/** * Copyright 2006 by Know-Center, Graz, Austria * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a * joint initiative of the Federal Chancellery Austria and Graz University of * Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ package at.knowcenter.wag.egov.egiz.sig.connectors.bku; import java.security.cert.X509Certificate; import java.util.Properties; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteObject; import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteUtil; import at.gv.egiz.pdfas.api.xmldsig.XMLDsigData; import at.gv.egiz.pdfas.exceptions.ErrorCode; import at.gv.egiz.pdfas.framework.ConnectorParameters; import at.knowcenter.wag.egov.egiz.PdfAS; import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException; import at.knowcenter.wag.egov.egiz.exceptions.SettingsException; import at.knowcenter.wag.egov.egiz.sig.SignatureData; import at.knowcenter.wag.egov.egiz.sig.SignatureObject; import at.knowcenter.wag.egov.egiz.sig.SignatureResponse; import at.knowcenter.wag.egov.egiz.sig.connectors.Connector; import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment; import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces; import at.knowcenter.wag.egov.egiz.sig.connectors.moa.DetachedLocRefMOAConnector; import at.knowcenter.wag.egov.egiz.sig.connectors.moa.MOASoapWithAttachmentConnector; import at.knowcenter.wag.egov.egiz.sig.connectors.mocca.LocRefDetachedMOCCAConnector; import at.knowcenter.wag.egov.egiz.sig.sigkz.SigKZIDHelper; import at.knowcenter.wag.egov.egiz.sig.signaturelayout.SignatureLayoutHandler; import at.knowcenter.wag.egov.egiz.sig.signaturelayout.SignatureLayoutHandlerFactory; import at.knowcenter.wag.egov.egiz.tools.CodingHelper; /** * Connects to the BKU using the detached multipart/formdata requests. * *

* This feature is available since BKU version 2.7.4. *

* * @author wprinz */ public class DetachedBKUConnector implements Connector, LocalConnector { //23.11.2010 changed by exthex - added reconstructXMLDsig method and moved xmldsig creation to chooseAndCreateXMLDsig method /** * The log. */ private static Log log = LogFactory.getLog(DetachedBKUConnector.class); /** * The connector parameters. */ protected ConnectorParameters params = null; /** * The environemnt configuration of this connector containing templates and * other configurable elements. */ protected Environment environment = null; /** * Constructor that builds the configuration environment for this connector * according to the given profile. * *

* If confuguration parameters are not defined on that profile, the default * parameters defined in the configuration are used. *

* * @param connectorParameters * The connectot parameters. * @throws ConnectorException * f.e. */ public DetachedBKUConnector(ConnectorParameters connectorParameters, String loc_ref_content) throws ConnectorException { this.params = connectorParameters; this.environment = new Environment(this.params.getProfileId(), loc_ref_content); } /** * Prepares the sign request xml to be sent using the sign request template. * * @param data * The SignatureData. * @return Returns the sign request xml to be sent. * @throws ConnectorException * f.e. */ public String prepareSignRequest(SignatureData data) throws ConnectorException { log.debug("prepareSignRequestDetached:"); //$NON-NLS-1$ String sign_request_template = this.environment.getSignRequestTemplate(); String sign_keybox_identifier = this.environment.getSignKeyboxIdentifier(); String mime_type = data.getMimeType(); String loc_ref_content = this.environment.getLocRefContent(); if (log.isDebugEnabled()) { log.debug("sign keybox identifier = " + sign_keybox_identifier); //$NON-NLS-1$ log.debug("mime type = " + mime_type); //$NON-NLS-1$ log.debug("loc_ref_content = " + loc_ref_content); //$NON-NLS-1$ } String sign_request_xml = sign_request_template.replaceFirst(TemplateReplaces.KEYBOX_IDENTIFIER_REPLACE, sign_keybox_identifier); sign_request_xml = sign_request_xml.replaceFirst(TemplateReplaces.MIME_TYPE_REPLACE, mime_type); sign_request_xml = sign_request_xml.replaceFirst(TemplateReplaces.LOC_REF_CONTENT_REPLACE, loc_ref_content); log.debug("sign_request_xml = " + sign_request_xml); log.debug("prepareSignRequestDetached finished."); //$NON-NLS-1$ return sign_request_xml; } /** * Analyzes the sign response xml and extracts the signature data. * * @param response_properties * The response properties containing the response String and * transport related information. * @return Returns the extracted data encapsulated in a SignatureObject. * @throws ConnectorException * f.e. */ public SignSignatureObject analyzeSignResponse(Properties response_properties) throws ConnectorException { log.debug("analyzeSignResponse:"); //$NON-NLS-1$ String response_string = response_properties.getProperty(BKUPostConnection.RESPONSE_STRING_KEY); String bkuIdentifier = BKUHelper.getBKUIdentifier(response_properties); log.debug("BKU identifier: " + (bkuIdentifier != null ? ("\"" + bkuIdentifier + "\"") : "n/a")); SignatureLayoutHandler sigLayout; try { sigLayout = SignatureLayoutHandlerFactory.getSignatureLayoutHandlerInstance(bkuIdentifier); } catch (SettingsException e) { throw new ConnectorException(e.getErrorCode(), e.getMessage()); } BKUHelper.checkResponseForError(response_string); SignSignatureObject so = sigLayout.parseCreateXMLSignatureResponse(response_string, this.environment); so.response_properties = response_properties; log.debug("analyzeSignResponse finished."); //$NON-NLS-1$ return so; } public static String[] parseSigIds(String sig_ids) { if (sig_ids == null || sig_ids.length() == 0) { return null; } // int index = sig_ids.indexOf(PdfAS.IDS); // if (index < 0) // { // return null; // } // sig_ids = sig_ids.substring(index + PdfAS.IDS.length()); // // if (sig_ids == null || sig_ids.length() == 0) // { // return null; // } String[] ids_str = sig_ids.split("@"); String etsi_string = null; if (ids_str.length == 3) { etsi_string = ids_str[0]; String[] rest_ids = new String[] { ids_str[1], ids_str[2] }; ids_str = rest_ids; } String base = ids_str[0]; String[] ids = ids_str[1].split("-"); String[] real_ids = new String[6]; // the last one contains the etsi string real_ids[0] = base + "-" + ids[0]; real_ids[1] = "0-" + base + "-" + ids[1]; real_ids[2] = "0-" + base + "-" + ids[2]; real_ids[3] = "0-" + base + "-" + ids[3]; real_ids[4] = "0-" + base + "-" + ids[4]; real_ids[5] = etsi_string; if (log.isDebugEnabled()) { for (int id_idx = 0; id_idx < real_ids.length; id_idx++) { log.debug("real_ids[" + id_idx + "] = " + real_ids[id_idx]); } } return real_ids; } /** * Sends the request and data to the given URL. * *

* This method mainly handles communication exceptions. The actual send work * is done by doPostRequestMultipart. *

* * @see BKUPostConnection#doPostRequestMultipart(String, String, * SignatureData) * * @param url * The URL to send the request to. * @param request_string * The request XML. * @param data * The data. * @return Returns the response properties containing among others the * response XML. * @throws ConnectorException * f.e. */ protected Properties sendRequest(String url, String request_string, SignatureData data) throws ConnectorException { try { Properties response_properties = BKUPostConnection.doPostRequestMultipart(url, request_string, data); return response_properties; } catch (Exception e) { ConnectorException se = new ConnectorException(320, e); throw se; } } /** * Performs a sign. * * @param data * The data to be signed. * @return Returns the signature object containing the signature data. * @throws ConnectorException * f.e. */ public SignSignatureObject doSign(SignatureData data) throws ConnectorException { log.debug("doSign:"); //$NON-NLS-1$ String sign_request_xml = prepareSignRequest(data); log.debug("sign_request_xml = " + sign_request_xml); //$NON-NLS-1$ String url = this.environment.getSignURL(); Properties response_properties = sendRequest(url, sign_request_xml, data); SignSignatureObject sso = analyzeSignResponse(response_properties); sso.response_properties = response_properties; log.debug("doSign finished."); //$NON-NLS-1$ return sso; } /** * Performs a verification. * * @param data * The data to be verified. * @param so * The signature object with the signature information. * @return Returns the SignatureResponse with the result of the