Information

0
Story Points

Technologies

Decompiled Java File
package ee.sk.digidoc.factory;

import ee.sk.digidoc.DigiDocException;
import ee.sk.digidoc.TokenKeyInfo;
import ee.sk.digidoc.factory.SignatureFactory;
import ee.sk.utils.ConfigManager;
import ee.sk.utils.ConvertUtils;
import java.io.FileInputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Vector;
import javax.crypto.Cipher;
import org.apache.log4j.Logger;

public class Pkcs12SignatureFactory implements SignatureFactory {
   private KeyStore m_keyStore;
   private static Logger m_logger = Logger.getLogger(Pkcs12SignatureFactory.class);
   private Provider m_secProvider;

   public void init() throws DigiDocException {
      this.initProvider();
      if(this.m_keyStore == null) {
         ConfigManager cfg = ConfigManager.instance();
         String storeFile = cfg.getProperty("DIGIDOC_KEYSTORE_FILE");
         String storeType = cfg.getProperty("DIGIDOC_KEYSTORE_TYPE");
         String storePasswd = cfg.getProperty("DIGIDOC_KEYSTORE_PASSWD");
         if(storeFile != null && storeType != null && storePasswd != null) {
            this.load(storeFile, storeType, storePasswd);
         }
      }

   }

   public boolean load(String storeName, String storeType, String passwd) throws DigiDocException {
      try {
         if(m_logger.isDebugEnabled()) {
            m_logger.debug("Load store: " + storeName + " type: " + storeType);
         }

         this.m_keyStore = KeyStore.getInstance(storeType);
         if(this.m_keyStore != null) {
            this.m_keyStore.load(new FileInputStream(storeName), passwd.toCharArray());
            return true;
         }
      } catch (Exception var5) {
         m_logger.error("Error loading store: " + storeName + " - " + var5);
      }

      return false;
   }

   private void initProvider() throws DigiDocException {
      try {
         this.m_secProvider = (Provider)Class.forName(ConfigManager.instance().getProperty("DIGIDOC_SECURITY_PROVIDER")).newInstance();
         Security.addProvider(this.m_secProvider);
      } catch (Exception var2) {
         this.m_secProvider = null;
         DigiDocException.handleException(var2, 58);
      }

   }

   public TokenKeyInfo[] getTokenKeys() throws DigiDocException {
      return null;
   }

   public TokenKeyInfo[] getTokensOfType(boolean bSign) {
      return null;
   }

   public String[] getAvailableTokenNames() throws DigiDocException {
      Vector vec = new Vector();

      try {
         if(this.m_keyStore != null) {
            Enumeration arr = this.m_keyStore.aliases();

            while(arr.hasMoreElements()) {
               String i = (String)arr.nextElement();
               vec.add(i);
            }
         }
      } catch (Exception var4) {
         m_logger.error("Error reading store aliases: " + var4);
      }

      String[] var5 = new String[vec.size()];

      for(int var6 = 0; vec != null && var6 < vec.size(); ++var6) {
         var5[var6] = (String)vec.elementAt(var6);
      }

      return var5;
   }

   private String getTokenName(int nIdx) {
      try {
         if(this.m_keyStore != null) {
            Enumeration ex = this.m_keyStore.aliases();

            for(int i = 0; ex.hasMoreElements(); ++i) {
               String alias = (String)ex.nextElement();
               if(i == nIdx) {
                  return alias;
               }
            }
         }
      } catch (Exception var5) {
         m_logger.error("Error reading store aliases: " + var5);
      }

      return null;
   }

   public static Signature sigMeth2SigSignatureInstance(ee.sk.digidoc.Signature sig, Key key) throws DigiDocException {
      Signature instance = null;
      String sigMeth = null;
      String sigType = null;

      try {
         if(sig != null && sig.getSignedInfo() != null && sig.getSignedInfo().getSignatureMethod() != null) {
            sigMeth = sig.getSignedInfo().getSignatureMethod();
         }

         ConfigManager.instance();
         sigType = ConfigManager.sigMeth2SigType(sigMeth);
         if(m_logger.isDebugEnabled()) {
            m_logger.debug("Key: " + (key != null?"OK, algorithm: " + key.getAlgorithm():"NULL") + " method: " + sigMeth + " type: " + sigType);
         }

         if(sigType == null) {
            throw new DigiDocException(24, "SignatureMethod not specified!", (Throwable)null);
         }

         instance = Signature.getInstance(sigType, ConfigManager.addProvider());
      } catch (Exception var6) {
         m_logger.error("Error constructing signature instance: " + var6);
      }

      return instance;
   }

   public byte[] sign(byte[] xml, int token, String passwd, ee.sk.digidoc.Signature sig) throws DigiDocException {
      try {
         if(this.m_keyStore == null) {
            throw new DigiDocException(16, "Keystore not initialized", (Throwable)null);
         } else {
            String ex = this.getTokenName(token);
            if(ex == null) {
               throw new DigiDocException(60, "Invalid token nr: " + token, (Throwable)null);
            } else {
               if(m_logger.isDebugEnabled()) {
                  m_logger.debug("loading key: " + ex + " passwd-len: " + (passwd != null?passwd.length():0));
               }

