/**
* Copyright 2006 by Know-Center, Graz, Austria
* PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a
* joint initiative of the Federal Chancellery Austria and Graz University of
* Technology.
*
* Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
* the European Commission - subsequent versions of the EUPL (the "Licence");
* You may not use this work except in compliance with the Licence.
* You may obtain a copy of the Licence at:
* http://www.osor.eu/eupl/
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the Licence is distributed on an "AS IS" basis,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the Licence for the specific language governing permissions and
* limitations under the Licence.
*
* This product combines work with different licenses. See the "NOTICE" text
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
*
* $Id: MOAConnector.java,v 1.5 2006/10/31 08:18:41 wprinz Exp $
*/
package at.knowcenter.wag.egov.egiz.sig.connectors;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.UnsupportedEncodingException;
import java.util.Vector;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.rpc.Call;
import javax.xml.rpc.Service;
import javax.xml.rpc.ServiceFactory;
import org.apache.axis.message.SOAPBodyElement;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
import org.apache.xml.serialize.OutputFormat;
import org.apache.xml.serialize.XMLSerializer;
import org.w3c.dom.Document;
import at.gv.egiz.pdfas.exceptions.ErrorCode;
import at.gv.egiz.pdfas.exceptions.external.ExternalErrorException;
import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger;
import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
import at.knowcenter.wag.egov.egiz.exceptions.SignatureException;
import at.knowcenter.wag.egov.egiz.exceptions.SignatureTypesException;
import at.knowcenter.wag.egov.egiz.exceptions.WebException;
import at.knowcenter.wag.egov.egiz.sig.Connector;
import at.knowcenter.wag.egov.egiz.sig.ConnectorInformation;
import at.knowcenter.wag.egov.egiz.sig.SignatureObject;
import at.knowcenter.wag.egov.egiz.sig.SignatureResponse;
import at.knowcenter.wag.egov.egiz.sig.X509Cert;
import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
/**
* Connector to access the MOA service.
*
* @deprecated
* @author wlackner
* @author wprinz
*/
public class MOAConnector implements Connector
{
/**
* ConnectorInformation that identifies this Connector to the system.
*
* @see at.knowcenter.wag.egov.egiz.sig.ConnectorFactory
* @see ConnectorInformation
*/
public static final ConnectorInformation CONNECTOR_INFORMATION = new ConnectorInformation("moa", "MOA");
/**
* The class type value.
*
*
* Just for convenience.
*
*/
private static final String TYPE = CONNECTOR_INFORMATION.getIdentifier();
/**
* The connector description.
*/
public static final String DESCRIPTION = "MOA";
/**
* The SettingsReader instance
*/
private SettingsReader settings_ = null;
/**
* MOA siganture verification mode
*/
public static final String SERVICE_VERIFY = "SignatureVerification";
/**
* MOA siganture creation mode
*/
public static final String SERVICE_SIGN = "SignatureCreation";
/**
* The logger definition.
*/
private static final Logger logger_ = ConfigLogger.getLogger(MOAConnector.class);
/**
* The empty constructor
*/
public MOAConnector() throws SignatureException
{
loadSettings();
}
/**
* load the inital signature settings
*
* @see SettingsReader
*/
private void loadSettings() throws SignatureException
{
if (settings_ == null)
{
try
{
settings_ = SettingsReader.getInstance();
}
catch (SettingsException e)
{
String log_message = "Can not load signature settings. Cause:\n" + e.getMessage();
logger_.error(log_message);
throw new SignatureException(101, log_message, e);
}
}
}
/**
* This method calls the MOA signing a given text. The signaton type is to
* used initializing the corresponding SigantureObject. The initialized
* SignatureObject is filled out by the parsed MOA-Response.
* If an error request is send back from MOA, an error message is generated an
* an exception is thrown.
