Examples with CertificateRefType iso.std.iso_iec._24727.tech.schema.CertificateRefType used on opensource projects

Example 1 with CertificateRefType

use of iso.std.iso_iec._24727.tech.schema.CertificateRefType in project open-ecard by ecsec.

the class DidInfo method getRelatedDataSets.

public List<DataSetInfo> getRelatedDataSets() throws WSHelper.WSException {
    try {
        ArrayList<DataSetInfo> result = new ArrayList<>();
        Set<String> foundDataSets = new HashSet<>();
        if (isCryptoDid()) {
            CryptoMarkerType m = getGenericCryptoMarker();
            for (CertificateRefType cert : m.getCertificateRefs()) {
                String datasetName = cert.getDataSetName();
                // add if it is not already present in the result list
                if (!foundDataSets.contains(datasetName)) {
                    DataSetInfo ds = didInfos.getDataSetInfo(application, datasetName);
                    result.add(ds);
                    foundDataSets.add(datasetName);
                }
            }
        }
        return Collections.unmodifiableList(result);
    } catch (NoSuchDataSet ex) {
        String msg = "DataSet referenced in CIF could not be resolved.";
        LOG.error(msg, ex);
        throw WSHelper.createException(WSHelper.makeResultError(ECardConstants.Minor.App.INT_ERROR, msg));
    }
}

Example 2 with CertificateRefType

use of iso.std.iso_iec._24727.tech.schema.CertificateRefType in project open-ecard by ecsec.

the class CryptoMarkerBuilder method build.

public CryptoMarkerType build() {
    CryptoMarkerType marker = new CryptoMarkerType();
    marker.setProtocol(PROTOCOL);
    if (algInfo != null) {
        try {
            JAXBElement<AlgorithmInfoType> e;
            e = new JAXBElement<>(new QName(ISONS, "AlgorithmInfo"), AlgorithmInfoType.class, algInfo);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal AlgorithmInfo element.", ex);
        }
    }
    if (keyInfo != null) {
        try {
            JAXBElement<CryptoKeyInfoType> e;
            e = new JAXBElement<>(new QName(ISONS, "KeyInfo"), CryptoKeyInfoType.class, keyInfo);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal KeyInfo element.", ex);
        }
    }
    if (sigGenInfo != null) {
        try {
            JAXBElement<String> e;
            e = new JAXBElement(new QName(ISONS, "SignatureGenerationInfo"), String.class, sigGenInfo);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal SignatureGenerationInfo element.", ex);
        }
    }
    if (legacySignGenInfo != null) {
        try {
            JAXBElement<LegacySignatureGenerationType> e;
            e = new JAXBElement(new QName(ISONS, "LegacySignatureGenerationInfo"), LegacySignatureGenerationType.class, legacySignGenInfo);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal LegacySignatureGenerationInfo element.", ex);
        }
    }
    if (hashGenInfo != null) {
        try {
            JAXBElement<HashGenerationInfoType> e;
            e = new JAXBElement(new QName(ISONS, "HashGenerationInfo"), HashGenerationInfoType.class, hashGenInfo);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal HashGenerationInfo element.", ex);
        }
    }
    for (CertificateRefType certRef : getCertRefs()) {
        try {
            JAXBElement<CertificateRefType> e;
            e = new JAXBElement(new QName(ISONS, "CertificateRef"), CertificateRefType.class, certRef);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal CertificateRef element.", ex);
        }
    }
    if (legacyKeyname != null) {
        try {
            JAXBElement<String> e;
            e = new JAXBElement(new QName(ISONS, "LegacyKeyName"), String.class, legacyKeyname);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal LegacyKeyName element.", ex);
        }
    }
    return marker;
}

Example 3 with CertificateRefType

use of iso.std.iso_iec._24727.tech.schema.CertificateRefType in project open-ecard by ecsec.

the class CIFCreator method createCryptoDID.

private DIDInfoType createCryptoDID(List<MwCertificate> mwCerts, SignatureAlgorithms sigalg) throws WSMarshallerException, CryptokiException {
    LOG.debug("Creating Crypto DID object.");
    DIDInfoType di = new DIDInfoType();
    String keyLabel = mwCerts.get(0).getLabel();
    // create differential identity
    DifferentialIdentityType did = new DifferentialIdentityType();
    di.setDifferentialIdentity(did);
    String didName = keyLabel + "_" + mwCerts.get(0).getLabel() + "_" + sigalg.getJcaAlg();
    LOG.debug("DIDName: {}", didName);
    did.setDIDName(didName);
    did.setDIDProtocol("urn:oid:1.3.162.15480.3.0.25");
    did.setDIDScope(DIDScopeType.LOCAL);
    // create crypto marker
    CryptoMarkerBuilder markerBuilder = new CryptoMarkerBuilder();
    // add AlgorithmInfo
    AlgorithmInfoType algInfo = new AlgorithmInfoType();
    algInfo.setAlgorithm(sigalg.getJcaAlg());
    AlgorithmIdentifierType algIdentifier = new AlgorithmIdentifierType();
    algIdentifier.setAlgorithm(sigalg.getAlgId());
    algInfo.setAlgorithmIdentifier(algIdentifier);
    algInfo.getSupportedOperations().add("Compute-signature");
    markerBuilder.setAlgInfo(algInfo);
    markerBuilder.setLegacyKeyname(keyLabel);
    // add certificates
    for (MwCertificate nextCert : mwCerts) {
        try {
            CertificateRefType certRef = new CertificateRefType();
            certRef.setDataSetName(nextCert.getLabel());
            markerBuilder.getCertRefs().add(certRef);
        } catch (CryptokiException ex) {
            LOG.warn("Certificate chain is not complete.");
            break;
        }
    }
    // wrap crypto marker and add to parent
    CryptoMarkerType marker = markerBuilder.build();
    DIDMarkerType markerWrapper = new DIDMarkerType();
    markerWrapper.setCryptoMarker(marker);
    did.setDIDMarker(markerWrapper);
    // create acl
    AccessControlListType acl = new AccessControlListType();
    di.setDIDACL(acl);
    List<AccessRuleType> rules = acl.getAccessRule();
    rules.add(createRuleTrue(AuthorizationServiceActionName.ACL_LIST));
    rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_GET));
    // create sign rule with PIN reference
    AccessRuleType signRule = createRuleTrue(CryptographicServiceActionName.SIGN);
    signRule.setSecurityCondition(createDidCond(PIN_NAME));
    rules.add(signRule);
    return di;
}

