Examples with X509CertificatePrivateKeyPair org.olat.core.util.crypto.X509CertificatePrivateKeyPair used on opensource projects

Search in sources :

Example 16 with X509CertificatePrivateKeyPair

use of org.olat.core.util.crypto.X509CertificatePrivateKeyPair in project openolat by klemens.

the class XMLDigitalSignatureUtilTest method signDetachedAndValidate_containSignatureDocument.

/**
 * Test if the signature can be detached and imported in an other
 * DOM structure.
 *
 * @throws Exception
 */
@Test
public void signDetachedAndValidate_containSignatureDocument() throws Exception {
    X509CertificatePrivateKeyPair certificateInfo = getCertificatePrivateKeyPair();
    URL xmlUrl = XMLDigitalSignatureUtilTest.class.getResource("assessmentResult.xml");
    File xmlFile = new File(xmlUrl.toURI());
    String xmlUri = "http://localhost:8081/RepositoryEntry/688455680/CourseNode/95133178953589/TestSession/2693/assessmentResult.xml";
    Document signatureDocument = XMLDigitalSignatureUtil.createDocument();
    Node rootNode = signatureDocument.appendChild(signatureDocument.createElement("assessmentTestSignature"));
    Node courseNode = rootNode.appendChild(signatureDocument.createElement("course"));
    courseNode.appendChild(signatureDocument.createTextNode("Very difficult test"));
    File xmlSignatureFile = File.createTempFile("assessment-result", "_signature.xml");
    XMLDigitalSignatureUtil.signDetached(xmlUri, xmlFile, xmlSignatureFile, signatureDocument, null, certificateInfo.getX509Cert(), certificateInfo.getPrivateKey());
    Assert.assertTrue(xmlSignatureFile.length() > 0);
    boolean valid = XMLDigitalSignatureUtil.validate(xmlUri, xmlFile, xmlSignatureFile, certificateInfo.getX509Cert().getPublicKey());
    Assert.assertTrue(valid);
    // load the signature and check that the course info and the Signature is there
    Document reloadSignatureDocument = XMLDigitalSignatureUtil.getDocument(xmlSignatureFile);
    NodeList courseNl = reloadSignatureDocument.getElementsByTagName("course");
    Assert.assertEquals(1, courseNl.getLength());
    NodeList signatureNl = reloadSignatureDocument.getElementsByTagName("Signature");
    Assert.assertEquals(1, signatureNl.getLength());
    // clean up
    Files.deleteIfExists(xmlSignatureFile.toPath());
}
Also used : X509CertificatePrivateKeyPair(org.olat.core.util.crypto.X509CertificatePrivateKeyPair) Node(org.w3c.dom.Node) NodeList(org.w3c.dom.NodeList) Document(org.w3c.dom.Document) File(java.io.File) URL(java.net.URL) Test(org.junit.Test)

Example 17 with X509CertificatePrivateKeyPair

use of org.olat.core.util.crypto.X509CertificatePrivateKeyPair in project openolat by klemens.

the class XMLDigitalSignatureUtilTest method readCertificatePrivateKeyPair.

/**
 * Preliminary test which read the certificate. The method is used in
 * every other test of the class.
 *
 * @throws Exception
 */
@Test
public void readCertificatePrivateKeyPair() throws Exception {
    X509CertificatePrivateKeyPair keyPair = getCertificatePrivateKeyPair();
    Assert.assertNotNull(keyPair);
    Assert.assertNotNull(keyPair.getPrivateKey());
    Assert.assertNotNull(keyPair.getX509Cert());
}
Also used : X509CertificatePrivateKeyPair(org.olat.core.util.crypto.X509CertificatePrivateKeyPair) Test(org.junit.Test)

Example 18 with X509CertificatePrivateKeyPair

use of org.olat.core.util.crypto.X509CertificatePrivateKeyPair in project openolat by klemens.

the class QTI21ServiceImpl method validateAssessmentResult.

