= 0;
final int hash_end = sig_prop_str.indexOf(ETSI_SIGNED_PROPERTIES_END_TAG, hash_start) + ETSI_SIGNED_PROPERTIES_END_TAG.length();
assert hash_end - ETSI_SIGNED_PROPERTIES_END_TAG.length() >= 0;
assert hash_end > hash_start;
final String string_to_be_hashed = sig_prop_str.substring(hash_start, hash_end);
logger_.debug("etsi:SignedProperties string to be hashed: " + string_to_be_hashed);
logger_.debug("\n--------------------- ETSI properties string to be hashed: start ---------------------");
logger_.debug(string_to_be_hashed);
logger_.debug("\n--------------------- ETSI properties string to be hashed: stop ---------------------");
final byte [] bytes_to_be_hashed = string_to_be_hashed.getBytes("UTF-8");
sig_prop_code = CodingHelper.buildDigest(bytes_to_be_hashed);
}
String sig_prop_hash = CodingHelper.encodeBase64(sig_prop_code);
ver_temp_str = ver_temp_str.replaceFirst("DigestValueSignedPropertiesReplace", sig_prop_hash);
if (logger_.isDebugEnabled())
{
logger_.debug("build digest from QualifyingProperties:start");
//logger_.debug("DATA :" + sig_prop_str);
logger_.debug("DIGEST:" + sig_prop_hash);
logger_.debug("build digest from QualifyingProperties:end");
}
ver_temp_str = ver_temp_str.replaceFirst("SignatureValueReplace", sigObject.getSignationValue());
ver_temp_str = ver_temp_str.replaceFirst("X509CertificateReplace", x509_cert_string);
byte[] data_value = normalizedText.getBytes("UTF-8");
byte[] data_value_hash = CodingHelper.buildDigest(data_value);
String object_data_hash = CodingHelper.encodeBase64(data_value_hash);
// String object_data = new String(data_value);
if (logger_.isDebugEnabled())
{
logger_.debug("build digest from data object:start");
//logger_.debug("DATA :" + normalizedText);
logger_.debug("DIGEST:" + object_data_hash);
logger_.debug("build digest from data object:end");
}
//String raw_b64 = CodingHelper.encodeUTF8AsBase64(normalizedText);
String raw_b64 = CodingHelper.encodeBase64(data_value);
ver_temp_str = ver_temp_str.replaceFirst("Base64ContentReplace", raw_b64);
ver_temp_str = ver_temp_str.replaceFirst("DigestValueSignedDataReplace", object_data_hash);
ver_temp_str = ver_temp_str.replaceAll("SigIdReplace", ids[0]);
ver_temp_str = ver_temp_str.replaceAll("SigDataRefReplace", ids[1]);
ver_temp_str = ver_temp_str.replaceAll("SigDataObjURIReplace", ids[2]);
ver_temp_str = ver_temp_str.replaceAll("EtsiDataRefReplace", ids[3]);
ver_temp_str = ver_temp_str.replaceAll("EtsiDataObjURIReplace", ids[4]);
if (logger_.isDebugEnabled())
{
//logger_.debug("VERIFY REQUEST:" + ver_temp_str);
}
return ver_temp_str;
}
catch (UnsupportedEncodingException e)
{
throw new SignatureException(310, e);
}
}
/**
* This method parses the verify response string and return a
* SignatureResponse object. The SignatureResponse object is filled out by the
* response values from the BKU-response.
