diff options
| author | tknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c> | 2013-01-09 15:41:29 +0000 |
|---|---|---|
| committer | tknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c> | 2013-01-09 15:41:29 +0000 |
| commit | 535a04fa05f739ec16dd81666e3b0f82dfbd442d (patch) | |
| tree | 0804f301c1a9ceb303a8441b7b29244fc8eb7ff0 /src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/MOAConnector.java | |
| parent | 1efaf6fd5619dfa95c9d7e8c71eda4c2ffba4998 (diff) | |
| download | pdf-as-3-535a04fa05f739ec16dd81666e3b0f82dfbd442d.tar.gz pdf-as-3-535a04fa05f739ec16dd81666e3b0f82dfbd442d.tar.bz2 pdf-as-3-535a04fa05f739ec16dd81666e3b0f82dfbd442d.zip | |
pdf-as-lib maven project files moved to pdf-as-lib
git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/pdf-as/trunk@926 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c
Diffstat (limited to 'src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/MOAConnector.java')
| -rw-r--r-- | src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/MOAConnector.java | 921 |
1 files changed, 0 insertions, 921 deletions
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/MOAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/MOAConnector.java deleted file mode 100644 index ef355a0..0000000 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/MOAConnector.java +++ /dev/null @@ -1,921 +0,0 @@ -/**
- * <copyright> Copyright 2006 by Know-Center, Graz, Austria </copyright>
- * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a
- * joint initiative of the Federal Chancellery Austria and Graz University of
- * Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *
- * $Id: MOAConnector.java,v 1.5 2006/10/31 08:18:41 wprinz Exp $
- */
-package at.knowcenter.wag.egov.egiz.sig.connectors;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.UnsupportedEncodingException;
-import java.util.Vector;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import javax.xml.namespace.QName;
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.rpc.Call;
-import javax.xml.rpc.Service;
-import javax.xml.rpc.ServiceFactory;
-
-import org.apache.axis.message.SOAPBodyElement;
-import org.apache.log4j.Level;
-import org.apache.log4j.Logger;
-import org.apache.xml.serialize.OutputFormat;
-import org.apache.xml.serialize.XMLSerializer;
-import org.w3c.dom.Document;
-
-import at.gv.egiz.pdfas.exceptions.ErrorCode;
-import at.gv.egiz.pdfas.exceptions.external.ExternalErrorException;
-import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger;
-import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
-import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
-import at.knowcenter.wag.egov.egiz.exceptions.SignatureException;
-import at.knowcenter.wag.egov.egiz.exceptions.SignatureTypesException;
-import at.knowcenter.wag.egov.egiz.exceptions.WebException;
-import at.knowcenter.wag.egov.egiz.sig.Connector;
-import at.knowcenter.wag.egov.egiz.sig.ConnectorInformation;
-import at.knowcenter.wag.egov.egiz.sig.SignatureObject;
-import at.knowcenter.wag.egov.egiz.sig.SignatureResponse;
-import at.knowcenter.wag.egov.egiz.sig.X509Cert;
-import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
-
-/**
- * Connector to access the MOA service.
- *
- * @deprecated
- * @author wlackner
- * @author wprinz
- */
-public class MOAConnector implements Connector
-{
- /**
- * ConnectorInformation that identifies this Connector to the system.
- *
- * @see at.knowcenter.wag.egov.egiz.sig.ConnectorFactory
- * @see ConnectorInformation
- */
- public static final ConnectorInformation CONNECTOR_INFORMATION = new ConnectorInformation("moa", "MOA");
-
- /**
- * The class type value.
- *
- * <p>
- * Just for convenience.
- * </p>
- */
- private static final String TYPE = CONNECTOR_INFORMATION.getIdentifier();
-
- /**
- * The connector description.
- */
- public static final String DESCRIPTION = "MOA";
-
- /**
- * The SettingsReader instance
- */
- private SettingsReader settings_ = null;
-
- /**
- * MOA siganture verification mode
- */
- public static final String SERVICE_VERIFY = "SignatureVerification";
-
- /**
- * MOA siganture creation mode
- */
- public static final String SERVICE_SIGN = "SignatureCreation";
-
- /**
- * The logger definition.
- */
- private static final Logger logger_ = ConfigLogger.getLogger(MOAConnector.class);
-
- /**
- * The empty constructor
- */
- public MOAConnector() throws SignatureException
- {
- loadSettings();
- }
-
- /**
- * load the inital signature settings
- *
- * @see SettingsReader
- */
- private void loadSettings() throws SignatureException
- {
- if (settings_ == null)
- {
- try
- {
- settings_ = SettingsReader.getInstance();
- }
- catch (SettingsException e)
- {
- String log_message = "Can not load signature settings. Cause:\n" + e.getMessage();
- logger_.error(log_message);
- throw new SignatureException(101, log_message, e);
- }
- }
- }
-
- /**
- * This method calls the MOA signing a given text. The signaton type is to
- * used initializing the corresponding SigantureObject. The initialized
- * SignatureObject is filled out by the parsed MOA-Response. <br>
- * If an error request is send back from MOA, an error message is generated an
- * an exception is thrown.
