Search in sources :

Example 1 with CertificateRefType

use of iso.std.iso_iec._24727.tech.schema.CertificateRefType in project open-ecard by ecsec.

the class DidInfo method getRelatedDataSets.

public List<DataSetInfo> getRelatedDataSets() throws WSHelper.WSException {
    try {
        ArrayList<DataSetInfo> result = new ArrayList<>();
        Set<String> foundDataSets = new HashSet<>();
        if (isCryptoDid()) {
            CryptoMarkerType m = getGenericCryptoMarker();
            for (CertificateRefType cert : m.getCertificateRefs()) {
                String datasetName = cert.getDataSetName();
                // add if it is not already present in the result list
                if (!foundDataSets.contains(datasetName)) {
                    DataSetInfo ds = didInfos.getDataSetInfo(application, datasetName);
                    result.add(ds);
                    foundDataSets.add(datasetName);
                }
            }
        }
        return Collections.unmodifiableList(result);
    } catch (NoSuchDataSet ex) {
        String msg = "DataSet referenced in CIF could not be resolved.";
        LOG.error(msg, ex);
        throw WSHelper.createException(WSHelper.makeResultError(ECardConstants.Minor.App.INT_ERROR, msg));
    }
}
Also used : ArrayList(java.util.ArrayList) CertificateRefType(iso.std.iso_iec._24727.tech.schema.CertificateRefType) HashSet(java.util.HashSet)

Example 2 with CertificateRefType

use of iso.std.iso_iec._24727.tech.schema.CertificateRefType in project open-ecard by ecsec.

the class CryptoMarkerBuilder method build.

public CryptoMarkerType build() {
    CryptoMarkerType marker = new CryptoMarkerType();
    marker.setProtocol(PROTOCOL);
    if (algInfo != null) {
        try {
            JAXBElement<AlgorithmInfoType> e;
            e = new JAXBElement<>(new QName(ISONS, "AlgorithmInfo"), AlgorithmInfoType.class, algInfo);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal AlgorithmInfo element.", ex);
        }
    }
    if (keyInfo != null) {
        try {
            JAXBElement<CryptoKeyInfoType> e;
            e = new JAXBElement<>(new QName(ISONS, "KeyInfo"), CryptoKeyInfoType.class, keyInfo);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal KeyInfo element.", ex);
        }
    }
    if (sigGenInfo != null) {
        try {
            JAXBElement<String> e;
            e = new JAXBElement(new QName(ISONS, "SignatureGenerationInfo"), String.class, sigGenInfo);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal SignatureGenerationInfo element.", ex);
        }
    }
    if (legacySignGenInfo != null) {
        try {
            JAXBElement<LegacySignatureGenerationType> e;
            e = new JAXBElement(new QName(ISONS, "LegacySignatureGenerationInfo"), LegacySignatureGenerationType.class, legacySignGenInfo);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal LegacySignatureGenerationInfo element.", ex);
        }
    }
    if (hashGenInfo != null) {
        try {
            JAXBElement<HashGenerationInfoType> e;
            e = new JAXBElement(new QName(ISONS, "HashGenerationInfo"), HashGenerationInfoType.class, hashGenInfo);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal HashGenerationInfo element.", ex);
        }
    }
    for (CertificateRefType certRef : getCertRefs()) {
        try {
            JAXBElement<CertificateRefType> e;
            e = new JAXBElement(new QName(ISONS, "CertificateRef"), CertificateRefType.class, certRef);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal CertificateRef element.", ex);
        }
    }
    if (legacyKeyname != null) {
        try {
            JAXBElement<String> e;
            e = new JAXBElement(new QName(ISONS, "LegacyKeyName"), String.class, legacyKeyname);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal LegacyKeyName element.", ex);
        }
    }
    return marker;
}
Also used : MarshallingTypeException(org.openecard.ws.marshal.MarshallingTypeException) LegacySignatureGenerationType(iso.std.iso_iec._24727.tech.schema.LegacySignatureGenerationType) QName(javax.xml.namespace.QName) CryptoMarkerType(iso.std.iso_iec._24727.tech.schema.CryptoMarkerType) JAXBElement(javax.xml.bind.JAXBElement) Document(org.w3c.dom.Document) HashGenerationInfoType(iso.std.iso_iec._24727.tech.schema.HashGenerationInfoType) CertificateRefType(iso.std.iso_iec._24727.tech.schema.CertificateRefType) CryptoKeyInfoType(iso.std.iso_iec._24727.tech.schema.CryptoKeyInfoType) AlgorithmInfoType(iso.std.iso_iec._24727.tech.schema.AlgorithmInfoType)

