diff options
| author | knowcenter <knowcenter@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c> | 2007-05-18 15:42:55 +0000 |
|---|---|---|
| committer | knowcenter <knowcenter@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c> | 2007-05-18 15:42:55 +0000 |
| commit | 8f2a983cb8e9be9e71e3df04edd00a4bc0673862 (patch) | |
| tree | 141e477bd1086e21f80dba750b6f93036827c280 /src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku | |
| parent | dce5ed9e0a30ed7f03b21a8142029847a1194a2c (diff) | |
| download | pdf-as-3-8f2a983cb8e9be9e71e3df04edd00a4bc0673862.tar.gz pdf-as-3-8f2a983cb8e9be9e71e3df04edd00a4bc0673862.tar.bz2 pdf-as-3-8f2a983cb8e9be9e71e3df04edd00a4bc0673862.zip | |
detached connectors
git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@92 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c
Diffstat (limited to 'src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku')
3 files changed, 192 insertions, 58 deletions
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java index 44beb40..d018a13 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java @@ -19,6 +19,7 @@ import at.knowcenter.wag.egov.egiz.sig.connectors.Connector; import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector;
import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces;
import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedIdFormatter;
+import at.knowcenter.wag.egov.egiz.sig.sigkz.SigKZIDHelper;
import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
import at.knowcenter.wag.egov.egiz.tools.FileHelper;
@@ -120,10 +121,6 @@ public class DetachedBKUConnector implements Connector, LocalConnector return so;
}
-
-
-
-
public static String[] parseSigIds(String sig_ids)
{
if (sig_ids == null || sig_ids.length() == 0)
@@ -292,29 +289,29 @@ public class DetachedBKUConnector implements Connector, LocalConnector * @throws ConnectorException
* f.e.
*/
- public String prepareVerifyRequest(SignatureData data,
- SignSignatureObject so) throws ConnectorException
+ public String prepareVerifyRequest(SignatureData data, SignSignatureObject so) throws ConnectorException
{
String verify_request_template = this.environment.getVerifyRequestTemplate();
String xml_content = null;
- // TODO implement MOA
- // if (sigObject.isMOASigned())
- // {
- // MOAConnector moa_conn = new MOAConnector();
- // // get the MOA-template
- // verify_template_str = moa_conn.getVerifyTemplate(normalizedText,
- // sigObject);
- // }
- // else
- // {
- // get the BKU-template
- xml_content = prepareXMLContent(data, so);
- // }
+ if (SigKZIDHelper.isMOASigned(so))
+ {
+ // TODO once the detached moa connector is fully functional - implement this.
+ log.error("Zur Zeit gibt es keinen detached MOA connector fuer die Verifikation.");
+ throw new ConnectorException(300, "Detached MOA is disabled.");
+ // MOAConnector moa_conn = new MOAConnector();
+ // // get the MOA-template
+ // verify_template_str = moa_conn.getVerifyTemplate(normalizedText,
+ // sigObject);
+ }
+ else
+ {
+ xml_content = prepareXMLContent(data, so);
+ }
String verify_request_xml = verify_request_template.replaceFirst(TemplateReplaces.XML_CONTENT_REPLACE, xml_content);
verify_request_xml = verify_request_xml.replaceFirst(TemplateReplaces.LOC_REF_CONTENT_REPLACE, this.environment.getLocRefContent());
-
+
return verify_request_xml;
}
@@ -441,7 +438,6 @@ public class DetachedBKUConnector implements Connector, LocalConnector return signature_response;
}
-
/**
* Holds environment configuration information like templates.
*
@@ -490,7 +486,7 @@ public class DetachedBKUConnector implements Connector, LocalConnector protected static final String RSA_CERT_ALG_KEY = "cert.alg.rsa"; //$NON-NLS-1$
protected String loc_ref_content = null;
-
+
protected String sign_keybox_identifier = null;
protected String sign_request_template = null;
@@ -518,7 +514,7 @@ public class DetachedBKUConnector implements Connector, LocalConnector public Environment(String profile, String loc_ref_content) throws ConnectorException
{
this.loc_ref_content = loc_ref_content;
-
+
SettingsReader settings = null;
try
{
@@ -566,13 +562,14 @@ public class DetachedBKUConnector implements Connector, LocalConnector /**
* Returns the LocRef content.
