From c623dc5a78e03c5f944efb4cb8d628797a1c215f Mon Sep 17 00:00:00 2001 From: ferbas Date: Tue, 27 Oct 2009 11:14:26 +0000 Subject: added support for dynamic algorithm suites / acos04 git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@363 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../sig/connectors/bku/DetachedBKUConnector.java | 31 +++++++------- .../bku/EnvelopedBase64BKUConnector.java | 47 ++++++++++++---------- .../bku/OldEnvelopingBase64BKUConnector.java | 6 ++- .../connectors/moa/DetachedLocRefMOAConnector.java | 27 ++++++------- .../moa/EnvelopingBase64MOAConnector.java | 30 +++++++------- .../egov/egiz/sig/connectors/moa/MOAHelper.java | 15 ++++++- .../moa/MOASoapWithAttachmentConnector.java | 29 ++++++------- .../mocca/LocRefDetachedMOCCAConnector.java | 28 ++++++------- .../egiz/sig/connectors/mocca/MOCCAHelper.java | 8 +++- 9 files changed, 119 insertions(+), 102 deletions(-) diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java index 19ffb7a..db47233 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java @@ -9,6 +9,10 @@ import java.util.Properties; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmMapper; +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteObject; +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteUtil; import at.gv.egiz.pdfas.exceptions.ErrorCode; import at.gv.egiz.pdfas.framework.ConnectorParameters; import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; @@ -18,6 +22,7 @@ import at.knowcenter.wag.egov.egiz.sig.SignatureData; import at.knowcenter.wag.egov.egiz.sig.SignatureObject; import at.knowcenter.wag.egov.egiz.sig.SignatureResponse; import at.knowcenter.wag.egov.egiz.sig.connectors.Connector; +import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment; import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces; import at.knowcenter.wag.egov.egiz.sig.connectors.moa.DetachedLocRefMOAConnector; @@ -369,26 +374,20 @@ public class DetachedBKUConnector implements Connector, LocalConnector try { - String verify_template = this.environment.getVerifyTemplate(); - String ids_string = so.getSigID(); String[] ids = SignatureObject.parseSigIds(ids_string); - + X509Certificate cert = so.getX509Certificate(); - String cert_alg = this.environment.getCertAlgEcdsa(); - if (cert.getPublicKey().getAlgorithm().indexOf("RSA") >= 0) //$NON-NLS-1$ - { - cert_alg = this.environment.getCertAlgRsa(); - } - - // cert alg replace - String verify_xml = verify_template.replaceFirst(TemplateReplaces.CERT_ALG_REPLACE, cert_alg); - + + // dferbas + AlgorithmSuiteObject algSuite = new AlgorithmSuiteObject(); + String verify_xml = AlgorithmSuiteUtil.evaluateReplaceAlgs(algSuite, this.environment, so); + // data digest replace { // byte[] data_value = data.getData(); // byte[] data_value_hash = CodingHelper.buildDigest(data_value); - byte[] data_value_hash = CodingHelper.buildDigest(data.getDataSource()); + byte[] data_value_hash = CodingHelper.buildDigest(data.getDataSource(), algSuite.getDataDigestMethod()); String object_data_hash = CodingHelper.encodeBase64(data_value_hash); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_DATA_REPLACE, object_data_hash); @@ -403,7 +402,7 @@ public class DetachedBKUConnector implements Connector, LocalConnector // X.509 Certificate replace byte[] der = cert.getEncoded(); - byte[] cert_hash = CodingHelper.buildDigest(der); + byte[] cert_hash = CodingHelper.buildDigest(der, algSuite.getCertDigestMethod()); String certDigest = CodingHelper.encodeBase64(cert_hash); String x509_cert_string = CodingHelper.encodeBase64(der); verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_CERTIFICATE_REPLACE, x509_cert_string); @@ -433,7 +432,7 @@ public class DetachedBKUConnector implements Connector, LocalConnector log.debug("etsi:SignedProperties string to be hashed: " + string_to_be_hashed); //$NON-NLS-1$ final byte[] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8"); //$NON-NLS-1$ - byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed); + byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed, algSuite.getPropertiesDigestMethod()); String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_PROPERTIES_REPLACE, sig_prop_hash); @@ -477,7 +476,7 @@ public class DetachedBKUConnector implements Connector, LocalConnector * * @author wprinz */ - public static class Environment + public static class Environment extends ConnectorEnvironment { /** * The configuration key of the sign keybox identifier. diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java index e415e98..3d48865 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java @@ -10,6 +10,9 @@ import java.util.Properties; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteObject; +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteUtil; import at.gv.egiz.pdfas.exceptions.ErrorCode; import at.gv.egiz.pdfas.framework.ConnectorParameters; import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; @@ -19,11 +22,19 @@ import at.knowcenter.wag.egov.egiz.sig.SignatureData; import at.knowcenter.wag.egov.egiz.sig.SignatureObject; import at.knowcenter.wag.egov.egiz.sig.SignatureResponse; import at.knowcenter.wag.egov.egiz.sig.connectors.Connector; +import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment; import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces; import at.knowcenter.wag.egov.egiz.sig.connectors.moa.EnvelopingBase64MOAConnector; +import at.knowcenter.wag.egov.egiz.sig.connectors.mocca.MOCCAHelper; +import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedIdFormatter; +import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedLocRefMOAIdFormatter; +import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedMOCIdFormatter; import at.knowcenter.wag.egov.egiz.sig.sigid.HotfixIdFormatter; import at.knowcenter.wag.egov.egiz.sig.sigkz.SigKZIDHelper; +import at.knowcenter.wag.egov.egiz.sig.signaturelayout.SignatureLayoutHandler; +import at.knowcenter.wag.egov.egiz.sig.signaturelayout.SignatureLayoutHandlerFactory; +import at.knowcenter.wag.egov.egiz.sig.signaturelayout.mocca.MOCCASignatureLayout10Handler; import at.knowcenter.wag.egov.egiz.tools.CodingHelper; import at.knowcenter.wag.egov.egiz.tools.FileHelper; @@ -160,25 +171,19 @@ public class EnvelopedBase64BKUConnector implements Connector, LocalConnector log.debug("prepareXMLContent:"); //$NON-NLS-1$ try { - String verify_template = this.environment.getVerifyTemplate(); - - String ids_string = so.getSigID(); - String[] ids = SignatureObject.parseSigIds(ids_string); - - X509Certificate cert = so.getX509Certificate(); - String cert_alg = this.environment.getCertAlgEcdsa(); - if (cert.getPublicKey().getAlgorithm().indexOf("RSA") >= 0) //$NON-NLS-1$ - { - cert_alg = this.environment.getCertAlgRsa(); - } - - // cert alg replace - String verify_xml = verify_template.replaceFirst(TemplateReplaces.CERT_ALG_REPLACE, cert_alg); - + String ids_string = so.getSigID(); + String[] ids = SignatureObject.parseSigIds(ids_string); + + X509Certificate cert = so.getX509Certificate(); + + // dferbas + AlgorithmSuiteObject algSuite = new AlgorithmSuiteObject(); + String verify_xml = AlgorithmSuiteUtil.evaluateReplaceAlgs(algSuite, this.environment, so); + // data digest replace byte[] data_value = BKUHelper.prepareEnvelopingData(data); { - byte[] data_value_hash = CodingHelper.buildDigest(data_value); + byte[] data_value_hash = CodingHelper.buildDigest(data_value, algSuite.getDataDigestMethod()); String object_data_hash = CodingHelper.encodeBase64(data_value_hash); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_DATA_REPLACE, object_data_hash); @@ -193,7 +198,7 @@ public class EnvelopedBase64BKUConnector implements Connector, LocalConnector // X.509 Certificate replace byte[] der = cert.getEncoded(); - byte[] cert_hash = CodingHelper.buildDigest(der); + byte[] cert_hash = CodingHelper.buildDigest(der, algSuite.getCertDigestMethod()); String certDigest = CodingHelper.encodeBase64(cert_hash); String x509_cert_string = CodingHelper.encodeBase64(der); verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_CERTIFICATE_REPLACE, x509_cert_string); @@ -213,7 +218,7 @@ public class EnvelopedBase64BKUConnector implements Connector, LocalConnector // Signed Properties hash { - String sig_prop_hash = computeSignedPropertiesReplace(verify_xml); + String