aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors')
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java71
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java11
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java44
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java9
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java8
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java8
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java23
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java61
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java19
9 files changed, 164 insertions, 90 deletions
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java
index af155a1..43c9649 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUHelper.java
@@ -9,14 +9,18 @@ import java.security.cert.X509Certificate;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Date;
+import java.util.Properties;
import java.util.TimeZone;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+import javax.servlet.http.HttpServletRequest;
+
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import at.gv.egiz.pdfas.api.commons.Constants;
import at.gv.egiz.pdfas.exceptions.external.ExternalErrorException;
import at.gv.egiz.pdfas.impl.input.helper.DataSourceHelper;
import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
@@ -582,4 +586,71 @@ public final class BKUHelper
};
return dateTimeElement;
}
+
+ public static String getBKUIdentifier(Properties parsedResponseProperties) {
+
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
+ String bkuServerHeader = parsedResponseProperties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY);
+
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
+ String bkuUserAgentHeader = parsedResponseProperties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY);
+
+ String bkuSignatureLayout = parsedResponseProperties.getProperty(BKUPostConnection.BKU_SIGNATURE_LAYOUT_HEADER_KEY);
+
+ log.debug("BKU response header \"user-agent\": " + bkuUserAgentHeader);
+ log.debug("BKU response header \"server\": " + bkuServerHeader);
+ log.trace("BKU response header \"" + Constants.BKU_HEADER_SIGNATURE_LAYOUT + "\": " + bkuSignatureLayout);
+
+ String result = null;
+
+ if (bkuServerHeader != null) {
+ result = bkuServerHeader;
+ } else if (bkuUserAgentHeader != null) {
+ result = bkuUserAgentHeader;
+ } else {
+ log.warn("Unable to find any BKU identifier (neither header value \"user-agent\" nor \"server\".)");
+ }
+
+ if (bkuSignatureLayout != null && result != null) {
+ log.info("BKU response header \"" + Constants.BKU_HEADER_SIGNATURE_LAYOUT + "\" found.");
+ String signatureLayoutData = " " + Constants.BKU_HEADER_SIGNATURE_LAYOUT + "/" + bkuSignatureLayout;
+ if (!result.endsWith(signatureLayoutData)) {
+ log.debug("Appending signature layout value \"" + bkuSignatureLayout + "\" to bku identifier.");
+ result += signatureLayoutData;
+ } else {
+ log.debug("Signature layout already encoded in server/user-agent header.");
+ }
+ }
+
+ if (result != null) {
+ log.debug("Returning BKU identifier \"" + result + "\"");
+ } else {
+ log.debug("Returning null BKU identifier.");
+ }
+
+ return result;
+ }
+
+ public static String getBKUIdentifier(HttpServletRequest request) {
+ return getBKUIdentifier(getBKUProperties(request));
+ }
+
+ public static Properties getBKUProperties(HttpServletRequest request) {
+ Properties props = new Properties();
+ String server = request.getHeader("server");
+ String userAgent = request.getHeader("user-agent");
+ String signatureLayout = request.getHeader(Constants.BKU_HEADER_SIGNATURE_LAYOUT);
+ if (server != null) {
+ props.setProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY, server);
+ }
+ if (userAgent != null) {
+ props.setProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY, userAgent);
+ }
+ if (signatureLayout != null) {
+ props.setProperty(BKUPostConnection.BKU_SIGNATURE_LAYOUT_HEADER_KEY, signatureLayout);
+ }
+ return props;
+ }
+
+
}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java
index b582715..d2cffe8 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/BKUPostConnection.java
@@ -20,6 +20,7 @@ import org.apache.commons.httpclient.params.HttpMethodParams;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import at.gv.egiz.pdfas.api.commons.Constants;
import at.knowcenter.wag.egov.egiz.sig.SignatureData;
/**
@@ -39,6 +40,11 @@ public final class BKUPostConnection
* The response Properties key that identifies the BKU Server header.
*/
public static final String BKU_SERVER_HEADER_KEY = "BKU-Server-Header"; //$NON-NLS-1$
+
+ /**
+ * The response property that declares the signature layout being applied.
+ */
+ public static final String BKU_SIGNATURE_LAYOUT_HEADER_KEY = "BKU-Signature-Layout"; //$NON-NLS-1$
/**
* The response Properties key that identifies the BKU User-Agent header.
