diff options
| author | knowcenter <knowcenter@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c> | 2007-05-17 15:28:32 +0000 |
|---|---|---|
| committer | knowcenter <knowcenter@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c> | 2007-05-17 15:28:32 +0000 |
| commit | 527484bcc0a65c61d50209849f7b3db34f0128f7 (patch) | |
| tree | 2fa9ddcbf42f0fae9137444f5950de25a1e53b0a /src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa | |
| parent | 0184c140614b99a5037cbd8f969b7512888cd37d (diff) | |
| download | pdf-as-3-527484bcc0a65c61d50209849f7b3db34f0128f7.tar.gz pdf-as-3-527484bcc0a65c61d50209849f7b3db34f0128f7.tar.bz2 pdf-as-3-527484bcc0a65c61d50209849f7b3db34f0128f7.zip | |
web
git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@87 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c
Diffstat (limited to 'src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa')
3 files changed, 320 insertions, 214 deletions
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java index e5278b9..220a3d0 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java @@ -4,21 +4,23 @@ package at.knowcenter.wag.egov.egiz.sig.connectors.moa;
import java.util.Properties;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
+import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
import at.knowcenter.wag.egov.egiz.exceptions.SignatureException;
-import at.knowcenter.wag.egov.egiz.exceptions.WebException;
import at.knowcenter.wag.egov.egiz.sig.SignatureData;
+import at.knowcenter.wag.egov.egiz.sig.SignatureResponse;
+import at.knowcenter.wag.egov.egiz.sig.connectors.Connector;
import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;
+import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedLocRefMOAIdFormatter;
+import at.knowcenter.wag.egov.egiz.tools.DebugHelper;
import at.knowcenter.wag.egov.egiz.tools.FileHelper;
/**
@@ -26,7 +28,7 @@ import at.knowcenter.wag.egov.egiz.tools.FileHelper; *
* @author wprinz
*/
-public class DetachedLocRefMOAConnector
+public class DetachedLocRefMOAConnector implements Connector
{
/**
* The SIG_ID prefix.
@@ -60,31 +62,19 @@ public class DetachedLocRefMOAConnector * @throws SignatureException
* f.e.
*/
- public DetachedLocRefMOAConnector(String profile) throws SignatureException, SettingsException
+ public DetachedLocRefMOAConnector(String profile, String signature_data_url) throws SignatureException, SettingsException
{
- this.environment = new Environment(profile);
+ this.environment = new Environment(profile, signature_data_url);
}
- /**
- * Prepares the sign request xml to be sent using the sign request template.
- *
- * @param data
- * The SignatureData.
- * @return Returns the sign request xml to be sent.
- * @throws SignatureException
- * f.e.
- */
- protected String prepareSignRequest(SignatureData data) throws SignatureException
+ protected String prepareSignRequest(SignatureData data) throws ConnectorException
{
log.debug("prepareSignRequestDetached:"); //$NON-NLS-1$
String sign_request_template = this.environment.getSignRequestTemplate();
String sign_key_identifier = this.environment.getSignKeyIdentifier();
- String loc_ref_content = // "http://wwwx.google.at";
- // this doesn't work - MOA always complains that file system access is
- // forbidden
- "file:///C:/wprinz/Filer/egiz2/test.utf8.txt";
+ String loc_ref_content = this.environment.getSignatureDataUrl();
String mime_type = data.getMimeType();
if (log.isDebugEnabled())
{
@@ -102,16 +92,9 @@ public class DetachedLocRefMOAConnector }
/**
- * Analyzes the sign response xml and extracts the signature data.
- *
- * @param response_properties
- * The response properties containing the response String and
- * transport related information.
- * @return Returns the extracted data encapsulated in a SignatureObject.
- * @throws SignatureException
- * f.e.
