aboutsummaryrefslogtreecommitdiff
path: root/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/BKUConnector.java
diff options
context:
space:
mode:
Diffstat (limited to 'pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/BKUConnector.java')
-rw-r--r--pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/BKUConnector.java81
1 files changed, 45 insertions, 36 deletions
diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/BKUConnector.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/BKUConnector.java
index c3b6421..e4d78c3 100644
--- a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/BKUConnector.java
+++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/BKUConnector.java
@@ -49,9 +49,9 @@ import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
/**
* Connector for communicating with BKU.
- *
+ *
* @deprecated use the new connectors.
- *
+ *
* @author wlackner
* @author wprinz
*/
@@ -59,7 +59,7 @@ public class BKUConnector implements LocalConnector
{
/**
* ConnectorInformation that identifies this Connector to the system.
- *
+ *
* @see at.knowcenter.wag.egov.egiz.sig.ConnectorFactory
* @see ConnectorInformation
*/
@@ -85,7 +85,7 @@ public class BKUConnector implements LocalConnector
/**
* load the inital signature settings
- *
+ *
* @see SettingsReader
*/
public void loadSettings() throws SignatureException
@@ -111,7 +111,7 @@ public class BKUConnector implements LocalConnector
* SignatureObject is filled out by the parsed BKU-Response. <br>
* If an error request is send back from BKU, an error message is generated an
* an exception is thrown.
- *
+ *
* @param sigType
* the type of the SignatureObject that should be returned
* @param userName
@@ -137,7 +137,7 @@ public class BKUConnector implements LocalConnector
* This method generates the BKU verify prozess. It checks if the given
* SignatureObject is signed by MOA or BKU. The verify template string is
* filled out by the corresponding method.
- *
+ *
* @param normalizedText
* the normalized text to verify
* @param sigObject
@@ -163,7 +163,7 @@ public class BKUConnector implements LocalConnector
* X509Certificate, CertDigest, DigestValue and the signation id-s. If the
* X509Certificate is extracted it would be stored in the certificates
* directory.
- *
+ *
* @param xmlResponse
* the response string from the BKU sign-request
* @param sigObj
@@ -177,7 +177,7 @@ public class BKUConnector implements LocalConnector
private void parseCreateXMLResponse(Properties response_properties, SignatureObject sigObj) throws SignatureException
{
String xmlResponse = response_properties.getProperty("response_string");
-
+
Pattern sig_val_p_s = Pattern.compile("<[\\w]*:?SignatureValue>");
Pattern sig_val_p_e = Pattern.compile("</[\\w]*:?SignatureValue>");
Pattern iss_nam_p_s = Pattern.compile("<[\\w]*:?X509IssuerName>");
@@ -280,7 +280,7 @@ public class BKUConnector implements LocalConnector
ids[2] = extractId(xmlResponse, "signed-data-object-");
ids[3] = extractId(xmlResponse, "etsi-data-reference-");
ids[4] = extractId(xmlResponse, "etsi-data-object-");
-
+
//TODO hotfix - already deprecated
String final_ids =SignatureObject.formatSigIds(response_properties, ids);
//sigObj.setSignationIDs(ids);
@@ -289,7 +289,7 @@ public class BKUConnector implements LocalConnector
/**
* This emthod extracts id-values from a text. The id is given by the name.
- *
+ *
* @param text
* the id-value that should extract from
* @param name
@@ -301,13 +301,13 @@ public class BKUConnector implements LocalConnector
String id = null;
int start_idx = text.indexOf(name) + name.length();
int end_idx = text.indexOf("\"", start_idx);
-
+
// TODO hotfix! - already deprecated
- final int quot_end_idx = end_idx;
+ final int quot_end_idx = end_idx;
final int squot_end_idx = text.indexOf("'", start_idx);
end_idx = Math.min(quot_end_idx, squot_end_idx);
// TODO hotfix end! - already deprecated
-
+
id = text.substring(start_idx, end_idx);
if (logger_.isDebugEnabled())
{
@@ -319,7 +319,7 @@ public class BKUConnector implements LocalConnector
/**
* This method reads the verify template from the file system and fills out
* the template with the SignatureObject values.