@@ -130,6 +136,11 @@ public final class BKUPostConnection
log.warn("BKU response header \"Server\" is empty.");
}
+ Header signatureLayoutHeader = post_method.getResponseHeader(Constants.BKU_HEADER_SIGNATURE_LAYOUT); //$NON-NLS-1$
+ if (signatureLayoutHeader != null) {
+ response_properties.setProperty(BKU_SIGNATURE_LAYOUT_HEADER_KEY, signatureLayoutHeader.getValue());
+ }
+
log.debug(post_method.getResponseCharSet());
if (!post_method.getResponseCharSet().equals("UTF-8")) //$NON-NLS-1$
{
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java
index 5164771..100f054 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java
@@ -21,10 +21,10 @@ import at.knowcenter.wag.egov.egiz.sig.connectors.Connector;
import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector;
import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces;
import at.knowcenter.wag.egov.egiz.sig.connectors.moa.DetachedLocRefMOAConnector;
-import at.knowcenter.wag.egov.egiz.sig.connectors.mocca.MOCCAHelper;
-import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedIdFormatter;
-import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedMOCIdFormatter;
+import at.knowcenter.wag.egov.egiz.sig.connectors.mocca.LocRefDetachedMOCCAConnector;
import at.knowcenter.wag.egov.egiz.sig.sigkz.SigKZIDHelper;
+import at.knowcenter.wag.egov.egiz.sig.signaturelayout.SignatureLayoutHandler;
+import at.knowcenter.wag.egov.egiz.sig.signaturelayout.SignatureLayoutHandlerFactory;
import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
import at.knowcenter.wag.egov.egiz.tools.FileHelper;
@@ -125,24 +125,20 @@ public class DetachedBKUConnector implements Connector, LocalConnector
log.debug("analyzeSignResponse:"); //$NON-NLS-1$
String response_string = response_properties.getProperty(BKUPostConnection.RESPONSE_STRING_KEY);
- String bkuServerHeader = response_properties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY);
- String bkuUserAgentHeader = response_properties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY);
BKUHelper.checkResponseForError(response_string);
- // TODO[tknall] Parse server type and version in order to prevent unsupported cces from signing pdfs
- // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
- log.debug("BKU response header \"user-agent\" header: " + bkuUserAgentHeader);
- // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
- log.debug("BKU response header \"server\" header: " + bkuServerHeader);
+ String bkuIdentifier = BKUHelper.getBKUIdentifier(response_properties);
+ log.debug("BKU identifier: \"" + bkuIdentifier + "\"");
- SignSignatureObject so;
- if (MOCCAHelper.isMOCCACCEId(bkuServerHeader == null ? bkuUserAgentHeader : bkuServerHeader)) {
- log.debug("Evaluating response as MOCCA response.");
- so = MOCCAHelper.parseCreateXMLResponse(response_string, new DetachedMOCIdFormatter());
- } else {
- so = BKUHelper.parseCreateXMLResponse(response_string, new DetachedIdFormatter());
+ SignatureLayoutHandler sigLayout;
+ try {
+ sigLayout = SignatureLayoutHandlerFactory.getSignatureLayoutHandlerInstance(bkuIdentifier);
+ } catch (SettingsException e) {
+ throw new ConnectorException(e.getErrorCode(), e.getMessage());
}
+
+ SignSignatureObject so = sigLayout.parseCreateXMLSignatureResponse(response_string);
so.response_properties = response_properties;
@@ -322,17 +318,29 @@ public class DetachedBKUConnector implements Connector, LocalConnector
String verify_request_template = this.environment.getVerifyRequestTemplate();
String xml_content = null;
+
+ // MOA
if (SigKZIDHelper.isMOASigned(so))
{
log.debug("The signature is MOA signed -> getting XML content from DetachedLocRefMOA connector.");
DetachedLocRefMOAConnector moa_conn = new DetachedLocRefMOAConnector(this.environment.getProfile(), "loc ref not needed here");
xml_content = moa_conn.prepareXMLContent(data, so);
- }
+
+ // MOCCA
+ } else if (SigKZIDHelper.isMOCCASigned(so)) {
+ log.debug("MOCCA signature detected.");
+ String algorithmId = SigKZIDHelper.parseAlgorithmId(so.id);
+ log.debug("Algorithm = " + algorithmId);
+ LocRefDetachedMOCCAConnector mocca_connector = new LocRefDetachedMOCCAConnector(this.params, "not needed here", algorithmId);
+ xml_content = mocca_connector.prepareXMLContent(data, so);
+ }
+ // TD
else
{
+ log.debug("TD signature signature detected.");
xml_content = prepareXMLContent(data, so);
}
-
+
String verify_request_xml = verify_request_template.replaceFirst(TemplateReplaces.XML_CONTENT_REPLACE, xml_content);
verify_request_xml = verify_request_xml.replaceFirst(TemplateReplaces.LOC_REF_CONTENT_REPLACE, this.environment.getLocRefContent());
verify_request_xml = verify_request_xml.replaceFirst(TemplateReplaces.DATE_TIME_REPLACE, BKUHelper.formDateTimeElement(this.params.getVerificationTime(), "sl"));
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java
index f30b4b7..e415e98 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java