+ * @see at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector#analyzeSignResponse(java.util.Properties)
*/
- public SignSignatureObject analyzeSignResponse(Properties response_properties) throws SignatureException
+ public SignSignatureObject analyzeSignResponse(Properties response_properties) throws ConnectorException
{
log.debug("analyzeSignResponse:"); //$NON-NLS-1$
@@ -119,33 +102,26 @@ public class DetachedLocRefMOAConnector BKUHelper.checkResponseForError(response_string);
- // SignSignatureObject so = parseCreateXMLResponse(response_string);
+ SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new DetachedLocRefMOAIdFormatter());
log.debug("analyzeSignResponse finished."); //$NON-NLS-1$
- return null;// so;
+ return so;
}
/**
- * Performs a sign.
- *
- * @param data
- * The data to be signed.
- * @return Returns the signature object containing the signature data.
- * @throws SignatureException
- * f.e.
- * @throws WebException
+ * @see at.knowcenter.wag.egov.egiz.sig.connectors.Connector#doSign(at.knowcenter.wag.egov.egiz.sig.SignatureData)
*/
- public SignSignatureObject doSign(SignatureData data) throws SignatureException, WebException
+ public SignSignatureObject doSign(SignatureData data) throws ConnectorException
{
log.debug("doSign:"); //$NON-NLS-1$
String sign_request_xml = prepareSignRequest(data);
- log.debug("sign_request_xml = " + sign_request_xml); //$NON-NLS-1$
+ DebugHelper.debugStringToFile(sign_request_xml, "MOA_DetLocRef_sign_request.xml"); //$NON-NLS-1$
String url = this.environment.getSignURL();
- Properties response_properties = sendRequest(url, MOASoapConnection.SERVICE_SIGN, sign_request_xml, data);
+ Properties response_properties = sendRequest(url, MOASoapConnection.SERVICE_SIGN, sign_request_xml);
- log.debug("response_string = " + response_properties.getProperty(BKUPostConnection.RESPONSE_STRING_KEY));; //$NON-NLS-1$
+ DebugHelper.debugStringToFile(response_properties.getProperty(BKUPostConnection.RESPONSE_STRING_KEY), "MOA_DetLocRef_sign_response.xml"); //$NON-NLS-1$
SignSignatureObject sso = analyzeSignResponse(response_properties);
// TODO this could be made more generic
@@ -155,8 +131,66 @@ public class DetachedLocRefMOAConnector return sso;
}
+ /**
+ * @see at.knowcenter.wag.egov.egiz.sig.connectors.Connector#doVerify(at.knowcenter.wag.egov.egiz.sig.SignatureData,
+ * at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject)
+ */
+ public SignatureResponse doVerify(SignatureData data, SignSignatureObject so) throws ConnectorException
+ {
+ log.debug("doVerify:"); //$NON-NLS-1$
+
+ String verify_request_xml = prepareVerifyRequest(data, so);
+ log.debug("verify_request_xml = " + verify_request_xml); //$NON-NLS-1$
+
+ String url = this.environment.getVerifyURL();
+ Properties response_properties = sendRequest(url, MOASoapConnection.SERVICE_VERIFY, verify_request_xml);
+
+ // SignatureResponse signature_response =
+ // analyzeVerifyResponse(response_properties);
+
+ log.debug("doVerify finished."); //$NON-NLS-1$
+ return null; // signature_response;
+ }
+
+ /**
+ * Prepares the verify request xml to be sent using the verify request
+ * template.
+ *
+ * @param data
+ * The SignatureData.
+ * @param so
+ * The signature information object.
+ * @return Returns the verify request xml to be sent.
+ * @throws ConnectorException
+ * f.e.