*
* @param sigType
* the type of the SignatureObject that should be returned
* @param userName
* the name of the user calling this method
* @param signText
* the text that shoulf be signed from MOA
* @return the complete SingatureObject of the given type filled by values
* from the MOA-Request
* @throws SignatureException
* ErrorCode 300
* @see SignatureObject
*/
public SignatureObject doSign(String sigType, String userName, String signText) throws SignatureException
{
SignatureObject sig_obj = new SignatureObject();
try
{
sig_obj.setSigType(sigType);
sig_obj.initByType();
}
catch (SignatureTypesException e)
{
SignatureException se = new SignatureException(300, "Can ot init signature object with type:" + sigType, e);
throw se;
}
if (logger_.isDebugEnabled())
{
logger_.debug("Signature Type is:" + sig_obj.getSignationType());
}
if (logger_.isInfoEnabled())
{
logger_.info("Call " + TYPE + " from user:" + userName);
}
String url = getSignURL(sigType);
String sign_request_filename = getSignRequestTemplateFileName(sigType);
String key_ident = getSignKeyIdentifier(sigType);
//String sign_req_str = FileHelper.readFromFile(SettingsReader.relocateFile(sign_request_filename));
String sign_req_str = this.settings_.readInternalResourceAsString(sign_request_filename);
if (sign_req_str == null)
{
SignatureException se = new SignatureException(300, "File not found:" + sign_request_filename);
throw se;
}
sign_req_str = sign_req_str.replaceFirst("KeyIdentifierReplace", key_ident);
if (logger_.isDebugEnabled())
{
//logger_.debug("error_signature_response = " + sign_req_str);
// FileHelper.writeToFile(sign_request_filename + "_signText.xml",
// signText);
}
// sign_req_str = sign_req_str.replaceFirst("XMLContentReplace", signText);
// now use the the base64 Template
signText = CodingHelper.encodeUTF8AsBase64(signText);
sign_req_str = sign_req_str.replaceFirst("Base64ContentReplace", signText);
if (logger_.isDebugEnabled())
{
//logger_.debug(sign_req_str);
// FileHelper.writeToFile(sign_request_filename + "_request.xml",
// sign_req_str);
}
String response_string = "";
try
{
response_string = MOAConnector.connectMOA(sign_req_str, MOAConnector.SERVICE_SIGN, url);
sig_obj.setRawSignatureResponse(response_string);
}
catch (WebException we)
{
SignatureException se = new SignatureException(we.getErrorCode(), we);
throw se;
}
if (!response_string.equals(""))
{
if (logger_.isInfoEnabled())
{
logger_.info("get MOA response");
}
Pattern erc_p_s = Pattern.compile("");
Pattern erc_p_e = Pattern.compile("");
Matcher erc_m_s = erc_p_s.matcher(response_string);
Matcher erc_m_e = erc_p_e.matcher(response_string);
// System.err.println(response_string);
if (erc_m_s.find() && erc_m_e.find())
{
if (logger_.isEnabledFor(Level.ERROR))
{
logger_.error("error_signature_response = " + response_string);
// FileHelper.writeToFile(sign_request_filename + "_response.xml",
// response_string);
//logger_.error("Write error response to file:" + sign_request_filename + "_response.xml");
}
Pattern erm_p_s = Pattern.compile("");
Pattern erm_p_e = Pattern.compile("");
Matcher erm_m_s = erm_p_s.matcher(response_string);
Matcher erm_m_e = erm_p_e.matcher(response_string);
String error_code = response_string.substring(erc_m_s.end(), erc_m_e.start());
logger_.debug("error_code = " + error_code);
String error_mess = "";
if (erm_m_s.find() && erm_m_e.find())
{
error_mess = response_string.substring(erm_m_s.end(), erm_m_e.start());
logger_.debug(error_mess);
}
throw new SignatureException(new ExternalErrorException(error_code, error_mess));
}
else
{
if (logger_.isDebugEnabled())
{
//logger_.debug("response_string = " + response_string);
// FileHelper.writeToFile(sign_request_filename + "_response.xml",
// response_string);
}
parseCreateXMLResponse(response_string, sig_obj);
}
}
sig_obj.setSigResponse(response_string);
return sig_obj;
}
/**
* This method parses the MOA-Response string. It separates the
* SignatureValue, X509IssuerName, SigningTime, X509SerialNumber,
* X509Certificate, CertDigest and DigestValues. If the X509Certificate is
* extracted it would be stored in the certificates directory.