@@ -360,13 +360,8 @@ public class EnvelopedBase64BKUConnector implements Connector, LocalConnector
BKUHelper.checkResponseForError(response_string);
- // TODO[tknall] Parse server type and version in order to prevent unsupported cces from signing pdfs
- String bkuServerHeader = response_properties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY);
- String bkuUserAgentHeader = response_properties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY);
- // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
- log.debug("BKU response header \"user-agent\" header: " + bkuUserAgentHeader);
- // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
- log.debug("BKU response header \"server\" header: " + bkuServerHeader);
+ String bkuIdentifier = BKUHelper.getBKUIdentifier(response_properties);
+ log.debug("BKU identifier: \"" + bkuIdentifier + "\"");
SignSignatureObject so = BKUHelper.parseCreateXMLResponse(response_string, new HotfixIdFormatter());
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java
index 6ad5b94..b31d1ec 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java
@@ -107,14 +107,6 @@ public class DetachedLocRefMOAConnector implements Connector
BKUHelper.checkResponseForError(response_string);
- // TODO[tknall] Parse server type and version in order to prevent unsupported cces from signing pdfs
- String bkuServerHeader = response_properties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY);
- String bkuUserAgentHeader = response_properties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY);
- // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
- log.debug("BKU response header \"user-agent\" header: " + bkuUserAgentHeader);
- // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
- log.debug("BKU response header \"server\" header: " + bkuServerHeader);
-
SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new DetachedLocRefMOAIdFormatter());
log.debug("analyzeSignResponse finished."); //$NON-NLS-1$
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java
index b309432..a6db63c 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java
@@ -218,14 +218,6 @@ public class EnvelopingBase64MOAConnector implements Connector
BKUHelper.checkResponseForError(response_string);
- // TODO[tknall] Parse server type and version in order to prevent unsupported cces from signing pdfs
- String bkuServerHeader = response_properties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY);
- String bkuUserAgentHeader = response_properties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY);
- // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
- log.debug("BKU response header \"user-agent\" header: " + bkuUserAgentHeader);
- // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
- log.debug("BKU response header \"server\" header: " + bkuServerHeader);
-
SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new OldMOAIdFormatter());
log.debug("analyzeSignResponse finished."); //$NON-NLS-1$
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java
index abd2b09..4636e20 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java
@@ -115,14 +115,6 @@ public class MOASoapWithAttachmentConnector implements Connector
BKUHelper.checkResponseForError(response_string);
- // TODO[tknall] Parse server type and version in order to prevent unsupported cces from signing pdfs
- String bkuServerHeader = response_properties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY);
- String bkuUserAgentHeader = response_properties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY);
- // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
- log.debug("BKU response header \"user-agent\" header: " + bkuUserAgentHeader);
- // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
- log.debug("BKU response header \"server\" header: " + bkuServerHeader);
-
SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new DetachedLocRefMOAIdFormatter());
log.debug("analyzeSignResponse finished."); //$NON-NLS-1$
@@ -189,17 +181,24 @@ public class MOASoapWithAttachmentConnector implements Connector
String xml_content = null;
+ // MOA
if (SigKZIDHelper.isMOASigned(so)) {
log.debug("MOA signature detected.");
xml_content = prepareXMLContent(data, so);
+
+ // MOCCA
} else if (SigKZIDHelper.isMOCCASigned(so)) {
log.debug("MOCCA signature detected.");
- LocRefDetachedMOCCAConnector mocca_connector = new LocRefDetachedMOCCAConnector(this.params, "not needed here");
+ String algorithmId = SigKZIDHelper.parseAlgorithmId(so.id);
+ log.debug("Algorithm = " + algorithmId);
+ LocRefDetachedMOCCAConnector mocca_connector = new LocRefDetachedMOCCAConnector(this.params, "not needed here", algorithmId);
xml_content = mocca_connector.prepareXMLContent(data, so);
+
+ // TD
} else {
- log.debug("Generic signature (not MOA/MOCCA) signature detected.");
- DetachedBKUConnector bku_connector = new DetachedBKUConnector(this.params, "not needed here");
- xml_content = bku_connector.prepareXMLContent(data, so);