*
* @param xmlResponse
* the response values from the BKU-verify request
* @return SignatureResponse object
* @see SignatureResponse
*/
private SignatureResponse parseVerifyXMLResponse(String xmlResponse)
{
if (logger_.isInfoEnabled())
{
logger_.info("Try parsing the verify response");
}
Pattern sub_nam_p_s = Pattern.compile("");
Pattern sub_nam_p_e = Pattern.compile("");
Pattern iss_nam_p_s = Pattern.compile("");
Pattern iss_nam_p_e = Pattern.compile("");
Pattern ser_num_p_s = Pattern.compile("");
Pattern ser_num_p_e = Pattern.compile("");
Pattern sig_chk_p_s = Pattern.compile("");
Pattern sig_chk_p_e = Pattern.compile("");
Pattern man_chk_p_s = Pattern.compile("");
Pattern man_chk_p_e = Pattern.compile("");
Pattern cer_chk_p_s = Pattern.compile("");
Pattern cer_chk_p_e = Pattern.compile("");
// [tknall] start qualified certificate
Pattern cert_qualified_p = Pattern.compile("");
Matcher cert_qualified_m = cert_qualified_p.matcher(xmlResponse);
// [tknall] stop qualified certificate
Pattern code_p_s = Pattern.compile("");
Pattern code_p_e = Pattern.compile("");
Pattern info_p_s = Pattern.compile("");
Pattern info_p_e = Pattern.compile("");
Pattern cert_p_s = Pattern.compile("");
Pattern cert_p_e = Pattern.compile("");
Matcher sub_nam_m_s = sub_nam_p_s.matcher(xmlResponse);
Matcher sub_nam_m_e = sub_nam_p_e.matcher(xmlResponse);
Matcher iss_nam_m_s = iss_nam_p_s.matcher(xmlResponse);
Matcher iss_nam_m_e = iss_nam_p_e.matcher(xmlResponse);
Matcher ser_num_m_s = ser_num_p_s.matcher(xmlResponse);
Matcher ser_num_m_e = ser_num_p_e.matcher(xmlResponse);
Matcher sig_chk_m_s = sig_chk_p_s.matcher(xmlResponse);
Matcher sig_chk_m_e = sig_chk_p_e.matcher(xmlResponse);
Matcher man_chk_m_s = man_chk_p_s.matcher(xmlResponse);
Matcher man_chk_m_e = man_chk_p_e.matcher(xmlResponse);
Matcher cer_chk_m_s = cer_chk_p_s.matcher(xmlResponse);
Matcher cer_chk_m_e = cer_chk_p_e.matcher(xmlResponse);
Matcher cert_m_s = cert_p_s.matcher(xmlResponse);
Matcher cert_m_e = cert_p_e.matcher(xmlResponse);
SignatureResponse sig_res = new SignatureResponse();
// [tknall] start qualified certificate
sig_res.setQualifiedCertificate(cert_qualified_m.find());
// [tknall] stop qualified certificate
if (sub_nam_m_s.find() && sub_nam_m_e.find())
{
String sub_nam = xmlResponse.substring(sub_nam_m_s.end(), sub_nam_m_e.start());
sig_res.setX509SubjectName(sub_nam);
}
if (iss_nam_m_s.find() && iss_nam_m_e.find())
{
String iss_nam = xmlResponse.substring(iss_nam_m_s.end(), iss_nam_m_e.start());
sig_res.setX509IssuerName(iss_nam);
}
if (ser_num_m_s.find() && ser_num_m_e.find())
{
String ser_num = xmlResponse.substring(ser_num_m_s.end(), ser_num_m_e.start());
sig_res.setX509SerialNumber(ser_num);
}
if (sig_chk_m_s.find() && sig_chk_m_e.find())
{
String sig_chk = xmlResponse.substring(sig_chk_m_s.end(), sig_chk_m_e.start());
Matcher code_m_s = code_p_s.matcher(sig_chk);
Matcher code_m_e = code_p_e.matcher(sig_chk);
Matcher info_m_s = info_p_s.matcher(sig_chk);
Matcher info_m_e = info_p_e.matcher(sig_chk);
if (code_m_s.find() && code_m_e.find())
{
String code = sig_chk.substring(code_m_s.end(), code_m_e.start());
sig_res.setSignatureCheckCode(code);
}
if (info_m_s.find() && info_m_e.find())
{
String info = sig_chk.substring(info_m_s.end(), info_m_e.start());
sig_res.setSignatureCheckInfo(info);
}
}
if (man_chk_m_s.find() && man_chk_m_e.find())
{
String man_chk = xmlResponse.substring(man_chk_m_s.end(), man_chk_m_e.start());
Matcher code_m_s = code_p_s.matcher(man_chk);
Matcher code_m_e = code_p_e.matcher(man_chk);
Matcher info_m_s = info_p_s.matcher(man_chk);
Matcher info_m_e = info_p_e.matcher(man_chk);
if (code_m_s.find() && code_m_e.find())
{
String code = man_chk.substring(code_m_s.end(), code_m_e.start());
sig_res.setSignatureManifestCheckCode(code);
}
if (info_m_s.find() && info_m_e.find())
{
String info = man_chk.substring(info_m_s.end(), info_m_e.start());
sig_res.setSignatureManifestCheckInfo(info);
}
}
if (cer_chk_m_s.find() && cer_chk_m_e.find())
{
String cer_chk = xmlResponse.substring(cer_chk_m_s.end(), cer_chk_m_e.start());
Matcher code_m_s = code_p_s.matcher(cer_chk);
Matcher code_m_e = code_p_e.matcher(cer_chk);
Matcher info_m_s = info_p_s.matcher(cer_chk);
