use of iso.std.iso_iec._24727.tech.schema.CertificateRefType in project open-ecard by ecsec.
the class DidInfo method getRelatedDataSets.
public List<DataSetInfo> getRelatedDataSets() throws WSHelper.WSException {
try {
ArrayList<DataSetInfo> result = new ArrayList<>();
Set<String> foundDataSets = new HashSet<>();
if (isCryptoDid()) {
CryptoMarkerType m = getGenericCryptoMarker();
for (CertificateRefType cert : m.getCertificateRefs()) {
String datasetName = cert.getDataSetName();
// add if it is not already present in the result list
if (!foundDataSets.contains(datasetName)) {
DataSetInfo ds = didInfos.getDataSetInfo(application, datasetName);
result.add(ds);
foundDataSets.add(datasetName);
}
}
}
return Collections.unmodifiableList(result);
} catch (NoSuchDataSet ex) {
String msg = "DataSet referenced in CIF could not be resolved.";
LOG.error(msg, ex);
throw WSHelper.createException(WSHelper.makeResultError(ECardConstants.Minor.App.INT_ERROR, msg));
}
}
use of iso.std.iso_iec._24727.tech.schema.CertificateRefType in project open-ecard by ecsec.
the class CryptoMarkerBuilder method build.
public CryptoMarkerType build() {
CryptoMarkerType marker = new CryptoMarkerType();
marker.setProtocol(PROTOCOL);
if (algInfo != null) {
try {
JAXBElement<AlgorithmInfoType> e;
e = new JAXBElement<>(new QName(ISONS, "AlgorithmInfo"), AlgorithmInfoType.class, algInfo);
Document d = m.marshal(e);
marker.getAny().add(d.getDocumentElement());
} catch (MarshallingTypeException ex) {
LOG.error("Failed to marshal AlgorithmInfo element.", ex);
}
}
if (keyInfo != null) {
try {
JAXBElement<CryptoKeyInfoType> e;
e = new JAXBElement<>(new QName(ISONS, "KeyInfo"), CryptoKeyInfoType.class, keyInfo);
Document d = m.marshal(e);
marker.getAny().add(d.getDocumentElement());
} catch (MarshallingTypeException ex) {
LOG.error("Failed to marshal KeyInfo element.", ex);
}
}
if (sigGenInfo != null) {
try {
JAXBElement<String> e;
e = new JAXBElement(new QName(ISONS, "SignatureGenerationInfo"), String.class, sigGenInfo);
Document d = m.marshal(e);
marker.getAny().add(d.getDocumentElement());
} catch (MarshallingTypeException ex) {
LOG.error("Failed to marshal SignatureGenerationInfo element.", ex);
}
}
if (legacySignGenInfo != null) {
try {
JAXBElement<LegacySignatureGenerationType> e;
e = new JAXBElement(new QName(ISONS, "LegacySignatureGenerationInfo"), LegacySignatureGenerationType.class, legacySignGenInfo);
Document d = m.marshal(e);
marker.getAny().add(d.getDocumentElement());
} catch (MarshallingTypeException ex) {
LOG.error("Failed to marshal LegacySignatureGenerationInfo element.", ex);
}
}
if (hashGenInfo != null) {
try {
JAXBElement<HashGenerationInfoType> e;
e = new JAXBElement(new QName(ISONS, "HashGenerationInfo"), HashGenerationInfoType.class, hashGenInfo);
Document d = m.marshal(e);
marker.getAny().add(d.getDocumentElement());
} catch (MarshallingTypeException ex) {
LOG.error("Failed to marshal HashGenerationInfo element.", ex);
}
}
for (CertificateRefType certRef : getCertRefs()) {
try {
JAXBElement<CertificateRefType> e;
e = new JAXBElement(new QName(ISONS, "CertificateRef"), CertificateRefType.class, certRef);
Document d = m.marshal(e);
marker.getAny().add(d.getDocumentElement());
} catch (MarshallingTypeException ex) {
LOG.error("Failed to marshal CertificateRef element.", ex);
}
}
if (legacyKeyname != null) {
try {
JAXBElement<String> e;
e = new JAXBElement(new QName(ISONS, "LegacyKeyName"), String.class, legacyKeyname);
Document d = m.marshal(e);
marker.getAny().add(d.getDocumentElement());
} catch (MarshallingTypeException ex) {
LOG.error("Failed to marshal LegacyKeyName element.", ex);
}
}
return marker;
}
use of iso.std.iso_iec._24727.tech.schema.CertificateRefType in project open-ecard by ecsec.
