Examples with WonSignatureData won.protocol.message.WonSignatureData used on opensource projects

Example 6 with WonSignatureData

use of won.protocol.message.WonSignatureData in project webofneeds by researchstudio-sat.

the class WonMessageSignerVerifier method addUnreferencedSigReferences.

/**
 * If the provided signing stage has signature graphs that are not referenced from any envelope graphs, they
 * should be moved to the innermost not-signed envelope graph. The signature graph is to be deleted.
 * @param msgDataset
 * @param sigStage
 */
private static void addUnreferencedSigReferences(final Dataset msgDataset, final SigningStage sigStage) {
    String innemostUnsignedEnvUri = null;
    List<String> envUris = sigStage.getUnsignedEnvUrisOrderedByContainment();
    if (envUris.isEmpty()) {
        return;
    } else {
        innemostUnsignedEnvUri = envUris.get(0);
    }
    WonSignatureData sigRef = sigStage.getOutermostSignature();
    if (sigRef != null) {
        addSignature(sigRef, innemostUnsignedEnvUri, msgDataset, true);
        msgDataset.removeNamedModel(sigRef.getSignatureUri());
    }
}

Example 7 with WonSignatureData

use of won.protocol.message.WonSignatureData in project webofneeds by researchstudio-sat.

the class WonSigner method sign.

/**
 * Signs the graphs of the dataset with the provided private key and referencing
 * the provided certificate/public key uri in signature, this uri will be used
 * to extract key by the verification party.
 *
 * @param privateKey the private key
 * @param cert the certificate reference (where the public key can be found for verification)
 * @param graphsToSign the names of the graphs that have to be signed. If not provided -
 * all the graphs that don't have signatures will be signed.
 * @throws Exception
 */
// TODO chng exceptions to won exceptions?
public List<WonSignatureData> sign(PrivateKey privateKey, String cert, PublicKey publicKey, String... graphsToSign) throws Exception {
    List<WonSignatureData> sigRefs = new ArrayList<>(graphsToSign.length);
    MessageDigest md = MessageDigest.getInstance(ENV_HASH_ALGORITHM, SIGNING_ALGORITHM_PROVIDER);
    String fingerprint = Base64.getEncoder().encodeToString(md.digest(publicKey.getEncoded()));
    for (String signedGraphUri : graphsToSign) {
        // TODO should be generated in a more proper way and not here - check of the name already exists etc.
        if (logger.isDebugEnabled()) {
            StringWriter sw = new StringWriter();
            RDFDataMgr.write(sw, dataset.getNamedModel(signedGraphUri), Lang.TRIG);
            logger.debug("signing graph {} with content: {}", graphsToSign, sw.toString());
        }
        String signatureUri = signedGraphUri + "-sig";
        // create GraphCollection with one NamedGraph that corresponds to this Model
        GraphCollection inputGraph = ModelConverter.modelToGraphCollection(signedGraphUri, dataset);
        // sign the NamedGraph inside that GraphCollection
        SignatureData sigValue = signNamedGraph(inputGraph, privateKey, cert);
        String hash = new String(Base64.getEncoder().encodeToString(sigValue.getHash().toByteArray()));
        WonSignatureData sigRef = new WonSignatureData(signedGraphUri, signatureUri, sigValue.getSignature(), hash, fingerprint, cert);
        sigRefs.add(sigRef);
    }
    return sigRefs;
}

Example 8 with WonSignatureData

use of won.protocol.message.WonSignatureData in project webofneeds by researchstudio-sat.

the class WonMessageSignerVerifier method signWholeMessage.

/**
 * Signs all graphs with one signature.
 *
 * @param msgDataset
 * @param sigStage
 * @param signer
 * @param privateKey
 * @param privateKeyUri
 * @param publicKey
 * @throws Exception
 */
private static void signWholeMessage(final Dataset msgDataset, final SigningStage sigStage, final WonSigner signer, final PrivateKey privateKey, final String privateKeyUri, final PublicKey publicKey, URI messageURI) throws Exception {
    WonSignatureData wonSignatureData = null;
    // String outerEnvUri = null;
    String signatureUri = WonRelativeUriHelper.stripFragment(messageURI).toString() + WonMessage.SIGNATURE_URI_SUFFIX;
    wonSignatureData = signer.signWholeDataset(privateKey, privateKeyUri, publicKey, signatureUri);
    Objects.requireNonNull(wonSignatureData);
    // this is the signature of the outermost envelopoe. put it in a new graph.
    msgDataset.addNamedModel(wonSignatureData.getSignatureUri(), ModelFactory.createDefaultModel());
    addSignature(wonSignatureData, wonSignatureData.getSignatureUri(), msgDataset, false);
}

Example 9 with WonSignatureData

use of won.protocol.message.WonSignatureData in project webofneeds by researchstudio-sat.

the class WonMessageSignerVerifier method signContents.

/**
 * If the provided signing stage has unsigned content graphs, sign them. This
 * adds the signature triples to the graph, add signature graphs to the dataset,
 * and add signature references of those signatures into the envelope graph that
 * has has content property referencing signed by that signature content graph
 *
 * @param msgDataset
 * @param sigStage
 * @param signer
 * @param privateKey
 * @param privateKeyUri
 */
private static void signContents(final Dataset msgDataset, final SigningStage sigStage, final WonSigner signer, final PrivateKey privateKey, final String privateKeyUri, final PublicKey publicKey) throws Exception {
    List<WonSignatureData> sigRefs = signer.sign(privateKey, privateKeyUri, publicKey, sigStage.getUnsignedContentUris());
    for (WonSignatureData sigRef : sigRefs) {
        String envUri = sigStage.getEnvelopeUri();
        addSignature(sigRef, envUri, msgDataset, true);
    }
}

Example 10 with WonSignatureData

use of won.protocol.message.WonSignatureData in project webofneeds by researchstudio-sat.

the class WonSigner method signWholeDataset.

public WonSignatureData signWholeDataset(PrivateKey privateKey, String cert, PublicKey publicKey, String signatureUri) throws Exception {
    String fingerprint = WonHasher.hashToString(publicKey.getEncoded());
    if (logger.isDebugEnabled()) {
        StringWriter sw = new StringWriter();
        RDFDataMgr.write(sw, dataset, Lang.TRIG);
        logger.debug("signing dataset with content: {}", sw.toString());
    }
    List<String> graphURIs = StreamSupport.stream(Spliterators.spliteratorUnknownSize(dataset.listNames(), Spliterator.ORDERED), false).collect(Collectors.toList());
    // create GraphCollection with one NamedGraph that corresponds to this Model
    GraphCollection inputGraphCollection = ModelConverter.fromDataset(dataset);
    // sign the NamedGraph inside that GraphCollection
    SignatureData sigValue = sign(hasher.hashNamedGraphForSigning(inputGraphCollection), privateKey, cert);
    String hash = WonHasher.hashToString(sigValue.getHash());
    WonSignatureData sigRef = new WonSignatureData(graphURIs, signatureUri, sigValue.getSignature(), hash, fingerprint, cert);
    return sigRef;
}