From 535a04fa05f739ec16dd81666e3b0f82dfbd442d Mon Sep 17 00:00:00 2001 From: tknall Date: Wed, 9 Jan 2013 15:41:29 +0000 Subject: pdf-as-lib maven project files moved to pdf-as-lib git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/pdf-as/trunk@926 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../wag/egov/egiz/sig/sigkz/SigKZIDHelper.java | 262 +++++++++++++++++++++ 1 file changed, 262 insertions(+) create mode 100644 pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java (limited to 'pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java') diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java new file mode 100644 index 0000000..094880d --- /dev/null +++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java @@ -0,0 +1,262 @@ +/** + * Copyright 2006 by Know-Center, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.knowcenter.wag.egov.egiz.sig.sigkz; + +import java.util.Iterator; +import java.util.Vector; +import java.util.regex.Pattern; + +import org.apache.commons.lang.ArrayUtils; +import org.apache.commons.lang.StringUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.pdfas.exceptions.ErrorCode; +import at.knowcenter.wag.egov.egiz.PdfASID; +import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; +import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException; +import at.knowcenter.wag.egov.egiz.exceptions.InvalidIDException; +import at.knowcenter.wag.egov.egiz.exceptions.SettingNotFoundException; +import at.knowcenter.wag.egov.egiz.exceptions.SettingsException; +import at.knowcenter.wag.egov.egiz.framework.SignatorFactory; +import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject; +import at.knowcenter.wag.egov.egiz.sig.sigid.DetachedLocRefMOAIdFormatter; +import at.knowcenter.wag.egov.egiz.sig.sigid.HotfixIdFormatter; + +/** + * @author wprinz + * + */ +public final class SigKZIDHelper +{ + + /** + * The Logger. + */ + protected static Log logger = LogFactory.getLog(SigKZIDHelper.class); + + public static boolean isTextual(PdfASID sig_kz) + { + if (sig_kz == null) + { + // Old signature -> must be textual. + + return true; + } + + // new signauture -> sig_kz decides + return sig_kz.getType().equals(SignatorFactory.TYPE_TEXTUAL); + } + + public static boolean isBinary(PdfASID sig_kz) + { + return ! isTextual(sig_kz); + } + + + public static boolean isMOASigned(PdfASID sig_kz, String sig_id) + { + if (sig_kz == null || sig_kz.getVersion().equals(SignatorFactory.VERSION_1_0_0)) + { + // old signature - if sig_id is null this means MOA + + return sig_id == null; + } + + if(sig_id == null) + return true; + + // new signature - sig_id decides + String [] ids = sig_id.split("@"); + // dferbas + String prefix = (ids[0].split(":"))[0]; + + + if (prefix.equals(DetachedLocRefMOAIdFormatter.SIG_ID_PREFIX)) + { + return true; + } + return false; + } + + public static boolean isMOASigned(SignSignatureObject so) + { + String sig_kz = so.kz; + String sig_id = so.id; + PdfASID kz = null; + if (sig_kz != null) + { + try + { + kz = new PdfASID(sig_kz); + } + catch (InvalidIDException e) + { + logger.error(e.getMessage(), e); + } + } + + return isMOASigned(kz, sig_id); + } + + /** + * @author tknall + */ + public static boolean isMOCCASigned(SignSignatureObject so) { + String sig_id = so.id; + if (StringUtils.isEmpty(sig_id)) { + return false; + } + String[] ids = sig_id.split("@"); + if (ArrayUtils.isEmpty(ids)) { + return false; + } + String algorithmId = parseAlgorithmId(sig_id); + if (algorithmId == null) { + return false; + } else { + return algorithmId.startsWith("etsi-moc-1.0") || algorithmId.startsWith("etsi-moc-1.1"); + } + } + + /** + * @author tknall + */ + public static String parseAlgorithmId(String algorithmParameter) { + if (StringUtils.isEmpty(algorithmParameter)) { + return null; + } + // dferbas + String[] ids = algorithmParameter.split("@")[0].split(":"); + if (ArrayUtils.isEmpty(ids)) { + return null; + } + return ids[0]; + } + + public static boolean isOldBKU(PdfASID sig_kz, String sig_id) throws ConnectorException + { + if (sig_kz == null) + { + return true; + } + + if (sig_kz.getVersion().equals(SignatorFactory.VERSION_1_0_0)) + { + if (sig_id == null) + { + throw new ConnectorException(310, "The SIG_ID is null - so this isn't a BKU at all."); + } + + String[] sig_id_parts = sig_id.split("@"); + if (sig_id_parts.length == 2) + { + return true; + } + // dferbas + if (sig_id_parts[0].startsWith(HotfixIdFormatter.SIG_ID_PREFIX)) + { + + return false; + } + + throw new ConnectorException(310, "The SIG_KZ version is 1.0.0, but SIG_ID is neither MOA nor Old base64 nor Hotfix base64 ???'"); + } + + return false; + } + + public static boolean isOldBKU(SignSignatureObject so) throws ConnectorException + { + String sig_kz = so.kz; + String sig_id = so.id; + PdfASID kz = null; + if (sig_kz != null) + { + try + { + kz = new PdfASID(sig_kz); + } + catch (InvalidIDException e) + { + logger.error(e.getMessage(), e); + } + } + + return isOldBKU(kz, sig_id); + } + + public static String getAlgorithmId(String bkuIdentifier) throws SettingsException, SettingNotFoundException, ConnectorException { + SettingsReader sr = SettingsReader.getInstance(); + + String base = "signaturelayout.pattern"; + Vector v = sr.getSettingKeys(base); + + Iterator it = v.iterator(); + while (it.hasNext()) { + String subKey = (String) it.next(); + String key = base + "." + subKey; + String value = sr.getSetting(key); + Pattern p = Pattern.compile(value); + if (p.matcher(bkuIdentifier).matches()) { + String algKey = "signaturelayout.algorithm.id." + subKey; + String algValue = sr.getSetting(algKey); + return algValue; + } + } + + if ("true".equalsIgnoreCase(sr.getSetting("signaturelayout.strict", "false"))) { + logger.debug("Enforcing bku support check."); + throw new ConnectorException(ErrorCode.BKU_NOT_SUPPORTED, "Unsupported BKU: " + bkuIdentifier); + } else { + logger.debug("bku support check disabled."); + return null; + } + + } + + public static boolean isATrustSigned(SignSignatureObject so) { + String sig_id = so.id; + if (sig_id == null && StringUtils.isEmpty(sig_id)) { + return false; + } + return sig_id.startsWith("etsi-bka-atrust-1.0"); + } + + /** + * Checks if signed with a known BKU method/param + * @param so + * @return + */ + public static boolean isBKUSigned(SignSignatureObject so) throws ConnectorException { + if (isOldBKU(so)) return true; + + if (so.id.startsWith("etsi-bka-1.0")) { + return true; + } + + return false; + } + +} -- cgit v1.2.3