Search in sources :

Example 11 with Signature

use of org.hl7.fhir.dstu3.model.Signature in project org.hl7.fhir.core by hapifhir.

the class RdfParser method composeProvenance.

protected void composeProvenance(Complex parent, String parentType, String name, Provenance element, int index) {
    if (element == null)
        return;
    Complex t;
    if (Utilities.noString(parentType))
        t = parent;
    else {
        t = parent.predicate("fhir:" + parentType + '.' + name);
    }
    composeDomainResource(t, "Provenance", name, element, index);
    for (int i = 0; i < element.getTarget().size(); i++) composeReference(t, "Provenance", "target", element.getTarget().get(i), i);
    if (element.hasOccurred())
        composeType(t, "Provenance", "occurred", element.getOccurred(), -1);
    if (element.hasRecordedElement())
        composeInstant(t, "Provenance", "recorded", element.getRecordedElement(), -1);
    for (int i = 0; i < element.getPolicy().size(); i++) composeUri(t, "Provenance", "policy", element.getPolicy().get(i), i);
    if (element.hasLocation())
        composeReference(t, "Provenance", "location", element.getLocation(), -1);
    for (int i = 0; i < element.getReason().size(); i++) composeCodeableConcept(t, "Provenance", "reason", element.getReason().get(i), i);
    if (element.hasActivity())
        composeCodeableConcept(t, "Provenance", "activity", element.getActivity(), -1);
    for (int i = 0; i < element.getAgent().size(); i++) composeProvenanceProvenanceAgentComponent(t, "Provenance", "agent", element.getAgent().get(i), i);
    for (int i = 0; i < element.getEntity().size(); i++) composeProvenanceProvenanceEntityComponent(t, "Provenance", "entity", element.getEntity().get(i), i);
    for (int i = 0; i < element.getSignature().size(); i++) composeSignature(t, "Provenance", "signature", element.getSignature().get(i), i);
}
Also used : Complex(org.hl7.fhir.r4.utils.formats.Turtle.Complex)

Example 12 with Signature

use of org.hl7.fhir.dstu3.model.Signature in project org.hl7.fhir.core by hapifhir.

the class DigitalSignatures method main.

public static void main(String[] args) throws Exception {
    // http://docs.oracle.com/javase/7/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html
    // 
    byte[] inputXml = "<Envelope xmlns=\"urn:envelope\">\r\n</Envelope>\r\n".getBytes();
    // load the document that's going to be signed
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setNamespaceAware(true);
    DocumentBuilder builder = dbf.newDocumentBuilder();
    Document doc = builder.parse(new ByteArrayInputStream(inputXml));
    // // create a key pair
    // KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
    // kpg.initialize(512);
    // KeyPair kp = kpg.generateKeyPair();
    PublicKey pub = getPublicKey("C:\\work\\fhirserver\\tests\\signatures\\public_key.der");
    PrivateKey priv = getPrivateKey("C:\\work\\fhirserver\\tests\\signatures\\private_key.der");
    // sign the document
    DOMSignContext dsc = new DOMSignContext(priv, doc.getDocumentElement());
    XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
    Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null);
    SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref));
    KeyInfoFactory kif = fac.getKeyInfoFactory();
    KeyValue kv = kif.newKeyValue(pub);
    KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
    XMLSignature signature = fac.newXMLSignature(si, ki);
    signature.sign(dsc);
    OutputStream os = new FileOutputStream(Utilities.path("[tmp]", "java-digsig.xml"));
    new XmlGenerator().generate(doc.getDocumentElement(), os);
}
Also used : XMLSignatureFactory(javax.xml.crypto.dsig.XMLSignatureFactory) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) PrivateKey(java.security.PrivateKey) KeyValue(javax.xml.crypto.dsig.keyinfo.KeyValue) XmlGenerator(org.hl7.fhir.utilities.xml.XmlGenerator) PublicKey(java.security.PublicKey) Reference(javax.xml.crypto.dsig.Reference) OutputStream(java.io.OutputStream) FileOutputStream(java.io.FileOutputStream) Document(org.w3c.dom.Document) SignedInfo(javax.xml.crypto.dsig.SignedInfo) KeyInfoFactory(javax.xml.crypto.dsig.keyinfo.KeyInfoFactory) DocumentBuilder(javax.xml.parsers.DocumentBuilder) ByteArrayInputStream(java.io.ByteArrayInputStream) KeyInfo(javax.xml.crypto.dsig.keyinfo.KeyInfo) DOMSignContext(javax.xml.crypto.dsig.dom.DOMSignContext) XMLSignature(javax.xml.crypto.dsig.XMLSignature) FileOutputStream(java.io.FileOutputStream) C14NMethodParameterSpec(javax.xml.crypto.dsig.spec.C14NMethodParameterSpec)