- *
+ *
* @param normalizedText
* the normalized text to veryfied
* @param sigObject
@@ -362,7 +362,7 @@ public class BKUConnector implements LocalConnector
verify_template = getConnectorValueFromProfile(sigObject.getSignationType(), "bku.verify.template2"); //"./templates/BKUVerifyTemplateB64_neueBKU.xml";
sig_prop_filename = getConnectorValueFromProfile(sigObject.getSignationType(), "bku.verify.template2.SP"); //"./templates/BKUVerifyTemplateSP_neueBKU.xml";
}
-
+
//String ver_temp_str = FileHelper.readFromFile(SettingsReader.relocateFile(verify_template));
String ver_temp_str = this.settings_.readInternalResourceAsString(verify_template);
@@ -388,13 +388,18 @@ public class BKUConnector implements LocalConnector
}
sig_prop_str = sig_prop_str.replaceFirst("SigningTimeReplace", sigObject.getSignationDate());
-
+
String issuer_name = sigObject.getSignationIssuer();
// The issuer is already unicode, so it mustn't be encoded again.
//byte[] issuer_name = CodingHelper.encodeUTF8(sigObject.getSignationIssuer());
// new String(issuer_name); // this would double encode the String, not to mention the missing encoding
- sig_prop_str = sig_prop_str.replaceFirst("X509IssuerNameReplace", issuer_name);
-
+
+ // fixed by dti: Issuer names may contain escapted commas ("\,"). As far as replaceFirst (and replaceAll)
+ // methods are regarded, backslashes in the replacement string may cause the results to be different than
+ // if it were being treated as a literal replacement string.
+// sig_prop_str = sig_prop_str.replaceFirst("X509IssuerNameReplace", issuer_name);
+ sig_prop_str = sig_prop_str.replace("X509IssuerNameReplace", issuer_name);
+
sig_prop_str = sig_prop_str.replaceFirst("X509SerialNumberReplace", sigObject.getSignationSerialNumber());
sig_prop_str = sig_prop_str.replaceFirst("DigestValueX509CertificateReplace", sigObject.getX509CertificateDigest());
sig_prop_str = sig_prop_str.replaceFirst("SigIdReplace", ids[0]);
@@ -403,30 +408,30 @@ public class BKUConnector implements LocalConnector
ver_temp_str = ver_temp_str.replaceFirst("CertAlgReplace", cert_alg);
ver_temp_str = ver_temp_str.replaceFirst("TemplateQualifyingPropertiesReplace", sig_prop_str);
byte[] sig_prop_code = CodingHelper.buildDigest(sig_prop_str.getBytes("UTF-8"), "sha1");
-
+
// TODO hotfix - already deprecated
if (neue_bku)
{
final String ETSI_SIGNED_PROPERTIES_START_TAG = "<etsi:SignedProperties"; // xml name spaces follow, so this is not a complete tag...
final String ETSI_SIGNED_PROPERTIES_END_TAG = "</etsi:SignedProperties>";
-
+
final int hash_start = sig_prop_str.indexOf(ETSI_SIGNED_PROPERTIES_START_TAG);
assert hash_start >= 0;
final int hash_end = sig_prop_str.indexOf(ETSI_SIGNED_PROPERTIES_END_TAG, hash_start) + ETSI_SIGNED_PROPERTIES_END_TAG.length();
assert hash_end - ETSI_SIGNED_PROPERTIES_END_TAG.length() >= 0;
assert hash_end > hash_start;
-
+
final String string_to_be_hashed = sig_prop_str.substring(hash_start, hash_end);
logger_.debug("etsi:SignedProperties string to be hashed: " + string_to_be_hashed);
-
+
logger_.debug("\n--------------------- ETSI properties string to be hashed: start ---------------------");
logger_.debug(string_to_be_hashed);
logger_.debug("\n--------------------- ETSI properties string to be hashed: stop ---------------------");
-
+
final byte [] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8");
sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed, "sha1");
}
-
+
String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code);
ver_temp_str = ver_temp_str.replaceFirst("DigestValueSignedPropertiesReplace", sig_prop_hash);
if (logger_.isDebugEnabled())
@@ -453,7 +458,7 @@ public class BKUConnector implements LocalConnector
//String raw_b64 = CodingHelper.encodeUTF8AsBase64(normalizedText);
String raw_b64 = CodingHelper.encodeBase64(data_value);
-
+
ver_temp_str = ver_temp_str.replaceFirst("Base64ContentReplace", raw_b64);
ver_temp_str = ver_temp_str.replaceFirst("DigestValueSignedDataReplace", object_data_hash);
@@ -479,7 +484,7 @@ public class BKUConnector implements LocalConnector
* This method parses the verify response string and return a
* SignatureResponse object. The SignatureResponse object is filled out by the
* response values from the BKU-response.
