/** * Copyright 2006 by Know-Center, Graz, Austria * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a * joint initiative of the Federal Chancellery Austria and Graz University of * Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ package at.knowcenter.wag.egov.egiz.sig.connectors.bku; import java.io.Serializable; import java.security.cert.X509Certificate; import java.util.HashMap; import java.util.Map; import java.util.Properties; import at.gv.egiz.pdfas.api.timestamp.TimeStamper; import at.knowcenter.wag.egov.egiz.sig.SignatureTypes; import at.knowcenter.wag.egov.egiz.sig.signatureobject.AdditionalSignatureInformation; import at.knowcenter.wag.egov.egiz.sig.signatureobject.AlgorithmSignatureInformation; import at.knowcenter.wag.egov.egiz.sig.signatureobject.ConnectorSignatureInformation; import at.knowcenter.wag.egov.egiz.sig.signatureobject.MandatorySignatureInformation; /** * @author wprinz * */ public class SignSignatureObject implements Serializable, MandatorySignatureInformation, ConnectorSignatureInformation, AlgorithmSignatureInformation, AdditionalSignatureInformation { /** * SVUID. */ private static final long serialVersionUID = -2689261480444802213L; public String date = null; public String issuer = null; public String signatureValue = null; public String id = null; public String kz = null; public String sigAlgorithm; public String sigTimeStamp; /** * This is used to transport the response properties to the Detached signator. */ public Properties response_properties = null; /** * The X509Certificate. * *

* This also provides the serial number and name. *

*/ public X509Certificate x509Certificate = null; // dferbas public Map subjectDNMap = new HashMap(); public Map issuerDNMap = new HashMap(); /** * @see at.knowcenter.wag.egov.egiz.sig.signatureobject.MandatorySignatureInformation#getDate() */ public String getDate() { return this.date; } /** * @see at.knowcenter.wag.egov.egiz.sig.signatureobject.MandatorySignatureInformation#getIssuer() */ public String getIssuer() { return this.issuer; } /** * @see at.knowcenter.wag.egov.egiz.sig.signatureobject.MandatorySignatureInformation#getSerialNumber() */ public String getSerialNumber() { return this.x509Certificate.getSerialNumber().toString(); } /** * @see at.knowcenter.wag.egov.egiz.sig.signatureobject.MandatorySignatureInformation#getSignatureValue() */ public String getSignatureValue() { return this.signatureValue; } /** * @see at.knowcenter.wag.egov.egiz.sig.signatureobject.ConnectorSignatureInformation#getSigID() */ public String getSigID() { return this.id; } /** * @see at.knowcenter.wag.egov.egiz.sig.signatureobject.AlgorithmSignatureInformation#getSigKZ() */ public String getSigKZ() { return this.kz; } /** * @see at.knowcenter.wag.egov.egiz.sig.signatureobject.AdditionalSignatureInformation#getName() */ public String getName() { return this.x509Certificate.getSubjectDN().toString(); } /** * @see at.knowcenter.wag.egov.egiz.sig.signatureobject.AdditionalSignatureInformation#getX509Certificate() */ public X509Certificate getX509Certificate() { return this.x509Certificate; } public String getSigAlgorithm() { return this.sigAlgorithm; } public String retrieveStringValue(String sigKey) { // mandatory if (sigKey.equals(SignatureTypes.SIG_DATE)) { return getDate(); } if (sigKey.equals(SignatureTypes.SIG_VALUE)) { return getSignatureValue(); } if (sigKey.equals(SignatureTypes.SIG_ISSUER)) { return getIssuer(); } if (sigKey.equals(SignatureTypes.SIG_NUMBER)) { return getSerialNumber(); } // connector if (sigKey.equals(SignatureTypes.SIG_ID)) { return getSigID(); } // algorithm if (sigKey.equals(SignatureTypes.SIG_KZ)) { return getSigKZ(); } // additional if (sigKey.equals(SignatureTypes.SIG_NAME)) { return getName(); } if (sigKey.equals(SignatureTypes.SIG_SUBJECT)) { return getName(); } if (sigKey.equals(SignatureTypes.SIG_ALG)) { return getSigAlgorithm(); } throw new RuntimeException("The key '" + sigKey + "' is not a recognized SignatorObject member."); //$NON-NLS-1$ //$NON-NLS-2$ } // dferbas /** * Get a timestamp if available as b64 string * @see TimeStamper * @return */ public String getSigTimeStamp() { return this.sigTimeStamp; } public Map getSubjectDNMap() { if (this.subjectDNMap.size() == 0 && this.getX509Certificate() != null) { //rpiazzi workaround //the problem with atrust encoding special characters (Sonderzeichen) wrong //led to this workaround. As special characters are of the form e.g. "&#xxx;" //Example: for "Georg Müller" atrust returns "Georg Müller" //By calling this.getX509Certificate().getSubjectDN().getName() you get "Georg Mü\;ller", //After that the down called method fillDNMap replaces the "\" with a "+" //Because of this the workaround in at.gv.egiz.pdfas.impl.signator.binary.BinarySignator_1_0_0.fillReplacesWithValues() //which replaces the wrong codes of atrust with the special chars does not work //------------------------------------------------------------------------------ //The workaround here is to call this.getX509Certificate().getSubjectDN.toString() //instead of this.getX509Certificate().getSubjectDN.getName() if (this.getX509Certificate().getSubjectDN().toString().contains(";") || this.getX509Certificate().getSubjectDN().toString().contains("#") || this.getX509Certificate().getSubjectDN().toString().contains("&")) { fillDNMap(this.getX509Certificate().getSubjectDN().toString(), this.subjectDNMap); } else { fillDNMap(this.getX509Certificate().getSubjectDN().getName(), this.subjectDNMap); } //end workaround } return this.subjectDNMap; } public String certSubjectDNPart(String key) { return (String)this.getSubjectDNMap().get(key); } public Map getIssuerDNMap() { if (this.issuerDNMap.size() == 0 && this.getX509Certificate() != null) { fillDNMap(this.getX509Certificate().getIssuerDN().getName(), this.issuerDNMap); } return this.issuerDNMap; } public String certIssuerDNPart(String key) { return (String)this.getIssuerDNMap().get(key); } private void fillDNMap(String dn, Map dnMap) { // split at "," but not at "\," String[] arr = dn.split("\\s*(? , entry[1] = entry[1].replaceAll("\\\\+", "+"); // \+ -> + entry[1] = entry[1].replaceAll("\\\\\"", "\""); // \" -> " entry[1] = entry[1].replaceAll("\\\\\\\\", "\\"); // \\ -> \ entry[1] = entry[1].replaceAll("\\\\<,", "<"); // \< -> < entry[1] = entry[1].replaceAll("\\\\>", ">"); // \> -> > entry[1] = entry[1].replaceAll("\\\\;", ";"); // \; -> ; entry[1] = entry[1].replaceAll("\\\\#", "#"); // \# -> # dnMap.put(entry[0], entry[1]); } } }