+ */
+ public String prepareVerifyRequest(SignatureData data, SignSignatureObject so) throws ConnectorException
+ {
+ String verify_request_template = this.environment.getVerifyRequestTemplate();
+
+ String xml_content = null;
+ // TODO implement BKU
+ // if (sigObject.isMOASigned())
+ // {
+ // MOAConnector moa_conn = new MOAConnector();
+ // // get the MOA-template
+ // verify_template_str = moa_conn.getVerifyTemplate(normalizedText,
+ // sigObject);
+ // }
+ // else
+ // {
+ // get the BKU-template
+// xml_content = prepareXMLContent(data, so);
+ // }
+
+ String verify_request_xml = verify_request_template.replaceFirst(TemplateReplaces.XML_CONTENT_REPLACE, xml_content);
+ verify_request_xml = verify_request_xml.replaceFirst(TemplateReplaces.TRUST_PROFILE_ID_REPLACE, this.environment.getVerifyTrustProfileId());
+
+ return verify_request_xml;
+ }
+
protected Properties sendRequest(String url, String mode,
- String request_string, SignatureData data) throws SignatureException
+ String request_string) throws ConnectorException
{
try
{
@@ -165,8 +199,7 @@ public class DetachedLocRefMOAConnector }
catch (Exception e)
{
- SignatureException se = new SignatureException(320, e);
- throw se;
+ throw new ConnectorException(320, e);
}
}
@@ -208,6 +241,11 @@ public class DetachedLocRefMOAConnector protected static final String VERIFY_URL_KEY = "moa.verify.url"; //$NON-NLS-1$
/**
+ * The configuration key of the trust profile id.
+ */
+ protected static final String VERIFY_TRUST_PROFILE_ID = "moa.verify.TrustProfileID"; //$NON-NLS-1$
+
+ /**
* The configuration key for the ECDSA cert alg property.
*/
protected static final String ECDSA_CERT_ALG_KEY = "cert.alg.ecdsa"; //$NON-NLS-1$
@@ -217,6 +255,8 @@ public class DetachedLocRefMOAConnector */
protected static final String RSA_CERT_ALG_KEY = "cert.alg.rsa"; //$NON-NLS-1$
+ protected String signature_data_url = null;
+
protected String sign_key_identifier = null;
protected String sign_request_template = null;
@@ -229,6 +269,8 @@ public class DetachedLocRefMOAConnector protected String verify_url = null;
+ protected String verify_trust_profile_id = null;
+
protected String cert_alg_ecdsa = null;
protected String cert_alg_rsa = null;
@@ -240,12 +282,22 @@ public class DetachedLocRefMOAConnector * The configuration profile.
* @throws SettingsException
* f.e.
- * @throws SignatureException
+ * @throws ConnectorException
* f.e.
*/
- public Environment(String profile) throws SettingsException, SignatureException
+ public Environment(String profile, String signature_data_url) throws ConnectorException
{
- SettingsReader settings = SettingsReader.getInstance();
+ this.signature_data_url = signature_data_url;
+
+ SettingsReader settings = null;
+ try
+ {
+ settings = SettingsReader.getInstance();
+ }
+ catch (SettingsException e)
+ {
+ throw new ConnectorException(300, e);
+ }
this.sign_key_identifier = getConnectorValueFromProfile(settings, profile, SIGN_KEY_IDENTIFIER_KEY);
@@ -254,7 +306,7 @@ public class DetachedLocRefMOAConnector if (this.sign_request_template == null)
{
// TODO make this a settings exception
- throw new SignatureException(300, "Can not read the create xml request template"); //$NON-NLS-1$
+ throw new ConnectorException(300, "Can not read the create xml request template"); //$NON-NLS-1$
}
this.sign_url = getConnectorValueFromProfile(settings, profile, SIGN_URL_KEY);
@@ -264,7 +316,7 @@ public class DetachedLocRefMOAConnector if (this.verify_request_template == null)
{
// TODO make this a settings exception
- throw new SignatureException(300, "Can not read the verify xml request template"); //$NON-NLS-1$
+ throw new ConnectorException(300, "Can not read the verify xml request template"); //$NON-NLS-1$
}
String verify_filename = getConnectorValueFromProfile(settings, profile, VERIFY_TEMPLATE_KEY);
@@ -272,11 +324,13 @@ public class DetachedLocRefMOAConnector if (this.verify_template == null)
{
// TODO make this a settings exception
- throw new SignatureException(300, "Can not read the verify template"); //$NON-NLS-1$
+ throw new ConnectorException(300, "Can not read the verify template"); //$NON-NLS-1$
}
this.verify_url = getConnectorValueFromProfile(settings, profile, VERIFY_URL_KEY);
+ this.verify_trust_profile_id = settings.getValueFromKey(VERIFY_TRUST_PROFILE_ID);
+
this.cert_alg_ecdsa = settings.getValueFromKey(ECDSA_CERT_ALG_KEY);
this.cert_alg_rsa = settings.getValueFromKey(RSA_CERT_ALG_KEY);
@@ -284,6 +338,16 @@ public class DetachedLocRefMOAConnector }
/**
+ * Returns the URL where to load the detached data from.
