = null; - - String server = null; - - // Follow redirects - do { - // check return code - if (returnCode == HttpStatus.SC_MOVED_TEMPORARILY || - returnCode == HttpStatus.SC_MOVED_PERMANENTLY) { - - Header locationHeader = post.getResponseHeader("location"); //$NON-NLS-1$ - if (locationHeader != null) { - redirectLocation = locationHeader.getValue(); - } else { - throw new IOException( - "Got HTTP 302 but no location to follow!"); //$NON-NLS-1$ - } - } else if (returnCode == HttpStatus.SC_OK) { - if (get != null) { - responseData = get.getResponseBodyAsString(); - - Header serverHeader = get.getResponseHeader( - LocalBKUState.BKU_RESPONSE_HEADER_SERVER); - if (serverHeader != null) - server = serverHeader.getValue(); - } else { - responseData = post.getResponseBodyAsString(); - - Header serverHeader = post.getResponseHeader( - LocalBKUState.BKU_RESPONSE_HEADER_SERVER); - if (serverHeader != null) - server = serverHeader.getValue(); - } - redirectLocation = null; - } else { - throw new HttpException( - HttpStatus.getStatusText(returnCode)); - } - - if (redirectLocation != null) { - redirectLocation = getStatus().ensureSessionID(redirectLocation); - log.debug("Redirected to " + redirectLocation); //$NON-NLS-1$ - get = new GetMethod(redirectLocation); - get.setFollowRedirects(true); - returnCode = client.executeMethod(get); - } - } while (redirectLocation != null); - - getStatus().setServer(server); - if (server != null) - log.info("Server: " + server); //$NON-NLS-1$ - - return responseData; - } -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUHelper.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUHelper.java deleted file mode 100644 index d4c510e1..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUHelper.java +++ /dev/null @@ -1,188 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -// Imports -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -import org.apache.commons.httpclient.HttpClient; -import org.apache.commons.httpclient.UsernamePasswordCredentials; -import org.apache.commons.httpclient.auth.AuthScope; -import org.apache.commons.httpclient.protocol.Protocol; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asit.pdfover.gui.Constants; -import at.asit.pdfover.gui.exceptions.InvalidNumberException; -import at.asit.pdfover.gui.exceptions.InvalidPasswordException; -import at.asit.pdfover.gui.exceptions.PasswordTooLongException; -import at.asit.pdfover.gui.exceptions.PasswordTooShortException; - -/** - * - */ -public class MobileBKUHelper { - /** - * SLF4J Logger instance - **/ - private static final Logger log = LoggerFactory - .getLogger(MobileBKUHelper.class); - - /** - * Regular expression for mobile phone numbers: this allows the entry of - * mobile numbers in the following formats: - * - * +(countryCode)99999999999 00(countryCode)99999999999 099999999999 - * 1030199999999999 (A-Trust Test bku) - */ - private static final String NUMBER_REGEX = "^((\\+[\\d]{2})|(00[\\d]{2})|(0)|(10301))([1-9][\\d]+)$"; //$NON-NLS-1$ - - /** - * Extracts a substring from data starting after start and ending with end - * - * @param data - * the whole data string - * @param start - * the start marker - * @param end - * the end marker - * @return the substring - * @throws Exception - */ - public static String extractTag(String data, String start, String end) - throws Exception { - int startidx = data.indexOf(start); - if (startidx > 0) { - startidx = startidx + start.length(); - int endidx = data.indexOf(end, startidx); - if (endidx > startidx) { - return data.substring(startidx, endidx); - } - log.error("extracting Tag: end tag not valid!: " + start + " ... " + end); //$NON-NLS-1$//$NON-NLS-2$ - throw new Exception("end tag not available!"); //$NON-NLS-1$ - } - log.error("extracting Tag: start tag not valid!: " + start + " ... " + end); //$NON-NLS-1$//$NON-NLS-2$ - throw new Exception("start tag not available!"); //$NON-NLS-1$ - } - - /** - * Validates the Mobile phone number - * - * @param number - * @return the normalized Phone number - * @throws InvalidNumberException - */ - public static String normalizeMobileNumber(String number) - throws InvalidNumberException { - // Verify number and normalize - - // Compile and use regular expression - Pattern pattern = Pattern.compile(NUMBER_REGEX); - Matcher matcher = pattern.matcher(number); - - if (!matcher.find()) { - throw new InvalidNumberException(); - } - - if (matcher.groupCount() != 6) { - throw new InvalidNumberException(); - } - - String countryCode = matcher.group(1); - - String normalNumber = matcher.group(6); - - if (countryCode.equals("10301")) { //$NON-NLS-1$ - // A-Trust Testnumber! Don't change - return number; - } - - countryCode = countryCode.replace("00", "+"); //$NON-NLS-1$ //$NON-NLS-2$ - - if (countryCode.equals("0")) { //$NON-NLS-1$ - countryCode = "+43"; //$NON-NLS-1$ - } - - return countryCode + normalNumber; - } - - /** - * Validate given Password for Mobile BKU - * - * @param password - * @throws InvalidPasswordException - */ - public static void validatePassword(String password) - throws InvalidPasswordException { - if (password.length() < 6 || password.length() > 20) { - if (password.length() < 6) { - throw new PasswordTooShortException(); - } - throw new PasswordTooLongException(); - } - } - - /** - * Removes file extension from URL - * - * @param query - * the url string - * @return the stripped url - */ - public static String stripQueryString(String query) { - int pathidx = query.lastIndexOf('/'); - if (pathidx > 0) { - return query.substring(0, pathidx); - } - return query; - } - - /** - * Get a HTTP Client instance - * @return the HttpClient - */ - public static HttpClient getHttpClient() { - HttpClient client = new HttpClient(); - client.getParams().setParameter("http.useragent", //$NON-NLS-1$ - Constants.USER_AGENT_STRING); - - String host = System.getProperty("http.proxyHost"); //$NON-NLS-1$ - String port = System.getProperty("http.proxyPort"); //$NON-NLS-1$ - if (host != null && !host.isEmpty() && - port != null && !port.isEmpty()) { - int p = Integer.parseInt(port); - client.getHostConfiguration().setProxy(host, p); - String user = System.getProperty("http.proxyUser"); //$NON-NLS-1$ - String pass = System.getProperty("http.proxyPassword"); //$NON-NLS-1$ - if (user != null && !user.isEmpty() && pass != null) { - client.getState().setProxyCredentials(new AuthScope(host, p), - new UsernamePasswordCredentials(user, pass)); - } - } - - return client; - } - - /** - * Register our TrustedSocketFactory for https connections - */ - @SuppressWarnings("deprecation") - public static void registerTrustedSocketFactory() { - Protocol.registerProtocol("https", //$NON-NLS-1$ - new Protocol("https", new TrustedSocketFactory(), 443)); //$NON-NLS-1$ - } -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUStatus.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUStatus.java deleted file mode 100644 index 7ebf7b3e..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUStatus.java +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -/** - * - */ -public interface MobileBKUStatus { - /** - * @return the identification_url - */ - public String getSessionID(); - - /** - * @param sessionID the identification_url to set - */ - public void setSessionID(String sessionID); - - /** - * @return the phoneNumber - */ - public String getPhoneNumber(); - - /** - * @param phoneNumber the phoneNumber to set - */ - public void setPhoneNumber(String phoneNumber); - - /** - * @return the mobilePassword - */ - public String getMobilePassword(); - - /** - * @param mobilePassword the mobilePassword to set - */ - public void setMobilePassword(String mobilePassword); - - /** - * @return the reference value - */ - public String getRefVal(); - - /** - * @param refVal the reference value to set - */ - public void setRefVal(String refVal); - - /** - * @return the tan - */ - public String getTan(); - - /** - * @param tan