Example 3 with CertificateRefType

use of iso.std.iso_iec._24727.tech.schema.CertificateRefType in project open-ecard by ecsec.

the class CIFCreator method createCryptoDID.

private DIDInfoType createCryptoDID(List<MwCertificate> mwCerts, SignatureAlgorithms sigalg) throws WSMarshallerException, CryptokiException {
    LOG.debug("Creating Crypto DID object.");
    DIDInfoType di = new DIDInfoType();
    String keyLabel = mwCerts.get(0).getLabel();
    // create differential identity
    DifferentialIdentityType did = new DifferentialIdentityType();
    di.setDifferentialIdentity(did);
    String didName = keyLabel + "_" + mwCerts.get(0).getLabel() + "_" + sigalg.getJcaAlg();
    LOG.debug("DIDName: {}", didName);
    did.setDIDName(didName);
    did.setDIDProtocol("urn:oid:1.3.162.15480.3.0.25");
    did.setDIDScope(DIDScopeType.LOCAL);
    // create crypto marker
    CryptoMarkerBuilder markerBuilder = new CryptoMarkerBuilder();
    // add AlgorithmInfo
    AlgorithmInfoType algInfo = new AlgorithmInfoType();
    algInfo.setAlgorithm(sigalg.getJcaAlg());
    AlgorithmIdentifierType algIdentifier = new AlgorithmIdentifierType();
    algIdentifier.setAlgorithm(sigalg.getAlgId());
    algInfo.setAlgorithmIdentifier(algIdentifier);
    algInfo.getSupportedOperations().add("Compute-signature");
    markerBuilder.setAlgInfo(algInfo);
    markerBuilder.setLegacyKeyname(keyLabel);
    // add certificates
    for (MwCertificate nextCert : mwCerts) {
        try {
            CertificateRefType certRef = new CertificateRefType();
            certRef.setDataSetName(nextCert.getLabel());
            markerBuilder.getCertRefs().add(certRef);
        } catch (CryptokiException ex) {
            LOG.warn("Certificate chain is not complete.");
            break;
        }
    }
    // wrap crypto marker and add to parent
    CryptoMarkerType marker = markerBuilder.build();
    DIDMarkerType markerWrapper = new DIDMarkerType();
    markerWrapper.setCryptoMarker(marker);
    did.setDIDMarker(markerWrapper);
    // create acl
    AccessControlListType acl = new AccessControlListType();
    di.setDIDACL(acl);
    List<AccessRuleType> rules = acl.getAccessRule();
    rules.add(createRuleTrue(AuthorizationServiceActionName.ACL_LIST));
    rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_GET));
    // create sign rule with PIN reference
    AccessRuleType signRule = createRuleTrue(CryptographicServiceActionName.SIGN);
    signRule.setSecurityCondition(createDidCond(PIN_NAME));
    rules.add(signRule);
    return di;
}
Also used : CryptoMarkerBuilder(org.openecard.mdlw.sal.didfactory.CryptoMarkerBuilder) AccessControlListType(iso.std.iso_iec._24727.tech.schema.AccessControlListType) CryptoMarkerType(iso.std.iso_iec._24727.tech.schema.CryptoMarkerType) CertificateRefType(iso.std.iso_iec._24727.tech.schema.CertificateRefType) DIDMarkerType(iso.std.iso_iec._24727.tech.schema.DIDMarkerType) DifferentialIdentityType(iso.std.iso_iec._24727.tech.schema.DifferentialIdentityType) DIDInfoType(iso.std.iso_iec._24727.tech.schema.DIDInfoType) AlgorithmInfoType(iso.std.iso_iec._24727.tech.schema.AlgorithmInfoType) CryptokiException(org.openecard.mdlw.sal.exceptions.CryptokiException) AlgorithmIdentifierType(iso.std.iso_iec._24727.tech.schema.AlgorithmIdentifierType) AccessRuleType(iso.std.iso_iec._24727.tech.schema.AccessRuleType)