+ *
+ * @return Returns the URL where to load the detached data from.
+ */
+ public String getSignatureDataUrl()
+ {
+ return this.signature_data_url;
+ }
+
+ /**
* Returns the sign key identifier.
*
* @return Returns the sign key identifier.
@@ -344,6 +408,16 @@ public class DetachedLocRefMOAConnector }
/**
+ * Returns the verify trust profile id.
+ *
+ * @return Returns the verify trust profile id.
+ */
+ public String getVerifyTrustProfileId()
+ {
+ return this.verify_trust_profile_id;
+ }
+
+ /**
* Returns the ecdsa cert alg property.
*
* @return Returns the ecdsa cert alg property.
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java index 4e9dd04..f6580af 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java @@ -3,15 +3,8 @@ */
package at.knowcenter.wag.egov.egiz.sig.connectors.moa;
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.UnsupportedEncodingException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Properties;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -20,14 +13,13 @@ import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
import at.knowcenter.wag.egov.egiz.sig.SignatureData;
-import at.knowcenter.wag.egov.egiz.sig.SignatureObject;
import at.knowcenter.wag.egov.egiz.sig.SignatureResponse;
-import at.knowcenter.wag.egov.egiz.sig.X509Cert;
import at.knowcenter.wag.egov.egiz.sig.connectors.Connector;
import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;
+import at.knowcenter.wag.egov.egiz.sig.sigid.OldMOAIdFormatter;
import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
import at.knowcenter.wag.egov.egiz.tools.FileHelper;
@@ -205,7 +197,7 @@ public class EnvelopingBase64MOAConnector implements Connector BKUHelper.checkResponseForError(response_string);
- SignSignatureObject so = parseCreateXMLResponse(response_string);
+ SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new OldMOAIdFormatter());
log.debug("analyzeSignResponse finished."); //$NON-NLS-1$
return so;
@@ -268,8 +260,8 @@ public class EnvelopingBase64MOAConnector implements Connector String verify_xml = verify_template.replaceFirst(TemplateReplaces.CERT_ALG_REPLACE, cert_alg);
// data digest replace
+ byte[] data_value = BKUHelper.prepareEnvelopingData(data);
{
- byte[] data_value = data.getData();
byte[] data_value_hash = CodingHelper.buildDigest(data_value);
String object_data_hash = CodingHelper.encodeBase64(data_value_hash);
@@ -286,7 +278,7 @@ public class EnvelopingBase64MOAConnector implements Connector verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_CERTIFICATE_REPLACE, x509_cert_string);
// Base64 content replace
- String base64 = BKUHelper.prepareBase64Content(data);
+ String base64 = CodingHelper.encodeBase64(data_value);
verify_xml = verify_xml.replaceFirst(TemplateReplaces.BASE64_CONTENT_REPLACE, base64);
// Qualified Properties replaces
@@ -327,156 +319,6 @@ public class EnvelopingBase64MOAConnector implements Connector }
}
-
- /**
- * This method parses the MOA-Response string. It separates the
- * SignatureValue, X509IssuerName, SigningTime, X509SerialNumber,
- * X509Certificate, CertDigest and DigestValues. If the X509Certificate is
- * extracted it would be stored in the certificates directory.