- *
+ *
* @param xmlResponse
* the response values from the BKU-verify request
* @return SignatureResponse object
@@ -621,8 +626,8 @@ public class BKUConnector implements LocalConnector
return sig_res;
}
-
-
+
+
public String prepareSignRequest(String userName, String signText,
String signType) throws SignatureException
@@ -636,7 +641,7 @@ public class BKUConnector implements LocalConnector
//String sign_req_str = FileHelper.readFromFile(SettingsReader.relocateFile(sign_request_filename));
String sign_req_str = this.settings_.readInternalResourceAsString(sign_request_filename);
- //this.verify_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_request_filename));
+ //this.verify_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_request_filename));
if (logger_.isDebugEnabled())
{
//logger_.debug(sign_request_filename + "_signText.xml :" + signText);
@@ -660,7 +665,7 @@ public class BKUConnector implements LocalConnector
SignatureObject sigObject) throws SignatureException
{
String verify_request = getVerifyRequestTemplateFileName(sigObject.getSignationType());
-
+
//String verify_req_str = FileHelper.readFromFile(SettingsReader.relocateFile(verify_request));
String verify_req_str = this.settings_.readInternalResourceAsString(verify_request);
@@ -681,7 +686,11 @@ public class BKUConnector implements LocalConnector
// get the BKU-template
verify_template_str = getVerifyTemplate(normalizedText, sigObject);
}
- verify_req_str = verify_req_str.replaceFirst("XMLContentReplace", verify_template_str);
+ // fixed by dti: Issuer names may contain escapted commas ("\,"). As far as replaceFirst (and replaceAll)
+ // methods are regarded, backslashes in the replacement string may cause the results to be different than
+ // if it were being treated as a literal replacement string.
+// verify_req_str = verify_req_str.replaceFirst("XMLContentReplace", verify_template_str);
+ verify_req_str = verify_req_str.replace("XMLContentReplace", verify_template_str);
if (logger_.isDebugEnabled())
{
logger_.debug("verify_req_str.xml : " + verify_req_str);
@@ -692,7 +701,7 @@ public class BKUConnector implements LocalConnector
/**
* Sends the request to the given URL.
- *
+ *
* @param url
* The URL.
* @param request_string
@@ -722,7 +731,7 @@ public class BKUConnector implements LocalConnector
// TODO hotfix - already deprecated
String response_string = response_properties.getProperty("response_string");
-
+
SignatureObject sig_obj = new SignatureObject();
sig_obj.setRawSignatureResponse(response_string);
try
@@ -783,7 +792,7 @@ public class BKUConnector implements LocalConnector
public SignatureResponse analyzeVerifyResponse(Properties response_properties) throws SignatureException
{
String response_string = response_properties.getProperty("response_string");
-
+
if (!response_string.equals(""))
{
Pattern erc_p_s = Pattern.compile("<[\\w]*:?ErrorCode>");
@@ -880,13 +889,13 @@ public class BKUConnector implements LocalConnector
/**
* Returns the type of this BKU-like connector.
- *
+ *
* <p>
* All settings keys will be prefixed by this type. So to reuse the BKU
* connector, a deriving class has to implement this method specifying an own
* type.
* </p>
- *
+ *
* @return Returns the type of this BKU-like connector.
*/
protected String getType()
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-07 02:19:17 +0000