sig_prop_hash = computeSignedPropertiesReplace(verify_xml, algSuite); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_PROPERTIES_REPLACE, sig_prop_hash); } @@ -228,7 +233,7 @@ public class EnvelopedBase64BKUConnector implements Connector, LocalConnector } } - protected String computeSignedPropertiesReplace(String verify_xml) + protected String computeSignedPropertiesReplace(String verify_xml, AlgorithmSuiteObject algSuite) { try { @@ -245,7 +250,7 @@ public class EnvelopedBase64BKUConnector implements Connector, LocalConnector log.debug("etsi:SignedProperties string to be hashed: " + string_to_be_hashed); //$NON-NLS-1$ final byte[] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8"); //$NON-NLS-1$ - byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed); + byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed, algSuite.getPropertiesDigestMethod()); String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code); return sig_prop_hash; @@ -397,7 +402,7 @@ public class EnvelopedBase64BKUConnector implements Connector, LocalConnector * * @author wprinz */ - public static class Environment + public static class Environment extends ConnectorEnvironment { /** * The configuration key of the sign keybox identifier. diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/OldEnvelopingBase64BKUConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/OldEnvelopingBase64BKUConnector.java index 586879a..6743bbb 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/OldEnvelopingBase64BKUConnector.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/OldEnvelopingBase64BKUConnector.java @@ -8,6 +8,8 @@ import java.io.UnsupportedEncodingException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteObject; import at.gv.egiz.pdfas.exceptions.ErrorCode; import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException; @@ -47,7 +49,7 @@ public class OldEnvelopingBase64BKUConnector extends EnvelopedBase64BKUConnector /** * @see at.knowcenter.wag.egov.egiz.sig.connectors.bku.EnvelopedBase64BKUConnector#computeSignedPropertiesReplace(java.lang.String) */ - protected String computeSignedPropertiesReplace(String verify_xml) + protected String computeSignedPropertiesReplace(String verify_xml, AlgorithmSuiteObject algSuite) { try { @@ -64,7 +66,7 @@ public class OldEnvelopingBase64BKUConnector extends EnvelopedBase64BKUConnector log.debug("etsi:QualifyingProperties string to be hashed: " + string_to_be_hashed); //$NON-NLS-1$ final byte[] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8"); //$NON-NLS-1$ - byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed); + byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed, algSuite.getPropertiesDigestMethod()); String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code); return sig_prop_hash; diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java index b31d1ec..0eba51b 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java @@ -9,6 +9,9 @@ import java.util.Properties; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmMapper; +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteObject; +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteUtil; import at.gv.egiz.pdfas.exceptions.ErrorCode; import at.gv.egiz.pdfas.framework.ConnectorParameters; import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; @@ -18,6 +21,7 @@ import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; import at.knowcenter.wag.egov.egiz.sig.SignatureData; import at.knowcenter.wag.egov.egiz.sig.SignatureResponse; import at.knowcenter.wag.egov.egiz.sig.connectors.Connector; +import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment; import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection; @@ -26,7 +30,6 @@ import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject; import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedLocRefMOAIdFormatter; import at.knowcenter.wag.egov.egiz.sig.sigkz.SigKZIDHelper; import at.knowcenter.wag.egov.egiz.tools.CodingHelper; -import at.knowcenter.wag.egov.egiz.tools.DebugHelper; import at.knowcenter.wag.egov.egiz.tools.FileHelper; /** @@ -107,7 +110,7 @@ public class DetachedLocRefMOAConnector implements Connector BKUHelper.checkResponseForError(response_string); - SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new DetachedLocRefMOAIdFormatter()); + SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new DetachedLocRefMOAIdFormatter(), this.environment); log.debug("analyzeSignResponse finished."); //$NON-NLS-1$ return so; @@ -222,23 +225,17 @@ public class DetachedLocRefMOAConnector implements Connector try { - String verify_template = this.environment.getVerifyTemplate(); - X509Certificate cert = so.getX509Certificate(); - String cert_alg = this.environment.getCertAlgEcdsa(); - if (cert.getPublicKey().getAlgorithm().indexOf("RSA") >= 0) //$NON-NLS-1$ - { - cert_alg = this.environment.getCertAlgRsa(); - } - // cert alg replace - String verify_xml = verify_template.replaceFirst(TemplateReplaces.CERT_ALG_REPLACE, cert_alg); + // dferbas + AlgorithmSuiteObject algSuite = new AlgorithmSuiteObject(); + String verify_xml = AlgorithmSuiteUtil.evaluateReplaceAlgs(algSuite, this.environment, so); // data digest replace { // byte[] data_value = data.getData(); // byte[] data_value_hash = CodingHelper.buildDigest(data_value); - byte[] data_value_hash = CodingHelper.buildDigest(data.getDataSource()); + byte[] data_value_hash = CodingHelper.buildDigest(data.getDataSource(), algSuite.getDataDigestMethod()); String object_data_hash = CodingHelper.encodeBase64(data_value_hash); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_DATA_REPLACE, object_data_hash); @@ -248,7 +245,7 @@ public class DetachedLocRefMOAConnector implements Connector // X.509 Certificate replace byte[] der = cert.getEncoded(); - byte[] cert_hash = CodingHelper.buildDigest(der); + byte[] cert_hash = CodingHelper.buildDigest(der, algSuite.getCertDigestMethod()); String certDigest = CodingHelper.encodeBase64(cert_hash); String x509_cert_string = CodingHelper.encodeBase64(der); verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_CERTIFICATE_REPLACE, x509_cert_string); @@ -276,7 +273,7 @@ public class DetachedLocRefMOAConnector implements Connector log.debug("etsi:SignedProperties string to be hashed: " + string_to_be_hashed); //$NON-NLS-1$ final byte[] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8"); //$NON-NLS-1$ - byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed); + byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed, algSuite.getPropertiesDigestMethod()); String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_PROPERTIES_REPLACE, sig_prop_hash); @@ -310,7 +307,7 @@ public class DetachedLocRefMOAConnector implements Connector * * @author wprinz */ - public static class Environment + public static class Environment extends ConnectorEnvironment { /** * The configuration key of the sign keybox identifier. diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java index a6db63c..90625b4 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java @@ -9,6 +9,9 @@ import java.util.Properties; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteObject; +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteUtil; import at.gv.egiz.pdfas.framework.ConnectorParameters; import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException; @@ -16,6 +19,7 @@ import at.knowcenter.wag.egov.egiz.exceptions.SettingsException; import at.knowcenter.wag.egov.egiz.sig.SignatureData; import at.knowcenter.wag.egov.egiz.sig.SignatureResponse; import at.knowcenter.wag.egov.egiz.sig.connectors.Connector; +import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment; import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection; @@ -218,7 +222,7 @@ public class EnvelopingBase64MOAConnector implements Connector BKUHelper.checkResponseForError(response_string); - SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new OldMOAIdFormatter()); + SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new OldMOAIdFormatter(), this.environment); log.debug("analyzeSignResponse finished."); //$NON-NLS-1$ return so; @@ -267,22 +271,16 @@ public class EnvelopingBase64MOAConnector implements Connector log.debug("prepareXMLContent:"); //$NON-NLS-1$ try { - String