Example 4 with CertificateRefType

use of iso.std.iso_iec._24727.tech.schema.CertificateRefType in project open-ecard by ecsec.

the class CryptoMarkerTypeTest method testCryptoMarkerType.

/**
 * Simple test for CryptoMarkerType.
 * After creating the CryptoMarker of the PrK.CH.AUT_signPKCS1_V1_5 DID in the the
 * ESIGN application of the EGK we check if the get-methods return the expected values.
 *
 * @throws Exception
 *             when something in this test went unexpectedly wrong
 */
@Test
public void testCryptoMarkerType() throws Exception {
    WSMarshaller marshaller = WSMarshallerFactory.createInstance();
    // setup the iso cryptoMarker type
    iso.std.iso_iec._24727.tech.schema.CryptoMarkerType cryptoMarker = new iso.std.iso_iec._24727.tech.schema.CryptoMarkerType();
    cryptoMarker.setProtocol("urn:oid:1.3.162.15480.3.0.25");
    // algorithm info
    AlgorithmInfoType algType = new AlgorithmInfoType();
    algType.setAlgorithm("signPKCS1_V1_5");
    AlgorithmIdentifierType aIdType = new AlgorithmIdentifierType();
    aIdType.setAlgorithm("http://ws.openecard.org/alg/rsa");
    algType.setAlgorithmIdentifier(aIdType);
    algType.getSupportedOperations().add("Compute-signature");
    algType.setCardAlgRef(new byte[] { (byte) 0x02 });
    QName elemName = new QName("urn:iso:std:iso-iec:24727:tech:schema", "AlgorithmInfo");
    JAXBElement<AlgorithmInfoType> algInfo = new JAXBElement<>(elemName, AlgorithmInfoType.class, algType);
    Element algInfoElem = marshaller.marshal(algInfo).getDocumentElement();
    cryptoMarker.getAny().add(algInfoElem);
    // key info
    elemName = new QName("urn:iso:std:iso-iec:24727:tech:schema", "KeyInfo");
    CryptoKeyInfoType cryptoKey = new CryptoKeyInfoType();
    KeyRefType keyref = new KeyRefType();
    keyref.setKeyRef(new byte[] { (byte) 0x02 });
    cryptoKey.setKeyRef(keyref);
    JAXBElement<CryptoKeyInfoType> keyInfoElem = new JAXBElement<>(elemName, CryptoKeyInfoType.class, cryptoKey);
    Element keyrefElem = marshaller.marshal(keyInfoElem).getDocumentElement();
    cryptoMarker.getAny().add(keyrefElem);
    // signature generation info
    elemName = new QName("urn:iso:std:iso-iec:24727:tech:schema", "SignatureGenerationInfo");
    JAXBElement<String> sigGenInfoElem = new JAXBElement<>(elemName, String.class, "MSE_KEY_DS PSO_CDS");
    Element sigGenElem = marshaller.marshal(sigGenInfoElem).getDocumentElement();
    cryptoMarker.getAny().add(sigGenElem);
    // certificate references if available
    elemName = new QName("urn:iso:std:iso-iec:24727:tech:schema", "CertificateRef");
    CertificateRefType certRef = new CertificateRefType();
    certRef.setDataSetName("EF.C.CH.AUT");
    JAXBElement<CertificateRefType> certRefType = new JAXBElement<>(elemName, CertificateRefType.class, certRef);
    Element certRefElement = marshaller.marshal(certRefType).getDocumentElement();
    cryptoMarker.getAny().add(certRefElement);
    // perform the tests
    CryptoMarkerType cryptoMarkerNew = new CryptoMarkerType(cryptoMarker);
    assertTrue(cryptoMarkerNew.getAlgorithmInfo().getSupportedOperations().size() > 0);
    assertEquals(cryptoMarkerNew.getSignatureGenerationInfo(), new String[] { "MSE_KEY_DS", "PSO_CDS" });
    assertEquals(cryptoMarkerNew.getCryptoKeyInfo().getKeyRef().getKeyRef(), new byte[] { 0x02 });
    assertEquals(cryptoMarkerNew.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm(), "http://ws.openecard.org/alg/rsa");
    assertNull(cryptoMarkerNew.getLegacyKeyName());
    assertNotNull(cryptoMarkerNew.getHashGenerationInfo());
    assertEquals(cryptoMarkerNew.getHashGenerationInfo(), HashGenerationInfoType.NOT_ON_CARD);
    assertEquals(cryptoMarkerNew.getCertificateRefs().get(0).getDataSetName(), "EF.C.CH.AUT");
    // assertEquals(cryptoMarker.getStateInfo(), "");
    assertEquals(cryptoMarker.getProtocol(), ECardConstants.Protocol.GENERIC_CRYPTO);
}
Also used : KeyRefType(iso.std.iso_iec._24727.tech.schema.KeyRefType) QName(javax.xml.namespace.QName) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) WSMarshaller(org.openecard.ws.marshal.WSMarshaller) CryptoMarkerType(org.openecard.crypto.common.sal.did.CryptoMarkerType) JAXBElement(javax.xml.bind.JAXBElement) CertificateRefType(iso.std.iso_iec._24727.tech.schema.CertificateRefType) CryptoKeyInfoType(iso.std.iso_iec._24727.tech.schema.CryptoKeyInfoType) AlgorithmInfoType(iso.std.iso_iec._24727.tech.schema.AlgorithmInfoType) AlgorithmIdentifierType(iso.std.iso_iec._24727.tech.schema.AlgorithmIdentifierType) Test(org.testng.annotations.Test)