Matcher info_m_e = info_p_e.matcher(cer_chk);
if (code_m_s.find() && code_m_e.find())
{
String code = cer_chk.substring(code_m_s.end(), code_m_e.start());
sig_res.setCertificateCheckCode(code);
}
if (info_m_s.find() && info_m_e.find())
{
String info = cer_chk.substring(info_m_s.end(), info_m_e.start());
sig_res.setCertificateCheckInfo(info);
}
}
if (cert_m_s.find() && cert_m_e.find())
{
String cert_string = xmlResponse.substring(cert_m_s.end(), cert_m_e.start());
X509Cert resp_cert = X509Cert.initByString(cert_string);
sig_res.setCertificate(resp_cert);
}
return sig_res;
}
public String prepareSignRequest(String userName, String signText,
String signType) throws SignatureException
{
if (logger_.isInfoEnabled())
{
logger_.info("Call " + getType() + " connector from user:" + userName);
}
String keybox_identifier = getSignKeyboxIdentifier(signType);
String sign_request_filename = getSignRequestTemplateFileName(signType);
String sign_req_str = FileHelper.readFromFile(SettingsReader.relocateFile(sign_request_filename));
if (logger_.isDebugEnabled())
{
//logger_.debug(sign_request_filename + "_signText.xml :" + signText);
}
String raw_b64 = CodingHelper.encodeUTF8AsBase64(signText);
if (sign_req_str == null || raw_b64 == null)
{
throw new SignatureException(300, "Can not read the create xml request template");
}
sign_req_str = sign_req_str.replaceFirst("KeyboxIdentifierReplace", keybox_identifier);
sign_req_str = sign_req_str.replaceFirst("Base64ContentReplace", raw_b64);
if (logger_.isDebugEnabled())
{
//logger_.debug(sign_request_filename + "_request.xml :"+ sign_req_str);
}
return sign_req_str;
}
public String prepareVerifyRequest(String normalizedText,
SignatureObject sigObject) throws SignatureException
{
String verify_request = getVerifyRequestTemplateFileName(sigObject.getSignationType());
String verify_req_str = FileHelper.readFromFile(SettingsReader.relocateFile(verify_request));
if (logger_.isDebugEnabled())
{
//logger_.debug(verify_request);
}
String verify_template_str = null;
if (sigObject.isMOASigned())
{
MOAConnector moa_conn = new MOAConnector();
// get the MOA-template
verify_template_str = moa_conn.getVerifyTemplate(normalizedText, sigObject);
}
else
{
// get the BKU-template
verify_template_str = getVerifyTemplate(normalizedText, sigObject);
}
verify_req_str = verify_req_str.replaceFirst("XMLContentReplace", verify_template_str);
if (logger_.isDebugEnabled())
{
logger_.debug("verify_req_str.xml : " + verify_req_str);
}
return verify_req_str;
}
/**
* Sends the request to the given URL.
*
* @param url
* The URL.
* @param request_string
* The request string.
* @return Returns the response string.
* @throws SignatureException
* F.e.
*/
protected Properties sendRequest(String url, String request_string) throws SignatureException
{
try
{
Properties response_properties = BKUPostConnection.doPostRequest(url, request_string);
return response_properties;
}
catch (Exception e)
{
SignatureException se = new SignatureException(320, e);
throw se;
}
}
public SignatureObject analyzeSignResponse(Properties response_properties,
String sigType) throws SignatureException
{
//String sign_request_filename = getSignRequestTemplateFileName(sigType);
// TODO hotfix - already deprecated
String response_string = response_properties.getProperty("response_string");
SignatureObject sig_obj = new SignatureObject();
sig_obj.setRawSignatureResponse(response_string);
try
{
sig_obj.setSigType(sigType);
sig_obj.initByType();
}
catch (SignatureTypesException e)
{
SignatureException se = new SignatureException(300, "Cannot init signature object with type:" + sigType, e);
throw se;
}
if (logger_.isDebugEnabled())
{
logger_.debug("Signature Type is:" + sig_obj.getSignationType());
}
if (!response_string.equals(""))
{
Pattern erc_p_s = Pattern.compile("<[\\w]*:?ErrorCode>");
Pattern erc_p_e = Pattern.compile("[\\w]*:?ErrorCode>");
Matcher erc_m_s = erc_p_s.matcher(response_string);
Matcher erc_m_e = erc_p_e.matcher(response_string);
// System.err.println(response_string);
if (erc_m_s.find() && erc_m_e.find())
{
if (logger_.isEnabledFor(Level.ERROR))
{
//logger_.debug(sign_request_filename + "_response.xml : " + response_string);