- *
- * @param xmlResponse
- * the response string from the MOA sign-request
- * @throws ConnectorException
- * ErrorCode (303, 304)
- * @see SignatureObject
- * @see CodingHelper
- * @see X509Cert
- */
- public static SignSignatureObject parseCreateXMLResponse(String xmlResponse) throws ConnectorException
- {
- Pattern sig_val_p_s = Pattern.compile("<[\\w]*:?SignatureValue>"); //$NON-NLS-1$
- Pattern sig_val_p_e = Pattern.compile("</[\\w]*:?SignatureValue>"); //$NON-NLS-1$
- Pattern iss_nam_p_s = Pattern.compile("<[\\w]*:?X509IssuerName>"); //$NON-NLS-1$
- Pattern iss_nam_p_e = Pattern.compile("</[\\w]*:?X509IssuerName>"); //$NON-NLS-1$
- Pattern sig_tim_p_s = Pattern.compile("<[\\w]*:?SigningTime>"); //$NON-NLS-1$
- Pattern sig_tim_p_e = Pattern.compile("</[\\w]*:?SigningTime>"); //$NON-NLS-1$
- Pattern ser_num_p_s = Pattern.compile("<[\\w]*:?X509SerialNumber>"); //$NON-NLS-1$
- Pattern ser_num_p_e = Pattern.compile("</[\\w]*:?X509SerialNumber>"); //$NON-NLS-1$
- Pattern sig_cer_p_s = Pattern.compile("<[\\w]*:?X509Certificate>"); //$NON-NLS-1$
- Pattern sig_cer_p_e = Pattern.compile("</[\\w]*:?X509Certificate>"); //$NON-NLS-1$
-
- // Pattern sig_cer_d_p_s = Pattern.compile("<[\\w]*:?CertDigest>");
- // //$NON-NLS-1$
- // Pattern sig_cer_d_p_e = Pattern.compile("</[\\w]*:?CertDigest>");
- // //$NON-NLS-1$
- // Pattern dig_val_p_s = Pattern.compile("<[\\w]*:?DigestValue>");
- // //$NON-NLS-1$
- // Pattern dig_val_p_e = Pattern.compile("</[\\w]*:?DigestValue>");
- // //$NON-NLS-1$
-
- Matcher sig_val_m_s = sig_val_p_s.matcher(xmlResponse);
- Matcher sig_val_m_e = sig_val_p_e.matcher(xmlResponse);
- Matcher iss_nam_m_s = iss_nam_p_s.matcher(xmlResponse);
- Matcher iss_nam_m_e = iss_nam_p_e.matcher(xmlResponse);
- Matcher sig_tim_m_s = sig_tim_p_s.matcher(xmlResponse);
- Matcher sig_tim_m_e = sig_tim_p_e.matcher(xmlResponse);
- Matcher ser_num_m_s = ser_num_p_s.matcher(xmlResponse);
- Matcher ser_num_m_e = ser_num_p_e.matcher(xmlResponse);
- Matcher sig_cer_m_s = sig_cer_p_s.matcher(xmlResponse);
- Matcher sig_cer_m_e = sig_cer_p_e.matcher(xmlResponse);
-
- // Matcher sig_cer_d_m_s = sig_cer_d_p_s.matcher(xmlResponse);
- // Matcher sig_cer_d_m_e = sig_cer_d_p_e.matcher(xmlResponse);
- // Matcher dig_val_m_s = dig_val_p_s.matcher(xmlResponse);
- // Matcher dig_val_m_e = dig_val_p_e.matcher(xmlResponse);
-
- // SignatureValue
- String sig_val = null;
- if (sig_val_m_s.find() && sig_val_m_e.find())
- {
- sig_val = BKUHelper.removeAllWhitespace(xmlResponse.substring(sig_val_m_s.end(), sig_val_m_e.start()));
- }
- log.debug("sig_val = " + sig_val); //$NON-NLS-1$
-
- // X509IssuerName
- String iss_nam = null;
- if (iss_nam_m_s.find() && iss_nam_m_e.find())
- {
- iss_nam = xmlResponse.substring(iss_nam_m_s.end(), iss_nam_m_e.start());
- }
- log.debug("iss_nam = " + iss_nam); //$NON-NLS-1$
-
- // X509SerialNumber
- String ser_num = null;
- if (ser_num_m_s.find() && ser_num_m_e.find())
- {
- ser_num = BKUHelper.removeAllWhitespace(xmlResponse.substring(ser_num_m_s.end(), ser_num_m_e.start()));
- }
- log.debug("ser_num = " + ser_num); //$NON-NLS-1$