the class CIFCreator method createCryptoDID.
private DIDInfoType createCryptoDID(List<MwCertificate> mwCerts, SignatureAlgorithms sigalg) throws WSMarshallerException, CryptokiException {
LOG.debug("Creating Crypto DID object.");
DIDInfoType di = new DIDInfoType();
String keyLabel = mwCerts.get(0).getLabel();
// create differential identity
DifferentialIdentityType did = new DifferentialIdentityType();
di.setDifferentialIdentity(did);
String didName = keyLabel + "_" + mwCerts.get(0).getLabel() + "_" + sigalg.getJcaAlg();
LOG.debug("DIDName: {}", didName);
did.setDIDName(didName);
did.setDIDProtocol("urn:oid:1.3.162.15480.3.0.25");
did.setDIDScope(DIDScopeType.LOCAL);
// create crypto marker
CryptoMarkerBuilder markerBuilder = new CryptoMarkerBuilder();
// add AlgorithmInfo
AlgorithmInfoType algInfo = new AlgorithmInfoType();
algInfo.setAlgorithm(sigalg.getJcaAlg());
AlgorithmIdentifierType algIdentifier = new AlgorithmIdentifierType();
algIdentifier.setAlgorithm(sigalg.getAlgId());
algInfo.setAlgorithmIdentifier(algIdentifier);
algInfo.getSupportedOperations().add("Compute-signature");
markerBuilder.setAlgInfo(algInfo);
markerBuilder.setLegacyKeyname(keyLabel);
// add certificates
for (MwCertificate nextCert : mwCerts) {
try {
CertificateRefType certRef = new CertificateRefType();
certRef.setDataSetName(nextCert.getLabel());
markerBuilder.getCertRefs().add(certRef);
} catch (CryptokiException ex) {
LOG.warn("Certificate chain is not complete.");
break;
}
}
// wrap crypto marker and add to parent
CryptoMarkerType marker = markerBuilder.build();
DIDMarkerType markerWrapper = new DIDMarkerType();
markerWrapper.setCryptoMarker(marker);
did.setDIDMarker(markerWrapper);
// create acl
AccessControlListType acl = new AccessControlListType();
di.setDIDACL(acl);
List<AccessRuleType> rules = acl.getAccessRule();
rules.add(createRuleTrue(AuthorizationServiceActionName.ACL_LIST));
rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_GET));
// create sign rule with PIN reference
AccessRuleType signRule = createRuleTrue(CryptographicServiceActionName.SIGN);
signRule.setSecurityCondition(createDidCond(PIN_NAME));
rules.add(signRule);
return di;
}
use of iso.std.iso_iec._24727.tech.schema.CertificateRefType in project open-ecard by ecsec.
the class CryptoMarkerTypeTest method testCryptoMarkerType.
/**
* Simple test for CryptoMarkerType.
* After creating the CryptoMarker of the PrK.CH.AUT_signPKCS1_V1_5 DID in the the
* ESIGN application of the EGK we check if the get-methods return the expected values.