Example 13 with Signature

use of org.hl7.fhir.dstu3.model.Signature in project org.hl7.fhir.core by hapifhir.

the class QuestionnaireBuilder method processDataType.

private void processDataType(StructureDefinition profile, QuestionnaireItemComponent group, ElementDefinition element, String path, TypeRefComponent t, List<QuestionnaireResponse.QuestionnaireResponseItemComponent> answerGroups, List<ElementDefinition> parents) throws FHIRException {
    String tc = t.getWorkingCode();
    if (tc.equals("code"))
        addCodeQuestions(group, element, path, answerGroups);
    else if (Utilities.existsInList(tc, "string", "id", "oid", "uuid", "markdown"))
        addStringQuestions(group, element, path, answerGroups);
    else if (Utilities.existsInList(tc, "uri", "url", "canonical"))
        addUriQuestions(group, element, path, answerGroups);
    else if (tc.equals("boolean"))
        addBooleanQuestions(group, element, path, answerGroups);
    else if (tc.equals("decimal"))
        addDecimalQuestions(group, element, path, answerGroups);
    else if (tc.equals("dateTime") || tc.equals("date"))
        addDateTimeQuestions(group, element, path, answerGroups);
    else if (tc.equals("instant"))
        addInstantQuestions(group, element, path, answerGroups);
    else if (tc.equals("time"))
        addTimeQuestions(group, element, path, answerGroups);
    else if (tc.equals("CodeableConcept"))
        addCodeableConceptQuestions(group, element, path, answerGroups);
    else if (tc.equals("Period"))
        addPeriodQuestions(group, element, path, answerGroups);
    else if (tc.equals("Ratio"))
        addRatioQuestions(group, element, path, answerGroups);
    else if (tc.equals("HumanName"))
        addHumanNameQuestions(group, element, path, answerGroups);
    else if (tc.equals("Address"))
        addAddressQuestions(group, element, path, answerGroups);
    else if (tc.equals("ContactPoint"))
        addContactPointQuestions(group, element, path, answerGroups);
    else if (tc.equals("Identifier"))
        addIdentifierQuestions(group, element, path, answerGroups);
    else if (tc.equals("integer") || tc.equals("positiveInt") || tc.equals("unsignedInt"))
        addIntegerQuestions(group, element, path, answerGroups);
    else if (tc.equals("Coding"))
        addCodingQuestions(group, element, path, answerGroups);
    else if (Utilities.existsInList(tc, "Quantity", "Count", "Age", "Duration", "Distance", "Money"))
        addQuantityQuestions(group, element, path, answerGroups);
    else if (tc.equals("Money"))
        addMoneyQuestions(group, element, path, answerGroups);
    else if (tc.equals("Reference"))
        addReferenceQuestions(group, element, path, t.getTargetProfile(), answerGroups);
    else if (tc.equals("Duration"))
        addDurationQuestions(group, element, path, answerGroups);
    else if (tc.equals("base64Binary"))
        addBinaryQuestions(group, element, path, answerGroups);
    else if (tc.equals("Attachment"))
        addAttachmentQuestions(group, element, path, answerGroups);
    else if (tc.equals("Age"))
        addAgeQuestions(group, element, path, answerGroups);
    else if (tc.equals("Range"))
        addRangeQuestions(group, element, path, answerGroups);
    else if (tc.equals("Timing"))
        addTimingQuestions(group, element, path, answerGroups);
    else if (tc.equals("Annotation"))
        addAnnotationQuestions(group, element, path, answerGroups);
    else if (tc.equals("SampledData"))
        addSampledDataQuestions(group, element, path, answerGroups);
    else if (tc.equals("Extension")) {
        if (t.hasProfile())
            addExtensionQuestions(profile, group, element, path, t.getProfile().get(0).getValue(), answerGroups, parents);
    } else if (tc.equals("SampledData"))
        addSampledDataQuestions(group, element, path, answerGroups);
    else if (!tc.equals("Narrative") && !tc.equals("Resource") && !tc.equals("Meta") && !tc.equals("Signature")) {
        StructureDefinition sd = context.fetchTypeDefinition(tc);
        if (sd == null)
            throw new NotImplementedException("Unhandled Data Type: " + tc + " on element " + element.getPath());
        buildGroup(group, sd, sd.getSnapshot().getElementFirstRep(), parents, answerGroups);
    }
}
Also used : StructureDefinition(org.hl7.fhir.r4b.model.StructureDefinition) NotImplementedException(org.apache.commons.lang3.NotImplementedException)