*
* @param xmlResponse
* the response string from the MOA sign-request
* @param sigObj
* the SignatureObject that should be filled
* @throws SignatureException
* ErrorCode (303, 304)
* @see SignatureObject
* @see CodingHelper
* @see X509Cert
*/
private void parseCreateXMLResponse(String xmlResponse, SignatureObject sigObj) throws SignatureException
{
Pattern sig_val_p_s = Pattern.compile("<[\\w]*:?SignatureValue>");
Pattern sig_val_p_e = Pattern.compile("");
Pattern iss_nam_p_s = Pattern.compile("<[\\w]*:?X509IssuerName>");
Pattern iss_nam_p_e = Pattern.compile("");
Pattern sig_tim_p_s = Pattern.compile("<[\\w]*:?SigningTime>");
Pattern sig_tim_p_e = Pattern.compile("");
Pattern ser_num_p_s = Pattern.compile("<[\\w]*:?X509SerialNumber>");
Pattern ser_num_p_e = Pattern.compile("");
Pattern sig_cer_p_s = Pattern.compile("<[\\w]*:?X509Certificate>");
Pattern sig_cer_p_e = Pattern.compile("");
Pattern sig_cer_d_p_s = Pattern.compile("<[\\w]*:?CertDigest>");
Pattern sig_cer_d_p_e = Pattern.compile("");
Pattern dig_val_p_s = Pattern.compile("<[\\w]*:?DigestValue>");
Pattern dig_val_p_e = Pattern.compile("");
Matcher sig_val_m_s = sig_val_p_s.matcher(xmlResponse);
Matcher sig_val_m_e = sig_val_p_e.matcher(xmlResponse);
Matcher iss_nam_m_s = iss_nam_p_s.matcher(xmlResponse);
Matcher iss_nam_m_e = iss_nam_p_e.matcher(xmlResponse);
Matcher sig_tim_m_s = sig_tim_p_s.matcher(xmlResponse);
Matcher sig_tim_m_e = sig_tim_p_e.matcher(xmlResponse);
Matcher ser_num_m_s = ser_num_p_s.matcher(xmlResponse);
Matcher ser_num_m_e = ser_num_p_e.matcher(xmlResponse);
Matcher sig_cer_m_s = sig_cer_p_s.matcher(xmlResponse);
Matcher sig_cer_m_e = sig_cer_p_e.matcher(xmlResponse);
Matcher sig_cer_d_m_s = sig_cer_d_p_s.matcher(xmlResponse);
Matcher sig_cer_d_m_e = sig_cer_d_p_e.matcher(xmlResponse);
String sig_val = "";
String iss_nam = "";
String ser_num = "";
String sig_tim = "";
String sig_cer = "";
String sig_dig = "";
// SignatureValue
if (sig_val_m_s.find() && sig_val_m_e.find())
{
sig_val = xmlResponse.substring(sig_val_m_s.end(), sig_val_m_e.start());
sig_val = sig_val.replaceAll("\\s", "");
sigObj.setSignationValue(sig_val);
}
// X509IssuerName
if (iss_nam_m_s.find() && iss_nam_m_e.find())
{
iss_nam = xmlResponse.substring(iss_nam_m_s.end(), iss_nam_m_e.start());
sigObj.setSignationIssuer(iss_nam);
}
// X509SerialNumber
if (ser_num_m_s.find() && ser_num_m_e.find())
{
ser_num = xmlResponse.substring(ser_num_m_s.end(), ser_num_m_e.start());
sigObj.setSignationSerialNumber(ser_num);
}
// SigningTime
if (sig_tim_m_s.find() && sig_tim_m_e.find())
{
sig_tim = xmlResponse.substring(sig_tim_m_s.end(), sig_tim_m_e.start());
sigObj.setSignationDate(sig_tim);
}
// CertDigest
if (sig_cer_d_m_s.find() && sig_cer_d_m_e.find())
{
String cert_digest = xmlResponse.substring(sig_cer_d_m_s.end(), sig_cer_d_m_e.start());
Matcher dig_val_m_s = dig_val_p_s.matcher(cert_digest);
Matcher dig_val_m_e = dig_val_p_e.matcher(cert_digest);
if (dig_val_m_s.find() && dig_val_m_e.find())
{
sig_dig = cert_digest.substring(dig_val_m_s.end(), dig_val_m_e.start());
sigObj.setX509CertificateDigest(sig_dig);
}
}
// extract Subject Name from X509Certificate
if (sig_cer_m_s.find() && sig_cer_m_e.find())
{
sig_cer = xmlResponse.substring(sig_cer_m_s.end(), sig_cer_m_e.start());
sig_cer = sig_cer.replaceAll("\\s", "");
X509Cert cert = X509Cert.initByString(sig_cer);
if (cert.isX509Cert())
{
sigObj.setX509Certificate(cert.getCertString());
String serial_num = cert.getSerialNumber();
String subject_name = cert.getSubjectName();
if (!ser_num.equals(serial_num))
{
SignatureException se = new SignatureException(303, "Serialnumber of certificate and tag X509SerialNumber differs!");
throw se;
}
sigObj.setSignationName(subject_name);
}
}
}
/**
* This method reads the verify template from the file system and fills out
* the template with the SignatureObject values.
*
* @param normalizedText
* the normalized text to veryfied
* @param sigObject
* the SignatureObject holding the singature values
* @return the filled verify template string
* @throws SignatureException
* ErrorCode (311, 312, 313)
* @see SignatureObject
* @see CodingHelper
*/
public String getVerifyTemplate(String normalizedText,
SignatureObject sigObject) throws SignatureException
{
try
{
if (normalizedText == null || normalizedText.length() == 0)
{
SignatureException se = new SignatureException(311, "Document can not be verified because normalized text is empty.");
throw se;
}
if (sigObject == null)
{
SignatureException se = new SignatureException(312, "Document can not be verified because no signature object are set.");
throw se;
}
String verify_template = getVerifyTemplateFileName(sigObject.getSignationType());
String sig_prop_template = getSigPropFileName(sigObject.getSignationType());
//String verify_req_str = FileHelper.readFromFile(SettingsReader.relocateFile(verify_template));
String verify_req_str = this.settings_.readInternalResourceAsString(verify_template);
//String sig_prop_str = FileHelper.readFromFile(SettingsReader.relocateFile(sig_prop_template));
String sig_prop_str = this.settings_.readInternalResourceAsString(sig_prop_template);
if (logger_.isDebugEnabled())
{
//logger_.debug(verify_template);
//logger_.debug(sig_prop_template);
}
String x509Certificate = sigObject.getX509CertificateString();
if (x509Certificate == null)
{
SignatureException se = new SignatureException(ErrorCode.CERTIFICATE_NOT_FOUND, "Document certificate is not defined.");
throw se;
}
String cert_alg = settings_.getValueFromKey("cert.alg.ecdsa");
X509Cert x509_cert = sigObject.getX509Cert();
if (x509_cert.isRSA())
{
cert_alg = settings_.getValueFromKey("cert.alg.rsa");
}
sig_prop_str = sig_prop_str.replaceFirst("SigningTimeReplace", sigObject.getSignationDate());
// The issuer is already a valid Unicode String.
// No need to convert it - not to mention the missing encoding.
// byte[] issuer_name =
// CodingHelper.encodeUTF8(sigObject.getSignationIssuer());
// new String(issuer_name)
// fixed by dti: Issuer names may contain escapted commas ("\,"). As far as replaceFirst (and replaceAll)
// methods are regarded, backslashes in the replacement string may cause the results to be different than
// if it were being treated as a literal replacement string.
// sig_prop_str = sig_prop_str.replaceFirst("X509IssuerNameReplace", sigObject.getSignationIssuer());
sig_prop_str = sig_prop_str.replace("X509IssuerNameReplace", sigObject.getSignationIssuer());
sig_prop_str = sig_prop_str.replaceFirst("X509SerialNumberReplace", sigObject.getSignationSerialNumber());
sig_prop_str = sig_prop_str.replaceFirst("DigestValueX509CertificateReplace", sigObject.getX509CertificateDigest());
verify_req_str = verify_req_str.replaceFirst("CertAlgReplace", cert_alg);
// verify_req_str = verify_req_str.replaceFirst("TemplateSignedPropertiesReplace", sig_prop_str);
verify_req_str = verify_req_str.replace("TemplateSignedPropertiesReplace", sig_prop_str);
byte[] sig_prop_code = CodingHelper.buildDigest(sig_prop_str.getBytes("UTF-8"), "sha1"); // added
// the
// ("UTF-8")
// encoding
String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code);
verify_req_str = verify_req_str.replaceFirst("DigestValueSignedPropertiesReplace", sig_prop_hash);
if (logger_.isDebugEnabled())
{
logger_.debug("build digest from SignedProperties:start");
//logger_.debug("DATA :" + sig_prop_str);
logger_.debug("DIGEST:" + sig_prop_hash);
logger_.debug("build digest from SignedProperties:end");
}
verify_req_str = verify_req_str.replaceFirst("SignatureValueReplace", sigObject.getSignationValue());
verify_req_str = verify_req_str.replaceFirst("X509CertificateReplace", x509Certificate);
byte[] data_value = normalizedText.getBytes("UTF-8");
byte[] data_value_hash = CodingHelper.buildDigest(data_value, "sha1");
// byte[] data_value_hash =
// CodingHelper.buildDigest(normalizedText.getBytes());
String object_data_hash = CodingHelper.encodeBase64(data_value_hash);
//String object_data = normalizedText; // new String(data_value);
// System.err.println(object_data_hash);
// very_req_str = very_req_str.replaceFirst("ObjectDataReplace",
// object_data);
String raw_b64 = CodingHelper.encodeBase64(data_value);