Example 4 with CertificateRefType

use of iso.std.iso_iec._24727.tech.schema.CertificateRefType in project open-ecard by ecsec.

the class CryptoMarkerTypeTest method testCryptoMarkerType.

/**
 * Simple test for CryptoMarkerType.
 * After creating the CryptoMarker of the PrK.CH.AUT_signPKCS1_V1_5 DID in the the
 * ESIGN application of the EGK we check if the get-methods return the expected values.
 *
 * @throws Exception
 *             when something in this test went unexpectedly wrong
 */
@Test
public void testCryptoMarkerType() throws Exception {
    WSMarshaller marshaller = WSMarshallerFactory.createInstance();
    // setup the iso cryptoMarker type
    iso.std.iso_iec._24727.tech.schema.CryptoMarkerType cryptoMarker = new iso.std.iso_iec._24727.tech.schema.CryptoMarkerType();
    cryptoMarker.setProtocol("urn:oid:1.3.162.15480.3.0.25");
    // algorithm info
    AlgorithmInfoType algType = new AlgorithmInfoType();
    algType.setAlgorithm("signPKCS1_V1_5");
    AlgorithmIdentifierType aIdType = new AlgorithmIdentifierType();
    aIdType.setAlgorithm("http://ws.openecard.org/alg/rsa");
    algType.setAlgorithmIdentifier(aIdType);
    algType.getSupportedOperations().add("Compute-signature");
    algType.setCardAlgRef(new byte[] { (byte) 0x02 });
    QName elemName = new QName("urn:iso:std:iso-iec:24727:tech:schema", "AlgorithmInfo");
    JAXBElement<AlgorithmInfoType> algInfo = new JAXBElement<>(elemName, AlgorithmInfoType.class, algType);
    Element algInfoElem = marshaller.marshal(algInfo).getDocumentElement();
    cryptoMarker.getAny().add(algInfoElem);
    // key info
    elemName = new QName("urn:iso:std:iso-iec:24727:tech:schema", "KeyInfo");
    CryptoKeyInfoType cryptoKey = new CryptoKeyInfoType();
    KeyRefType keyref = new KeyRefType();
    keyref.setKeyRef(new byte[] { (byte) 0x02 });
    cryptoKey.setKeyRef(keyref);
    JAXBElement<CryptoKeyInfoType> keyInfoElem = new JAXBElement<>(elemName, CryptoKeyInfoType.class, cryptoKey);
    Element keyrefElem = marshaller.marshal(keyInfoElem).getDocumentElement();
    cryptoMarker.getAny().add(keyrefElem);
    // signature generation info
    elemName = new QName("urn:iso:std:iso-iec:24727:tech:schema", "SignatureGenerationInfo");
    JAXBElement<String> sigGenInfoElem = new JAXBElement<>(elemName, String.class, "MSE_KEY_DS PSO_CDS");
    Element sigGenElem = marshaller.marshal(sigGenInfoElem).getDocumentElement();
    cryptoMarker.getAny().add(sigGenElem);
    // certificate references if available
    elemName = new QName("urn:iso:std:iso-iec:24727:tech:schema", "CertificateRef");
    CertificateRefType certRef = new CertificateRefType();
    certRef.setDataSetName("EF.C.CH.AUT");
    JAXBElement<CertificateRefType> certRefType = new JAXBElement<>(elemName, CertificateRefType.class, certRef);
    Element certRefElement = marshaller.marshal(certRefType).getDocumentElement();
    cryptoMarker.getAny().add(certRefElement);
    // perform the tests
    CryptoMarkerType cryptoMarkerNew = new CryptoMarkerType(cryptoMarker);
    assertTrue(cryptoMarkerNew.getAlgorithmInfo().getSupportedOperations().size() > 0);
    assertEquals(cryptoMarkerNew.getSignatureGenerationInfo(), new String[] { "MSE_KEY_DS", "PSO_CDS" });
    assertEquals(cryptoMarkerNew.getCryptoKeyInfo().getKeyRef().getKeyRef(), new byte[] { 0x02 });
    assertEquals(cryptoMarkerNew.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm(), "http://ws.openecard.org/alg/rsa");
    assertNull(cryptoMarkerNew.getLegacyKeyName());
    assertNotNull(cryptoMarkerNew.getHashGenerationInfo());
    assertEquals(cryptoMarkerNew.getHashGenerationInfo(), HashGenerationInfoType.NOT_ON_CARD);
    assertEquals(cryptoMarkerNew.getCertificateRefs().get(0).getDataSetName(), "EF.C.CH.AUT");
    // assertEquals(cryptoMarker.getStateInfo(), "");
    assertEquals(cryptoMarker.getProtocol(), ECardConstants.Protocol.GENERIC_CRYPTO);
}