From 535a04fa05f739ec16dd81666e3b0f82dfbd442d Mon Sep 17 00:00:00 2001 From: tknall Date: Wed, 9 Jan 2013 15:41:29 +0000 Subject: pdf-as-lib maven project files moved to pdf-as-lib git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/pdf-as/trunk@926 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../wag/egov/egiz/sig/SignatureResponse.java | 559 +++++++++++++++++++++ 1 file changed, 559 insertions(+) create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureResponse.java (limited to 'pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureResponse.java') diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureResponse.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureResponse.java new file mode 100644 index 0000000..0c733f6 --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureResponse.java @@ -0,0 +1,559 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + * + * $Id: SignatureResponse.java,v 1.4 2006/08/03 07:43:04 wprinz Exp $ + */ +package at.knowcenter.wag.egov.egiz.sig; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; +import java.util.Set; + +import org.apache.log4j.Logger; + +import at.gv.egiz.pdfas.api.exceptions.PdfAsException; +import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger; +import at.knowcenter.wag.egov.egiz.cfg.PropertyTree; +import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; +import at.knowcenter.wag.egov.egiz.exceptions.SettingNotFoundException; +import at.knowcenter.wag.egov.egiz.exceptions.SettingsException; +import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; + +/** + * The response of a verification. + * + * @author wlackner + */ +public class SignatureResponse +{ + /** + * The siganture response config key + */ + private static String SIG_RESP_KEY = "signature.response."; + + /** + * Default response message + */ + private static String SIG_RESP_DEFAULT_INFO = "Es ist leider keine nähere Information verfügbar:"; + + /** + * Response value for x509SubjectName_ + */ + private String x509SubjectName_ = null; + + /** + * Response value for x509IssuerName + */ + private String x509IssuerName = null; + + /** + * Response value for x509SerialNumber + */ + private String x509SerialNumber = null; + + /** + * Response value for signatureCheckCode_ + */ + private String signatureCheckCode_ = null; + + /** + * Response value for signatureCheckInfo_ + */ + private String signatureCheckInfo_ = null; + + /** + * Response value for signatureManifestCheckCode_ + */ + private String signatureManifestCheckCode_ = null; + + /** + * Response value for signatureManifestCheckInfo_ + */ + private String signatureManifestCheckInfo_ = null; + + /** + * Response value for certificateCheckCode_ + */ + private String certificateCheckCode_ = null; + + /** + * Response value for certificateCheckInfo_ + */ + private String certificateCheckInfo_ = null; + + /** + * The X.509 certificated parsed from the response string. + */ + protected X509Cert certificate_ = null; + + // [tknall] start qualified certificate + private boolean qualifiedCertificate = false; + // [tknall] stop qualified certificate + + private boolean publicAuthority = false; + private String publicAuthorityCode = null; + + protected String hashInputData = null; + + private PdfAsException verificationImpossibleEx = null; + + // /** + // * Flag the marks that the response is an error response + // */ + // private boolean isError_ = false; + // + // /** + // * The error code of an external application + // */ + // private String errorCode_ = null; + + /** + * The SettingsReader instance + */ + private SettingsReader settings_ = null; + + /** + * The logger definition. + */ + private static final Logger logger_ = ConfigLogger.getLogger(SignatureResponse.class); + + /** + * + * + */ + public SignatureResponse() + { + try + { + loadSettings(); + } + catch (SignatureException e) + { + logger_.warn(e.getMessage(), e); + } + } + + /** + * load the inital signature settings + * + * @throws SignatureException + * @see SettingsReader + */ + private void loadSettings() throws SignatureException + { + if (settings_ == null) + { + try + { + settings_ = SettingsReader.getInstance(); + } + catch (SettingsException e) + { + String log_message = "Can not load signature settings. Cause:\n" + e.getMessage(); + logger_.error(log_message); + throw new SignatureException(101, log_message, e); + } + } + } + + /** + * @return Returns the certificateCheckCode. + */ + public String getCertificateCheckCode() + { + return certificateCheckCode_; + } + + /** + * @param