verify_req_str = verify_req_str.replaceFirst("Base64ContentReplace", raw_b64);
verify_req_str = verify_req_str.replaceFirst("DigestValueSignedDataReplace", object_data_hash);
if (logger_.isDebugEnabled())
{
// FileHelper.writeToFile(verify_template + "_verifyText.xml",
// normalizedText);
logger_.debug("build digest from data object:start");
//logger_.debug("DATA :" + object_data);
logger_.debug("DIGEST:" + object_data_hash);
logger_.debug("build digest from data object:end");
}
return verify_req_str;
}
catch (UnsupportedEncodingException e)
{
throw new SignatureException(310, e);
}
}
/**
* This method generates the MOA verify prozess. It checks if the given
* SignatureObject is signed by MOA or BKU. The verify template string is
* filled out by the corresponding method.
*
* @param normalizedText
* the normalized text to verify
* @param sigObject
* the SignatureObject holding the singature values
* @return a SignatureResponse object if the verify prozess does not fails
* @throws SignatureException
* @see SignatureResponse
*/
public SignatureResponse doVerify(String normalizedText,
SignatureObject sigObject) throws SignatureException
{
String verify_url = getVerifyURL(sigObject.getSignationType()); // settings_.getValueFromKey(TYPE
// + "." +
// Signature.VALUE_MODE_VERIFY
// +
// ".url");
String verify_request = getVerifyRequestTemplateFileName(sigObject.getSignationType()); // settings_.getValueFromKey(TYPE
// +
// "."
// +
// Signature.VALUE_MODE_VERIFY
// +
// ".request");
String trust_profile = getVerifyTrustProfileID(sigObject.getSignationType());
//String verify_req_str = FileHelper.readFromFile(SettingsReader.relocateFile(verify_request));
String verify_req_str = this.settings_.readInternalResourceAsString(verify_request);
String verify_template_str = null;
if (sigObject.isMOASigned())
{
verify_template_str = getVerifyTemplate(normalizedText, sigObject);
}
else
{
BKUConnector bku_conn = new BKUConnector();
verify_template_str = bku_conn.getVerifyTemplate(normalizedText, sigObject);
}
// fixed by dti: Issuer names may contain escapted commas ("\,"). As far as replaceFirst (and replaceAll)
// methods are regarded, backslashes in the replacement string may cause the results to be different than
// if it were being treated as a literal replacement string.
// verify_req_str = verify_req_str.replaceFirst("XMLContentReplace", verify_template_str);
verify_req_str = verify_req_str.replace("XMLContentReplace", verify_template_str);
verify_req_str = verify_req_str.replaceFirst("TrustProfileIDReplace", trust_profile);
if (logger_.isDebugEnabled())
{
//logger_.debug(verify_req_str);
// FileHelper.writeToFile(verify_request + "_request.xml",
// verify_req_str);
}
String response_string = "";
try
{
response_string = MOAConnector.connectMOA(verify_req_str, MOAConnector.SERVICE_VERIFY, verify_url);
}
catch (WebException we)
{
SignatureException se = new SignatureException(we.getErrorCode(), we);
throw se;
}
if (!response_string.equals(""))
{
Pattern erc_p_s = Pattern.compile("<[\\w]*:?ErrorCode>");
Pattern erc_p_e = Pattern.compile("");
Matcher erc_m_s = erc_p_s.matcher(response_string);
Matcher erc_m_e = erc_p_e.matcher(response_string);
if (erc_m_s.find() && erc_m_e.find())
{
if (logger_.isEnabledFor(Level.ERROR))
{
//logger_.debug(response_string);
// FileHelper.writeToFile(verify_request + "_response.xml",
// response_string);
logger_.error("Write error response to file:" + verify_request + "_response.xml");
}
Pattern erm_p_s = Pattern.compile("<[\\w]*:?Info>");
Pattern erm_p_e = Pattern.compile("");
Matcher erm_m_s = erm_p_s.matcher(response_string);
Matcher erm_m_e = erm_p_e.matcher(response_string);
String error_code = response_string.substring(erc_m_s.end(), erc_m_e.start());
String error_mess = null;
if (erm_m_s.find() && erm_m_e.find())
{
error_mess = response_string.substring(erm_m_s.end(), erm_m_e.start());
}
throw new SignatureException(new ExternalErrorException(error_code, error_mess));
}
else
{
if (logger_.isDebugEnabled())
{
//logger_.debug(verify_request + "_response.xml " + response_string);
}
return parseVerifyXMLResponse(response_string);
}
}
return null;
}
/**
* This method parses the verify response string and return a
* SignatureResponse object. The SignatureResponse object is filled out by the
* response values from the BKU-response.