verification. * @throws ConnectorException * f.e. */ public SignatureResponse doVerify(SignatureData data, SignSignatureObject so, XMLDsigData dsig) throws ConnectorException { log.debug("doVerify:"); //$NON-NLS-1$ String verify_request_xml = prepareVerifyRequest(data, so, dsig); log.debug("verify_request_xml = " + verify_request_xml); //$NON-NLS-1$ // TODO debug - remove // try // { // FileOutputStream fos = new // FileOutputStream("C:\\wprinz\\Filer\\egiz2\\verify_request.utf8.xml"); // //$NON-NLS-1$ // fos.write(verify_request_xml.getBytes("UTF-8")); //$NON-NLS-1$ // fos.close(); // } // catch (Exception e) // { // log.error(e); // } String url = this.environment.getVerifyURL(); Properties response_properties = sendRequest(url, verify_request_xml, data); SignatureResponse signature_response = analyzeVerifyResponse(response_properties); log.debug("doVerify finished."); //$NON-NLS-1$ return signature_response; } /** * Prepares the verify request xml to be sent using the verify request * template. * * @param data * The SignatureData. * @param so * The signature information object. * @return Returns the verify request xml to be sent. * @throws ConnectorException * f.e. */ public String prepareVerifyRequest(SignatureData data, SignSignatureObject so, XMLDsigData dsigData) throws ConnectorException { String verify_request_template = this.environment.getVerifyRequestTemplate(); String xml_content = null; if (dsigData != null && dsigData.getXmlDsig() != null) { xml_content = dsigData.getXmlDsig(); } else { xml_content = chooseAndCreateXMLDsig(data, so); } // fixed by dti: Issuer names may contain escapted commas ("\,"). As far as replaceFirst (and replaceAll) // methods are regarded, backslashes in the replacement string may cause the results to be different than // if it were being treated as a literal replacement string. // String verify_request_xml = verify_request_template.replaceFirst(TemplateReplaces.XML_CONTENT_REPLACE, xml_content); String verify_request_xml = verify_request_template.replace(TemplateReplaces.XML_CONTENT_REPLACE, xml_content); verify_request_xml = verify_request_xml.replaceFirst(TemplateReplaces.LOC_REF_CONTENT_REPLACE, this.environment.getLocRefContent()); verify_request_xml = verify_request_xml.replaceFirst(TemplateReplaces.DATE_TIME_REPLACE, BKUHelper.formDateTimeElement(this.params.getVerificationTime(), "sl")); return verify_request_xml; } private String chooseAndCreateXMLDsig(SignatureData data, SignSignatureObject so) throws ConnectorException { // MOA if (SigKZIDHelper.isMOASigned(so)) { log.debug("The signature is MOA signed -> getting XML content from DetachedLocRefMOA connector."); DetachedLocRefMOAConnector moa_conn = new DetachedLocRefMOAConnector(this.environment.getProfile(), "loc ref not needed here"); return moa_conn.prepareXMLContent(data, so); // MOCCA } else if (SigKZIDHelper.isMOCCASigned(so)) { log.debug("MOCCA signature detected."); String algorithmId = SigKZIDHelper.parseAlgorithmId(so.id); log.debug("Algorithm = " + algorithmId); LocRefDetachedMOCCAConnector mocca_connector = new LocRefDetachedMOCCAConnector(this.params, "not needed here", algorithmId); return mocca_connector.prepareXMLContent(data, so); // ATRUST } else if (SigKZIDHelper.isATrustSigned(so)) { log.debug("ATrust signature detected"); MOASoapWithAttachmentConnector moaConn = new MOASoapWithAttachmentConnector(this.params); moaConn.reInitVerifyTemplate(MOASoapWithAttachmentConnector.ATRUST_VERIFY_TEMPLATE_KEY); return moaConn.prepareXMLContent(data, so); } else if (SigKZIDHelper.isATrustX14Signed(so)) { log.debug("ATrust Xades 1.4 signature detected"); MOASoapWithAttachmentConnector moaConn = new MOASoapWithAttachmentConnector(this.params); moaConn.reInitVerifyTemplate(MOASoapWithAttachmentConnector.ATRUST_XADES_1_4_VERIFY_TEMPLATE_KEY); return moaConn.prepareXMLContent(data, so); } // TD else if (SigKZIDHelper.isBKUSigned(so)) { log.debug("TD signature signature detected."); return prepareXMLContent(data, so); } // unknown else { throw new ConnectorException(ErrorCode.UNSUPPORTED_SIGNATURE, "Unsupported signature (" + so.id + ", " +so.kz + "). Please get a new version of PDF-AS. Your version is: " + PdfAS.PDFAS_VERSION); } } /** * Prepares the XML content the holds the actual signature data. * *