verify_template = this.environment.getVerifyTemplate(); - - X509Certificate cert = so.getX509Certificate(); - String cert_alg = this.environment.getCertAlgEcdsa(); - if (cert.getPublicKey().getAlgorithm().indexOf("RSA") >= 0) //$NON-NLS-1$ - { - cert_alg = this.environment.getCertAlgRsa(); - } - - // cert alg replace - String verify_xml = verify_template.replaceFirst(TemplateReplaces.CERT_ALG_REPLACE, cert_alg); + X509Certificate cert = so.getX509Certificate(); + + // dferbas + AlgorithmSuiteObject algSuite = new AlgorithmSuiteObject(); + String verify_xml = AlgorithmSuiteUtil.evaluateReplaceAlgs(algSuite, this.environment, so); // data digest replace byte[] data_value = BKUHelper.prepareEnvelopingData(data); { - byte[] data_value_hash = CodingHelper.buildDigest(data_value); + byte[] data_value_hash = CodingHelper.buildDigest(data_value, algSuite.getDataDigestMethod()); String object_data_hash = CodingHelper.encodeBase64(data_value_hash); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_DATA_REPLACE, object_data_hash); @@ -292,7 +290,7 @@ public class EnvelopingBase64MOAConnector implements Connector // X.509 Certificate replace byte[] der = cert.getEncoded(); - byte[] cert_hash = CodingHelper.buildDigest(der); + byte[] cert_hash = CodingHelper.buildDigest(der, algSuite.getCertDigestMethod()); String certDigest = CodingHelper.encodeBase64(cert_hash); String x509_cert_string = CodingHelper.encodeBase64(der); verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_CERTIFICATE_REPLACE, x509_cert_string); @@ -323,7 +321,7 @@ public class EnvelopingBase64MOAConnector implements Connector log.debug("etsi:SignedProperties string to be hashed: " + string_to_be_hashed); //$NON-NLS-1$ final byte[] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8"); //$NON-NLS-1$ - byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed); + byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed, algSuite.getPropertiesDigestMethod()); String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_PROPERTIES_REPLACE, sig_prop_hash); @@ -344,7 +342,7 @@ public class EnvelopingBase64MOAConnector implements Connector * * @author wprinz */ - public static class Environment + public static class Environment extends ConnectorEnvironment { /** * The configuration key of the sign keybox identifier. diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOAHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOAHelper.java index e05d55c..6b209a2 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOAHelper.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOAHelper.java @@ -15,9 +15,11 @@ import java.util.regex.Pattern; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteUtil; import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException; import at.knowcenter.wag.egov.egiz.sig.SignatureObject; import at.knowcenter.wag.egov.egiz.sig.X509Cert; +import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject; import at.knowcenter.wag.egov.egiz.sig.sigid.IdFormatter; @@ -52,7 +54,7 @@ public class MOAHelper * @see CodingHelper * @see X509Cert */ - public static SignSignatureObject parseCreateXMLResponse(String xmlResponse, IdFormatter id_formatter) throws ConnectorException + public static SignSignatureObject parseCreateXMLResponse(String xmlResponse, IdFormatter id_formatter, ConnectorEnvironment environment) throws ConnectorException { Pattern sig_val_p_s = Pattern.compile("<[\\w]*:?SignatureValue>"); //$NON-NLS-1$ Pattern sig_val_p_e = Pattern.compile(""); //$NON-NLS-1$ @@ -182,7 +184,16 @@ public class MOAHelper so.signatureValue = sig_val; so.x509Certificate = cert; - so.id = id_formatter.formatIds(null); + String algs = AlgorithmSuiteUtil.extractAlgorithmSuiteString(xmlResponse); + + String defaultCertAlg = environment.getDefaultAlgForCert(cert); + + if (AlgorithmSuiteUtil.isDefaultCertAlg(algs, defaultCertAlg)) { + // do not embed default alg + algs = null; + } + + so.id = id_formatter.formatIds(null, algs); return so; } diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java index 4636e20..2415435 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java @@ -9,6 +9,9 @@ import