aboutsummaryrefslogtreecommitdiff
path: root/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java
diff options
context:
space:
mode:
Diffstat (limited to 'pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java')
-rw-r--r--pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java262
1 files changed, 262 insertions, 0 deletions
diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java
new file mode 100644
index 0000000..094880d
--- /dev/null
+++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java
@@ -0,0 +1,262 @@
+/**
+ * <copyright> Copyright 2006 by Know-Center, Graz, Austria </copyright>
+ * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a
+ * joint initiative of the Federal Chancellery Austria and Graz University of
+ * Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.knowcenter.wag.egov.egiz.sig.sigkz;
+
+import java.util.Iterator;
+import java.util.Vector;
+import java.util.regex.Pattern;
+
+import org.apache.commons.lang.ArrayUtils;
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.pdfas.exceptions.ErrorCode;
+import at.knowcenter.wag.egov.egiz.PdfASID;
+import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
+import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
+import at.knowcenter.wag.egov.egiz.exceptions.InvalidIDException;
+import at.knowcenter.wag.egov.egiz.exceptions.SettingNotFoundException;
+import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
+import at.knowcenter.wag.egov.egiz.framework.SignatorFactory;
+import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;
+import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedLocRefMOAIdFormatter;
+import at.knowcenter.wag.egov.egiz.sig.sigid.HotfixIdFormatter;
+
+/**
+ * @author wprinz
+ *
+ */
+public final class SigKZIDHelper
+{
+
+ /**
+ * The Logger.
+ */
+ protected static Log logger = LogFactory.getLog(SigKZIDHelper.class);
+
+ public static boolean isTextual(PdfASID sig_kz)
+ {
+ if (sig_kz == null)
+ {
+ // Old signature -> must be textual.
+
+ return true;
+ }
+
+ // new signauture -> sig_kz decides
+ return sig_kz.getType().equals(SignatorFactory.TYPE_TEXTUAL);
+ }
+
+ public static boolean isBinary(PdfASID sig_kz)
+ {
+ return ! isTextual(sig_kz);
+ }
+
+
+ public static boolean isMOASigned(PdfASID sig_kz, String sig_id)
+ {
+ if (sig_kz == null || sig_kz.getVersion().equals(SignatorFactory.VERSION_1_0_0))
+ {
+ // old signature - if sig_id is null this means MOA
+
+ return sig_id == null;
+ }
+
+ if(sig_id == null)
+ return true;
+
+ // new signature - sig_id decides
+ String [] ids = sig_id.split("@");
+ // dferbas
+ String prefix = (ids[0].split(":"))[0];
+
+
+ if (prefix.equals(DetachedLocRefMOAIdFormatter.SIG_ID_PREFIX))
+ {
+ return true;
+ }
+ return false;
+ }
+
+ public static boolean isMOASigned(SignSignatureObject so)
+ {
+ String sig_kz = so.kz;
+ String sig_id = so.id;
+ PdfASID kz = null;
+ if (sig_kz != null)
+ {
+ try
+ {
+ kz = new PdfASID(sig_kz);
+ }
+ catch (InvalidIDException e)
+ {
+ logger.error(e.getMessage(), e);
+ }
+ }
+
+ return isMOASigned(kz, sig_id);
+ }
+
+ /**
+ * @author tknall
+ */
+ public static boolean isMOCCASigned(SignSignatureObject so) {
+ String sig_id = so.id;
+ if (StringUtils.isEmpty(sig_id)) {
+ return false;
+ }
+ String[] ids = sig_id.split("@");
+ if (ArrayUtils.isEmpty(ids)) {
+ return false;
+ }
+ String algorithmId = parseAlgorithmId(sig_id);
+ if (algorithmId == null) {
+ return false;
+ } else {
+ return algorithmId.startsWith("etsi-moc-1.0") || algorithmId.startsWith("etsi-moc-1.1");
+ }
+ }
+
+ /**
+ * @author tknall
+ */
+ public static String parseAlgorithmId(String algorithmParameter) {
+ if (StringUtils.isEmpty(algorithmParameter)) {
+ return null;
+ }
+ // dferbas
+ String[] ids = algorithmParameter.split("@")[0].split(":");
+ if (ArrayUtils.isEmpty(ids)) {
+ return null;
+ }
+ return ids[0];
+ }
+
+ public static boolean isOldBKU(PdfASID sig_kz, String sig_id) throws ConnectorException
+ {
+ if (sig_kz == null)
+ {
+ return true;
+ }
+
+ if (sig_kz.getVersion().equals(SignatorFactory.VERSION_1_0_0))
+ {
+ if (sig_id == null)
+ {
+ throw new ConnectorException(310, "The SIG_ID is null - so this isn't a BKU at all.");
+ }
+
+ String[] sig_id_parts = sig_id.split("@");
+ if (sig_id_parts.length == 2)
+ {
+ return true;
+ }
+ // dferbas
+ if (sig_id_parts[0].startsWith(HotfixIdFormatter.SIG_ID_PREFIX))
+ {
+
+ return false;
+ }
+
+ throw new ConnectorException(310, "The SIG_KZ version is 1.0.0, but SIG_ID is neither MOA nor Old base64 nor Hotfix base64 ???'");
+ }
+
+ return false;
+ }
+
+ public static boolean isOldBKU(SignSignatureObject so) throws ConnectorException
+ {
+ String sig_kz = so.kz;
+ String sig_id = so.id;
+ PdfASID kz = null;
+ if (sig_kz != null)
+ {
+ try
+ {
+ kz = new PdfASID(sig_kz);
+ }
+ catch (InvalidIDException e)
+ {
+ logger.error(e.getMessage(), e);
+ }
+ }
+
+ return isOldBKU(kz, sig_id);
+ }
+
+ public static String getAlgorithmId(String bkuIdentifier) throws SettingsException, SettingNotFoundException, ConnectorException {
+ SettingsReader sr = SettingsReader.getInstance();
+
+ String base = "signaturelayout.pattern";
+ Vector v = sr.getSettingKeys(base);
+
+ Iterator it = v.iterator();
+ while (it.hasNext()) {
+ String subKey = (String) it.next();
+ String key = base + "." + subKey;
+ String value = sr.getSetting(key);
+ Pattern p = Pattern.compile(value);
+ if (p.matcher(bkuIdentifier).matches()) {
+ String algKey = "signaturelayout.algorithm.id." + subKey;
+ String algValue = sr.getSetting(algKey);
+ return algValue;
+ }
+ }
+
+ if ("true".equalsIgnoreCase(sr.getSetting("signaturelayout.strict", "false"))) {
+ logger.debug("Enforcing bku support check.");
+ throw new ConnectorException(ErrorCode.BKU_NOT_SUPPORTED, "Unsupported BKU: " + bkuIdentifier);
+ } else {
+ logger.debug("bku support check disabled.");
+ return null;
+ }
+
+ }
+
+ public static boolean isATrustSigned(SignSignatureObject so) {
+ String sig_id = so.id;
+ if (sig_id == null && StringUtils.isEmpty(sig_id)) {
+ return false;
+ }
+ return sig_id.startsWith("etsi-bka-atrust-1.0");
+ }
+
+ /**
+ * Checks if signed with a known BKU method/param
+ * @param so
+ * @return
+ */
+ public static boolean isBKUSigned(SignSignatureObject so) throws ConnectorException {
+ if (isOldBKU(so)) return true;
+
+ if (so.id.startsWith("etsi-bka-1.0")) {
+ return true;
+ }
+
+ return false;
+ }
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-30 07:48:28 +0000