* This strongly rebuilds the XML content as retuned from a sign request. *

* * @param data * The data. * @param so * The signature object containing the signature information. * @return Returns the XML content. * @throws ConnectorException * f.e. */ public String prepareXMLContent(SignatureData data, SignSignatureObject so) throws ConnectorException { log.debug("prepareXMLContent:"); //$NON-NLS-1$ try { String ids_string = so.getSigID(); String[] ids = SignatureObject.parseSigIds(ids_string); X509Certificate cert = so.getX509Certificate(); // dferbas AlgorithmSuiteObject algSuite = new AlgorithmSuiteObject(); String verify_xml = AlgorithmSuiteUtil.evaluateReplaceAlgs(algSuite, this.environment, so); // data digest replace { // byte[] data_value = data.getData(); // byte[] data_value_hash = CodingHelper.buildDigest(data_value); byte[] data_value_hash = CodingHelper.buildDigest(data.getDataSource(), algSuite.getDataDigestMethod()); String object_data_hash = CodingHelper.encodeBase64(data_value_hash); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_DATA_REPLACE, object_data_hash); } // SIG id replaces verify_xml = verify_xml.replaceAll(TemplateReplaces.SIG_DATA_REF_REPLACE, ids[1]); verify_xml = verify_xml.replaceAll(TemplateReplaces.ETSI_DATA_REF_REPLACE, ids[3]); verify_xml = verify_xml.replaceAll(TemplateReplaces.SIG_DATA_OBJ_URI_REPLACE, ids[2]); verify_xml = verify_xml.replaceFirst(TemplateReplaces.SIGNATURE_VALUE_REPLACE, so.getSignatureValue()); // X.509 Certificate replace byte[] der = cert.getEncoded(); byte[] cert_hash = CodingHelper.buildDigest(der, algSuite.getCertDigestMethod()); String certDigest = CodingHelper.encodeBase64(cert_hash); String x509_cert_string = CodingHelper.encodeBase64(der); verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_CERTIFICATE_REPLACE, x509_cert_string); // Qualified Properties replaces verify_xml = verify_xml.replaceAll(TemplateReplaces.ETSI_DATA_OBJ_URI_REPLACE, ids[4]); verify_xml = verify_xml.replaceAll(TemplateReplaces.SIG_ID_REPLACE, ids[0]); verify_xml = verify_xml.replaceFirst(TemplateReplaces.SIGNING_TIME_REPLACE, so.getDate()); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_CERTIFICATE_REPLACE, certDigest); // fixed by dti: Issuer names may contain escapted commas ("\,"). As far as replaceFirst (and replaceAll) // methods are regarded, backslashes in the replacement string may cause the results to be different than // if it were being treated as a literal replacement string. // verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_ISSUER_NAME_REPLACE, so.getIssuer()); verify_xml = verify_xml.replace(TemplateReplaces.X509_ISSUER_NAME_REPLACE, so.getIssuer()); verify_xml = verify_xml.replaceFirst(TemplateReplaces.X509_SERIAL_NUMBER_REPLACE, so.getSerialNumber()); // SigDataRefReplace already done above verify_xml = verify_xml.replaceFirst(TemplateReplaces.MIME_TYPE_REPLACE, data.getMimeType()); // Signed Properties hash { final String ETSI_SIGNED_PROPERTIES_START_TAG = "= 0; final int hash_end = verify_xml.indexOf(ETSI_SIGNED_PROPERTIES_END_TAG, hash_start) + ETSI_SIGNED_PROPERTIES_END_TAG.length(); assert hash_end - ETSI_SIGNED_PROPERTIES_END_TAG.length() >= 0; assert hash_end > hash_start; final String string_to_be_hashed = verify_xml.substring(hash_start, hash_end); log.debug("etsi:SignedProperties string to be hashed: " + string_to_be_hashed); //$NON-NLS-1$ final byte[] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8"); //$NON-NLS-1$ byte[] sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed, algSuite.getPropertiesDigestMethod()); String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code); verify_xml = verify_xml.