certificateCheckCode + * The certificateCheckCode to set. + */ + public void setCertificateCheckCode(String certificateCheckCode) + { + if (logger_.isDebugEnabled()) + { + logger_.debug("setCertificateCheckCode:" + certificateCheckCode); + } + certificateCheckCode_ = certificateCheckCode; + } + + /** + * @return Returns the signatureCheckCode. + */ + public String getSignatureCheckCode() + { + return signatureCheckCode_; + } + + /** + * @param signatureCheckCode + * The signatureCheckCode to set. + */ + public void setSignatureCheckCode(String signatureCheckCode) + { + if (logger_.isDebugEnabled()) + { + logger_.debug("setSignatureCheckCode:" + signatureCheckCode); + } + signatureCheckCode_ = signatureCheckCode; + } + + /** + * @return Returns the signatureManifestCheckCode. + */ + public String getSignatureManifestCheckCode() + { + return signatureManifestCheckCode_; + } + + /** + * Returns {@code true} if the underlying certificate indicates public authority. + * @return {@code true} if public authority, {@code false} if not. + */ + public boolean isPublicAuthority() { + return this.publicAuthority; + } + + /** + * Sets the public authority flag. + * @param publicAuthority The public authority flag. + */ + public void setPublicAuthority(boolean publicAuthority) { + this.publicAuthority = publicAuthority; + } + + /** + * Returns the public authority code of {@code null} if no code was provided. + * @return The public authority code. + */ + public String getPublicAuthorityCode() { + return this.publicAuthorityCode; + } + + /** + * Sets the public authority code. + * @param publicAuthorityCode The public authority code. + */ + public void setPublicAuthorityCode(String publicAuthorityCode) { + this.publicAuthorityCode = publicAuthorityCode; + } + +/** + * @param signatureManifestCheckCode + * The signatureManifestCheckCode to set. + */ + public void setSignatureManifestCheckCode(String signatureManifestCheckCode) + { + if (logger_.isDebugEnabled()) + { + logger_.debug("setSignatureManifestCheckCode:" + signatureManifestCheckCode); + } + signatureManifestCheckCode_ = signatureManifestCheckCode; + } + + /** + * @return Returns the x509IssuerName. + */ + public String getX509IssuerName() + { + return x509IssuerName; + } + + /** + * @param issuerName + * The x509IssuerName to set. + */ + public void setX509IssuerName(String issuerName) + { + if (logger_.isDebugEnabled()) + { + logger_.debug("setX509IssuerName:" + issuerName); + } + x509IssuerName = issuerName; + } + + /** + * @return Returns the x509SerialNumber. + */ + public String getX509SerialNumber() + { + return x509SerialNumber; + } + + /** + * @param serialNumber + * The x509SerialNumber to set. + */ + public void setX509SerialNumber(String serialNumber) + { + if (logger_.isDebugEnabled()) + { + logger_.debug("setX509SerialNumber:" + serialNumber); + } + x509SerialNumber = serialNumber; + } + + /** + * @return Returns the x509SubjectName. + */ + public String getX509SubjectName() + { + return x509SubjectName_; + } + + /** + * @param subjectName + * The x509SubjectName to set. + */ + public void setX509SubjectName(String subjectName) + { + if (logger_.isDebugEnabled()) + { + logger_.debug("setX509SubjectName:" + subjectName); + } + x509SubjectName_ = subjectName; + } + + /** + * @return Returns the certificateCheckInfo. + */ + public String getCertificateCheckInfo() + { + if (certificateCheckInfo_ == null) + { + if (settings_ != null) + { + certificateCheckInfo_ = settings_.getValueFromKey(SIG_RESP_KEY + "certificateCheckInfo." + getCertificateCheckCode()); + } + } + if (certificateCheckInfo_ == null) + { + certificateCheckInfo_ = SIG_RESP_DEFAULT_INFO + getCertificateCheckCode(); + } + return certificateCheckInfo_; + } + + /** + * @param certificateCheckInfo + * The certificateCheckInfo to set. + */ + public void setCertificateCheckInfo(String certificateCheckInfo) + { + if (logger_.isDebugEnabled()) + { + logger_.debug("setCertificateCheckInfo:" + certificateCheckInfo); + } + certificateCheckInfo_ = certificateCheckInfo; + } + + // [tknall] start qualified certificate + + /** + * Returns true if certificate is qualified, false if not. + * @return true if certificate is qualified, false if not. + */ + public boolean isQualifiedCertificate() { + return this.qualifiedCertificate; + } + + /** + * Sets the flag for qualified certificate. + * @param qualifiedCertificate The new qualified certificate status. + */ + public void setQualifiedCertificate(boolean qualifiedCertificate) { + this.qualifiedCertificate = qualifiedCertificate; + } + // [tknall] stop qualified certificate + + /** + * @return Returns the signatureCheckInfo. + */ + public String getSignatureCheckInfo() + { + if (signatureCheckInfo_ == null) + { + if (settings_ != null) + { + signatureCheckInfo_ = settings_.getValueFromKey(SIG_RESP_KEY + "signatureCheckInfo." + getSignatureCheckCode()); + } + } + if (signatureCheckInfo_ == null) + { + signatureCheckInfo_ = SIG_RESP_DEFAULT_INFO + getSignatureCheckCode(); + } + return signatureCheckInfo_; + } + + /** + * @param signatureCheckInfo + * The signatureCheckInfo to set. + */ + public void setSignatureCheckInfo(String signatureCheckInfo) + { + if (logger_.isDebugEnabled()) + { + logger_.debug("setSignatureCheckInfo:" + signatureCheckInfo); + } + signatureCheckInfo_ = signatureCheckInfo; + } + + /** + * @return Returns the signatureManifestCheckInfo. + */ + public String getSignatureManifestCheckInfo() + { + if (signatureManifestCheckInfo_ == null) + { + if (settings_ != null) + { + signatureManifestCheckInfo_ = settings_.getValueFromKey(SIG_RESP_KEY + "signatureManifestCheckInfo." + getSignatureManifestCheckCode()); + } + } + if (signatureManifestCheckInfo_ == null) + { + signatureManifestCheckInfo_ = SIG_RESP_DEFAULT_INFO + getSignatureManifestCheckCode(); + } + return signatureManifestCheckInfo_; + } + + /** + * @param signatureManifestCheckInfo + * The signatureManifestCheckInfo to set. + */ + public void setSignatureManifestCheckInfo(String signatureManifestCheckInfo) + { + if (logger_.isDebugEnabled()) + { + logger_.debug("setSignatureManifestCheckInfo:" + signatureManifestCheckInfo); + } + signatureManifestCheckInfo_ = signatureManifestCheckInfo; + } + + /** + * Returns the X.509 certificate of this response. + * + * @return Returns the X.509 certificate of this response. + */ + public X509Cert getCertificate() + { + return certificate_; + } + + /** + * Sets the X.509 certificate of this response. + * + * @param certificate + * The X.509 certificate to be set. + */ + public void setCertificate(X509Cert certificate) + { + this.certificate_ = certificate; + } + + public String getHashInputData() + { + return this.hashInputData; + } + + public void setHashInputData(String hashInputData) + { + this.hashInputData = hashInputData; + } + + public PdfAsException getVerificationImpossibleEx() { + return verificationImpossibleEx; + } + + public void setVerificationImpossibleEx(PdfAsException verificationImpossibleEx) { + this.verificationImpossibleEx = verificationImpossibleEx; + } + +/** + * Returns a list of Strings each stating one public property of the + * certificate. + * + *

+ * Such public properties are certificate extensions each being assigned an + * own OID. For example the public property "Verwaltungseigenschaft" has the + * OID "1.2.40.0.10.1.1.1". + *

+ *

+ * This methods reads out the list of possible properties from the config file + * and compares these to the extensions defined on the certificate. If they + * match, a String containing useful information about the property is added + * to the list returned. + *

+ * + * @return Returns the list of Strings representing the public properties of + * this certificate, if any. + * @throws SettingNotFoundException + */ + public List getPublicProperties() throws SettingNotFoundException + { + List props = new ArrayList(); + + SettingsReader settings = this.settings_; + + String root_oid = settings.getSetting("oid.root"); + + PropertyTree oids = settings.getPTree().getSubTree("oid"); + + Set non_critial_oids = this.certificate_.getX509Certificate().getNonCriticalExtensionOIDs(); + Iterator ext_it = non_critial_oids.iterator(); + while (ext_it.hasNext()) + { + String oid = (String) ext_it.next(); + + if (oid.startsWith(root_oid)) + { + String key = oid.replaceAll("\\.", "_"); + + String value = oids.getLastValue(key); + if (value == null) + { + value = oid; + } + + props.add(value); + } + } + + return props; + } + + /** + * The toString method + */ + public String toString() + { + String str = ""; + str += "\nSignator:" + getX509SubjectName(); + str += "\nAusteller:" + getX509IssuerName(); + str += "\nSeriennummer:" + getX509SerialNumber(); + str += "\nZertifikat-Code:" + getCertificateCheckCode() + "=" + getCertificateCheckInfo(); + str += "\nSignatur-Check-Code:" + getSignatureCheckCode() + "=" + getSignatureCheckInfo(); + str += "\nManifest-Check-Code:" + getSignatureManifestCheckCode() + "=" + getSignatureManifestCheckInfo(); + return str; + } +} \ No newline at end of file -- cgit v1.2.3