- *
- * @param sigType
- * the type of the SignatureObject that should be returned
- * @param userName
- * the name of the user calling this method
- * @param signText
- * the text that shoulf be signed from MOA
- * @return the complete SingatureObject of the given type filled by values
- * from the MOA-Request
- * @throws SignatureException
- * ErrorCode 300
- * @see SignatureObject
- */
- public SignatureObject doSign(String sigType, String userName, String signText) throws SignatureException
- {
- SignatureObject sig_obj = new SignatureObject();
- try
- {
- sig_obj.setSigType(sigType);
- sig_obj.initByType();
- }
- catch (SignatureTypesException e)
- {
- SignatureException se = new SignatureException(300, "Can ot init signature object with type:" + sigType, e);
- throw se;
- }
- if (logger_.isDebugEnabled())
- {
- logger_.debug("Signature Type is:" + sig_obj.getSignationType());
- }
- if (logger_.isInfoEnabled())
- {
- logger_.info("Call " + TYPE + " from user:" + userName);
- }
-
- String url = getSignURL(sigType);
-
- String sign_request_filename = getSignRequestTemplateFileName(sigType);
- String key_ident = getSignKeyIdentifier(sigType);
-
- //String sign_req_str = FileHelper.readFromFile(SettingsReader.relocateFile(sign_request_filename));
- String sign_req_str = this.settings_.readInternalResourceAsString(sign_request_filename);
- if (sign_req_str == null)
- {
- SignatureException se = new SignatureException(300, "File not found:" + sign_request_filename);
- throw se;
- }
-
- sign_req_str = sign_req_str.replaceFirst("KeyIdentifierReplace", key_ident);
- if (logger_.isDebugEnabled())
- {
- //logger_.debug("error_signature_response = " + sign_req_str);
- // FileHelper.writeToFile(sign_request_filename + "_signText.xml",
- // signText);
- }
- // sign_req_str = sign_req_str.replaceFirst("XMLContentReplace", signText);
- // now use the the base64 Template
- signText = CodingHelper.encodeUTF8AsBase64(signText);
- sign_req_str = sign_req_str.replaceFirst("Base64ContentReplace", signText);
- if (logger_.isDebugEnabled())
- {
- //logger_.debug(sign_req_str);
- // FileHelper.writeToFile(sign_request_filename + "_request.xml",
- // sign_req_str);
- }
-
- String response_string = "";
- try
- {
- response_string = MOAConnector.connectMOA(sign_req_str, MOAConnector.SERVICE_SIGN, url);
- sig_obj.setRawSignatureResponse(response_string);
- }
- catch (WebException we)
- {
- SignatureException se = new SignatureException(we.getErrorCode(), we);
- throw se;
- }
-
- if (!response_string.equals(""))
- {
- if (logger_.isInfoEnabled())
- {
- logger_.info("get MOA response");
- }
- Pattern erc_p_s = Pattern.compile("<ErrorCode>");
- Pattern erc_p_e = Pattern.compile("</ErrorCode>");
- Matcher erc_m_s = erc_p_s.matcher(response_string);
- Matcher erc_m_e = erc_p_e.matcher(response_string);
- // System.err.println(response_string);
-
- if (erc_m_s.find() && erc_m_e.find())
- {
- if (logger_.isEnabledFor(Level.ERROR))
- {
- logger_.error("error_signature_response = " + response_string);
- // FileHelper.writeToFile(sign_request_filename + "_response.xml",
- // response_string);
- //logger_.error("Write error response to file:" + sign_request_filename + "_response.xml");
- }
- Pattern erm_p_s = Pattern.compile("<Info>");
- Pattern erm_p_e = Pattern.compile("</Info>");
- Matcher erm_m_s = erm_p_s.matcher(response_string);
- Matcher erm_m_e = erm_p_e.matcher(response_string);
-
- String error_code = response_string.substring(erc_m_s.end(), erc_m_e.start());
- logger_.debug("error_code = " + error_code);
- String error_mess = "";
- if (erm_m_s.find() && erm_m_e.find())
- {
- error_mess = response_string.substring(erm_m_s.end(), erm_m_e.start());
- logger_.debug(error_mess);
- }
- throw new SignatureException(new ExternalErrorException(error_code, error_mess));
- }
- else
- {
- if (logger_.isDebugEnabled())
- {
- //logger_.debug("response_string = " + response_string);
- // FileHelper.writeToFile(sign_request_filename + "_response.xml",
- // response_string);
- }
- parseCreateXMLResponse(response_string, sig_obj);
- }
- }
- sig_obj.setSigResponse(response_string);
- return sig_obj;
- }
-
- /**
- * This method parses the MOA-Response string. It separates the
- * SignatureValue, X509IssuerName, SigningTime, X509SerialNumber,
- * X509Certificate, CertDigest and DigestValues. If the X509Certificate is
- * extracted it would be stored in the certificates directory.
