1 files changed, 230 insertions, 0 deletions

diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/algorithmSuite/AlgorithmSuiteUtil.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/algorithmSuite/AlgorithmSuiteUtil.java
new file mode 100644
index 0000000..eba63c7
--- /dev/null
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/algorithmSuite/AlgorithmSuiteUtil.java
@@ -0,0 +1,230 @@
+/**

+ * <copyright> Copyright 2006 by Know-Center, Graz, Austria </copyright>

+ * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a

+ * joint initiative of the Federal Chancellery Austria and Graz University of

+ * Technology.

+ *

+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by

+ * the European Commission - subsequent versions of the EUPL (the "Licence");

+ * You may not use this work except in compliance with the Licence.

+ * You may obtain a copy of the Licence at:

+ * http://www.osor.eu/eupl/

+ *

+ * Unless required by applicable law or agreed to in writing, software

+ * distributed under the Licence is distributed on an "AS IS" basis,

+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+ * See the Licence for the specific language governing permissions and

+ * limitations under the Licence.

+ *

+ * This product combines work with different licenses. See the "NOTICE" text

+ * file for details on the various modules and licenses.

+ * The "NOTICE" text file is part of the distribution. Any derivative works

+ * that you distribute must include a readable copy of the "NOTICE" text file.

+ */

+package at.gv.egiz.pdfas.algorithmSuite;

+

+import java.security.cert.X509Certificate;

+import java.util.ArrayList;

+import java.util.Iterator;

+import java.util.List;

+import java.util.regex.Matcher;

+import java.util.regex.Pattern;

+

+import org.apache.commons.logging.Log;

+import org.apache.commons.logging.LogFactory;

+

+import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment;

+import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces;

+import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;

+

+/**

+ * Utility class for handling dynamic algorithm suites

+ * 

+ * @author dferbas

+ * 

+ */

+public class AlgorithmSuiteUtil {

+   private static Log log = LogFactory.getLog(AlgorithmSuiteUtil.class);

+   

+   /**

+    * Creates new verify_xml, evaluates algorithm suite and replaces methods in verify_xml

+    * 

+    * @param algSuite <code>out-param</code> empty algorithm suite object

+    * @param environment connector environment to load verify template

+    * @param so signsignator object

+    * @return verify xml

+    */

+   public static String evaluateReplaceAlgs(AlgorithmSuiteObject algSuite, ConnectorEnvironment environment, SignSignatureObject so) {

+

+      String verify_template = environment.getVerifyTemplate();

+

+      String cert_alg = null;

+      String verify_xml = null;

+      X509Certificate cert = so.getX509Certificate();

+      String ids_string = so.getSigID();

+

+      //AlgorithmSuiteObject algSuite = new AlgorithmSuiteObject(ids_string);

+      algSuite.parseFrom(ids_string, true);

+      // 1. is specified in sig_id

+      if (algSuite.isSpecified()) {

+         log.debug("Algorithm suite defined as parameter. Using new dynamic template replacement.");

+         cert_alg = AlgorithmMapper.getUri(algSuite.getSignatureMethod());         

+         

+      // 2. is specified in /alg replace -> baik

+      } else if (so.getSigAlgorithm() != null && so.getSigAlgorithm().length() > 0) {

+         String algAbbr = AlgorithmMapper.getAbbreviation(so.getSigAlgorithm());

+         algSuite.parseFrom(algAbbr, false);

+         

+         if (algSuite.isSpecified()) {

+            log.debug("Algorithm /alg available. Using: " + so.getSigAlgorithm());

+            cert_alg = AlgorithmMapper.getUri(algSuite.getSignatureMethod());

+//            algSuite.setCertDigestMethod("sha1");

+            //algSuite.setPropertiesDigestMethod("sha1");

+         }

+      }

+

+      // 3. default

+      if (cert_alg == null) {

+         log.debug("NO algorithm suite defined. Using default old static algorithm.");

+   

+         cert_alg = environment.getCertAlgEcdsa();

+         if (cert.getPublicKey().getAlgorithm().indexOf("RSA") >= 0) //$NON-NLS-1$

+         {

+            cert_alg = environment.getCertAlgRsa();

+         }

+   

+         // fix digest methods to sha1 for old algorithm

+         String oldDigest = "sha1";

+         algSuite.setCertDigestMethod(oldDigest);

+         algSuite.setDataDigestMethod(oldDigest);

+         algSuite.setPropertiesDigestMethod(oldDigest);

+   

+      }

+   

+      // cert alg replace

+      verify_xml = verify_template.replaceFirst(TemplateReplaces.CERT_ALG_REPLACE, cert_alg);