+ *
* @return Returns the LocRef content.
*/
public String getLocRefContent()
{
return this.loc_ref_content;
}
-
+
/**
* Returns the sign keybox identifier.
*
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java index 1c628b1..3d5cf36 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java @@ -3,6 +3,7 @@ */
package at.knowcenter.wag.egov.egiz.sig.connectors.bku;
+import java.io.UnsupportedEncodingException;
import java.security.cert.X509Certificate;
import java.util.Properties;
@@ -16,8 +17,11 @@ import at.knowcenter.wag.egov.egiz.sig.SignatureData; import at.knowcenter.wag.egov.egiz.sig.SignatureObject;
import at.knowcenter.wag.egov.egiz.sig.SignatureResponse;
import at.knowcenter.wag.egov.egiz.sig.connectors.Connector;
+import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector;
import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces;
+import at.knowcenter.wag.egov.egiz.sig.connectors.moa.EnvelopingBase64MOAConnector;
import at.knowcenter.wag.egov.egiz.sig.sigid.HotfixIdFormatter;
+import at.knowcenter.wag.egov.egiz.sig.sigkz.SigKZIDHelper;
import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
import at.knowcenter.wag.egov.egiz.tools.DebugHelper;
import at.knowcenter.wag.egov.egiz.tools.FileHelper;
@@ -26,7 +30,7 @@ import at.knowcenter.wag.egov.egiz.tools.FileHelper; * @author wprinz
*
*/
-public class EnvelopedBase64BKUConnector implements Connector
+public class EnvelopedBase64BKUConnector implements Connector, LocalConnector
{
/**
@@ -49,6 +53,10 @@ public class EnvelopedBase64BKUConnector implements Connector * parameters defined in the configuration are used.
* </p>
*
+ * <p>
+ * This is the new "hotfix" base64 connector.
+ * </p>
+ *
* @param profile
* The profile from which the Environment should be assembled.
* @throws ConnectorException
@@ -131,7 +139,6 @@ public class EnvelopedBase64BKUConnector implements Connector }
return id;
}
-
/**
* Prepares the XML content the holds the actual signature data.
@@ -169,7 +176,7 @@ public class EnvelopedBase64BKUConnector implements Connector String verify_xml = verify_template.replaceFirst(TemplateReplaces.CERT_ALG_REPLACE, cert_alg);
// data digest replace
- byte [] data_value = BKUHelper.prepareEnvelopingData(data);
+ byte[] data_value = BKUHelper.prepareEnvelopingData(data);
{
byte[] data_value_hash = CodingHelper.buildDigest(data_value);
String object_data_hash = CodingHelper.encodeBase64(data_value_hash);
@@ -206,21 +213,7 @@ public class EnvelopedBase64BKUConnector implements Connector // Signed Properties hash
{
- final String ETSI_SIGNED_PROPERTIES_START_TAG = "<etsi:SignedProperties"; //$NON-NLS-1$
- final String ETSI_SIGNED_PROPERTIES_END_TAG = "</etsi:SignedProperties>"; //$NON-NLS-1$
-
- final int hash_start = verify_xml.indexOf(ETSI_SIGNED_PROPERTIES_START_TAG);
- assert hash_start >= 0;
- final int hash_end = verify_xml.indexOf(ETSI_SIGNED_PROPERTIES_END_TAG, hash_start) + ETSI_SIGNED_PROPERTIES_END_TAG.length();
- assert hash_end - ETSI_SIGNED_PROPERTIES_END_TAG.length() >= 0;
- assert hash_end > hash_start;
-
- final String string_to_be_hashed = verify_xml.substring(hash_start, hash_end);
- log.debug("etsi:SignedProperties string to be hashed: " + string_to_be_hashed); //$NON-NLS-1$
-
- final byte[] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8"); //$NON-NLS-1$
- byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed);
- String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code);
+ String sig_prop_hash = computeSignedPropertiesReplace(verify_xml);
verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_PROPERTIES_REPLACE, sig_prop_hash);
}
@@ -235,6 +228,34 @@ public class EnvelopedBase64BKUConnector implements Connector }
}
+ protected String computeSignedPropertiesReplace(String verify_xml)
+ {
+ try
+ {
+ final String ETSI_SIGNED_PROPERTIES_START_TAG = "<etsi:SignedProperties"; //$NON-NLS-1$
+ final String ETSI_SIGNED_PROPERTIES_END_TAG = "</etsi:SignedProperties>"; //$NON-NLS-1$
+
+ final int hash_start = verify_xml.indexOf(ETSI_SIGNED_PROPERTIES_START_TAG);
+ assert hash_start >= 0;
+ final int hash_end = verify_xml.indexOf(ETSI_SIGNED_PROPERTIES_END_TAG, hash_start) + ETSI_SIGNED_PROPERTIES_END_TAG.length();
+ assert hash_end - ETSI_SIGNED_PROPERTIES_END_TAG.length() >= 0;
+ assert hash_end > hash_start;
+
+ final String string_to_be_hashed = verify_xml.substring(hash_start, hash_end);
+ log.debug("etsi:SignedProperties string to be hashed: " + string_to_be_hashed); //$NON-NLS-1$
+
+ final byte[] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8"); //$NON-NLS-1$
+ byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed);
+ String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code);
+
+ return sig_prop_hash;
+ }
+ catch (UnsupportedEncodingException e)
+ {
+ throw new RuntimeException("Very Strange: UTF-8 character encoding not supported.", e);
+ }
+ }
+
/**
* Prepares the sign request xml to be sent using the sign request template.
*
@@ -272,32 +293,27 @@ public class EnvelopedBase64BKUConnector implements Connector * @throws ConnectorException
* f.e.
*/
- public String prepareVerifyRequest(SignatureData data,
- SignSignatureObject so) throws ConnectorException
+ public String prepareVerifyRequest(SignatureData data, SignSignatureObject so) throws ConnectorException
{
String verify_request_template = this.environment.getVerifyRequestTemplate();
String xml_content = null;
- // TODO implement MOA
- // if (sigObject.isMOASigned())
- // {
- // MOAConnector moa_conn = new MOAConnector();
- // // get the MOA-template
- // verify_template_str = moa_conn.getVerifyTemplate(normalizedText,
- // sigObject);
- // }
- // else
- // {
- // get the BKU-template
- xml_content = prepareXMLContent(data, so);
- // }
+ if (SigKZIDHelper.isMOASigned(so))
+ {
+ log.debug("The signature is MOA signed -> getting XML content from Base64MOA connector.");
+ EnvelopingBase64MOAConnector moa_conn = new EnvelopingBase64MOAConnector(this.environment.getProfile());
+ xml_content = moa_conn.prepareXMLContent(data, so);
+ }
+ else
+ {
+ xml_content = prepareXMLContent(data, so);
+ }
String verify_request_xml = verify_request_template.replaceFirst(TemplateReplaces.XML_CONTENT_REPLACE, xml_content);
return verify_request_xml;
}
-
/**
* Sends the request to the given URL.
*
@@ -416,6 +432,8 @@ public class EnvelopedBase64BKUConnector implements Connector */
protected static final String RSA_CERT_ALG_KEY = "cert.alg.rsa"; //$NON-NLS-1$
+ protected String profile = null;
+
protected String sign_keybox_identifier = null;
protected String sign_request_template = null;
@@ -442,6 +460,8 @@ public class EnvelopedBase64BKUConnector implements Connector */
public Environment(String profile) throws ConnectorException
{
+ this.profile = profile;
+
SettingsReader settings = null;
try
{
@@ -487,6 +507,11 @@ public class EnvelopedBase64BKUConnector implements Connector }
+ public String getProfile()
+ {
+ return this.profile;
+ }
+
/**
* Returns the sign keybox identifier.