the tan to set - */ - public void setTan(String tan); - - /** - * Get maximum number of TAN tries - * @return the maximum number of TAN tries - */ - public int getMaxTanTries(); - - /** - * Get number of TAN tries left - * @return the number of TAN tries left - */ - public int getTanTries(); - - /** - * Set number of TAN tries left - * @param tries the number of TAN tries left - */ - public void setTanTries(int tries); - - /** - * @return the errorMessage - */ - public String getErrorMessage(); - - /** - * @param errorMessage the errorMessage to set - */ - public void setErrorMessage(String errorMessage); - - /** - * @return the baseURL - */ - public String getBaseURL(); - - /** - * @param baseURL - */ - public void setBaseURL(String baseURL); - - /** - * Return the SL request server - * @return the SL request server - */ - public String getServer(); - - /** - * Set the SL request server - * @param server the SL request server - */ - public void setServer(String server); - - /** - * Get the signature data URL - * @return the signature data URL - */ - public String getSignatureDataURL(); - - /** - * Set the signature data URL - * @param signatureDataURL the signature data URL - */ - public void setSignatureDataURL(String signatureDataURL); - - /** - * Ensure that given URL contains a session ID (if necessary) - * @param url URL to check for session ID - * @return resulting URL - */ - public String ensureSessionID(String url); -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUs.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUs.java deleted file mode 100644 index ac4bdef9..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/MobileBKUs.java +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -/** - * Available mobile BKUs - */ -public enum MobileBKUs { - /** A-Trust BKU */ - A_TRUST, - - /** IAIK */ - IAIK -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostCredentialsThread.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostCredentialsThread.java deleted file mode 100644 index 6e807df5..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostCredentialsThread.java +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -// Imports -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asit.pdfover.gui.workflow.states.MobileBKUState; - -/** - * - */ -public class PostCredentialsThread implements Runnable { - /** - * SLF4J Logger instance - **/ - private static final Logger log = LoggerFactory - .getLogger(PostCredentialsThread.class); - - private MobileBKUState state; - - private MobileBKUHandler handler; - - /** - * Constructor - * - * @param state the MobileBKUState - */ - public PostCredentialsThread(MobileBKUState state) { - this.state = state; - this.handler = state.getHandler(); - } - - /* (non-Javadoc) - * @see java.lang.Runnable#run() - */ - @Override - public void run() { - try { - String responseData = this.handler.postCredentials(); - - // Now we have received some data lets check it: - log.debug("Response from mobile BKU: " + responseData); //$NON-NLS-1$ - - this.handler.handleCredentialsResponse(responseData); - } catch (Exception ex) { - log.error("Error in PostCredentialsThread", ex); //$NON-NLS-1$ - this.state.setThreadException(ex); - } finally { - this.state.invokeUpdate(); - } - } - -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostSLRequestThread.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostSLRequestThread.java deleted file mode 100644 index 09944acf..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostSLRequestThread.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -// Imports -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asit.pdfover.gui.workflow.states.MobileBKUState; - -/** - * - */ -public class PostSLRequestThread implements Runnable { - /** - * SLF4J Logger instance - **/ - private static final Logger log = LoggerFactory - .getLogger(PostSLRequestThread.class); - - private MobileBKUState state; - - private String mobileBKUUrl; - - private MobileBKUHandler mobileBKUHandler; - - /** - * Constructor - * - * @param state the MobileBKUState - */ - public PostSLRequestThread(MobileBKUState state) { - this.state = state; - this.mobileBKUUrl = state.getURL(); - this.mobileBKUHandler = state.getHandler(); - } - - /* - * (non-Javadoc) - * - * @see java.lang.Runnable#run() - */ - @Override - public void run() { - try { - - String responseData = this.mobileBKUHandler.postSLRequest(this.mobileBKUUrl); - - // Now we have received some data lets check it: - log.debug("Response from mobile BKU: " + responseData); //$NON-NLS-1$ - - this.mobileBKUHandler.handleSLRequestResponse(responseData); - - /* - * If all went well we can set the communication state to the new - * state - */ - this.state.setCommunicationState(MobileBKUCommunicationState.POST_NUMBER); - } catch (Exception ex) { - log.error("Error in PostSLRequestThread", ex); //$NON-NLS-1$ - this.state.setThreadException(ex); - } finally { - this.state.invokeUpdate(); - } - } - -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostTanThread.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostTanThread.java deleted file mode 100644 index 95ee0dbd..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostTanThread.java +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -// Imports -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asit.pdfover.gui.workflow.states.MobileBKUState; - -/** - * - */ -public class PostTanThread implements Runnable { - /** - * SLF4J Logger instance - **/ - private static final Logger log = LoggerFactory - .getLogger(PostTanThread.class); - - private MobileBKUState state; - - private MobileBKUHandler handler; - - /** - * Constructor - * - * @param state - */ - public PostTanThread(MobileBKUState state) { - this.state = state; - this.handler = state.getHandler(); - } - - /* - * (non-Javadoc) - * - * @see java.lang.Runnable#run() - */ - @Override - public void run() { - try { - String responseData = this.handler.postTAN(); - - // Now we have received some data lets check it: - log.debug("Response from mobile BKU: " + responseData); //$NON-NLS-1$ - - this.handler.handleTANResponse(responseData); - - } catch (Exception ex) { - log.error("Error in PostTanThread", ex); //$NON-NLS-1$ - this.state.setThreadException(ex); - } finally { - this.state.invokeUpdate(); - } - } - -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/SimpleXMLTrustManager.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/SimpleXMLTrustManager.java deleted file mode 100644 index 6d72e856..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/SimpleXMLTrustManager.java +++ /dev/null @@ -1,225 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -// Imports -import java.security.KeyStore; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.Arrays; - -import javax.net.ssl.TrustManager; -import javax.net.ssl.TrustManagerFactory; -import javax.net.ssl.X509TrustManager; -import javax.xml.parsers.DocumentBuilderFactory; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.w3c.dom.Document; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -import at.asit.pdfover.gui.Constants; - -/** - * - */ -public class SimpleXMLTrustManager implements X509TrustManager { - /** - * SLF4J Logger instance - **/ - private static final Logger log = LoggerFactory - .getLogger(SimpleXMLTrustManager.class); - - /* - * The default X509TrustManager returned by SunX509. We'll delegate - * decisions to it, and fall back to the logic in this class if the default - * X509TrustManager doesn't trust it. - */ - X509TrustManager sunJSSEX509TrustManager; - - /** - * Trust Manager for A-Trust Certificates - */ - X509TrustManager atrustTrustManager; - - /** - * Constructs the TrustManager - * - * @throws Exception - */ - public SimpleXMLTrustManager() throws Exception { - // create a "default" JSSE X509TrustManager. - - TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); //$NON-NLS-1$ - tmf.init((KeyStore) null); - - TrustManager tms[] = tmf.getTrustManagers(); - - /* - * Iterate over the returned trustmanagers, look for an instance of - * X509TrustManager. If found, use that as our "default" trust manager. - */ - for (int i = 0; i < tms.length; i++) { - if (tms[i] instanceof X509TrustManager) { - this.sunJSSEX509TrustManager = (X509TrustManager) tms[i]; - break; - } - } - - /* - * A-Trust Certificates - */ - - KeyStore myKeyStore = KeyStore.getInstance(KeyStore - .getDefaultType()); - - myKeyStore.load(null); - - Document doc = DocumentBuilderFactory.newInstance() - .newDocumentBuilder() - .parse(this.getClass().getResourceAsStream(Constants.RES_CERT_LIST)); - - Node certificates = doc.getFirstChild(); - - if (!certificates.getNodeName().equals("certificates")) { //$NON-NLS-1$ - throw new Exception( - "Used certificates xml is invalid! no certificates node"); //$NON-NLS-1$ - } - - NodeList certificateList = certificates.getChildNodes(); - - for (int i = 0; i < certificateList.getLength(); i++) { - try { - - Node certificateNode = certificateList.item(i); - - if (certificateNode.getNodeName().equals("#text")) { //$NON-NLS-1$ - continue; // Ignore dummy text node .. - } - - if (!certificateNode.getNodeName().equals("certificate")) { //$NON-NLS-1$ - log.warn("Ignoring XML node: " + certificateNode.getNodeName()); //$NON-NLS-1$ - continue; - } - - String certResource = Constants.RES_CERT_PATH + certificateNode.getTextContent(); - - X509Certificate cert = (X509Certificate) CertificateFactory - .getInstance("X509"). //$NON-NLS-1$ - generateCertificate( - this.getClass().getResourceAsStream( - certResource)); - - myKeyStore.setCertificateEntry(certificateNode.getTextContent(), cert); - - log.debug("Loaded certificate : " + certResource); //$NON-NLS-1$ - - } catch (Exception ex) { - log.error("Failed to load certificate [" + "]", ex); //$NON-NLS-1$ //$NON-NLS-2$ - } - } - - tmf.init(myKeyStore); - - tms = tmf.getTrustManagers(); - - /* - * Iterate over the returned trustmanagers, look for an instance of - * X509TrustManager. If found, use that as our "default" trust manager. - */ - for (int i = 0; i < tms.length; i++) { - if (tms[i] instanceof X509TrustManager) { - this.atrustTrustManager = (X509TrustManager) tms[i]; - break; - } - } - - if (this.sunJSSEX509TrustManager != null - && this.atrustTrustManager != null) { - return; - } - - /* - * Find some other way to initialize, or else we have to fail the - * constructor. - */ - throw new Exception("Couldn't initialize ASITTrustManager"); //$NON-NLS-1$ - } - - /* - * (non-Javadoc) - * - * @see - * javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert. - * X509Certificate[], java.lang.String) - */ - @Override - public void checkClientTrusted(X509Certificate[] arg0, String arg1) - throws CertificateException { - try { - this.atrustTrustManager.checkServerTrusted(arg0, arg1); - } catch (CertificateException ex) { - try { - this.sunJSSEX509TrustManager.checkClientTrusted(arg0, arg1); - } catch (CertificateException ex2) { - log.info("checkClientTrusted: ", ex2); //$NON-NLS-1$ - throw ex2; - } - } - } - - /* - * (non-Javadoc) - * - * @see - * javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert. - * X509Certificate[], java.lang.String) - */ - @Override - public void checkServerTrusted(X509Certificate[] arg0, String arg1) - throws CertificateException { - try { - this.atrustTrustManager.checkServerTrusted(arg0, arg1); - } catch (CertificateException ex) { - try { - this.sunJSSEX509TrustManager.checkServerTrusted(arg0, arg1); - } catch (CertificateException ex2) { - log.info("checkServerTrusted: ", ex2); //$NON-NLS-1$ - throw ex2; - } - } - } - - /* - * (non-Javadoc) - * - * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers() - */ - @Override - public X509Certificate[] getAcceptedIssuers() { - - X509Certificate[] default_certs = this.sunJSSEX509TrustManager.getAcceptedIssuers(); - - X509Certificate[] atrust_certs = this.atrustTrustManager.getAcceptedIssuers(); - - X509Certificate[] all_certs = Arrays.copyOf(default_certs, default_certs.length + atrust_certs.length); - System.arraycopy(atrust_certs, 0, all_certs, default_certs.length, atrust_certs.length); - return all_certs; - } - -} diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/TrustedSocketFactory.