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_PROPERTIES_REPLACE, sig_prop_hash); } log.debug("prepareXMLContent finished."); //$NON-NLS-1$ return verify_xml; } catch (Exception e) { log.debug(e); throw new ConnectorException(310, e); } } /** * Analyzes the verify response string. * * @param response_properties * The response properties containing the response XML. * @return Returns the SignatureResponse containing the verification result. * @throws ConnectorException * f.e. */ public SignatureResponse analyzeVerifyResponse(Properties response_properties) throws ConnectorException { log.debug("analyzeVerifyResponse:"); //$NON-NLS-1$ String response_string = response_properties.getProperty(BKUPostConnection.RESPONSE_STRING_KEY); BKUHelper.checkResponseForError(response_string); SignatureResponse signature_response = BKUHelper.parseVerifyXMLResponse(response_string); log.debug("analyzeVerifyResponse finished."); //$NON-NLS-1$ return signature_response; } /** * Holds environment configuration information like templates. * * @author wprinz */ public static class Environment extends ConnectorEnvironment { /** * The configuration key of the sign keybox identifier. */ protected static final String SIGN_KEYBOX_IDENTIFIER_KEY = "bku.sign.KeyboxIdentifier"; //$NON-NLS-1$ /** * The configuration key of the sign request template. */ protected static final String SIGN_REQUEST_TEMPLATE_KEY = "bku.sign.request.detached"; //$NON-NLS-1$ /** * The configuration key of the sign URL. */ protected static final String SIGN_URL_KEY = "bku.sign.url"; //$NON-NLS-1$ /** * BKU template file prefix */ protected static final String TEMPLATE_FILE_PREFIX = "/templates/bku."; /** * signing file template sufix */ protected static final String SIGN_TEMPLATE_FILE_SUFIX = ".sign.xml"; /** * verifing template file sufix */ protected static final String VERIFY_REQUEST_TEMPLATE_FILE_SUFIX = ".verify.request.xml"; /** * verifing file template key sufix */ protected static final String VERIFY_TEMPLATE_SUFIX = ".verify.template.xml"; /** * The configuration key of the verify request template. */ protected static final String VERIFY_REQUEST_TEMPLATE_KEY = "bku.verify.request.detached"; //$NON-NLS-1$ /** * The configuration key of the verify template. */ protected static final String VERIFY_TEMPLATE_KEY = "bku.verify.template.detached"; //$NON-NLS-1$ /** * The configuration key of the verify URL. */ protected static final String VERIFY_URL_KEY = "bku.verify.url"; //$NON-NLS-1$ /** * The configuration key for the ECDSA cert alg property. */ protected static final String ECDSA_CERT_ALG_KEY = "cert.alg.ecdsa"; //$NON-NLS-1$ /** * The configuration key for the RSA cert alg property. */ protected static final String RSA_CERT_ALG_KEY = "cert.alg.rsa"; //$NON-NLS-1$ protected String profile = null; protected String loc_ref_content = null; protected String sign_keybox_identifier = null; protected String sign_request_template = null; protected String sign_url = null; protected String verify_request_template = null; protected String verify_template = null; protected String verify_url = null; protected String cert_alg_ecdsa = null; protected String cert_alg_rsa = null; /** * Initializes the environment with a given profile. * * @param profile * The configuration profile. * @throws ConnectorException * f.e. */ public Environment(String profile, String loc_ref_content) throws ConnectorException { this.profile = profile; this.loc_ref_content = loc_ref_content; SettingsReader settings = null; try { settings = SettingsReader.getInstance(); } catch (SettingsException e) { throw new ConnectorException(300, e); } this.sign_keybox_identifier = getConnectorValueFromProfile(settings, profile, SIGN_KEYBOX_IDENTIFIER_KEY); String sign_request_filename = TEMPLATE_FILE_PREFIX + settings.getValueFromKey("default.bku.algorithm.id") + SIGN_TEMPLATE_FILE_SUFIX; // try to load template from file //this.sign_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(sign_request_filename)); this.sign_request_template = settings.readInternalResourceAsString(sign_request_filename); // when first load failed (the template file does'nt exist), load it from default template file if(this.sign_request_template == null) { sign_request_filename = getConnectorValueFromProfile(settings, profile, SIGN_REQUEST_TEMPLATE_KEY); //this.sign_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(sign_request_filename)); this.sign_request_template = settings.readInternalResourceAsString(sign_request_filename); } if (this.sign_request_template == null) { throw new ConnectorException(300, "Can