-
- // SigningTime
- String sig_tim = null;
- if (sig_tim_m_s.find() && sig_tim_m_e.find())
- {
- sig_tim = xmlResponse.substring(sig_tim_m_s.end(), sig_tim_m_e.start());
- }
- log.debug("sig_tim = " + sig_tim); //$NON-NLS-1$
-
- // CertDigest
- // if (sig_cer_d_m_s.find() && sig_cer_d_m_e.find())
- // {
- // String cert_digest = xmlResponse.substring(sig_cer_d_m_s.end(),
- // sig_cer_d_m_e.start());
- // if (dig_val_m_s.find() && dig_val_m_e.find())
- // {
- // sig_dig = cert_digest.substring(dig_val_m_s.end(), dig_val_m_e.start());
- // //sigObj.setX509CertificateDigest(sig_dig);
- // }
- // }
-
- // X509Certificate
- X509Certificate cert = null;
- if (sig_cer_m_s.find() && sig_cer_m_e.find())
- {
- String sig_cer = BKUHelper.removeAllWhitespace(xmlResponse.substring(sig_cer_m_s.end(), sig_cer_m_e.start()));
-
- try
- {
- byte[] der = CodingHelper.decodeBase64(sig_cer);
- ByteArrayInputStream bais = new ByteArrayInputStream(der);
- CertificateFactory cf = CertificateFactory.getInstance("X.509"); //$NON-NLS-1$
- cert = (X509Certificate) cf.generateCertificate(bais);
- bais.close();
- }
- catch (UnsupportedEncodingException e)
- {
- log.error(e);
- throw new ConnectorException(300, e);
- }
- catch (CertificateException e)
- {
- log.error(e);
- throw new ConnectorException(300, e);
- }
- catch (IOException e)
- {
- log.error(e);
- throw new ConnectorException(300, e);
- }
- }
- log.debug("X509Certificate = " + cert); //$NON-NLS-1$
-
- if (log.isDebugEnabled())
- {
-
- String cert_iss = cert.getIssuerDN().getName();
- log.debug("certificate's issuer = " + cert_iss); //$NON-NLS-1$
- log.debug("response's issuer = " + iss_nam); //$NON-NLS-1$
- log.debug("issuer matches = " + cert_iss.equals(iss_nam)); //$NON-NLS-1$
- log.debug("ser number matches = " + cert.getSerialNumber().toString().equals(ser_num)); //$NON-NLS-1$
- }
-
- SignSignatureObject so = new SignSignatureObject();
- so.date = sig_tim;
- so.issuer = iss_nam;
- so.signatureValue = sig_val;
- so.x509Certificate = cert;
-
- so.id = null;
-
- return so;
- }
-
/**
* Holds environment configuration information like templates.
*
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOAHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOAHelper.java new file mode 100644 index 0000000..e05d55c --- /dev/null +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOAHelper.java @@ -0,0 +1,190 @@ +/**
+ *
+ */
+package at.knowcenter.wag.egov.egiz.sig.connectors.moa;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
+import at.knowcenter.wag.egov.egiz.sig.SignatureObject;
+import at.knowcenter.wag.egov.egiz.sig.X509Cert;
+import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper;
+import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;
+import at.knowcenter.wag.egov.egiz.sig.sigid.IdFormatter;
+import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
+
+/**
+ * @author wprinz
+ *
+ */
+public class MOAHelper
+{
+ /**
+ * The log.
+ */
+ private static Log log = LogFactory.getLog(MOAHelper.class);
+
+ /**
+ * This method parses the MOA-Response string.
