/** * */ package at.knowcenter.wag.egov.egiz.sig.connectors.moa; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.UnsupportedEncodingException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.regex.Matcher; import java.util.regex.Pattern; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException; import at.knowcenter.wag.egov.egiz.sig.SignatureObject; import at.knowcenter.wag.egov.egiz.sig.X509Cert; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUHelper; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject; import at.knowcenter.wag.egov.egiz.sig.sigid.IdFormatter; import at.knowcenter.wag.egov.egiz.tools.CodingHelper; /** * @author wprinz * */ public class MOAHelper { /** * The log. */ private static Log log = LogFactory.getLog(MOAHelper.class); /** * This method parses the MOA-Response string. * *

* It separates the SignatureValue, X509IssuerName, SigningTime, * X509SerialNumber, X509Certificate, CertDigest and DigestValues. If the * X509Certificate is extracted it would be stored in the certificates * directory. *

* * @param xmlResponse * the response string from the MOA sign-request * @throws ConnectorException * ErrorCode (303, 304) * @see SignatureObject * @see CodingHelper * @see X509Cert */ public static SignSignatureObject parseCreateXMLResponse(String xmlResponse, IdFormatter id_formatter) throws ConnectorException { Pattern sig_val_p_s = Pattern.compile("<[\\w]*:?SignatureValue>"); //$NON-NLS-1$ Pattern sig_val_p_e = Pattern.compile(""); //$NON-NLS-1$ Pattern iss_nam_p_s = Pattern.compile("<[\\w]*:?X509IssuerName>"); //$NON-NLS-1$ Pattern iss_nam_p_e = Pattern.compile(""); //$NON-NLS-1$ Pattern sig_tim_p_s = Pattern.compile("<[\\w]*:?SigningTime>"); //$NON-NLS-1$ Pattern sig_tim_p_e = Pattern.compile(""); //$NON-NLS-1$ Pattern ser_num_p_s = Pattern.compile("<[\\w]*:?X509SerialNumber>"); //$NON-NLS-1$ Pattern ser_num_p_e = Pattern.compile(""); //$NON-NLS-1$ Pattern sig_cer_p_s = Pattern.compile("<[\\w]*:?X509Certificate>"); //$NON-NLS-1$ Pattern sig_cer_p_e = Pattern.compile(""); //$NON-NLS-1$ // Pattern sig_cer_d_p_s = Pattern.compile("<[\\w]*:?CertDigest>"); // //$NON-NLS-1$ // Pattern sig_cer_d_p_e = Pattern.compile(""); // //$NON-NLS-1$ // Pattern dig_val_p_s = Pattern.compile("<[\\w]*:?DigestValue>"); // //$NON-NLS-1$ // Pattern dig_val_p_e = Pattern.compile(""); // //$NON-NLS-1$ Matcher sig_val_m_s = sig_val_p_s.matcher(xmlResponse); Matcher sig_val_m_e = sig_val_p_e.matcher(xmlResponse); Matcher iss_nam_m_s = iss_nam_p_s.matcher(xmlResponse); Matcher iss_nam_m_e = iss_nam_p_e.matcher(xmlResponse); Matcher sig_tim_m_s = sig_tim_p_s.matcher(xmlResponse); Matcher sig_tim_m_e = sig_tim_p_e.matcher(xmlResponse); Matcher ser_num_m_s = ser_num_p_s.matcher(xmlResponse); Matcher ser_num_m_e = ser_num_p_e.matcher(xmlResponse); Matcher sig_cer_m_s = sig_cer_p_s.matcher(xmlResponse); Matcher sig_cer_m_e = sig_cer_p_e.matcher(xmlResponse); // Matcher sig_cer_d_m_s = sig_cer_d_p_s.matcher(xmlResponse); // Matcher sig_cer_d_m_e = sig_cer_d_p_e.matcher(xmlResponse); // Matcher dig_val_m_s = dig_val_p_s.matcher(xmlResponse); // Matcher dig_val_m_e = dig_val_p_e.matcher(xmlResponse); // SignatureValue String sig_val = null; if (sig_val_m_s.find() && sig_val_m_e.find()) { sig_val = BKUHelper.removeAllWhitespace(xmlResponse.substring(sig_val_m_s.end(), sig_val_m_e.start())); } log.debug("sig_val = " + sig_val); //$NON-NLS-1$ // X509IssuerName String iss_nam = null; if (iss_nam_m_s.find() && iss_nam_m_e.find()) { iss_nam = xmlResponse.substring(iss_nam_m_s.end(), iss_nam_m_e.start()); } log.debug("iss_nam = " + iss_nam); //$NON-NLS-1$ // X509SerialNumber String ser_num = null; if (ser_num_m_s.find() && ser_num_m_e.find()) { ser_num = BKUHelper.removeAllWhitespace(xmlResponse.substring(ser_num_m_s.end(), ser_num_m_e.start())); } log.debug("ser_num = " + ser_num); //$NON-NLS-1$ // SigningTime String sig_tim = null; if (sig_tim_m_s.find() && sig_tim_m_e.find()) { sig_tim = xmlResponse.substring(sig_tim_m_s.end(), sig_tim_m_e.start()); } log.debug("sig_tim = " + sig_tim); //$NON-NLS-1$ // CertDigest // if (sig_cer_d_m_s.find() && sig_cer_d_m_e.find()) // { // String cert_digest = xmlResponse.substring(sig_cer_d_m_s.end(), // sig_cer_d_m_e.start()); // if (dig_val_m_s.find() && dig_val_m_e.find()) // { // sig_dig = cert_digest.substring(dig_val_m_s.end(), dig_val_m_e.start()); // //sigObj.setX509CertificateDigest(sig_dig); // } // } // X509Certificate X509Certificate cert = null; if (sig_cer_m_s.find() && sig_cer_m_e.find()) { String sig_cer = BKUHelper.removeAllWhitespace(xmlResponse.substring(sig_cer_m_s.end(), sig_cer_m_e.start())); try { byte[] der = CodingHelper.decodeBase64(sig_cer); ByteArrayInputStream bais = new ByteArrayInputStream(der); CertificateFactory cf = CertificateFactory.getInstance("X.509"); //$NON-NLS-1$ cert = (X509Certificate) cf.generateCertificate(bais); bais.close(); } catch (UnsupportedEncodingException e) { log.error(e); throw new ConnectorException(300, e); } catch (CertificateException e) { log.error(e); throw new ConnectorException(300, e); } catch (IOException e) { log.error(e); throw new ConnectorException(300, e); } } log.debug("X509Certificate = " + cert); //$NON-NLS-1$ if (log.isDebugEnabled()) { String cert_iss = cert.getIssuerDN().getName(); log.debug("certificate's issuer = " + cert_iss); //$NON-NLS-1$ log.debug("response's issuer = " + iss_nam); //$NON-NLS-1$ log.debug("issuer matches = " + cert_iss.equals(iss_nam)); //$NON-NLS-1$ log.debug("ser number matches = " + cert.getSerialNumber().toString().equals(ser_num)); //$NON-NLS-1$ } SignSignatureObject so = new SignSignatureObject(); so.date = sig_tim; so.issuer = iss_nam; so.signatureValue = sig_val; so.x509Certificate = cert; so.id = id_formatter.formatIds(null); return so; } }