- *
- * @param xmlResponse
- * the response string from the MOA sign-request
- * @param sigObj
- * the SignatureObject that should be filled
- * @throws SignatureException
- * ErrorCode (303, 304)
- * @see SignatureObject
- * @see CodingHelper
- * @see X509Cert
- */
- private void parseCreateXMLResponse(String xmlResponse, SignatureObject sigObj) throws SignatureException
- {
- Pattern sig_val_p_s = Pattern.compile("<[\\w]*:?SignatureValue>");
- Pattern sig_val_p_e = Pattern.compile("</[\\w]*:?SignatureValue>");
- Pattern iss_nam_p_s = Pattern.compile("<[\\w]*:?X509IssuerName>");
- Pattern iss_nam_p_e = Pattern.compile("</[\\w]*:?X509IssuerName>");
- Pattern sig_tim_p_s = Pattern.compile("<[\\w]*:?SigningTime>");
- Pattern sig_tim_p_e = Pattern.compile("</[\\w]*:?SigningTime>");
- Pattern ser_num_p_s = Pattern.compile("<[\\w]*:?X509SerialNumber>");
- Pattern ser_num_p_e = Pattern.compile("</[\\w]*:?X509SerialNumber>");
- Pattern sig_cer_p_s = Pattern.compile("<[\\w]*:?X509Certificate>");
- Pattern sig_cer_p_e = Pattern.compile("</[\\w]*:?X509Certificate>");
-
- Pattern sig_cer_d_p_s = Pattern.compile("<[\\w]*:?CertDigest>");
- Pattern sig_cer_d_p_e = Pattern.compile("</[\\w]*:?CertDigest>");
- Pattern dig_val_p_s = Pattern.compile("<[\\w]*:?DigestValue>");
- Pattern dig_val_p_e = Pattern.compile("</[\\w]*:?DigestValue>");
-
- Matcher sig_val_m_s = sig_val_p_s.matcher(xmlResponse);
- Matcher sig_val_m_e = sig_val_p_e.matcher(xmlResponse);
- Matcher iss_nam_m_s = iss_nam_p_s.matcher(xmlResponse);
- Matcher iss_nam_m_e = iss_nam_p_e.matcher(xmlResponse);
- Matcher sig_tim_m_s = sig_tim_p_s.matcher(xmlResponse);
- Matcher sig_tim_m_e = sig_tim_p_e.matcher(xmlResponse);
- Matcher ser_num_m_s = ser_num_p_s.matcher(xmlResponse);
- Matcher ser_num_m_e = ser_num_p_e.matcher(xmlResponse);
- Matcher sig_cer_m_s = sig_cer_p_s.matcher(xmlResponse);
- Matcher sig_cer_m_e = sig_cer_p_e.matcher(xmlResponse);
-
- Matcher sig_cer_d_m_s = sig_cer_d_p_s.matcher(xmlResponse);
- Matcher sig_cer_d_m_e = sig_cer_d_p_e.matcher(xmlResponse);
-
- String sig_val = "";
- String iss_nam = "";
- String ser_num = "";
- String sig_tim = "";
- String sig_cer = "";
- String sig_dig = "";
-
- // SignatureValue
- if (sig_val_m_s.find() && sig_val_m_e.find())
- {
- sig_val = xmlResponse.substring(sig_val_m_s.end(), sig_val_m_e.start());
- sig_val = sig_val.replaceAll("\\s", "");
- sigObj.setSignationValue(sig_val);
- }
- // X509IssuerName
- if (iss_nam_m_s.find() && iss_nam_m_e.find())
- {
- iss_nam = xmlResponse.substring(iss_nam_m_s.end(), iss_nam_m_e.start());
- sigObj.setSignationIssuer(iss_nam);
- }
- // X509SerialNumber
- if (ser_num_m_s.find() && ser_num_m_e.find())
- {
- ser_num = xmlResponse.substring(ser_num_m_s.end(), ser_num_m_e.start());
- sigObj.setSignationSerialNumber(ser_num);
- }
- // SigningTime
- if (sig_tim_m_s.find() && sig_tim_m_e.find())
- {
- sig_tim = xmlResponse.substring(sig_tim_m_s.end(), sig_tim_m_e.start());
- sigObj.setSignationDate(sig_tim);
- }
- // CertDigest
- if (sig_cer_d_m_s.find() && sig_cer_d_m_e.find())
- {
- String cert_digest = xmlResponse.substring(sig_cer_d_m_s.end(), sig_cer_d_m_e.start());