*
* @param xmlResponse
* the response values from the MOA-verify request
* @return SignatureResponse object
* @see SignatureResponse
*/
private SignatureResponse parseVerifyXMLResponse(String xmlResponse)
{
if (logger_.isInfoEnabled())
{
logger_.info("Try parsing the verify response");
}
Pattern sub_nam_p_s = Pattern.compile("");
Pattern sub_nam_p_e = Pattern.compile("");
Pattern iss_nam_p_s = Pattern.compile("");
Pattern iss_nam_p_e = Pattern.compile("");
Pattern ser_num_p_s = Pattern.compile("");
Pattern ser_num_p_e = Pattern.compile("");
// [tknall] start qualified certificate
Pattern cert_qualified_p = Pattern.compile("");
Matcher cert_qualified_m = cert_qualified_p.matcher(xmlResponse);
// [tknall] stop qualified certificate
String secureSignatureCreationDevice_certificate = "";//TODO use XPATH
String secureSignatureCreationDevice_tsl = "";//TODO use XPATH
Pattern issuerCountryCode_p_s = Pattern.compile("");
Pattern issuerCountryCode_p_e = Pattern.compile("");
Matcher issuerCountryCode_m_s = issuerCountryCode_p_s.matcher(xmlResponse);
Matcher issuerCountryCode_m_e = issuerCountryCode_p_e.matcher(xmlResponse);
Pattern sig_chk_p_s = Pattern.compile("");
Pattern sig_chk_p_e = Pattern.compile("");
Pattern man_chk_p_s = Pattern.compile("");
Pattern man_chk_p_e = Pattern.compile("");
Pattern cer_chk_p_s = Pattern.compile("");
Pattern cer_chk_p_e = Pattern.compile("");
Pattern code_p_s = Pattern.compile("");
Pattern code_p_e = Pattern.compile("");
Pattern cert_p_s = Pattern.compile("");
Pattern cert_p_e = Pattern.compile("");
Matcher sub_nam_m_s = sub_nam_p_s.matcher(xmlResponse);
Matcher sub_nam_m_e = sub_nam_p_e.matcher(xmlResponse);
Matcher iss_nam_m_s = iss_nam_p_s.matcher(xmlResponse);
Matcher iss_nam_m_e = iss_nam_p_e.matcher(xmlResponse);
Matcher ser_num_m_s = ser_num_p_s.matcher(xmlResponse);
Matcher ser_num_m_e = ser_num_p_e.matcher(xmlResponse);
Matcher sig_chk_m_s = sig_chk_p_s.matcher(xmlResponse);
Matcher sig_chk_m_e = sig_chk_p_e.matcher(xmlResponse);
Matcher man_chk_m_s = man_chk_p_s.matcher(xmlResponse);
Matcher man_chk_m_e = man_chk_p_e.matcher(xmlResponse);
Matcher cer_chk_m_s = cer_chk_p_s.matcher(xmlResponse);
Matcher cer_chk_m_e = cer_chk_p_e.matcher(xmlResponse);
Matcher cert_m_s = cert_p_s.matcher(xmlResponse);
Matcher cert_m_e = cert_p_e.matcher(xmlResponse);
SignatureResponse sig_res = new SignatureResponse();
// [tknall] start qualified certificate
sig_res.setQualifiedCertificate(cert_qualified_m.find());
// [tknall] stop qualified certificate
sig_res.setSecureSignatureCreationDevice(null);//TODO use XPATH
if(xmlResponse.contains(secureSignatureCreationDevice_tsl))
sig_res.setSecureSignatureCreationDevice("TSL");
if(xmlResponse.contains(secureSignatureCreationDevice_certificate))
sig_res.setSecureSignatureCreationDevice("Certificate");
try{
String issuerCountry = xmlResponse.substring(issuerCountryCode_m_s.end(), issuerCountryCode_m_e.start());
sig_res.setIssuerCountryCode(issuerCountry);
}catch(Exception e){logger_.debug("IssuerCountryCode not found in MOA response");}
// public authority
Pattern publicAuthority_p = Pattern.compile("");
Matcher publicAuthority_m = publicAuthority_p.matcher(xmlResponse);
sig_res.setPublicAuthority(false);
sig_res.setPublicAuthorityCode(null);
if (publicAuthority_m.find()) {
sig_res.setPublicAuthority(true);
} else {
Matcher publicAuthority_m_s = Pattern.compile("").matcher(xmlResponse);
Matcher publicAuthority_m_e = Pattern.compile("").matcher(xmlResponse);
if (publicAuthority_m_s.find() && publicAuthority_m_e.find()) {
sig_res.setPublicAuthority(true);