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/TrustedSocketFactory.java deleted file mode 100644 index ee521641..00000000 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/TrustedSocketFactory.java +++ /dev/null @@ -1,192 +0,0 @@ -/* - * Copyright 2012 by A-SIT, Secure Information Technology Center Austria - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - */ -package at.asit.pdfover.gui.workflow.states.mobilebku; - -// Imports -import java.io.IOException; -import java.net.InetAddress; -import java.net.InetSocketAddress; -import java.net.Socket; -import java.net.SocketAddress; -import java.net.UnknownHostException; -import java.security.KeyManagementException; -import java.security.NoSuchAlgorithmException; - -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLSocket; -import javax.net.ssl.SSLSocketFactory; -import javax.net.ssl.TrustManager; - -import org.apache.commons.httpclient.ConnectTimeoutException; -import org.apache.commons.httpclient.params.HttpConnectionParams; -import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asit.pdfover.gui.utils.Messages; - -/** - * - */ -public class TrustedSocketFactory implements SecureProtocolSocketFactory { - /** - * SLF4J Logger instance - **/ - private static final Logger log = LoggerFactory - .getLogger(TrustedSocketFactory.class); - - private static final String ENABLED_CS[] = { - "TLS_RSA_WITH_AES_128_CBC_SHA", //$NON-NLS-1$ - "SSL_RSA_WITH_RC4_128_SHA", //$NON-NLS-1$ - "SSL_RSA_WITH_3DES_EDE_CBC_SHA", //$NON-NLS-1$ - "SSL_RSA_WITH_RC4_128_MD5" //$NON-NLS-1$ - }; - - private static SSLSocketFactory getFactory() throws NoSuchAlgorithmException, - KeyManagementException, Exception { - SSLContext sslContext = SSLContext.getInstance("TLS"); //$NON-NLS-1$ - sslContext.init(null, new TrustManager[] { new SimpleXMLTrustManager() }, - new java.security.SecureRandom()); - - return sslContext.getSocketFactory(); - } - - /* - * (non-Javadoc) - * - * @see - * org.apache.commons.httpclient.protocol.ProtocolSocketFactory#createSocket - * (java.lang.String, int) - */ - @Override - public Socket createSocket(String host, int port) throws IOException, - UnknownHostException { - try { - SSLSocket sslSocket = (SSLSocket) getFactory().createSocket(host, - port); - sslSocket.setEnabledCipherSuites(ENABLED_CS); - return sslSocket; - } catch (Exception ex) { - log.error("TrustedSocketFactory: ", ex); //$NON-NLS-1$ - if (ex instanceof IOException) { - throw (IOException) ex; - } else if (ex instanceof UnknownHostException) { - throw (UnknownHostException) ex; - } else { - throw new IOException( - Messages.getString("TrustedSocketFactory.FailedToCreateSecureConnection"), ex); //$NON-NLS-1$ - } - } - } - - /* - * (non-Javadoc) - * - * @see - * org.apache.commons.httpclient.protocol.ProtocolSocketFactory#createSocket - * (java.lang.String, int, java.net.InetAddress, int) - */ - @Override - public Socket createSocket(String host, int port, InetAddress clientHost, - int clientPort) throws IOException, UnknownHostException { - try { - SSLSocket sslSocket = (SSLSocket) getFactory().createSocket(host, - port, clientHost, clientPort); - sslSocket.setEnabledCipherSuites(ENABLED_CS); - return sslSocket; - } catch (Exception ex) { - log.error("TrustedSocketFactory: ", ex); //$NON-NLS-1$ - if (ex instanceof IOException) { - throw (IOException) ex; - } else if (ex instanceof UnknownHostException) { - throw (UnknownHostException) ex; - } else { - throw new IOException( - Messages.getString("TrustedSocketFactory.FailedToCreateSecureConnection"), ex); //$NON-NLS-1$ - } - } - } - - /* - * (non-Javadoc) - * - * @see - * org.apache.commons.httpclient.protocol.ProtocolSocketFactory#createSocket - * (java.lang.String, int, java.net.InetAddress, int, - * org.apache.commons.httpclient.params.HttpConnectionParams) - */ - @Override - public Socket createSocket(String host, int port, InetAddress clientHost, - int clientPort, HttpConnectionParams params) throws IOException, - UnknownHostException, ConnectTimeoutException { - try { - if (params == null) { - throw new IllegalArgumentException("Parameters may not be null"); //$NON-NLS-1$ - } - int timeout = params.getConnectionTimeout(); - SSLSocket sslSocket = null; - - SSLSocketFactory socketfactory = getFactory(); - if (timeout == 0) { - sslSocket = (SSLSocket) socketfactory.createSocket(host, port, clientHost, - clientPort); - } else { - sslSocket = (SSLSocket) socketfactory.createSocket(); - SocketAddress localaddr = new InetSocketAddress(clientHost, - clientPort); - SocketAddress remoteaddr = new InetSocketAddress(host, port); - sslSocket.bind(localaddr); - sslSocket.connect(remoteaddr, timeout); - } - sslSocket.setEnabledCipherSuites(ENABLED_CS); - return sslSocket; - } catch (Exception ex) { - log.error("TrustedSocketFactory: ", ex); //$NON-NLS-1$ - if (ex instanceof IOException) { - throw (IOException) ex; - } else if (ex instanceof UnknownHostException) { - throw (UnknownHostException) ex; - } else { - throw new IOException( - Messages.getString("TrustedSocketFactory.FailedToCreateSecureConnection"), ex); //$NON-NLS-1$ - } - } - } - - /* (non-Javadoc) - * @see org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory#createSocket(java.net.Socket, java.lang.String, int, boolean) - */ - @Override - public Socket createSocket(Socket socket, String host, int port, - boolean autoClose) throws IOException, UnknownHostException { - try { - SSLSocket sslSocket = (SSLSocket) getFactory().createSocket(socket, host, port, autoClose); - sslSocket.setEnabledCipherSuites(ENABLED_CS); - return sslSocket; - } catch (Exception ex) { - log.error("TrustedSocketFactory: ", ex); //$NON-NLS-1$ - if (ex instanceof IOException) { - throw (IOException) ex; - } else if (ex instanceof UnknownHostException) { - throw (UnknownHostException) ex; - } else { - throw new IOException( - Messages.getString("TrustedSocketFactory.FailedToCreateSecureConnection"), ex); //$NON-NLS-1$ - } - } - } - -} diff --git a/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages.properties b/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages.properties index 1dec3ab3..1fb2c2de 100644 --- a/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages.properties +++ b/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages.properties @@ -131,6 +131,7 @@ mobileBKU.password=Password: mobileBKU.show=Show signature data mobileBKU.show_tooltip=Shows the data to be signed mobileBKU.tan_tries_exceeded=TAN tries exceeded, request a new TAN? +mobileBKU.wrong_tan=TAN not accepted output.file_ask_overwrite=File %s already exists, do you want to overwrite it? output.link_open_message=You can open the signed file here. output.link_save_message=You can save the signed file diff --git a/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages_de.properties b/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages_de.properties index 66ab0ee1..18ead540 100644 --- a/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages_de.properties +++ b/pdf-over-gui/src/main/resources/at/asit/pdfover/gui/messages_de.properties @@ -131,6 +131,7 @@ mobileBKU.password=Passwort: mobileBKU.show=Signaturdaten anzeigen mobileBKU.show_tooltip=Zeigt die zu signierenden Daten an mobileBKU.tan_tries_exceeded=Zu viele TAN-Versuche, neue TAN anfordern? +mobileBKU.wrong_tan=TAN nicht akzeptiert output.file_ask_overwrite=Datei %s existiert bereits, wollen Sie sie überschreiben? output.link_open_message=Sie können das signierte Dokument hier öffnen. output.link_save_message=Sie können das signierte Dokument speichern -- cgit v1.2.3