not read the create xml request template"); //$NON-NLS-1$ } this.sign_url = getConnectorValueFromProfile(settings, profile, SIGN_URL_KEY); // verify String verify_request_filename = TEMPLATE_FILE_PREFIX + settings.getValueFromKey("default.bku.algorithm.id") + VERIFY_REQUEST_TEMPLATE_FILE_SUFIX; // try to load template file for verifing //this.verify_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_request_filename)); this.verify_request_template = settings.readInternalResourceAsString(verify_request_filename); if(this.verify_request_template == null) { verify_request_filename = getConnectorValueFromProfile(settings, profile, VERIFY_REQUEST_TEMPLATE_KEY); //this.verify_request_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_request_filename)); this.verify_request_template = settings.readInternalResourceAsString(verify_request_filename); } if (this.verify_request_template == null) { throw new ConnectorException(ErrorCode.SETTING_NOT_FOUND, "Can not read the verify xml request template"); //$NON-NLS-1$ } // load template key file String verify_filename = TEMPLATE_FILE_PREFIX + settings.getValueFromKey("default.bku.algorithm.id") + VERIFY_TEMPLATE_SUFIX; //this.verify_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_filename)); this.verify_template = settings.readInternalResourceAsString(verify_filename); if(this.verify_template == null) { verify_filename = getConnectorValueFromProfile(settings, profile, VERIFY_TEMPLATE_KEY); //this.verify_template = FileHelper.readFromFile(SettingsReader.relocateFile(verify_filename)); this.verify_template = settings.readInternalResourceAsString(verify_filename); } if (this.verify_template == null) { throw new ConnectorException(ErrorCode.SETTING_NOT_FOUND, "Can not read the verify template"); //$NON-NLS-1$ } this.verify_url = getConnectorValueFromProfile(settings, profile, VERIFY_URL_KEY); this.cert_alg_ecdsa = settings.getValueFromKey(ECDSA_CERT_ALG_KEY); this.cert_alg_rsa = settings.getValueFromKey(RSA_CERT_ALG_KEY); } public String getProfile() { return this.profile; } /** * Returns the LocRef content. * * @return Returns the LocRef content. */ public String getLocRefContent() { return this.loc_ref_content; } /** * Returns the sign keybox identifier. * * @return Returns the sign keybox identifier. */ public String getSignKeyboxIdentifier() { return this.sign_keybox_identifier; } /** * Returns the sign request template. * * @return Returns the sign request template. */ public String getSignRequestTemplate() { return this.sign_request_template; } /** * Returns the sign URL. * * @return Returns the sign URL. */ public String getSignURL() { return this.sign_url; } /** * Returns the verify request template. * * @return Returns the verify request template. */ public String getVerifyRequestTemplate() { return this.verify_request_template; } /** * Returns the verify template. * * @return Returns the verify template. */ public String getVerifyTemplate() { return this.verify_template; } /** * Returns the verify URL. * * @return Returns the verify URL. */ public String getVerifyURL() { return this.verify_url; } /** * Returns the ecdsa cert alg property. * * @return Returns the ecdsa cert alg property. */ public String getCertAlgEcdsa() { return this.cert_alg_ecdsa; } /** * Returns the rsa cert alg property. * * @return Returns the rsa cert alg property. */ public String getCertAlgRsa() { return this.cert_alg_rsa; } /** * Reads the configuration entry given by the key, first from the given * profile, if not found from the defaults. * * @param settings * The settings. * @param profile * The profile. * @param key * The configuration key. * @return Returns the configuration entry. */ public static String getConnectorValueFromProfile(SettingsReader settings, String profile, String key) { String value = settings.getValueFromKey("sig_obj." + profile + "." + key); //$NON-NLS-1$//$NON-NLS-2$ if (value == null) { value = settings.getValueFromKey(key); } return value; } } public XMLDsigData reconstructXMLDsig(SignatureData data, SignSignatureObject so) throws ConnectorException { String xmldsig = chooseAndCreateXMLDsig(data, so); return new XMLDsigData(xmldsig, true); } }