Example 14 with Signature

use of org.hl7.fhir.dstu3.model.Signature in project org.hl7.fhir.core by hapifhir.

the class SHCParser method parse.

public List<NamedElement> parse(InputStream stream) throws IOException, FHIRFormatError, DefinitionException, FHIRException {
    List<NamedElement> res = new ArrayList<>();
    String src = TextFile.streamToString(stream).trim();
    List<String> list = new ArrayList<>();
    String pfx = null;
    if (src.startsWith("{")) {
        JsonObject json = JsonTrackingParser.parseJson(src);
        if (checkProperty(json, "$", "verifiableCredential", true, "Array")) {
            pfx = "verifiableCredential";
            JsonArray arr = json.getAsJsonArray("verifiableCredential");
            int i = 0;
            for (JsonElement e : arr) {
                if (!(e instanceof JsonPrimitive)) {
                    logError(line(e), col(e), "$.verifiableCredential[" + i + "]", IssueType.STRUCTURE, "Wrong Property verifiableCredential in JSON Payload. Expected : String but found " + JSONUtil.type(e), IssueSeverity.ERROR);
                } else {
                    list.add(e.getAsString());
                }
                i++;
            }
        } else {
            return res;
        }
    } else {
        list.add(src);
    }
    int c = 0;
    for (String ssrc : list) {
        String prefix = pfx == null ? "" : pfx + "[" + Integer.toString(c) + "].";
        c++;
        JWT jwt = null;
        try {
            jwt = decodeJWT(ssrc);
        } catch (Exception e) {
            logError(1, 1, prefix + "JWT", IssueType.INVALID, "Unable to decode JWT token", IssueSeverity.ERROR);
            return res;
        }
        map = jwt.map;
        checkNamedProperties(jwt.getPayload(), prefix + "payload", "iss", "nbf", "vc");
        checkProperty(jwt.getPayload(), prefix + "payload", "iss", true, "String");
        logError(1, 1, prefix + "JWT", IssueType.INFORMATIONAL, "The FHIR Validator does not check the JWT signature " + "(see https://demo-portals.smarthealth.cards/VerifierPortal.html or https://github.com/smart-on-fhir/health-cards-dev-tools) (Issuer = '" + jwt.getPayload().get("iss").getAsString() + "')", IssueSeverity.INFORMATION);
        checkProperty(jwt.getPayload(), prefix + "payload", "nbf", true, "Number");
        JsonObject vc = jwt.getPayload().getAsJsonObject("vc");
        if (vc == null) {
            logError(1, 1, "JWT", IssueType.STRUCTURE, "Unable to find property 'vc' in the payload", IssueSeverity.ERROR);
            return res;
        }
        String path = prefix + "payload.vc";
        checkNamedProperties(vc, path, "type", "credentialSubject");
        if (!checkProperty(vc, path, "type", true, "Array")) {
            return res;
        }
        JsonArray type = vc.getAsJsonArray("type");
        int i = 0;
        for (JsonElement e : type) {
            if (!(e instanceof JsonPrimitive)) {
                logError(line(e), col(e), path + ".type[" + i + "]", IssueType.STRUCTURE, "Wrong Property Type in JSON Payload. Expected : String but found " + JSONUtil.type(e), IssueSeverity.ERROR);
            } else {
                types.add(e.getAsString());
            }
            i++;
        }
        if (!types.contains("https://smarthealth.cards#health-card")) {
            logError(line(vc), col(vc), path, IssueType.STRUCTURE, "Card does not claim to be of type https://smarthealth.cards#health-card, cannot validate", IssueSeverity.ERROR);
            return res;
        }
        if (!checkProperty(vc, path, "credentialSubject", true, "Object")) {
            return res;
        }
        JsonObject cs = vc.getAsJsonObject("credentialSubject");
        path = path + ".credentialSubject";
        if (!checkProperty(cs, path, "fhirVersion", true, "String")) {
            return res;
        }
        JsonElement fv = cs.get("fhirVersion");
        if (!VersionUtilities.versionsCompatible(context.getVersion(), fv.getAsString())) {
            logError(line(fv), col(fv), path + ".fhirVersion", IssueType.STRUCTURE, "Card claims to be of version " + fv.getAsString() + ", cannot be validated against version " + context.getVersion(), IssueSeverity.ERROR);
            return res;
        }
        if (!checkProperty(cs, path, "fhirBundle", true, "Object")) {
            return res;
        }
        // ok. all checks passed, we can now validate the bundle
        Element e = jsonParser.parse(cs.getAsJsonObject("fhirBundle"), map);
        if (e != null) {
            res.add(new NamedElement(path, e));
        }
    }
    return res;
}
Also used : JsonPrimitive(com.google.gson.JsonPrimitive) JsonElement(com.google.gson.JsonElement) ArrayList(java.util.ArrayList) JsonObject(com.google.gson.JsonObject) DefinitionException(org.hl7.fhir.exceptions.DefinitionException) DataFormatException(java.util.zip.DataFormatException) IOException(java.io.IOException) FHIRException(org.hl7.fhir.exceptions.FHIRException) JsonArray(com.google.gson.JsonArray) JsonElement(com.google.gson.JsonElement)