+ *
+ * <p>
+ * It separates the SignatureValue, X509IssuerName, SigningTime,
+ * X509SerialNumber, X509Certificate, CertDigest and DigestValues. If the
+ * X509Certificate is extracted it would be stored in the certificates
+ * directory.
+ * </p>
+ *
+ * @param xmlResponse
+ * the response string from the MOA sign-request
+ * @throws ConnectorException
+ * ErrorCode (303, 304)
+ * @see SignatureObject
+ * @see CodingHelper
+ * @see X509Cert
+ */
+ public static SignSignatureObject parseCreateXMLResponse(String xmlResponse, IdFormatter id_formatter) throws ConnectorException
+ {
+ Pattern sig_val_p_s = Pattern.compile("<[\\w]*:?SignatureValue>"); //$NON-NLS-1$
+ Pattern sig_val_p_e = Pattern.compile("</[\\w]*:?SignatureValue>"); //$NON-NLS-1$
+ Pattern iss_nam_p_s = Pattern.compile("<[\\w]*:?X509IssuerName>"); //$NON-NLS-1$
+ Pattern iss_nam_p_e = Pattern.compile("</[\\w]*:?X509IssuerName>"); //$NON-NLS-1$
+ Pattern sig_tim_p_s = Pattern.compile("<[\\w]*:?SigningTime>"); //$NON-NLS-1$
+ Pattern sig_tim_p_e = Pattern.compile("</[\\w]*:?SigningTime>"); //$NON-NLS-1$
+ Pattern ser_num_p_s = Pattern.compile("<[\\w]*:?X509SerialNumber>"); //$NON-NLS-1$
+ Pattern ser_num_p_e = Pattern.compile("</[\\w]*:?X509SerialNumber>"); //$NON-NLS-1$
+ Pattern sig_cer_p_s = Pattern.compile("<[\\w]*:?X509Certificate>"); //$NON-NLS-1$
+ Pattern sig_cer_p_e = Pattern.compile("</[\\w]*:?X509Certificate>"); //$NON-NLS-1$
+
+ // Pattern sig_cer_d_p_s = Pattern.compile("<[\\w]*:?CertDigest>");
+ // //$NON-NLS-1$
+ // Pattern sig_cer_d_p_e = Pattern.compile("</[\\w]*:?CertDigest>");
+ // //$NON-NLS-1$
+ // Pattern dig_val_p_s = Pattern.compile("<[\\w]*:?DigestValue>");
+ // //$NON-NLS-1$
+ // Pattern dig_val_p_e = Pattern.compile("</[\\w]*:?DigestValue>");
+ // //$NON-NLS-1$
+
+ Matcher sig_val_m_s = sig_val_p_s.matcher(xmlResponse);
+ Matcher sig_val_m_e = sig_val_p_e.matcher(xmlResponse);
+ Matcher iss_nam_m_s = iss_nam_p_s.matcher(xmlResponse);
+ Matcher iss_nam_m_e = iss_nam_p_e.matcher(xmlResponse);
+ Matcher sig_tim_m_s = sig_tim_p_s.matcher(xmlResponse);
+ Matcher sig_tim_m_e = sig_tim_p_e.matcher(xmlResponse);
+ Matcher ser_num_m_s = ser_num_p_s.matcher(xmlResponse);
+ Matcher ser_num_m_e = ser_num_p_e.matcher(xmlResponse);
+ Matcher sig_cer_m_s = sig_cer_p_s.matcher(xmlResponse);
+ Matcher sig_cer_m_e = sig_cer_p_e.matcher(xmlResponse);
+
+ // Matcher sig_cer_d_m_s = sig_cer_d_p_s.matcher(xmlResponse);
+ // Matcher sig_cer_d_m_e = sig_cer_d_p_e.matcher(xmlResponse);
+ // Matcher dig_val_m_s = dig_val_p_s.matcher(xmlResponse);
+ // Matcher dig_val_m_e = dig_val_p_e.matcher(xmlResponse);
+
+ // SignatureValue
+ String sig_val = null;
+ if (sig_val_m_s.find() && sig_val_m_e.find())
+ {