+ log.debug("TD signature signature detected.");
+ DetachedBKUConnector bku_connector = new DetachedBKUConnector(this.params, "not needed here");
+ xml_content = bku_connector.prepareXMLContent(data, so);
}
String verify_request_xml = verify_request_template.replaceFirst(TemplateReplaces.XML_CONTENT_REPLACE, xml_content);
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java
index c44f34b..b27edde 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java
@@ -12,6 +12,7 @@ import at.gv.egiz.pdfas.exceptions.ErrorCode;
import at.gv.egiz.pdfas.framework.ConnectorParameters;
import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
+import at.knowcenter.wag.egov.egiz.exceptions.SettingNotFoundException;
import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
import at.knowcenter.wag.egov.egiz.sig.SignatureData;
import at.knowcenter.wag.egov.egiz.sig.SignatureResponse;
@@ -22,6 +23,9 @@ import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;
import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedMOCIdFormatter;
+import at.knowcenter.wag.egov.egiz.sig.sigkz.SigKZIDHelper;
+import at.knowcenter.wag.egov.egiz.sig.signaturelayout.SignatureLayoutHandler;
+import at.knowcenter.wag.egov.egiz.sig.signaturelayout.SignatureLayoutHandlerFactory;
import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
import at.knowcenter.wag.egov.egiz.tools.FileHelper;
@@ -50,8 +54,19 @@ public class LocRefDetachedMOCCAConnector implements Connector, LocalConnector {
* @throws ConnectorException Thrown in case of error.
*/
public LocRefDetachedMOCCAConnector(ConnectorParameters connectorParameters, String loc_ref_content) throws ConnectorException {
+ this(connectorParameters, loc_ref_content, null);
+ }
+
+ /**
+ * Constructor that builds the configuration environment for this connector according to the
+ * given profile.
+ * @param connectorParameters The connectot parameters.
+ * @param algorithmId The algorithm idenifier.
+ * @throws ConnectorException Thrown in case of error.
+ */
+ public LocRefDetachedMOCCAConnector(ConnectorParameters connectorParameters, String loc_ref_content, String algorithmId) throws ConnectorException {
this.params = connectorParameters;
- this.environment = new Environment(this.params.getProfileId(), loc_ref_content);
+ this.environment = new Environment(this.params.getProfileId(), loc_ref_content, algorithmId);
}
/**
@@ -116,15 +131,17 @@ public class LocRefDetachedMOCCAConnector implements Connector, LocalConnector {
String response_string = response_properties.getProperty(BKUPostConnection.RESPONSE_STRING_KEY);
BKUHelper.checkResponseForError(response_string);
- // TODO[tknall] Parse server type and version in order to prevent unsupported cces from signing pdfs
- String bkuServerHeader = response_properties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY);
- String bkuUserAgentHeader = response_properties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY);
- // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
- log.debug("BKU response header \"user-agent\" header: " + bkuUserAgentHeader);
- // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
- log.debug("BKU response header \"server\" header: " + bkuServerHeader);
-
- SignSignatureObject so = MOCCAHelper.parseCreateXMLResponse(response_string, new DetachedMOCIdFormatter());
+ String bkuIdentifier = BKUHelper.getBKUIdentifier(response_properties);
+ log.debug("BKU identifier: \"" + bkuIdentifier + "\"");
+ SignatureLayoutHandler sigLayout;
+ try {
+ sigLayout = SignatureLayoutHandlerFactory.getSignatureLayoutHandlerInstance(bkuIdentifier);
+ } catch (SettingsException e) {
+ throw new ConnectorException(e.getErrorCode(), e.getMessage());
+ }
+
+// SignSignatureObject so = MOCCAHelper.parseCreateXMLResponse(response_string, new DetachedMOCIdFormatter());
+ SignSignatureObject so = sigLayout.parseCreateXMLSignatureResponse(response_string);
so.response_properties = response_properties;
log.debug("analyzeSignResponse finished.");
return so;
@@ -275,21 +292,21 @@ public class LocRefDetachedMOCCAConnector implements Connector, LocalConnector {
protected static final String TEMPLATE_FILE_PREFIX = "./templates/moc.";
/**
- * signing file template sufix
+ * signing file template suffix
*/
- protected static final String SIGN_TEMPLATE_FILE_SUFIX = ".sign.request.xml";
+ protected static final String SIGN_TEMPLATE_FILE_SUFFIX = ".sign.request.xml";
/**
- * verifing template file sufix
+ * verifing template file suffix
*/
/* signature verification is not supported by mocca
protected static final String VERIFY_REQUEST_TEMPLATE_FILE_SUFIX = ".verify.request.xml";
*/
/**
- * verifing file template key sufix
+ * verifing file template key suffix
*/
- protected static final String VERIFY_TEMPLATE_SUFIX = ".verify.template.xml";
+ protected static final String VERIFY_TEMPLATE_SUFFIX = ".verify.template.xml";
/**
* The configuration key of the verify request template.