- Matcher dig_val_m_s = dig_val_p_s.matcher(cert_digest);
- Matcher dig_val_m_e = dig_val_p_e.matcher(cert_digest);
- if (dig_val_m_s.find() && dig_val_m_e.find())
- {
- sig_dig = cert_digest.substring(dig_val_m_s.end(), dig_val_m_e.start());
- sigObj.setX509CertificateDigest(sig_dig);
- }
- }
- // extract Subject Name from X509Certificate
- if (sig_cer_m_s.find() && sig_cer_m_e.find())
- {
- sig_cer = xmlResponse.substring(sig_cer_m_s.end(), sig_cer_m_e.start());
- sig_cer = sig_cer.replaceAll("\\s", "");
- X509Cert cert = X509Cert.initByString(sig_cer);
- if (cert.isX509Cert())
- {
- sigObj.setX509Certificate(cert.getCertString());
- String serial_num = cert.getSerialNumber();
- String subject_name = cert.getSubjectName();
- if (!ser_num.equals(serial_num))
- {
- SignatureException se = new SignatureException(303, "Serialnumber of certificate and tag X509SerialNumber differs!");
- throw se;
- }
- sigObj.setSignationName(subject_name);
- }
- }
- }
-
- /**
- * This method reads the verify template from the file system and fills out
- * the template with the SignatureObject values.
- *
- * @param normalizedText
- * the normalized text to veryfied
- * @param sigObject
- * the SignatureObject holding the singature values
- * @return the filled verify template string
- * @throws SignatureException
- * ErrorCode (311, 312, 313)
- * @see SignatureObject
- * @see CodingHelper
- */
- public String getVerifyTemplate(String normalizedText,
- SignatureObject sigObject) throws SignatureException
- {
- try
- {
- if (normalizedText == null || normalizedText.length() == 0)
- {
- SignatureException se = new SignatureException(311, "Document can not be verified because normalized text is empty.");
- throw se;
- }
- if (sigObject == null)
- {
- SignatureException se = new SignatureException(312, "Document can not be verified because no signature object are set.");
- throw se;
- }
- String verify_template = getVerifyTemplateFileName(sigObject.getSignationType());
- String sig_prop_template = getSigPropFileName(sigObject.getSignationType());
-
- //String verify_req_str = FileHelper.readFromFile(SettingsReader.relocateFile(verify_template));
- String verify_req_str = this.settings_.readInternalResourceAsString(verify_template);
-
- //String sig_prop_str = FileHelper.readFromFile(SettingsReader.relocateFile(sig_prop_template));
- String sig_prop_str = this.settings_.readInternalResourceAsString(sig_prop_template);
-
- if (logger_.isDebugEnabled())
- {
- //logger_.debug(verify_template);
- //logger_.debug(sig_prop_template);
- }
-
- String x509Certificate = sigObject.getX509CertificateString();
- if (x509Certificate == null)
- {
- SignatureException se = new SignatureException(ErrorCode.CERTIFICATE_NOT_FOUND, "Document certificate is not defined.");
- throw se;
- }
- String cert_alg = settings_.getValueFromKey("cert.alg.ecdsa");
- X509Cert x509_cert = sigObject.getX509Cert();
- if (x509_cert.isRSA())
- {
- cert_alg = settings_.getValueFromKey("cert.alg.rsa");
- }
-
- sig_prop_str = sig_prop_str.replaceFirst("SigningTimeReplace", sigObject.getSignationDate());
- // The issuer is already a valid Unicode String.
- // No need to convert it - not to mention the missing encoding.