Example 15 with Signature

use of org.hl7.fhir.dstu3.model.Signature in project org.hl7.fhir.core by hapifhir.

the class RdfParser method composeBundle.

protected void composeBundle(Complex parent, String parentType, String name, Bundle element, int index) {
    if (element == null)
        return;
    Complex t;
    if (Utilities.noString(parentType))
        t = parent;
    else {
        t = parent.predicate("fhir:" + parentType + '.' + name);
    }
    composeResource(t, "Bundle", name, element, index);
    if (element.hasIdentifier())
        composeIdentifier(t, "Bundle", "identifier", element.getIdentifier(), -1);
    if (element.hasTypeElement())
        composeEnum(t, "Bundle", "type", element.getTypeElement(), -1);
    if (element.hasTimestampElement())
        composeInstant(t, "Bundle", "timestamp", element.getTimestampElement(), -1);
    if (element.hasTotalElement())
        composeUnsignedInt(t, "Bundle", "total", element.getTotalElement(), -1);
    for (int i = 0; i < element.getLink().size(); i++) composeBundleBundleLinkComponent(t, "Bundle", "link", element.getLink().get(i), i);
    for (int i = 0; i < element.getEntry().size(); i++) composeBundleBundleEntryComponent(t, "Bundle", "entry", element.getEntry().get(i), i);
    if (element.hasSignature())
        composeSignature(t, "Bundle", "signature", element.getSignature(), -1);
}
Also used : Complex(org.hl7.fhir.r4.utils.formats.Turtle.Complex)

Aggregations

ByteArrayInputStream (java.io.ByteArrayInputStream)6 OutputStream (java.io.OutputStream)6 Reference (javax.xml.crypto.dsig.Reference)6 SignedInfo (javax.xml.crypto.dsig.SignedInfo)6 XMLSignature (javax.xml.crypto.dsig.XMLSignature)6 XMLSignatureFactory (javax.xml.crypto.dsig.XMLSignatureFactory)6 DOMSignContext (javax.xml.crypto.dsig.dom.DOMSignContext)6 KeyInfo (javax.xml.crypto.dsig.keyinfo.KeyInfo)6 KeyInfoFactory (javax.xml.crypto.dsig.keyinfo.KeyInfoFactory)6 KeyValue (javax.xml.crypto.dsig.keyinfo.KeyValue)6 C14NMethodParameterSpec (javax.xml.crypto.dsig.spec.C14NMethodParameterSpec)6 DocumentBuilder (javax.xml.parsers.DocumentBuilder)6 DocumentBuilderFactory (javax.xml.parsers.DocumentBuilderFactory)6 NotImplementedException (org.apache.commons.lang3.NotImplementedException)6 XmlGenerator (org.hl7.fhir.utilities.xml.XmlGenerator)6 Document (org.w3c.dom.Document)6 Complex (org.hl7.fhir.dstu2016may.formats.RdfGenerator.Complex)4 Complex (org.hl7.fhir.r4.utils.formats.Turtle.Complex)4 FileOutputStream (java.io.FileOutputStream)3 IOException (java.io.IOException)3