+++ /dev/null
-package com.axyus.signature.pes.verifier;\r
-\r
-import com.axyus.signature.pes.producer.SigningPolicies;\r
-import com.axyus.signature.pes.producer.SigningPolicies.SigningPolicy;\r
-import org.apache.xml.security.signature.XMLSignature;\r
-import com.axyus.signature.utils.DomUtils;\r
-import java.util.Map;\r
-import java.util.HashMap;\r
-import org.w3c.dom.Node;\r
-\r
-/**\r
- * @author stephane.melois\r
- * @author CBO\r
- */\r
-public class XadesInfoProcessor {\r
-\r
- public XadesInfoProcessResult process(XMLSignature xmlSignature, SignatureVerifierResult signatureVerificationResult) {\r
-\r
- XadesInfoProcessResult xadesInfoProcessResult = new XadesInfoProcessResult();\r
- Node tmp = DomUtils.getFCE(DomUtils.getFCE(signatureVerificationResult.getXmlSignature().getElement(), "Object"), "QualifyingProperties");\r
- xadesInfoProcessResult.setObjectFirstChild(tmp != null ? tmp.getLocalName() : null);\r
- xadesInfoProcessResult.setObjectExpectedFirstChild("QualifyingProperties");\r
- if (signatureVerificationResult.getXadesInfo() != null) {\r
- xadesInfoProcessResult.setSigCertExpectedHash(signatureVerificationResult.getXadesInfo().getSigCertDigestValue());\r
- xadesInfoProcessResult.setSigCertExpectedIssuerName(signatureVerificationResult.getXadesInfo().getSigCertIssuerName());\r
- xadesInfoProcessResult.setSigCertExpectedSerialNumber(signatureVerificationResult.getXadesInfo().getSigCertIssuerSerial());\r
- xadesInfoProcessResult.setSigSecurityPolicyId(signatureVerificationResult.getXadesInfo().getSigPolicyId());\r
- xadesInfoProcessResult.setSigExpectedSecurityPolicyIdHashMethod(signatureVerificationResult.getXadesInfo().getSigPolicyHashDigestMethod());\r
- xadesInfoProcessResult.setSigExpectedSecurityPolicyIdHash(signatureVerificationResult.getXadesInfo().getSigPolicyHashDigestValue());\r
- xadesInfoProcessResult.setSigCertTargetAttribute(signatureVerificationResult.getXadesInfo().getSigTarget());\r
- xadesInfoProcessResult.setSigCertExpectedHashMethod(signatureVerificationResult.getXadesInfo().getSigCertDigestMethod());\r
- }\r
- xadesInfoProcessResult.setSigCertExpectedTargetAttribute(signatureVerificationResult.getXmlSignature().getId());\r
-\r
- try {\r
- xadesInfoProcessResult.setSigCertcalculatedHash(DigestUtils.xmlBase64Digest(signatureVerificationResult.getCertificatInformation().getSigningCertificate().getEncoded(), xadesInfoProcessResult.getSigCertExpectedHashMethod()));\r
- } catch (Exception e) {\r
- throw new UnExpectedException(e);\r
- }\r
-\r
- if (xadesInfoProcessResult.getSigSecurityPolicyId() != null) {\r
- SigningPolicy signingPolicy = SigningPolicies.getInstance().getByIdentifier(xadesInfoProcessResult.getSigSecurityPolicyId());\r
- if (signingPolicy != null) {\r
- xadesInfoProcessResult.setSigSecurityPolicy(signingPolicy);\r
- try {\r
- xadesInfoProcessResult.setSigSecurityPolicyIdHash(signingPolicy.computeDigestValue(xadesInfoProcessResult.getSigExpectedSecurityPolicyIdHashMethod()));\r
- } catch (Exception e) {\r
- throw new UnExpectedException(e);\r
- }\r
- }\r
- }\r
- xadesInfoProcessResult.setSigCertIssuerNameRFC2253(signatureVerificationResult.getCertificatInformation().getSigningCertificate().getIssuerX500Principal().getName());\r
- xadesInfoProcessResult.setSigCertIssuerName(signatureVerificationResult.getCertificatInformation().getSigningCertificate().getIssuerDN().getName());\r
-\r
-\r
-\r
-\r