+ sig_val = BKUHelper.removeAllWhitespace(xmlResponse.substring(sig_val_m_s.end(), sig_val_m_e.start()));
+ }
+ log.debug("sig_val = " + sig_val); //$NON-NLS-1$
+
+ // X509IssuerName
+ String iss_nam = null;
+ if (iss_nam_m_s.find() && iss_nam_m_e.find())
+ {
+ iss_nam = xmlResponse.substring(iss_nam_m_s.end(), iss_nam_m_e.start());
+ }
+ log.debug("iss_nam = " + iss_nam); //$NON-NLS-1$
+
+ // X509SerialNumber
+ String ser_num = null;
+ if (ser_num_m_s.find() && ser_num_m_e.find())
+ {
+ ser_num = BKUHelper.removeAllWhitespace(xmlResponse.substring(ser_num_m_s.end(), ser_num_m_e.start()));
+ }
+ log.debug("ser_num = " + ser_num); //$NON-NLS-1$
+
+ // SigningTime
+ String sig_tim = null;
+ if (sig_tim_m_s.find() && sig_tim_m_e.find())
+ {
+ sig_tim = xmlResponse.substring(sig_tim_m_s.end(), sig_tim_m_e.start());
+ }
+ log.debug("sig_tim = " + sig_tim); //$NON-NLS-1$
+
+ // CertDigest
+ // if (sig_cer_d_m_s.find() && sig_cer_d_m_e.find())
+ // {
+ // String cert_digest = xmlResponse.substring(sig_cer_d_m_s.end(),
+ // sig_cer_d_m_e.start());
+ // if (dig_val_m_s.find() && dig_val_m_e.find())
+ // {
+ // sig_dig = cert_digest.substring(dig_val_m_s.end(), dig_val_m_e.start());
+ // //sigObj.setX509CertificateDigest(sig_dig);
+ // }
+ // }
+
+ // X509Certificate
+ X509Certificate cert = null;
+ if (sig_cer_m_s.find() && sig_cer_m_e.find())
+ {
+ String sig_cer = BKUHelper.removeAllWhitespace(xmlResponse.substring(sig_cer_m_s.end(), sig_cer_m_e.start()));
+
+ try
+ {
+ byte[] der = CodingHelper.decodeBase64(sig_cer);
+ ByteArrayInputStream bais = new ByteArrayInputStream(der);
+ CertificateFactory cf = CertificateFactory.getInstance("X.509"); //$NON-NLS-1$
+ cert = (X509Certificate) cf.generateCertificate(bais);
+ bais.close();
+ }
+ catch (UnsupportedEncodingException e)
+ {
+ log.error(e);
+ throw new ConnectorException(300, e);
+ }
+ catch (CertificateException e)
+ {
+ log.error(e);
+ throw new ConnectorException(300, e);
+ }
+ catch (IOException e)
+ {
+ log.error(e);
+ throw new ConnectorException(300, e);
+ }
+ }
+ log.debug("X509Certificate = " + cert); //$NON-NLS-1$
+
+ if (log.isDebugEnabled())
+ {
+
+ String cert_iss = cert.getIssuerDN().getName();
+ log.debug("certificate's issuer = " + cert_iss); //$NON-NLS-1$
+ log.debug("response's issuer = " + iss_nam); //$NON-NLS-1$
+ log.debug("issuer matches = " + cert_iss.equals(iss_nam)); //$NON-NLS-1$
+ log.debug("ser number matches = " + cert.getSerialNumber().toString().equals(ser_num)); //$NON-NLS-1$
+ }
+
+ SignSignatureObject so = new SignSignatureObject();
+ so.date = sig_tim;
+ so.issuer = iss_nam;
+ so.signatureValue = sig_val;
+ so.x509Certificate = cert;
+
+ so.id = id_formatter.formatIds(null);
+
+ return so;
+ }
+
+}
|