*
* @throws Exception
* when something in this test went unexpectedly wrong
*/
@Test
public void testCryptoMarkerType() throws Exception {
WSMarshaller marshaller = WSMarshallerFactory.createInstance();
// setup the iso cryptoMarker type
iso.std.iso_iec._24727.tech.schema.CryptoMarkerType cryptoMarker = new iso.std.iso_iec._24727.tech.schema.CryptoMarkerType();
cryptoMarker.setProtocol("urn:oid:1.3.162.15480.3.0.25");
// algorithm info
AlgorithmInfoType algType = new AlgorithmInfoType();
algType.setAlgorithm("signPKCS1_V1_5");
AlgorithmIdentifierType aIdType = new AlgorithmIdentifierType();
aIdType.setAlgorithm("http://ws.openecard.org/alg/rsa");
algType.setAlgorithmIdentifier(aIdType);
algType.getSupportedOperations().add("Compute-signature");
algType.setCardAlgRef(new byte[] { (byte) 0x02 });
QName elemName = new QName("urn:iso:std:iso-iec:24727:tech:schema", "AlgorithmInfo");
JAXBElement<AlgorithmInfoType> algInfo = new JAXBElement<>(elemName, AlgorithmInfoType.class, algType);
Element algInfoElem = marshaller.marshal(algInfo).getDocumentElement();
cryptoMarker.getAny().add(algInfoElem);
// key info
elemName = new QName("urn:iso:std:iso-iec:24727:tech:schema", "KeyInfo");
CryptoKeyInfoType cryptoKey = new CryptoKeyInfoType();
KeyRefType keyref = new KeyRefType();
keyref.setKeyRef(new byte[] { (byte) 0x02 });
cryptoKey.setKeyRef(keyref);
JAXBElement<CryptoKeyInfoType> keyInfoElem = new JAXBElement<>(elemName, CryptoKeyInfoType.class, cryptoKey);
Element keyrefElem = marshaller.marshal(keyInfoElem).getDocumentElement();
cryptoMarker.getAny().add(keyrefElem);
// signature generation info
elemName = new QName("urn:iso:std:iso-iec:24727:tech:schema", "SignatureGenerationInfo");
JAXBElement<String> sigGenInfoElem = new JAXBElement<>(elemName, String.class, "MSE_KEY_DS PSO_CDS");
Element sigGenElem = marshaller.marshal(sigGenInfoElem).getDocumentElement();
cryptoMarker.getAny().add(sigGenElem);
// certificate references if available
elemName = new QName("urn:iso:std:iso-iec:24727:tech:schema", "CertificateRef");
CertificateRefType certRef = new CertificateRefType();
certRef.setDataSetName("EF.C.CH.AUT");
JAXBElement<CertificateRefType> certRefType = new JAXBElement<>(elemName, CertificateRefType.class, certRef);
Element certRefElement = marshaller.marshal(certRefType).getDocumentElement();
cryptoMarker.getAny().add(certRefElement);
// perform the tests
CryptoMarkerType cryptoMarkerNew = new CryptoMarkerType(cryptoMarker);
assertTrue(cryptoMarkerNew.getAlgorithmInfo().getSupportedOperations().size() > 0);
assertEquals(cryptoMarkerNew.getSignatureGenerationInfo(), new String[] { "MSE_KEY_DS", "PSO_CDS" });
assertEquals(cryptoMarkerNew.getCryptoKeyInfo().getKeyRef().getKeyRef(), new byte[] { 0x02 });
assertEquals(cryptoMarkerNew.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm(), "http://ws.openecard.org/alg/rsa");
assertNull(cryptoMarkerNew.getLegacyKeyName());
assertNotNull(cryptoMarkerNew.getHashGenerationInfo());
assertEquals(cryptoMarkerNew.getHashGenerationInfo(), HashGenerationInfoType.NOT_ON_CARD);
assertEquals(cryptoMarkerNew.getCertificateRefs().get(0).getDataSetName(), "EF.C.CH.AUT");
// assertEquals(cryptoMarker.getStateInfo(), "");
assertEquals(cryptoMarker.getProtocol(), ECardConstants.Protocol.GENERIC_CRYPTO);
}
Aggregations