               Key key = this.m_keyStore.getKey(ex, passwd.toCharArray());
               if(m_logger.isDebugEnabled()) {
                  m_logger.debug("Key: " + (key != null?"OK, algorithm: " + key.getAlgorithm():"NULL"));
               }

               if(key == null) {
                  throw new DigiDocException(60, "Invalid password for token nr: " + token, (Throwable)null);
               } else {
                  String sigMeth = null;
                  if(sig != null && sig.getSignedInfo() != null && sig.getSignedInfo().getSignatureMethod() != null) {
                     sigMeth = sig.getSignedInfo().getSignatureMethod();
                  }

                  if(m_logger.isDebugEnabled()) {
                     m_logger.debug("Signing\n---\n" + new String(xml) + "\n---\n method: " + sigMeth);
                  }

                  Signature instance = sigMeth2SigSignatureInstance(sig, key);
                  if(m_logger.isDebugEnabled()) {
                     m_logger.debug("Signature instance: " + (instance != null?"OK":"NULL"));
                  }

                  instance.initSign((PrivateKey)key);
                  instance.update(xml);
                  byte[] signature = instance.sign();
                  if(m_logger.isDebugEnabled()) {
                     m_logger.debug("Signature len: " + (signature != null?signature.length:0) + "\n---\n sig: " + ConvertUtils.bin2hex(signature));
                  }

                  return signature;
               }
            }
         }
      } catch (DigiDocException var10) {
         m_logger.error("DigiDoc Error signing: " + var10);
         throw var10;
      } catch (Exception var11) {
         m_logger.error("Error signing: " + var11);
         return null;
      }
   }

   public X509Certificate getCertificate(int token, String pin) throws DigiDocException {
      if(this.m_keyStore == null) {
         throw new DigiDocException(16, "Keystore not initialized", (Throwable)null);
      } else {
         String alias = this.getTokenName(token);
         if(alias == null) {
            throw new DigiDocException(60, "Invalid token nr: " + token, (Throwable)null);
         } else {
            try {
               return (X509Certificate)this.m_keyStore.getCertificate(alias);
            } catch (Exception var5) {
               m_logger.error("Error reading cert for alias: " + alias + " - " + var5);
               return null;
            }
         }
      }
   }

   public X509Certificate getAuthCertificate(int token, String pin) throws DigiDocException {
      return this.getCertificate(token, pin);
   }

   public void reset() throws DigiDocException {
      this.m_keyStore = null;
   }

   public void closeSession() throws DigiDocException {
      this.reset();
   }

   public byte[] decrypt(byte[] data, int token, String pin) throws DigiDocException {
      try {
         if(this.m_keyStore == null) {
            throw new DigiDocException(16, "Keystore not initialized", (Throwable)null);
         } else {
            String ex = this.getTokenName(token);
            if(ex == null) {
               throw new DigiDocException(60, "Invalid token nr: " + token, (Throwable)null);
            } else {
               if(m_logger.isDebugEnabled()) {
                  m_logger.debug("loading key: " + ex + " passwd-len: " + (pin != null?pin.length():0));
               }

               Key key = this.m_keyStore.getKey(ex, pin.toCharArray());
               if(m_logger.isDebugEnabled()) {
                  m_logger.debug("Key: " + (key != null?"OK, algorithm: " + key.getAlgorithm():"NULL"));
               }

               if(key == null) {
                  throw new DigiDocException(60, "Invalid password for token: " + ex, (Throwable)null);
               } else {
                  Cipher cipher = Cipher.getInstance("RSA");
                  cipher.init(2, key);
                  byte[] decdata = cipher.doFinal(data);
                  if(m_logger.isDebugEnabled()) {
                     m_logger.debug("Decrypted len: " + (decdata != null?decdata.length:0));
                  }

                  return decdata;
               }
            }
         }
      } catch (Exception var8) {
         m_logger.error("Error decrypting: " + var8);
         return null;
      }
   }

   public String getType() {
      return "PKCS12";
   }
}
Page generated: Oct 19, 2017 2:34:58 PM