@@ -343,13 +360,16 @@ public class LocRefDetachedMOCCAConnector implements Connector, LocalConnector {
protected String cert_alg_ecdsa = null;
protected String cert_alg_rsa = null;
+
+ protected String algorithmId = null;
/**
* Initializes the environment with a given profile.
* @param profile The configuration profile.
+ * @param algorithmId The algorithm identifer.
* @throws ConnectorException Thrown in case of an error.
*/
- public Environment(String profile, String loc_ref_content) throws ConnectorException {
+ public Environment(String profile, String loc_ref_content, String algorithmId) throws ConnectorException {
this.profile = profile;
this.loc_ref_content = loc_ref_content;
@@ -363,11 +383,16 @@ public class LocRefDetachedMOCCAConnector implements Connector, LocalConnector {
this.sign_keybox_identifier = getConnectorValueFromProfile(settings, profile, SIGN_KEYBOX_IDENTIFIER_KEY);
+ if (algorithmId == null) {
+ this.algorithmId = settings.getValueFromKey("default.moc.algorithm.id");
+ } else {
+ this.algorithmId = algorithmId;
+ }
// SIGN REQUEST
// try specific file
- String sign_request_filename = TEMPLATE_FILE_PREFIX + settings.getValueFromKey("default.moc.algorithm.id") + SIGN_TEMPLATE_FILE_SUFIX;
+ String sign_request_filename = TEMPLATE_FILE_PREFIX + this.algorithmId + SIGN_TEMPLATE_FILE_SUFFIX;
log.debug("Trying to load specific sign request file " + sign_request_filename);
this.sign_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(sign_request_filename));
@@ -410,7 +435,7 @@ public class LocRefDetachedMOCCAConnector implements Connector, LocalConnector {
// load template file
// try specific file
- String verify_filename = TEMPLATE_FILE_PREFIX + settings.getValueFromKey("default.moc.algorithm.id") + VERIFY_TEMPLATE_SUFIX;
+ String verify_filename = TEMPLATE_FILE_PREFIX + this.algorithmId + VERIFY_TEMPLATE_SUFFIX;
log.debug("Trying to load specific signature template file " + verify_filename);
this.verify_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_filename));
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java
index fe23584..7e32230 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java
@@ -39,25 +39,6 @@ public final class MOCCAHelper {
private final static Log log = LogFactory.getLog(MOCCAHelper.class);
/**
- * The pattern that identifies a mocca response (that matches the header value "Server" or "User-Agent").
- */
- private final static Pattern MOCCA_PATTERN = Pattern.compile("(citizen-card-environment/\\d+(\\.\\d+) MOCCA[ /].*)|(Jetty(.*))");
-
- /**
- * Checks if the given header value for "Server" or "User-Agent" respectively indicates that
- * the response was from a mocca cce.
- * @param cceId The value of the http header "Server" or "User-Agent".
- * @see http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung
- * @return <code>true</code> if the id points to a mocca response, <code>false</code> if not.
- */
- public final static boolean isMOCCACCEId(String cceId) {
- if (cceId == null) {
- return false;
- }
- return MOCCA_PATTERN.matcher(cceId).matches();
- }
-
- /**
* This method parses the signature creation response of the signature
* device mocca.
*
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 07:54:19 +0000