String codePart = xmlResponse.substring(publicAuthority_m_s.end(), publicAuthority_m_e.start());
Matcher code_m_s = code_p_s.matcher(codePart);
Matcher code_m_e = code_p_e.matcher(codePart);
if (code_m_s.find() && code_m_e.find()) {
String code = codePart.substring(code_m_s.end(), code_m_e.start());
sig_res.setPublicAuthorityCode(code);
}
}
}
if (sub_nam_m_s.find() && sub_nam_m_e.find())
{
String sub_nam = xmlResponse.substring(sub_nam_m_s.end(), sub_nam_m_e.start());
sig_res.setX509SubjectName(sub_nam);
}
if (iss_nam_m_s.find() && iss_nam_m_e.find())
{
String iss_nam = xmlResponse.substring(iss_nam_m_s.end(), iss_nam_m_e.start());
sig_res.setX509IssuerName(iss_nam);
}
if (ser_num_m_s.find() && ser_num_m_e.find())
{
String ser_num = xmlResponse.substring(ser_num_m_s.end(), ser_num_m_e.start());
sig_res.setX509SerialNumber(ser_num);
}
if (sig_chk_m_s.find() && sig_chk_m_e.find())
{
String sig_chk = xmlResponse.substring(sig_chk_m_s.end(), sig_chk_m_e.start());
Matcher code_m_s = code_p_s.matcher(sig_chk);
Matcher code_m_e = code_p_e.matcher(sig_chk);
if (code_m_s.find() && code_m_e.find())
{
String code = sig_chk.substring(code_m_s.end(), code_m_e.start());
sig_res.setSignatureCheckCode(code);
}
}
if (man_chk_m_s.find() && man_chk_m_e.find())
{
String man_chk = xmlResponse.substring(man_chk_m_s.end(), man_chk_m_e.start());
Matcher code_m_s = code_p_s.matcher(man_chk);
Matcher code_m_e = code_p_e.matcher(man_chk);
if (code_m_s.find() && code_m_e.find())
{
String code = man_chk.substring(code_m_s.end(), code_m_e.start());
sig_res.setSignatureManifestCheckCode(code);
}
}
if (cer_chk_m_s.find() && cer_chk_m_e.find())
{
String cer_chk = xmlResponse.substring(cer_chk_m_s.end(), cer_chk_m_e.start());
Matcher code_m_s = code_p_s.matcher(cer_chk);
Matcher code_m_e = code_p_e.matcher(cer_chk);
if (code_m_s.find() && code_m_e.find())
{
String code = cer_chk.substring(code_m_s.end(), code_m_e.start());
sig_res.setCertificateCheckCode(code);
}
}
if (cert_m_s.find() && cert_m_e.find())
{
String cert_string = xmlResponse.substring(cert_m_s.end(), cert_m_e.start());
X509Cert resp_cert = X509Cert.initByString(cert_string);
sig_res.setCertificate(resp_cert);
}
return sig_res;
}
protected String getConnectorValueFromProfile(String profile, String key)
{
String value = settings_.getValueFromKey("sig_obj." + profile + "." + key);
if (value == null)
{
value = settings_.getValueFromKey(key);
}
return value;
}
public String getSignURL(String profile)
{
final String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_SIGN + ".url";
return getConnectorValueFromProfile(profile, key);
}
protected String getSignRequestTemplateFileName(String profile)
{
String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_SIGN + ".request";
return getConnectorValueFromProfile(profile, key);
}
protected String getSignKeyIdentifier(String profile)
{
String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_SIGN + ".KeyIdentifier";
return getConnectorValueFromProfile(profile, key);
}
public String getVerifyURL(String profile)
{
String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".url";
return getConnectorValueFromProfile(profile, key);
}
protected String getVerifyRequestTemplateFileName(String profile)
{
String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".request";
return getConnectorValueFromProfile(profile, key);
}
protected String getVerifyTemplateFileName(String profile)
{
String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".template";
return getConnectorValueFromProfile(profile, key);
}
protected String getSigPropFileName(String profile)