+   

+      // digest method replaces

+      verify_xml = verify_xml.replaceFirst(TemplateReplaces.DATA_DIGEST_REPLACE,

+            AlgorithmMapper.getUri(algSuite.getDataDigestMethod()));

+      verify_xml = verify_xml.replaceFirst(TemplateReplaces.PROPERTIES_DIGEST_REPLACE,

+            AlgorithmMapper.getUri(algSuite.getPropertiesDigestMethod()));

+      verify_xml = verify_xml.replaceFirst(TemplateReplaces.CERT_DIGEST_REPLACE,

+            AlgorithmMapper.getUri(algSuite.getCertDigestMethod()));

+      return verify_xml;

+   }

+   

+

+   /**

+    * Extract algorithm suite as optimized string from <code>CreateXMLSignatureResponse<code>

+    * 

+    * @param xmlResponse

+    * @return algorith suite string

+    */

+   public static String extractAlgorithmSuiteString(String xmlResponse) {

+

+      String elem = findFirstElement(xmlResponse, "SignatureMethod");

+

+      String alg = findAttributeValue(elem, "Algorithm");

+

+      List digAlgs = findAllAttributeValues(xmlResponse, "DigestMethod", "Algorithm");

+

+      digAlgs.add(0, AlgorithmMapper.getHashUriFromSuite(alg));

+

+      reduceDigestAlgs(digAlgs);

+

+      digAlgs.remove(0);

+

+      return createSigDevString(alg, digAlgs);

+

+   }

+

+   public static boolean isDefaultCertAlg(String algsString, String defaultCertAlg) {

+      return AlgorithmMapper.getAbbreviation(defaultCertAlg).equals(algsString);

+   }

+

+   private static String createSigDevString(String suite, List digAlgs) {

+      StringBuffer sb = new StringBuffer(AlgorithmMapper.getAbbreviation(suite));

+      for (Iterator iterator = digAlgs.iterator(); iterator.hasNext();) {

+         String dig = (String) iterator.next();

+         sb.append(":").append(AlgorithmMapper.getAbbreviation(dig));

+      }

+      return sb.toString();

+   }

+

+   private static String findAttributeValue(String elemContent, String attrName) {

+

+      String sig_alg = removeAllWhitespace(elemContent);

+

+      attrName += "=\"";

+      int start = sig_alg.indexOf(attrName) + attrName.length();

+      int end = sig_alg.indexOf("\"", start);

+      return sig_alg.substring(start, end);

+

+   }

+

+   private static String findFirstElement(String xml, String elemName) {

+      Pattern p = Pattern.compile("<[\\w]*:?" + elemName);

+      Matcher m = p.matcher(xml);

+      if (m.find()) {

+         int start = m.start();

+         int end = xml.indexOf("/>", start) + 2;

+         return xml.substring(start, end);

+      }

+      return null;

+   }

+

+   private static List findElements(String xml, String elemName) {

+      Pattern p = Pattern.compile("<[\\w]*:?" + elemName);

+      Matcher m = p.matcher(xml);

+      ArrayList res = new ArrayList();

+      while (m.find()) {

+         int start = m.start();

+         int end = xml.indexOf("/>", start) + 2;

+         res.add(xml.substring(start, end));

+      }

+      return res;

+   }

+

+   private static String findAttributeValue(String xmlContent, String elemName, String attrName) {

+      String elemCont = findFirstElement(xmlContent, elemName);

+      return findAttributeValue(elemCont, attrName);

+   }

+

+   private static List findAllAttributeValues(String xmlContent, String elemName, String attrName) {

+      List elemConts = findElements(xmlContent, elemName);

+      ArrayList res = new ArrayList();

+      for (int i = 0; i < elemConts.size(); i++) {

+         res.add(findAttributeValue((String) elemConts.get(i), attrName));

+      }

+      return res;

+   }

+

+   /**

+    * Helper method to remove whitespaces from a string

+    * @param str

+    * @return

+    */

+   public static String removeAllWhitespace(String str) {

+      return str.replaceAll("\\s", ""); //$NON-NLS-1$ //$NON-NLS-2$

+   }

+

+   private static void reduceDigestAlgs(List digestAlgs) {

+      if (digestAlgs == null)

+         return;

+      reduceDigestAlgsRec(digestAlgs, digestAlgs.size() - 1);

+   }

+

+   private static void reduceDigestAlgsRec(List digestAlgs, int act) {

+      if (act <= 0)

+         return;

+      else if (digestAlgs.get(act - 1).equals(digestAlgs.get(act))) {

+         // reduce

+         digestAlgs.remove(act);

+         reduceDigestAlgsRec(digestAlgs, act - 1);

+      } else {

+         return;

+      }

+   }

+

+}