- // byte[] issuer_name =
- // CodingHelper.encodeUTF8(sigObject.getSignationIssuer());
- // new String(issuer_name)
- sig_prop_str = sig_prop_str.replaceFirst("X509IssuerNameReplace", sigObject.getSignationIssuer());
- sig_prop_str = sig_prop_str.replaceFirst("X509SerialNumberReplace", sigObject.getSignationSerialNumber());
- sig_prop_str = sig_prop_str.replaceFirst("DigestValueX509CertificateReplace", sigObject.getX509CertificateDigest());
-
- verify_req_str = verify_req_str.replaceFirst("CertAlgReplace", cert_alg);
- verify_req_str = verify_req_str.replaceFirst("TemplateSignedPropertiesReplace", sig_prop_str);
- byte[] sig_prop_code = CodingHelper.buildDigest(sig_prop_str.getBytes("UTF-8"), "sha1"); // added
- // the
- // ("UTF-8")
- // encoding
- String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code);
- verify_req_str = verify_req_str.replaceFirst("DigestValueSignedPropertiesReplace", sig_prop_hash);
- if (logger_.isDebugEnabled())
- {
- logger_.debug("build digest from SignedProperties:start");
- //logger_.debug("DATA :" + sig_prop_str);
- logger_.debug("DIGEST:" + sig_prop_hash);
- logger_.debug("build digest from SignedProperties:end");
- }
-
- verify_req_str = verify_req_str.replaceFirst("SignatureValueReplace", sigObject.getSignationValue());
- verify_req_str = verify_req_str.replaceFirst("X509CertificateReplace", x509Certificate);
- byte[] data_value = normalizedText.getBytes("UTF-8");
- byte[] data_value_hash = CodingHelper.buildDigest(data_value, "sha1");
- // byte[] data_value_hash =
- // CodingHelper.buildDigest(normalizedText.getBytes());
- String object_data_hash = CodingHelper.encodeBase64(data_value_hash);
- //String object_data = normalizedText; // new String(data_value);
- // System.err.println(object_data_hash);
- // very_req_str = very_req_str.replaceFirst("ObjectDataReplace",
- // object_data);
- String raw_b64 = CodingHelper.encodeBase64(data_value);
- verify_req_str = verify_req_str.replaceFirst("Base64ContentReplace", raw_b64);
-
- verify_req_str = verify_req_str.replaceFirst("DigestValueSignedDataReplace", object_data_hash);
- if (logger_.isDebugEnabled())
- {
- // FileHelper.writeToFile(verify_template + "_verifyText.xml",
- // normalizedText);
- logger_.debug("build digest from data object:start");
- //logger_.debug("DATA :" + object_data);
- logger_.debug("DIGEST:" + object_data_hash);
- logger_.debug("build digest from data object:end");
- }
- return verify_req_str;
- }
- catch (UnsupportedEncodingException e)
- {
- throw new SignatureException(310, e);
- }
- }
-
- /**
- * This method generates the MOA verify prozess. It checks if the given
- * SignatureObject is signed by MOA or BKU. The verify template string is
- * filled out by the corresponding method.
- *
- * @param normalizedText
- * the normalized text to verify
- * @param sigObject
- * the SignatureObject holding the singature values
- * @return a SignatureResponse object if the verify prozess does not fails
- * @throws SignatureException
- * @see SignatureResponse
- */
- public SignatureResponse doVerify(String normalizedText,
- SignatureObject sigObject) throws SignatureException
- {
- String verify_url = getVerifyURL(sigObject.getSignationType()); // settings_.getValueFromKey(TYPE
- // + "." +
- // Signature.VALUE_MODE_VERIFY
- // +
- // ".url");
- String verify_request = getVerifyRequestTemplateFileName(sigObject.getSignationType()); // settings_.getValueFromKey(TYPE
- // +
- // "."
- // +
- // Signature.VALUE_MODE_VERIFY
- // +
- // ".request");
- String trust_profile = getVerifyTrustProfileID(sigObject.getSignationType());
-
- //String verify_req_str = FileHelper.readFromFile(SettingsReader.relocateFile(verify_request));
- String verify_req_str = this.settings_.readInternalResourceAsString(verify_request);
-
- String verify_template_str = null;
- if (sigObject.isMOASigned())
- {
- verify_template_str = getVerifyTemplate(normalizedText, sigObject);
- }
- else
- {
- BKUConnector bku_conn = new BKUConnector();
- verify_template_str = bku_conn.getVerifyTemplate(normalizedText, sigObject);
- }
- verify_req_str = verify_req_str.replaceFirst("XMLContentReplace", verify_template_str);
- verify_req_str = verify_req_str.replaceFirst("TrustProfileIDReplace", trust_profile);
-
- if (logger_.isDebugEnabled())
- {
- //logger_.debug(verify_req_str);
- // FileHelper.writeToFile(verify_request + "_request.xml",
- // verify_req_str);
- }
- String response_string = "";
- try
- {
- response_string = MOAConnector.connectMOA(verify_req_str, MOAConnector.SERVICE_VERIFY, verify_url);
- }
- catch (WebException we)
- {
- if (logger_.isDebugEnabled())
- {
- we.printStackTrace();