java.util.Properties; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmMapper; +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteObject; +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteUtil; import at.gv.egiz.pdfas.exceptions.ErrorCode; import at.gv.egiz.pdfas.framework.ConnectorParameters; import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; @@ -17,6 +20,7 @@ import at.knowcenter.wag.egov.egiz.exceptions.SettingsException; import at.knowcenter.wag.egov.egiz.sig.SignatureData; import at.knowcenter.wag.egov.egiz.sig.SignatureResponse; import at.knowcenter.wag.egov.egiz.sig.connectors.Connector; +import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment; import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection; @@ -115,7 +119,7 @@ public class MOASoapWithAttachmentConnector implements Connector BKUHelper.checkResponseForError(response_string); - SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new DetachedLocRefMOAIdFormatter()); + SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new DetachedLocRefMOAIdFormatter(), this.environment); log.debug("analyzeSignResponse finished."); //$NON-NLS-1$ return so; @@ -249,23 +253,19 @@ public class MOASoapWithAttachmentConnector implements Connector try { - String verify_template = this.environment.getVerifyTemplate(); - + String verify_xml = null; X509Certificate cert = so.getX509Certificate(); - String cert_alg = this.environment.getCertAlgEcdsa(); - if (cert.getPublicKey().getAlgorithm().indexOf("RSA") >= 0) //$NON-NLS-1$ - { - cert_alg = this.environment.getCertAlgRsa(); - } + + // dferbas + AlgorithmSuiteObject algSuite = new AlgorithmSuiteObject(); + verify_xml = AlgorithmSuiteUtil.evaluateReplaceAlgs(algSuite, this.environment, so); - // cert alg replace - String verify_xml = verify_template.replaceFirst(TemplateReplaces.CERT_ALG_REPLACE, cert_alg); // data digest replace { // byte[] data_value = data.getData(); // byte[] data_value_hash = CodingHelper.buildDigest(data_value); - byte[] data_value_hash = CodingHelper.buildDigest(data.getDataSource()); + byte[] data_value_hash = CodingHelper.buildDigest(data.getDataSource(), algSuite.getDataDigestMethod()); String object_data_hash = CodingHelper.encodeBase64(data_value_hash); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_DATA_REPLACE, object_data_hash); @@ -275,7 +275,7 @@ public class MOASoapWithAttachmentConnector implements Connector // X.509 Certificate replace byte[] der = cert.getEncoded(); - byte[] cert_hash = CodingHelper.buildDigest(der); + byte[] cert_hash = CodingHelper.buildDigest(der, algSuite.getCertDigestMethod()); String certDigest = CodingHelper.encodeBase64(cert_hash); String x509_cert_string = CodingHelper.encodeBase64(der); verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_CERTIFICATE_REPLACE, x509_cert_string); @@ -303,7 +303,7 @@ public class MOASoapWithAttachmentConnector implements Connector log.debug("etsi:SignedProperties string to be hashed: " + string_to_be_hashed); //$NON-NLS-1$ final byte[] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8"); //$NON-NLS-1$ - byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed); + byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed, algSuite.getPropertiesDigestMethod()); String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_PROPERTIES_REPLACE, sig_prop_hash); @@ -319,6 +319,7 @@ public class MOASoapWithAttachmentConnector implements Connector } } + protected Properties sendRequest(String url, String mode, String request_string, SignatureData data) throws ConnectorException { try @@ -353,7 +354,7 @@ public class MOASoapWithAttachmentConnector implements Connector * * @author wprinz */ - public static class Environment + public static class Environment extends ConnectorEnvironment { /** * The configuration key of the sign keybox identifier. diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java index bcf40fc..a16dbf8 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java @@ -8,6 +8,9 @@ import java.util.regex.Pattern; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteObject; +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteUtil; import