- xadesInfoProcessResult.setSigCertSerialNumber(signatureVerificationResult.getCertificatInformation().getSigningCertificate().getSerialNumber().toString());\r
-\r
- return xadesInfoProcessResult;\r
- }\r
-\r
- public static class XadesInfoProcessResult {\r
-\r
- private String sigCertcalculatedHash;\r
- private String sigCertExpectedHash;\r
- private String sigCertHashMethod;\r
- private String sigCertExpectedHashMethod;\r
- private String sigCertSerialNumber;\r
- private String sigCertExpectedSerialNumber;\r
- private String sigCertIssuerName;\r
- private String sigCertIssuerNameRFC2253;\r
- private String sigCertExpectedIssuerName;\r
- private String sigCertTargetAttribute;\r
- private String sigCertExpectedTargetAttribute;\r
- private String objectFirstChild;\r
- private String objectExpectedFirstChild;\r
- private String sigSecurityPolicyId;\r
- private String sigExpectedSecurityPolicyId;\r
- private String sigExpectedSecurityPolicyIdHashMethod;\r
- private String sigSecurityPolicyIdHashMethod;\r
- private String sigExpectedSecurityPolicyIdHash;\r
- private String sigSecurityPolicyIdHash;\r
- //private String sigSecurityPolicyFileName;\r
- private SigningPolicy signingPolicy;\r
- private static Map<String, String> securityAllowedProtocol;\r
- public static final String SHA1XMLProtocol = "http://www.w3.org/2000/09/xmldsig#sha1";\r
- public static final String SHA256XMLProtocol = "http://www.w3.org/2001/04/xmlenc#sha256";\r
- public static final String SHA512XMLProtocol = "http://www.w3.org/2001/04/xmlenc#sha512";\r
- private static final String SHA1Protocol = "SHA-1";\r
- private static final String SHA256Protocol = "SHA-256";\r
- private static final String SHA512Protocol = "SHA-512";\r
-\r
- static {\r
- securityAllowedProtocol = new HashMap<String, String>();\r
- securityAllowedProtocol.put(SHA1XMLProtocol, SHA1Protocol);\r
- securityAllowedProtocol.put(SHA256XMLProtocol, SHA256Protocol);\r
- securityAllowedProtocol.put(SHA512XMLProtocol, SHA512Protocol);\r
- securityAllowedProtocol.put(null, SHA1Protocol);\r
- }\r
-\r
- /**\r
- * @return the sigCertcalculatedHash\r
- */\r
- public String getSigCertcalculatedHash() {\r
- return sigCertcalculatedHash;\r
- }\r
-\r
- /**\r
- * @param sigCertcalculatedHash the sigCertcalculatedHash to set\r
- */\r
- public void setSigCertcalculatedHash(String sigCertcalculatedHash) {\r
- this.sigCertcalculatedHash = sigCertcalculatedHash;\r
- }\r
-\r
- /**\r
- * @return the sigCertExpectedHash\r
- */\r
- public String getSigCertExpectedHash() {\r
- return sigCertExpectedHash;\r
- }\r
-\r
- /**\r
- * @param sigCertExpectedHash the sigCertExpectedHash to set\r
- */\r
- public void setSigCertExpectedHash(String sigCertExpectedHash) {\r
- this.sigCertExpectedHash = sigCertExpectedHash;\r
- }\r
-\r
- /**\r
- * @return the sigCertHashMethod\r
- */\r
- public String getSigCertHashMethod() {\r
- return sigCertHashMethod;\r
- }\r
-\r
- /**\r
- * @param sigCertHashMethod the sigCertHashMethod to set\r
- */\r
- public void setSigCertHashMethod(String sigCertHashMethod) {\r
- this.sigCertHashMethod = sigCertHashMethod;\r
- }\r
-\r
- /**\r
- * @return the sigCertExpectedHashMethod\r
- */\r
- public String getSigCertExpectedHashMethod() {\r
- return sigCertExpectedHashMethod;\r
- }\r
-\r
- /**\r
- * @param sigCertExpectedHashMethod the sigCertExpectedHashMethod to set\r
- */\r
- public void setSigCertExpectedHashMethod(String sigCertExpectedHashMethod) {\r