*
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/OldEnvelopingBase64BKUConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/OldEnvelopingBase64BKUConnector.java new file mode 100644 index 0000000..d1fffb1 --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/OldEnvelopingBase64BKUConnector.java @@ -0,0 +1,112 @@ +/**
+ *
+ */
+package at.knowcenter.wag.egov.egiz.sig.connectors.bku;
+
+import java.io.UnsupportedEncodingException;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
+import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
+import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
+import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
+import at.knowcenter.wag.egov.egiz.tools.FileHelper;
+
+/**
+ *
+ * <p>
+ * This is the old base64 connector. The difference is in the way the sign
+ * response is parsed and the verify content_xml.
+ * </p>
+ *
+ * @author wprinz
+ *
+ */
+public class OldEnvelopingBase64BKUConnector extends EnvelopedBase64BKUConnector
+{
+ /**
+ * The log.
+ */
+ private static Log log = LogFactory.getLog(OldEnvelopingBase64BKUConnector.class);
+
+ // TODO implement signing - with old pre 2.7.2 BKUs... not really necessary
+ // though because this connector is only used for verification
+
+ public OldEnvelopingBase64BKUConnector(String profile) throws ConnectorException
+ {
+ super(profile);
+
+ this.environment = new OverriddenEnvironment(profile);
+ }
+
+
+
+ /**
+ * @see at.knowcenter.wag.egov.egiz.sig.connectors.bku.EnvelopedBase64BKUConnector#computeSignedPropertiesReplace(java.lang.String)
+ */
+ protected String computeSignedPropertiesReplace(String verify_xml)
+ {
+ try
+ {
+ final String ETSI_QUALIFYING_PROPERTIES_START_TAG = "<etsi:QualifyingProperties"; //$NON-NLS-1$
+ final String ETSI_QUALIFYING_PROPERTIES_END_TAG = "</etsi:QualifyingProperties>"; //$NON-NLS-1$
+
+ final int hash_start = verify_xml.indexOf(ETSI_QUALIFYING_PROPERTIES_START_TAG);
+ assert hash_start >= 0;
+ final int hash_end = verify_xml.indexOf(ETSI_QUALIFYING_PROPERTIES_END_TAG, hash_start) + ETSI_QUALIFYING_PROPERTIES_END_TAG.length();
+ assert hash_end - ETSI_QUALIFYING_PROPERTIES_END_TAG.length() >= 0;
+ assert hash_end > hash_start;
+
+ final String string_to_be_hashed = verify_xml.substring(hash_start, hash_end);
+ log.debug("etsi:QualifyingProperties string to be hashed: " + string_to_be_hashed); //$NON-NLS-1$
+
+ final byte[] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8"); //$NON-NLS-1$
+ byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed);
+ String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code);
+
+ return sig_prop_hash;
+ }
+ catch (UnsupportedEncodingException e)
+ {
+ throw new RuntimeException("Very Strange: UTF-8 character encoding not supported.", e);
+ }
+ }
+
+
+
+ public static class OverriddenEnvironment extends EnvelopedBase64BKUConnector.Environment
+ {
+
+ /**
+ * The configuration key of the verify template.
+ */
+ protected static final String VERIFY_TEMPLATE_KEY = "bku.verify.template.base64old"; //$NON-NLS-1$
+
+ public OverriddenEnvironment(String profile) throws ConnectorException
+ {
+ super(profile);
+
+ SettingsReader settings = null;
+ try
+ {
+ settings = SettingsReader.getInstance();
+ }
+ catch (SettingsException e)
+ {
+ throw new ConnectorException(300, e);
+ }
+
+ String verify_filename = getConnectorValueFromProfile(settings, profile, VERIFY_TEMPLATE_KEY);
+ this.verify_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_filename));
+ if (this.verify_template == null)
+ {
+ // TODO make this a settings exception
+ throw new ConnectorException(300, "Can not read the verify template"); //$NON-NLS-1$
+ }
+
+ }
+ }
+
+}
|