at.gv.egiz.pdfas.exceptions.ErrorCode; import at.gv.egiz.pdfas.framework.ConnectorParameters; import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; @@ -17,6 +20,7 @@ import at.knowcenter.wag.egov.egiz.exceptions.SettingsException; import at.knowcenter.wag.egov.egiz.sig.SignatureData; import at.knowcenter.wag.egov.egiz.sig.SignatureResponse; import at.knowcenter.wag.egov.egiz.sig.connectors.Connector; +import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment; import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper; @@ -204,23 +208,19 @@ public class LocRefDetachedMOCCAConnector implements Connector, LocalConnector { public String prepareXMLContent(SignatureData data, SignSignatureObject so) throws ConnectorException { log.debug("prepareXMLContent:"); try { - String verify_template = this.environment.getVerifyTemplate(); - + String ids_string = so.getSigID(); String sigId = this.parseSigId(ids_string); X509Certificate cert = so.getX509Certificate(); - String cert_alg = this.environment.getCertAlgEcdsa(); - if (cert.getPublicKey().getAlgorithm().indexOf("RSA") >= 0) - { - cert_alg = this.environment.getCertAlgRsa(); - } - - // cert alg replace - String verify_xml = verify_template.replaceFirst(TemplateReplaces.CERT_ALG_REPLACE, cert_alg); + + + // dferbas + AlgorithmSuiteObject algSuite = new AlgorithmSuiteObject(); + String verify_xml = AlgorithmSuiteUtil.evaluateReplaceAlgs(algSuite, this.environment, so); // data digest replace - byte[] data_value_hash = CodingHelper.buildDigest(data.getDataSource()); + byte[] data_value_hash = CodingHelper.buildDigest(data.getDataSource(), algSuite.getDataDigestMethod()); String object_data_hash = CodingHelper.encodeBase64(data_value_hash); // template replacements @@ -230,7 +230,7 @@ public class LocRefDetachedMOCCAConnector implements Connector, LocalConnector { // X.509 Certificate replace byte[] der = cert.getEncoded(); - byte[] cert_hash = CodingHelper.buildDigest(der); + byte[] cert_hash = CodingHelper.buildDigest(der, algSuite.getCertDigestMethod()); String certDigest = CodingHelper.encodeBase64(cert_hash); String x509_cert_string = CodingHelper.encodeBase64(der); verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_CERTIFICATE_REPLACE, x509_cert_string); @@ -252,7 +252,7 @@ public class LocRefDetachedMOCCAConnector implements Connector, LocalConnector { String string_to_be_hashed = matcher.group(1); log.debug("SignedProperties string to be hashed: " + string_to_be_hashed); final byte[] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8"); - byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed); + byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed, algSuite.getPropertiesDigestMethod()); String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_PROPERTIES_REPLACE, sig_prop_hash); @@ -270,7 +270,7 @@ public class LocRefDetachedMOCCAConnector implements Connector, LocalConnector { * Holds environment configuration information like templates. * @author wprinz */ - public static class Environment { + public static class Environment extends ConnectorEnvironment { /** * The configuration key of the sign keybox identifier. diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java index f13b5af..1a68eca 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java @@ -12,6 +12,8 @@ import java.util.regex.Pattern; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteUtil; import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException; import at.knowcenter.wag.egov.egiz.sig.SignatureObject; import at.knowcenter.wag.egov.egiz.sig.X509Cert; @@ -134,10 +136,12 @@ public final class MOCCAHelper { log.debug("issuer matches = " + cert_iss.equals(iss_nam)); log.debug("ser number matches = " + cert.getSerialNumber().toString().equals(ser_num)); } - + // extract Signature Id's String[] ids = extractIds(xmlResponse); - String final_ids = id_formatter.formatIds(ids); + // dferbas + String algs = AlgorithmSuiteUtil.extractAlgorithmSuiteString(xmlResponse); + String final_ids = id_formatter.formatIds(ids, algs); SignSignatureObject so = new SignSignatureObject(); so.date = sig_tim; -- cgit v1.2.3