- this.sigCertExpectedHashMethod = sigCertExpectedHashMethod;\r
- }\r
-\r
- /**\r
- * @return the sigCertSerialNumber\r
- */\r
- public String getSigCertSerialNumber() {\r
- return sigCertSerialNumber;\r
- }\r
-\r
- /**\r
- * @param sigCertSerialNumber the sigCertSerialNumber to set\r
- */\r
- public void setSigCertSerialNumber(String sigCertSerialNumber) {\r
- this.sigCertSerialNumber = sigCertSerialNumber;\r
- }\r
-\r
- /**\r
- * @return the sigCertExpectExpectedSerialNumber\r
- */\r
- public String getSigCertExpectedSerialNumber() {\r
- return sigCertExpectedSerialNumber;\r
- }\r
-\r
- /**\r
- * @param sigCertExpectExpectedSerialNumber the sigCertExpectExpectedSerialNumber to set\r
- */\r
- public void setSigCertExpectedSerialNumber(String sigCertExpectedSerialNumber) {\r
- this.sigCertExpectedSerialNumber = sigCertExpectedSerialNumber;\r
- }\r
-\r
- /**\r
- * @return the sigCertIssuerName\r
- */\r
- public String getSigCertIssuerName() {\r
- return sigCertIssuerName;\r
- }\r
-\r
- /**\r
- * @param sigCertIssuerName the sigCertIssuerName to set\r
- */\r
- public void setSigCertIssuerName(String sigCertIssuerName) {\r
- this.sigCertIssuerName = sigCertIssuerName;\r
- }\r
-\r
- /**\r
- * @return the sigCertExpectedIssuerName\r
- */\r
- public String getSigCertExpectedIssuerName() {\r
- return sigCertExpectedIssuerName;\r
- }\r
-\r
- /**\r
- * @param sigCertExpectedIssuerName the sigCertExpectedIssuerName to set\r
- */\r
- public void setSigCertExpectedIssuerName(String sigCertExpectedIssuerName) {\r
- this.sigCertExpectedIssuerName = sigCertExpectedIssuerName;\r
- }\r
-\r
- /**\r
- * @return the sigCertTargetAttribute\r
- */\r
- public String getSigCertTargetAttribute() {\r
- return sigCertTargetAttribute;\r
- }\r
-\r
- /**\r
- * @param sigCertTargetAttribute the sigCertTargetAttribute to set\r
- */\r
- public void setSigCertTargetAttribute(String sigCertTargetAttribute) {\r
- this.sigCertTargetAttribute = sigCertTargetAttribute;\r
- }\r
-\r
- /**\r
- * @return the sigCertExpectedTargetAttribute\r
- */\r
- public String getSigCertExpectedTargetAttribute() {\r
- return sigCertExpectedTargetAttribute;\r
- }\r
-\r
- /**\r
- * @param sigCertExpectedTargetAttribute the sigCertExpectedTargetAttribute to set\r
- */\r
- public void setSigCertExpectedTargetAttribute(String sigCertExpectedTargetAttribute) {\r
- this.sigCertExpectedTargetAttribute = sigCertExpectedTargetAttribute;\r
- }\r
-\r
- /**\r
- * @return the objectFirstChild\r
- */\r
- public String getObjectFirstChild() {\r
- return objectFirstChild;\r
- }\r
-\r
- /**\r
- * @param objectFirstChild the objectFirstChild to set\r
- */\r
- public void setObjectFirstChild(String objectFirstChild) {\r
- this.objectFirstChild = objectFirstChild;\r
- }\r
-\r
- /**\r
- * @return the objectExpectedFirstChild\r
- */\r
- public String getObjectExpectedFirstChild() {\r
- return objectExpectedFirstChild;\r
- }\r
-\r
- /**\r
- * @param objectExpectedFirstChild the objectExpectedFirstChild to set\r
- */\r
- public void setObjectExpectedFirstChild(String objectExpectedFirstChild) {\r
- this.objectExpectedFirstChild = objectExpectedFirstChild;\r
- }\r
-\r
- /**\r
- * @return the sigSecurityPolicyId\r
- */\r
- public String getSigSecurityPolicyId() {\r
- return sigSecurityPolicyId;\r
- }\r
-\r
- /**\r
- * @param sigSecurityPolicyId the sigSecurityPolicyId to set\r
- */\r
- public void setSigSecurityPolicyId(String sigSecurityPolicyId) {\r
- this.sigSecurityPolicyId = sigSecurityPolicyId;\r