logger_.error("BKU Error response: " + response_string);
}
Pattern erm_p_s = Pattern.compile("<[\\w]*:?Info>");
Pattern erm_p_e = Pattern.compile("[\\w]*:?Info>");
Matcher erm_m_s = erm_p_s.matcher(response_string);
Matcher erm_m_e = erm_p_e.matcher(response_string);
String error_code = response_string.substring(erc_m_s.end(), erc_m_e.start());
String error_mess = null;
if (erm_m_s.find() && erm_m_e.find())
{
error_mess = response_string.substring(erm_m_s.end(), erm_m_e.start());
}
throw new SignatureException(new ExternalErrorException(error_code, error_mess));
}
else
{
if (logger_.isDebugEnabled())
{
logger_.debug("signature_response_string: " + response_string);
}
parseCreateXMLResponse(response_properties, sig_obj);
}
}
sig_obj.setSigResponse(response_string);
return sig_obj;
}
public SignatureResponse analyzeVerifyResponse(Properties response_properties) throws SignatureException
{
String response_string = response_properties.getProperty("response_string");
if (!response_string.equals(""))
{
Pattern erc_p_s = Pattern.compile("<[\\w]*:?ErrorCode>");
Pattern erc_p_e = Pattern.compile("[\\w]*:?ErrorCode>");
Matcher erc_m_s = erc_p_s.matcher(response_string);
Matcher erc_m_e = erc_p_e.matcher(response_string);
if (erc_m_s.find() && erc_m_e.find())
{
if (logger_.isEnabledFor(Level.ERROR))
{
//logger_.debug(getType() + "_response.xml : " + response_string);
logger_.error(getType() + "_response.xml : " + response_string);
}
Pattern erm_p_s = Pattern.compile("<[\\w]*:?Info>");
Pattern erm_p_e = Pattern.compile("[\\w]*:?Info>");
Matcher erm_m_s = erm_p_s.matcher(response_string);
Matcher erm_m_e = erm_p_e.matcher(response_string);
String error_code = null;
if (erc_m_s.find() && erc_m_e.find())
{
error_code = response_string.substring(erc_m_s.end(), erc_m_e.start());
}
String error_mess = null;
if (erm_m_s.find() && erm_m_e.find())
{
error_mess = response_string.substring(erm_m_s.end(), erm_m_e.start());
}
throw new SignatureException(new ExternalErrorException(error_code, error_mess));
}
else
{
if (logger_.isDebugEnabled())
{
//logger_.debug(getType() + "_response.xml : " + response_string);
}
return parseVerifyXMLResponse(response_string);
}
}
return null;
}
protected String getConnectorValueFromProfile(String profile, String key)
{
String value = settings_.getValueFromKey("sig_obj." + profile + "." + key);
if (value == null)
{
value = settings_.getValueFromKey(key);
}
return value;
}
public String getSignURL(String profile)
{
final String key = getType() + "." + ConnectorConfigurationKeys.VALUE_MODE_SIGN + ".url";
return getConnectorValueFromProfile(profile, key);
}
protected String getSignRequestTemplateFileName(String profile)
{
String key = getType() + "." + ConnectorConfigurationKeys.VALUE_MODE_SIGN + ".request";
return getConnectorValueFromProfile(profile, key);
}
protected String getSignKeyboxIdentifier(String profile)
{
String key = getType() + "." + ConnectorConfigurationKeys.VALUE_MODE_SIGN + ".KeyboxIdentifier";
return getConnectorValueFromProfile(profile, key);
}
public String getVerifyURL(String profile)
{
String key = getType() + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".url";
return getConnectorValueFromProfile(profile, key);
}
protected String getVerifyRequestTemplateFileName(String profile)
{
String key = getType() + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".request";
return getConnectorValueFromProfile(profile, key);
}
protected String getVerifyTemplateFileName(String profile)
{
String key = getType() + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".template";
return getConnectorValueFromProfile(profile, key);
}
protected String getSigPropFileName(String profile)
{
String key = getType() + "." + ConnectorConfigurationKeys.VALUE_MODE_VERIFY + ".template.SP";
return getConnectorValueFromProfile(profile, key);
}
/**
* Returns the type of this BKU-like connector.
*
*
* All settings keys will be prefixed by this type. So to reuse the BKU
* connector, a deriving class has to implement this method specifying an own
* type.
*
*
* @return Returns the type of this BKU-like connector.
*/
protected String getType()
{
return CONNECTOR_INFORMATION.getIdentifier();
}
}