{
String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".template.SP";
return getConnectorValueFromProfile(profile, key);
}
protected String getVerifyTrustProfileID(String profile)
{
String key = TYPE + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".TrustProfileID";
return getConnectorValueFromProfile(profile, key);
}
/**
* This method connects the moa server getting the requestString, the given
* serviseMode and the endpointUrl. The requestString is the envelope of the
* SOAP Message send and recieve by the AXIS module. The Response SOAP message
* of the MOA server is parsed by AXIS and the message envelope is send back
* to the calling method.
*
* @param requestString
* the request string (XML) to send.
* @param serviceMode
* the mode which connect to MOA
* @param endpointURL
* the URL which the MOA server is running
* @return the response string (XML) of the MOA server
* @throws WebException
*/
public static String connectMOA(String requestString, String serviceMode,
String endpointURL) throws WebException
{
try
{
if (logger_.isInfoEnabled())
{
logger_.info(serviceMode);
logger_.info(endpointURL);
}
// Parser/DOMBuilder instanzieren
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
DocumentBuilder builder = factory.newDocumentBuilder();
// XML Datei in einen DOM-Baum umwandeln
ByteArrayInputStream bais = new ByteArrayInputStream(requestString.getBytes("UTF-8"));
Document xmlRequest = builder.parse(bais);
// Call oeffnen
Call call = null;
// Neues BodyElement anlegen und mit dem DOM-Baum fuellen
SOAPBodyElement body = new SOAPBodyElement(xmlRequest.getDocumentElement());
SOAPBodyElement[] params = new SOAPBodyElement[] { body };
// AXIS-Server instanzieren
Service service = ServiceFactory.newInstance().createService(new QName(serviceMode));
call = service.createCall();
call.setTargetEndpointAddress(endpointURL);
// Call ausloesen und die Antworten speichern
if (logger_.isInfoEnabled())
{
logger_.info("Calling MOA:" + endpointURL);
}
Vector responses = (Vector) call.invoke(params);
// Erstes Body Element auslesen
SOAPBodyElement response = (SOAPBodyElement) responses.get(0);
// Aus der Response den DOM-Baum lesen
Document root_response = response.getAsDocument();
if (logger_.isInfoEnabled())
{
logger_.info("Return from MOA:" + serviceMode);
}
// XML-Formatierung konfiguieren
OutputFormat format = new OutputFormat((Document) root_response);
format.setLineSeparator("\n");
format.setIndenting(false);
format.setPreserveSpace(true);
format.setOmitXMLDeclaration(false);
format.setEncoding("UTF-8");
// Ausgabe der Webservice-Antwort auf die Konsole
// XMLSerializer conSerializer = new XMLSerializer(System.out, format);
// conSerializer.serialize(root_response);
// Ausgabe der Webservice-Antwort in Datei
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLSerializer response_serializer = new XMLSerializer(baos, format);
response_serializer.serialize(root_response);
return baos.toString("UTF-8");
}
catch (Exception e)
{
throw new WebException(e);
}
// serialize signature only
// if
// (root_response.getDocumentElement().getLocalName().equals("CreateXMLSignatureResponse"))
// {
// Element signature = (Element)
// root_response.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#",
// "Signature").item(0);
// String signatureFile = getProperty(mode + "Request").substring(0,
// getProperty(mode +
// "Request").lastIndexOf('.')) + ".Signature.xml";
// fileSerializer = new XMLSerializer(new FileOutputStream(signatureFile),
// format);
// fileSerializer.serialize(signature);
// }
}
}