- }\r
-\r
- /**\r
- * @return the sigExpectedSecurityPolicyId\r
- */\r
- public String getSigExpectedSecurityPolicyId() {\r
- return sigExpectedSecurityPolicyId;\r
- }\r
-\r
- /**\r
- * @param sigExpectedSecurityPolicyId the sigExpectedSecurityPolicyId to set\r
- */\r
- public void setSigExpectedSecurityPolicyId(String sigExpectedSecurityPolicyId) {\r
- this.sigExpectedSecurityPolicyId = sigExpectedSecurityPolicyId;\r
- }\r
-\r
- /**\r
- * @return the securityAllowedProtocol\r
- */\r
- public static Map<String, String> getSecurityAllowedProtocol() {\r
- return securityAllowedProtocol;\r
- }\r
-\r
- /**\r
- * @return the sigExpectedSecurityPolicyIdHashMethod\r
- */\r
- public String getSigExpectedSecurityPolicyIdHashMethod() {\r
- return sigExpectedSecurityPolicyIdHashMethod;\r
- }\r
-\r
- /**\r
- * @param sigExpectedSecurityPolicyIdHashMethod the sigExpectedSecurityPolicyIdHashMethod to set\r
- */\r
- public void setSigExpectedSecurityPolicyIdHashMethod(String sigExpectedSecurityPolicyIdHashMethod) {\r
- this.sigExpectedSecurityPolicyIdHashMethod = sigExpectedSecurityPolicyIdHashMethod;\r
- }\r
-\r
- /**\r
- * @return the sigSecurityPolicyIdHashMethod\r
- */\r
- public String getSigSecurityPolicyIdHashMethod() {\r
- return sigSecurityPolicyIdHashMethod;\r
- }\r
-\r
- /**\r
- * @param sigSecurityPolicyIdHashMethod the sigSecurityPolicyIdHashMethod to set\r
- */\r
- public void setSigSecurityPolicyIdHashMethod(String sigSecurityPolicyIdHashMethod) {\r
- this.sigSecurityPolicyIdHashMethod = sigSecurityPolicyIdHashMethod;\r
- }\r
-\r
- /**\r
- * @return the sigExpectedSecurityPolicyIdHash\r
- */\r
- public String getSigExpectedSecurityPolicyIdHash() {\r
- return sigExpectedSecurityPolicyIdHash;\r
- }\r
-\r
- /**\r
- * @param sigExpectedSecurityPolicyIdHash the sigExpectedSecurityPolicyIdHash to set\r
- */\r
- public void setSigExpectedSecurityPolicyIdHash(String sigExpectedSecurityPolicyIdHash) {\r
- this.sigExpectedSecurityPolicyIdHash = sigExpectedSecurityPolicyIdHash;\r
- }\r
-\r
- public SigningPolicy getSigningPolicy() {\r
- return signingPolicy;\r
- }\r
-\r
- private void setSigSecurityPolicy(SigningPolicy signingPolicy) {\r
- this.signingPolicy = signingPolicy;\r
- }\r
-\r
- /**\r
- * @return the sigSecurityPolicyIdHash\r
- */\r
- public String getSigSecurityPolicyIdHash() {\r
- return sigSecurityPolicyIdHash;\r
- }\r
-\r
- /**\r
- * @param sigSecurityPolicyIdHash the sigSecurityPolicyIdHash to set\r
- */\r
- public void setSigSecurityPolicyIdHash(String sigSecurityPolicyIdHash) {\r
- this.sigSecurityPolicyIdHash = sigSecurityPolicyIdHash;\r
- }\r
-\r
- /**\r
- * @return the sigCertIssuerNameRFC2253\r
- */\r
- public String getSigCertIssuerNameRFC2253() {\r
- return sigCertIssuerNameRFC2253;\r
- }\r
-\r
- /**\r
- * @param sigCertIssuerNameRFC2253 the sigCertIssuerNameRFC2253 to set\r
- */\r
- public void setSigCertIssuerNameRFC2253(String sigCertIssuerNameRFC2253) {\r
- this.sigCertIssuerNameRFC2253 = sigCertIssuerNameRFC2253;\r
- }\r
- /**\r
- * @return the sigSecurityPolicyFileName\r
- */\r
- //public String getSigSecurityPolicyFileName() {\r
- // return sigSecurityPolicyFileName;\r
- //}\r
- /**\r
- * @param sigSecurityPolicyFileName the sigSecurityPolicyFileName to set\r
- */\r
- //public void setSigSecurityPolicyFileName(String sigSecurityPolicyFileName) {\r
- // this.sigSecurityPolicyFileName = sigSecurityPolicyFileName;\r
- //}\r
- }\r
-}\r