@Override
public DigitalSignatureValidation validateAssessmentResult(File xmlSignature) {
    try {
        Document signature = XMLDigitalSignatureUtil.getDocument(xmlSignature);
        String uri = XMLDigitalSignatureUtil.getReferenceURI(signature);
        // URI looks like: http://localhost:8081/olat/RepositoryEntry/688455680/CourseNode/95134692149905/TestSession/3231/assessmentResult.xml
        String keyName = XMLDigitalSignatureUtil.getKeyName(signature);
        int end = uri.indexOf("/assessmentResult");
        if (end <= 0) {
            return new DigitalSignatureValidation(DigitalSignatureValidation.Message.sessionNotFound, false);
        }
        int start = uri.lastIndexOf('/', end - 1);
        if (start <= 0) {
            return new DigitalSignatureValidation(DigitalSignatureValidation.Message.sessionNotFound, false);
        }
        String testSessionKey = uri.substring(start + 1, end);
        AssessmentTestSession testSession = getAssessmentTestSession(new Long(testSessionKey));
        if (testSession == null) {
            return new DigitalSignatureValidation(DigitalSignatureValidation.Message.sessionNotFound, false);
        }
        File assessmentResult = getAssessmentResultFile(testSession);
        File certificateFile = qtiModule.getDigitalSignatureCertificateFile();
        X509CertificatePrivateKeyPair kp = null;
        if (keyName != null && keyName.equals(certificateFile.getName())) {
            kp = CryptoUtil.getX509CertificatePrivateKeyPairPfx(certificateFile, qtiModule.getDigitalSignatureCertificatePassword());
        } else if (keyName != null) {
            File olderCertificateFile = new File(certificateFile.getParentFile(), keyName);
            if (olderCertificateFile.exists()) {
                kp = CryptoUtil.getX509CertificatePrivateKeyPairPfx(olderCertificateFile, qtiModule.getDigitalSignatureCertificatePassword());
            }
        }
        if (kp == null) {
            // validate document against signature
            if (XMLDigitalSignatureUtil.validate(uri, assessmentResult, xmlSignature)) {
                return new DigitalSignatureValidation(DigitalSignatureValidation.Message.validItself, true);
            }
        } else if (XMLDigitalSignatureUtil.validate(uri, assessmentResult, xmlSignature, kp.getX509Cert().getPublicKey())) {
            // validate document against signature but use the public key of the certificate
            return new DigitalSignatureValidation(DigitalSignatureValidation.Message.validCertificate, true);
        }
    } catch (Exception e) {
        log.error("", e);
    }
    return new DigitalSignatureValidation(DigitalSignatureValidation.Message.notValid, false);
}
Also used : X509CertificatePrivateKeyPair(org.olat.core.util.crypto.X509CertificatePrivateKeyPair) AssessmentTestSession(org.olat.ims.qti21.AssessmentTestSession) InMemoryAssessmentTestSession(org.olat.ims.qti21.model.InMemoryAssessmentTestSession) DigitalSignatureValidation(org.olat.ims.qti21.model.DigitalSignatureValidation) Document(org.w3c.dom.Document) File(java.io.File) QtiXmlInterpretationException(uk.ac.ed.ph.jqtiplus.reading.QtiXmlInterpretationException) TransformerException(javax.xml.transform.TransformerException) IOException(java.io.IOException) XmlResourceNotFoundException(uk.ac.ed.ph.jqtiplus.xmlutils.XmlResourceNotFoundException) OLATRuntimeException(org.olat.core.logging.OLATRuntimeException)

Example 19 with X509CertificatePrivateKeyPair

use of org.olat.core.util.crypto.X509CertificatePrivateKeyPair in project openolat by klemens.

the class QTI21ServiceImpl method signAssessmentResult.