- }
- SignatureException se = new SignatureException(we.getErrorCode(), we);
- throw se;
- }
-
- if (!response_string.equals(""))
- {
- Pattern erc_p_s = Pattern.compile("<[\\w]*:?ErrorCode>");
- Pattern erc_p_e = Pattern.compile("</[\\w]*:?ErrorCode>");
- Matcher erc_m_s = erc_p_s.matcher(response_string);
- Matcher erc_m_e = erc_p_e.matcher(response_string);
-
- if (erc_m_s.find() && erc_m_e.find())
- {
- if (logger_.isEnabledFor(Level.ERROR))
- {
- //logger_.debug(response_string);
- // FileHelper.writeToFile(verify_request + "_response.xml",
- // response_string);
- logger_.error("Write error response to file:" + verify_request + "_response.xml");
- }
- Pattern erm_p_s = Pattern.compile("<[\\w]*:?Info>");
- Pattern erm_p_e = Pattern.compile("</[\\w]*:?Info>");
- Matcher erm_m_s = erm_p_s.matcher(response_string);
- Matcher erm_m_e = erm_p_e.matcher(response_string);
- String error_code = response_string.substring(erc_m_s.end(), erc_m_e.start());
- String error_mess = null;
- if (erm_m_s.find() && erm_m_e.find())
- {
- error_mess = response_string.substring(erm_m_s.end(), erm_m_e.start());
- }
- throw new SignatureException(new ExternalErrorException(error_code, error_mess));
- }
- else
- {
- if (logger_.isDebugEnabled())
- {
- //logger_.debug(verify_request + "_response.xml " + response_string);
- }
- return parseVerifyXMLResponse(response_string);
- }
- }
- return null;
- }
-
- /**
- * This method parses the verify response string and return a
- * SignatureResponse object. The SignatureResponse object is filled out by the
- * response values from the BKU-response.
- *
- * @param xmlResponse
- * the response values from the MOA-verify request
- * @return SignatureResponse object
- * @see SignatureResponse
- */
- private SignatureResponse parseVerifyXMLResponse(String xmlResponse)
- {
- if (logger_.isInfoEnabled())
- {
- logger_.info("Try parsing the verify response");
- }
- Pattern sub_nam_p_s = Pattern.compile("<dsig:X509SubjectName>");
- Pattern sub_nam_p_e = Pattern.compile("</dsig:X509SubjectName>");
- Pattern iss_nam_p_s = Pattern.compile("<dsig:X509IssuerName>");
- Pattern iss_nam_p_e = Pattern.compile("</dsig:X509IssuerName>");
- Pattern ser_num_p_s = Pattern.compile("<dsig:X509SerialNumber>");
- Pattern ser_num_p_e = Pattern.compile("</dsig:X509SerialNumber>");
-
- // [tknall] start qualified certificate
- Pattern cert_qualified_p = Pattern.compile("<QualifiedCertificate/>");
- Matcher cert_qualified_m = cert_qualified_p.matcher(xmlResponse);
- // [tknall] stop qualified certificate
-
- Pattern sig_chk_p_s = Pattern.compile("<SignatureCheck>");
- Pattern sig_chk_p_e = Pattern.compile("</SignatureCheck>");
- Pattern man_chk_p_s = Pattern.compile("<SignatureManifestCheck>");
- Pattern man_chk_p_e = Pattern.compile("</SignatureManifestCheck>");
- Pattern cer_chk_p_s = Pattern.compile("<CertificateCheck>");
- Pattern cer_chk_p_e = Pattern.compile("</CertificateCheck>");
-
- Pattern code_p_s = Pattern.compile("<Code>");
- Pattern code_p_e = Pattern.compile("</Code>");
-
- Pattern cert_p_s = Pattern.compile("<dsig:X509Certificate>");
- Pattern cert_p_e = Pattern.compile("</dsig:X509Certificate>");
-
- Matcher sub_nam_m_s = sub_nam_p_s.matcher(xmlResponse);
- Matcher sub_nam_m_e = sub_nam_p_e.matcher(xmlResponse);
- Matcher iss_nam_m_s = iss_nam_p_s.matcher(xmlResponse);
- Matcher iss_nam_m_e = iss_nam_p_e.matcher(xmlResponse);
- Matcher ser_num_m_s = ser_num_p_s.matcher(xmlResponse);
- Matcher ser_num_m_e = ser_num_p_e.matcher(xmlResponse);
-
- Matcher sig_chk_m_s = sig_chk_p_s.matcher(xmlResponse);
- Matcher sig_chk_m_e = sig_chk_p_e.matcher(xmlResponse);
- Matcher man_chk_m_s = man_chk_p_s.matcher(xmlResponse);
- Matcher man_chk_m_e = man_chk_p_e.matcher(xmlResponse);
- Matcher cer_chk_m_s = cer_chk_p_s.matcher(xmlResponse);
- Matcher cer_chk_m_e = cer_chk_p_e.matcher(xmlResponse);
-
- Matcher cert_m_s = cert_p_s.matcher(xmlResponse);
- Matcher cert_m_e = cert_p_e.matcher(xmlResponse);
-
- SignatureResponse sig_res = new SignatureResponse();
-
- // [tknall] start qualified certificate
- sig_res.setQualifiedCertificate(cert_qualified_m.find());
- // [tknall] stop qualified certificate
-
- // public authority
- Pattern publicAuthority_p = Pattern.compile("<PublicAuthority/>");
- Matcher publicAuthority_m = publicAuthority_p.matcher(xmlResponse);
- sig_res.setPublicAuthority(false);
- sig_res.setPublicAuthorityCode(null);
- if (publicAuthority_m.find()) {
- sig_res.setPublicAuthority(true);
- } else {
- Matcher publicAuthority_m_s = Pattern.compile("<PublicAuthority>").matcher(xmlResponse);
- Matcher publicAuthority_m_e = Pattern.compile("</PublicAuthority>").matcher(xmlResponse);
- if (publicAuthority_m_s.find() && publicAuthority_m_e.find()) {
- sig_res.setPublicAuthority(true);
- String codePart = xmlResponse.substring(publicAuthority_m_s.end(), publicAuthority_m_e.start());
- Matcher code_m_s = code_p_s.matcher(codePart);
- Matcher code_m_e = code_p_e.matcher(codePart);
- if (code_m_s.find() && code_m_e.find()) {
- String code = codePart.substring(code_m_s.end(), code_m_e.start());
- sig_res.setPublicAuthorityCode(code);
- }
- }
- }
-
- if (sub_nam_m_s.find() && sub_nam_m_e.find())
- {
- String sub_nam = xmlResponse.substring(sub_nam_m_s.end(), sub_nam_m_e.start());
- sig_res.setX509SubjectName(sub_nam);
- }
- if (iss_nam_m_s.find() && iss_nam_m_e.find())
- {
- String iss_nam = xmlResponse.substring(iss_nam_m_s.end(), iss_nam_m_e.start());
- sig_res.setX509IssuerName(iss_nam);
- }
- if (ser_num_m_s.find() && ser_num_m_e.find())
- {
- String ser_num = xmlResponse.substring(ser_num_m_s.end(), ser_num_m_e.start());
- sig_res.setX509SerialNumber(ser_num);
- }
- if (sig_chk_m_s.find() && sig_chk_m_e.find())
- {
- String sig_chk = xmlResponse.substring(sig_chk_m_s.end(), sig_chk_m_e.start());
- Matcher code_m_s = code_p_s.matcher(sig_chk);
- Matcher code_m_e = code_p_e.matcher(sig_chk);
- if (code_m_s.find() && code_m_e.find())
- {
- String code = sig_chk.substring(code_m_s.end(), code_m_e.start());
- sig_res.setSignatureCheckCode(code);
- }
- }
- if (man_chk_m_s.find() && man_chk_m_e.find())
- {
- String man_chk = xmlResponse.substring(man_chk_m_s.end(), man_chk_m_e.start());
- Matcher code_m_s = code_p_s.matcher(man_chk);
- Matcher code_m_e = code_p_e.matcher(man_chk);
- if (code_m_s.find() && code_m_e.find())
- {
- String code = man_chk.substring(code_m_s.end(), code_m_e.start());
- sig_res.setSignatureManifestCheckCode(code);
- }
- }
- if (cer_chk_m_s.find() && cer_chk_m_e.find())
- {
- String cer_chk = xmlResponse.substring(cer_chk_m_s.end(), cer_chk_m_e.start());
- Matcher code_m_s = code_p_s.matcher(cer_chk);
- Matcher code_m_e = code_p_e.matcher(cer_chk);
- if (code_m_s.find() && code_m_e.find())
- {
- String code = cer_chk.substring(code_m_s.end(), code_m_e.start());
- sig_res.setCertificateCheckCode(code);
- }
- }
- if (cert_m_s.find() && cert_m_e.find())
- {
- String cert_string = xmlResponse.substring(cert_m_s.end(), cert_m_e.start());
-
- X509Cert resp_cert = X509Cert.initByString(cert_string);
- sig_res.setCertificate(resp_cert);
- }
-
- return sig_res;
- }
-
- protected String getConnectorValueFromProfile(String profile, String key)
- {
- String value = settings_.getValueFromKey("sig_obj." + profile + "." + key);
- if (value == null)
- {
- value = settings_.getValueFromKey(key);
- }
- return value;
- }
-
- public String getSignURL(String profile)
- {
- final String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_SIGN + ".url";
- return getConnectorValueFromProfile(profile, key);
- }
-
- protected String getSignRequestTemplateFileName(String profile)
- {
- String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_SIGN + ".request";
- return getConnectorValueFromProfile(profile, key);
- }
-
- protected String getSignKeyIdentifier(String profile)
- {
- String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_SIGN + ".KeyIdentifier";
- return getConnectorValueFromProfile(profile, key);
- }
-
- public String getVerifyURL(String profile)
- {
- String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".url";
- return getConnectorValueFromProfile(profile, key);
- }
-
- protected String getVerifyRequestTemplateFileName(String profile)
- {
- String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".request";
- return getConnectorValueFromProfile(profile, key);
- }
-
- protected String getVerifyTemplateFileName(String profile)
- {
- String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".template";
- return getConnectorValueFromProfile(profile, key);
- }
-
- protected String getSigPropFileName(String profile)
- {
- String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".template.SP";
- return getConnectorValueFromProfile(profile, key);
- }
-
- protected String getVerifyTrustProfileID(String profile)
- {
- String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".TrustProfileID";
- return getConnectorValueFromProfile(profile, key);
- }
-
- /**
- * This method connects the moa server getting the requestString, the given
- * serviseMode and the endpointUrl. The requestString is the envelope of the
- * SOAP Message send and recieve by the AXIS module. The Response SOAP message
- * of the MOA server is parsed by AXIS and the message envelope is send back
- * to the calling method.
- *
- * @param requestString
- * the request string (XML) to send.
- * @param serviceMode
- * the mode which connect to MOA
- * @param endpointURL
- * the URL which the MOA server is running
- * @return the response string (XML) of the MOA server
- * @throws WebException
- */
- public static String connectMOA(String requestString, String serviceMode,
- String endpointURL) throws WebException
- {
- try
- {
- if (logger_.isInfoEnabled())
- {
- logger_.info(serviceMode);
- logger_.info(endpointURL);
- }
- // Parser/DOMBuilder instanzieren
- DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
- factory.setNamespaceAware(true);
- DocumentBuilder builder = factory.newDocumentBuilder();
-
- // XML Datei in einen DOM-Baum umwandeln
- ByteArrayInputStream bais = new ByteArrayInputStream(requestString.getBytes("UTF-8"));
- Document xmlRequest = builder.parse(bais);
-
- // Call oeffnen
- Call call = null;
-
- // Neues BodyElement anlegen und mit dem DOM-Baum fuellen
- SOAPBodyElement body = new SOAPBodyElement(xmlRequest.getDocumentElement());
- SOAPBodyElement[] params = new SOAPBodyElement[] { body };
-
- // AXIS-Server instanzieren
- Service service = ServiceFactory.newInstance().createService(new QName(serviceMode));
- call = service.createCall();
- call.setTargetEndpointAddress(endpointURL);
-
- // Call ausloesen und die Antworten speichern
- if (logger_.isInfoEnabled())
- {
- logger_.info("Calling MOA:" + endpointURL);
- }
- Vector responses = (Vector) call.invoke(params);
-
- // Erstes Body Element auslesen
- SOAPBodyElement response = (SOAPBodyElement) responses.get(0);
-
- // Aus der Response den DOM-Baum lesen
- Document root_response = response.getAsDocument();
- if (logger_.isInfoEnabled())
- {
- logger_.info("Return from MOA:" + serviceMode);
- }
-
- // XML-Formatierung konfiguieren
- OutputFormat format = new OutputFormat((Document) root_response);
- format.setLineSeparator("\n");
- format.setIndenting(false);
- format.setPreserveSpace(true);
- format.setOmitXMLDeclaration(false);
- format.setEncoding("UTF-8");
-
- // Ausgabe der Webservice-Antwort auf die Konsole
- // XMLSerializer conSerializer = new XMLSerializer(System.out, format);
- // conSerializer.serialize(root_response);
-
- // Ausgabe der Webservice-Antwort in Datei
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- XMLSerializer response_serializer = new XMLSerializer(baos, format);
- response_serializer.serialize(root_response);
- return baos.toString("UTF-8");
- }
- catch (Exception e)
- {
- throw new WebException(e);
- }
- // serialize signature only
-
- // if
- // (root_response.getDocumentElement().getLocalName().equals("CreateXMLSignatureResponse"))
- // {
- // Element signature = (Element)
- // root_response.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#",
- // "Signature").item(0);
- // String signatureFile = getProperty(mode + "Request").substring(0,
- // getProperty(mode +
- // "Request").lastIndexOf('.')) + ".Signature.xml";
- // fileSerializer = new XMLSerializer(new FileOutputStream(signatureFile),
- // format);
- // fileSerializer.serialize(signature);
- // }
-
- }
-}
\ No newline at end of file |