Aggregations

CertificateRefType (iso.std.iso_iec._24727.tech.schema.CertificateRefType)4 AlgorithmInfoType (iso.std.iso_iec._24727.tech.schema.AlgorithmInfoType)3 AlgorithmIdentifierType (iso.std.iso_iec._24727.tech.schema.AlgorithmIdentifierType)2 CryptoKeyInfoType (iso.std.iso_iec._24727.tech.schema.CryptoKeyInfoType)2 CryptoMarkerType (iso.std.iso_iec._24727.tech.schema.CryptoMarkerType)2 JAXBElement (javax.xml.bind.JAXBElement)2 QName (javax.xml.namespace.QName)2 AccessControlListType (iso.std.iso_iec._24727.tech.schema.AccessControlListType)1 AccessRuleType (iso.std.iso_iec._24727.tech.schema.AccessRuleType)1 DIDInfoType (iso.std.iso_iec._24727.tech.schema.DIDInfoType)1 DIDMarkerType (iso.std.iso_iec._24727.tech.schema.DIDMarkerType)1 DifferentialIdentityType (iso.std.iso_iec._24727.tech.schema.DifferentialIdentityType)1 HashGenerationInfoType (iso.std.iso_iec._24727.tech.schema.HashGenerationInfoType)1 KeyRefType (iso.std.iso_iec._24727.tech.schema.KeyRefType)1 LegacySignatureGenerationType (iso.std.iso_iec._24727.tech.schema.LegacySignatureGenerationType)1 ArrayList (java.util.ArrayList)1 HashSet (java.util.HashSet)1 CryptoMarkerType (org.openecard.crypto.common.sal.did.CryptoMarkerType)1 CryptoMarkerBuilder (org.openecard.mdlw.sal.didfactory.CryptoMarkerBuilder)1 CryptokiException (org.openecard.mdlw.sal.exceptions.CryptokiException)1