@Override
public void signAssessmentResult(AssessmentTestSession candidateSession, DigitalSignatureOptions signatureOptions, Identity assessedIdentity) {
    // nothing to do
    if (!qtiModule.isDigitalSignatureEnabled() || !signatureOptions.isDigitalSignature())
        return;
    try {
        File resultFile = getAssessmentResultFile(candidateSession);
        File signatureFile = new File(resultFile.getParentFile(), "assessmentResultSignature.xml");
        File certificateFile = qtiModule.getDigitalSignatureCertificateFile();
        X509CertificatePrivateKeyPair kp = CryptoUtil.getX509CertificatePrivateKeyPairPfx(certificateFile, qtiModule.getDigitalSignatureCertificatePassword());
        StringBuilder uri = new StringBuilder();
        uri.append(Settings.getServerContextPathURI()).append("/").append("RepositoryEntry/").append(candidateSession.getRepositoryEntry().getKey());
        if (StringHelper.containsNonWhitespace(candidateSession.getSubIdent())) {
            uri.append("/CourseNode/").append(candidateSession.getSubIdent());
        }
        uri.append("/TestSession/").append(candidateSession.getKey()).append("/assessmentResult.xml");
        Document signatureDoc = createSignatureDocumentWrapper(uri.toString(), assessedIdentity, signatureOptions);
        XMLDigitalSignatureUtil.signDetached(uri.toString(), resultFile, signatureFile, signatureDoc, certificateFile.getName(), kp.getX509Cert(), kp.getPrivateKey());
        if (signatureOptions.isDigitalSignature() && signatureOptions.getMailBundle() != null) {
            MailBundle mail = signatureOptions.getMailBundle();
            List<File> attachments = new ArrayList<>(2);
            attachments.add(signatureFile);
            mail.getContent().setAttachments(attachments);
            mailManager.sendMessageAsync(mail);
        }
    } catch (Exception e) {
        log.error("", e);
    }
}
Also used : X509CertificatePrivateKeyPair(org.olat.core.util.crypto.X509CertificatePrivateKeyPair) ArrayList(java.util.ArrayList) Document(org.w3c.dom.Document) MailBundle(org.olat.core.util.mail.MailBundle) File(java.io.File) QtiXmlInterpretationException(uk.ac.ed.ph.jqtiplus.reading.QtiXmlInterpretationException) TransformerException(javax.xml.transform.TransformerException) IOException(java.io.IOException) XmlResourceNotFoundException(uk.ac.ed.ph.jqtiplus.xmlutils.XmlResourceNotFoundException) OLATRuntimeException(org.olat.core.logging.OLATRuntimeException)

Example 20 with X509CertificatePrivateKeyPair

use of org.olat.core.util.crypto.X509CertificatePrivateKeyPair in project openolat by klemens.

the class QTI21AdminController method validateCertificatePassword.

private boolean validateCertificatePassword(File file) {
    boolean allOk = true;
    try {
        String password = certificatePasswordEl.getValue();
        X509CertificatePrivateKeyPair kp = CryptoUtil.getX509CertificatePrivateKeyPairPfx(file, password);
        if (kp.getX509Cert() == null) {
            certificateEl.setErrorKey("error.digital.certificate.noX509", null);
            allOk &= false;
        } else if (kp.getPrivateKey() == null) {
            certificateEl.setErrorKey("error.digital.certificate.noPrivateKey", null);
            allOk &= false;
        }
    } catch (Exception e) {
        logError("", e);
        String message = e.getMessage() == null ? "" : e.getMessage();
        String[] errorArgs = new String[] { message };
        certificateEl.setErrorKey("error.digital.certificate.cannotread", errorArgs);
        allOk &= false;
    }
    return allOk;
}
Also used : X509CertificatePrivateKeyPair(org.olat.core.util.crypto.X509CertificatePrivateKeyPair)

Aggregations

X509CertificatePrivateKeyPair (org.olat.core.util.crypto.X509CertificatePrivateKeyPair)20 File (java.io.File)16 Test (org.junit.Test)14 URL (java.net.URL)12 Document (org.w3c.dom.Document)6 IOException (java.io.IOException)4 TransformerException (javax.xml.transform.TransformerException)4 OLATRuntimeException (org.olat.core.logging.OLATRuntimeException)4 QtiXmlInterpretationException (uk.ac.ed.ph.jqtiplus.reading.QtiXmlInterpretationException)4 XmlResourceNotFoundException (uk.ac.ed.ph.jqtiplus.xmlutils.XmlResourceNotFoundException)4 ArrayList (java.util.ArrayList)2 MailBundle (org.olat.core.util.mail.MailBundle)2 AssessmentTestSession (org.olat.ims.qti21.AssessmentTestSession)2 DigitalSignatureValidation (org.olat.ims.qti21.model.DigitalSignatureValidation)2 InMemoryAssessmentTestSession (org.olat.ims.qti21.model.InMemoryAssessmentTestSession)2 Node (org.w3c.dom.Node)2 NodeList (org.w3c.dom.NodeList)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial