diff --git a/.gitignore b/.gitignore index 3666fd005..cc8275e7c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,11 +1,14 @@ -build -target -javadoc +/build +/target .idea/workspace.xml .idea/uiDesigner.xml .idea/dictionaries/xp.xml .idea/libraries *.log -utility-package-lib -zip-package-lib +/utility-package-lib +/zip-package-lib /buildNumber.properties +/Old* +/logback.xml +!/src/main/etc/logback.xml +/lib diff --git a/.idea/codeStyleSettings.xml b/.idea/codeStyleSettings.xml index 4e722d6c9..4959716fc 100644 --- a/.idea/codeStyleSettings.xml +++ b/.idea/codeStyleSettings.xml @@ -37,16 +37,12 @@ - - diff --git a/README.md b/README.md index ad8fc79bc..06a1fea5b 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -![EU Regional Development Fund](doc/resources/EL_Regionaalarengu_Fond_horisontaalne-vaike.jpg) +![EU Regional Development Fund](src/main/doc/resources/EL_Regionaalarengu_Fond_horisontaalne-vaike.jpg) # DigiDoc4j diff --git a/RELEASE-NOTES.txt b/RELEASE-NOTES.txt index 2ee81e710..9208b07db 100644 --- a/RELEASE-NOTES.txt +++ b/RELEASE-NOTES.txt @@ -1,4 +1,27 @@ DigiDoc4J Java library release notes +------------------------------------ +Release 1.0.8.beta.1 +------------------ +Summary of the major changes since 1.0.7.2 +------------------------------------------ +* Started to use DSS version 5.1 (sd-dss.5.1.d4j.5). +* Added support for removing signature from container. +* Added support for creating, timestamping and validating the ASiCS containers. +* Added support for validating PADES containers (PDF-files with signature). +* Major refactoring of code + - classes from package org.digidoc4j.impl.bdoc are now in org.digidoc4j.impl.asic.asice.bdoc; + - the common functionality for ASiCE, ASiCS and BDOC are in package org.digidoc4j.impl.asic; + - the common functionality for ASiCE and BDOC are in package org.digidoc4j.impl.asic.asice; + - method DataToSign.getDigestToSign() is renamed to DataToSign.getDataToSign(). +* Added new API methods for accessing signature validation details. +* Added support for BDOC validation warning when SHA-1 is used. +* Documentation (github wiki, javadoc in github) is updated. + +Known issues +------------ +* Signing with ID-card and using PKCS11SignatureToken class have still a problem +when encryption algorithm is ECDSA. We are working on it. + ------------------------------------ Release 1.0.7.2 ------------------ diff --git a/assembly/zip.xml b/assembly/zip.xml deleted file mode 100644 index 8bcb59fba..000000000 --- a/assembly/zip.xml +++ /dev/null @@ -1,15 +0,0 @@ - - library - / - - zip - - - - zip-package-lib - . - - - \ No newline at end of file diff --git a/digidoc4j.iml b/digidoc4j.iml index e79bdb966..4e9d49bfc 100644 --- a/digidoc4j.iml +++ b/digidoc4j.iml @@ -1,19 +1,16 @@ - + - - - - - + + + + - - @@ -27,7 +24,7 @@ - + @@ -57,31 +54,34 @@ + + - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/pom.xml b/pom.xml index 7bdeed334..ac6a9c4a2 100644 --- a/pom.xml +++ b/pom.xml @@ -1,1096 +1,1063 @@ - - 4.0.0 - org.digidoc4j - digidoc4j - jar - 1.0.7.2 - DigiDoc4j - DigiDoc4j is a Java library for digitally signing documents and creating digital signature containers of signed documents - https://github.com/open-eid/digidoc4j - - - GNU Lesser General Public License, Version 2.1 - http://www.gnu.org/licenses/lgpl-2.1.html - - - - scm:git:git@github.com:open-eid/digidoc4j.git - scm:git:git@github.com:open-eid/digidoc4j.git - https://github.com/open-eid/digidoc4j.git - - - Pivotal - https://www.pivotaltracker.com/n/projects/1110130 - - - - Rainer Villido - Rainer.Villido at Nortal.com - Nortal - http://www.nortal.com - - - Mihkel Selgal - Mihkel.Selgal at Nortal.com - Nortal - http://www.nortal.com - - - Risto Alas - Risto.Alas at Nortal.com - Nortal - http://www.nortal.com - - - Aho Augasmägi - aho at codeborne.com - Codeborne - http://www.codeborne.com - - - Allan Juhanson - Allan.Juhanson at Nortal.com - Nortal - http://www.nortal.com - - - Martin Beldman - martin at codeborne.com - Codeborne - http://www.codeborne.com - - - Andrei Smirnov - andrei.smirnov at cgi.com - CGI Eesti - https://www.cgi.ee - - - Indrek Jentson - indrek.jentson at cgi.com - CGI Eesti - https://www.cgi.ee - - - Margus Kamlat - margus.kamlat at cgi.com - CGI Eesti - https://www.cgi.ee - - - Priit Serk - priit.serk at cgi.com - CGI Eesti - https://www.cgi.ee - - + 4.0.0 + org.digidoc4j + digidoc4j + jar + 1.0.8.beta.1 + DigiDoc4j + DigiDoc4j is a Java library for digitally signing documents and creating digital signature containers + of signed documents + + https://github.com/open-eid/digidoc4j + + + GNU Lesser General Public License, Version 2.1 + http://www.gnu.org/licenses/lgpl-2.1.html + + + + scm:git:git@github.com:open-eid/digidoc4j.git + scm:git:git@github.com:open-eid/digidoc4j.git + https://github.com/open-eid/digidoc4j.git + + + + ossrh + https://oss.sonatype.org/content/repositories/snapshots/ + + + ossrh + https://oss.sonatype.org/service/local/staging/deploy/maven2/ + + + + Pivotal + https://www.pivotaltracker.com/n/projects/1110130 + + + + Rainer Villido + Rainer.Villido at Nortal.com + Nortal + http://www.nortal.com + + + Mihkel Selgal + Mihkel.Selgal at Nortal.com + Nortal + http://www.nortal.com + + + Risto Alas + Risto.Alas at Nortal.com + Nortal + http://www.nortal.com + + + Aho Augasmägi + aho at codeborne.com + Codeborne + http://www.codeborne.com + + + Allan Juhanson + Allan.Juhanson at Nortal.com + Nortal + http://www.nortal.com + + + Martin Beldman + martin at codeborne.com + Codeborne + http://www.codeborne.com + + + Andrei Smirnov + andrei.smirnov at cgi.com + CGI Eesti + https://www.cgi.ee + + + Indrek Jentson + indrek.jentson at cgi.com + CGI Eesti + https://www.cgi.ee + + + Margus Kamlat + margus.kamlat at cgi.com + CGI Eesti + https://www.cgi.ee + + + Priit Serk + priit.serk at cgi.com + CGI Eesti + https://www.cgi.ee + + + Janar Rahumeel + janar.rahumeel at cgi.com + CGI Eesti + https://www.cgi.ee + + - - 1.7 - 1.7 - 1.7 - UTF-8 - 1.7.25 - 1.2.3 - 1.54 - 4.11 - org.digidoc4j.dss - 5.0.d4j.5 - ${project.basedir}/build/ - ${project.basedir}/utility-package-lib - ${project.basedir}/zip-package-lib - -Dfile.encoding=UTF-8 - + + 1.7 + 1.7 + 1.7 + UTF-8 + 1.7.25 + 1.2.3 + 1.54 + 4.11 + org.digidoc4j.dss + 5.1.d4j.5 + ${project.build.directory}/build/util + ${project.build.directory}/library/util + ${project.build.directory}/library/zip + -Dfile.encoding=UTF-8 + - - - notJava8 - - [1.7,1.8) - - ${java.home}/lib/jfxrt.jar - - - - 1.7 - ${java.home}/lib/jfxrt.jar - - + + + notJava8 + + [1.7,1.8) + + ${java.home}/lib/jfxrt.jar + + + + 1.7 + ${java.home}/lib/jfxrt.jar + + + + java8 + + [1.8,) + + ${java.home}/lib/ext/jfxrt.jar + + + + 1.7 + ${java.home}/lib/ext/jfxrt.jar + -Xdoclint:none + + + + delivery + + + + maven-surefire-plugin + + true + + + + maven-compiler-plugin + + + default-testCompile + test-compile + + testCompile + + + true + + + + + + + + + test-coverage + + + + maven-surefire-plugin + + true + + + + org.jacoco + jacoco-maven-plugin + 0.7.9 + + ${project.build.directory}/jacoco-unit.exec + ${project.build.directory}/jacoco-unit.exec + + + + prepare-unit-test-agent + process-test-classes + + prepare-agent + + + + generate-unit-test-report + package + + merge + report + + + + + + + + - - java8 - - [1.8,) - - ${java.home}/lib/ext/jfxrt.jar - - - - 1.7 - ${java.home}/lib/ext/jfxrt.jar - -Xdoclint:none - - + + + lib + file:${project.basedir}/src/main/lib + + - - delivery - + + + ee.sk.digidoc + jdigidoc + 3.12.1 + compile + + + iaik.pkcs + iaikPkcs11Wrapper + + + + + commons-cli + commons-cli + 1.4 + compile + + + org.apache.commons + commons-compress + 1.3 + compile + + + commons-io + commons-io + 2.5 + compile + + + commons-codec + commons-codec + 1.10 + compile + + + org.apache.commons + commons-lang3 + 3.6 + compile + + + commons-logging + commons-logging + 1.2 + compile + + + org.apache.commons + commons-collections4 + 4.1 + compile + + + org.apache.httpcomponents + httpclient + 4.5.3 + compile + + + org.apache.httpcomponents + httpcore + 4.4.6 + compile + + + org.apache.santuario + xmlsec + 2.0.9 + compile + + + org.codehaus.woodstox + woodstox-core-asl + + + + + org.bouncycastle + bcmail-jdk15on + ${bouncycastle.version} + compile + + + org.bouncycastle + bcpkix-jdk15on + ${bouncycastle.version} + compile + + + org.bouncycastle + bcprov-jdk15on + ${bouncycastle.version} + compile + + + xalan + serializer + 2.7.2 + compile + + + xml-apis + xml-apis + + + + + xalan + xalan + 2.7.2 + compile + + + org.yaml + snakeyaml + 1.18 + compile + + + org.slf4j + slf4j-api + ${slf4j.version} + compile + + + + ch.qos.logback + logback-classic + ${logback-classic.version} + compile + + + ch.qos.logback + logback-core + ${logback-classic.version} + compile + + + org.slf4j + log4j-over-slf4j + ${slf4j.version} + compile + + + org.hamcrest + hamcrest-core + 1.3 + test + + + org.mockito + mockito-all + 1.10.19 + test + + + com.github.stefanbirkner + system-rules + 1.16.1 + test + + + junit + junit + ${junit.version} + test + + + xmlunit + xmlunit + 1.6 + test + + + org.hamcrest + hamcrest-library + 1.3 + test + + + org.databene + contiperf + 2.3.4 + test + + + com.github.tomakehurst + wiremock + 1.58 + test + + + org.mortbay.jetty + jetty + 6.1.26 + test + + + org.mortbay.jetty + jetty-util + 6.1.26 + test + + + org.mortbay.jetty + servlet-api + 2.5.20110712 + test + + + com.google.guava + guava + 20.0 + compile + + + com.fasterxml.jackson.core + jackson-databind + 2.8.8 + test + + + com.fasterxml.jackson.core + jackson-core + 2.8.8 + test + + + com.fasterxml.jackson.core + jackson-annotations + 2.8.8 + test + + + + org.apache.pdfbox + pdfbox + 2.0.8 + compile + + + org.apache.pdfbox + fontbox + 2.0.8 + compile + + + + org.skyscreamer + jsonassert + 1.5.0 + test + + + com.vaadin.external.google + android-json + + + + + org.json + json + 20160810 + test + + + com.jayway.jsonpath + json-path + + + net.minidev + json-smart + + + + + log4j + log4j + 1.2.17 + compile + + + ${dss.groupId} + dss-common-validation-jaxb + ${dss.version} + compile + + + ${dss.groupId} + dss-detailed-report-jaxb + ${dss.version} + compile + + + ${dss.groupId} + dss-diagnostic-jaxb + ${dss.version} + compile + + + ${dss.groupId} + dss-document + ${dss.version} + compile + + + ${dss.groupId} + dss-model + ${dss.version} + compile + + + ${dss.groupId} + dss-policy-jaxb + ${dss.version} + compile + + + ${dss.groupId} + dss-reports + ${dss.version} + compile + + + ${dss.groupId} + dss-service + ${dss.version} + compile + + + ${dss.groupId} + dss-simple-report-jaxb + ${dss.version} + compile + + + ${dss.groupId} + dss-spi + ${dss.version} + compile + + + ${dss.groupId} + dss-token + ${dss.version} + compile + + + ${dss.groupId} + dss-tsl-jaxb + ${dss.version} + compile + + + ${dss.groupId} + dss-tsl-validation + ${dss.version} + compile + + + ${dss.groupId} + dss-xades + ${dss.version} + compile + + + ${dss.groupId} + dss-cades + ${dss.version} + compile + + + ${dss.groupId} + validation-policy + ${dss.version} + compile + + + ${dss.groupId} + dss-asic-common + ${dss.version} + compile + + + ${dss.groupId} + dss-asic-cades + ${dss.version} + compile + + + ${dss.groupId} + dss-asic-xades + ${dss.version} + compile + + + ${dss.groupId} + dss-pades + ${dss.version} + compile + + + ${dss.groupId} + dss-utils + ${dss.version} + compile + + + ${dss.groupId} + dss-utils-apache-commons + ${dss.version} + compile + + + ${dss.groupId} + dss-utils-google-guava + ${dss.version} + compile + + + + - - maven-surefire-plugin - - true - - - - maven-compiler-plugin - - - default-testCompile - test-compile - - testCompile - + + org.codehaus.mojo + buildnumber-maven-plugin + 1.4 + + + buildnumber + validate + + create + + + + + {0,number} + + buildNumber + + false + false + unknownbuild + + + + org.apache.maven.plugins + maven-dependency-plugin + + + copy-dependencies + compile + + copy-dependencies + + + true + true + + + + copy-utils-jars + compile + + copy-dependencies + + + compile + ${dss.util.lib} + true + true + + contiperf, log4j + + + + + copy-zip-jars + compile + + copy-dependencies + + + compile + ${dss.zip.lib} + true + true + + contiperf, log4j-over-slf4j + + + + + + + org.apache.maven.plugins + maven-assembly-plugin + 3.0.0 + + + src/assembly/zip.xml + + + + + zip-archive + package + + single + + + + + + org.apache.maven.plugins + maven-jar-plugin + 3.0.2 + + + custom-deploy + package + + jar + + + library + + prototype/** + + + + + DigiDoc4j + + Republic of Estonia Information System Authority + + Java BDoc/DigiDoc library + ${project.version} + + + + + + + + + + org.jacoco + jacoco-maven-plugin + 0.7.9 - true + ${project.build.directory}/jacoco-unit.exec + ${project.build.directory}/jacoco-unit.exec - - - + + + prepare-unit-test-agent + + prepare-agent + + + + generate-unit-test-report + + merge + report + + + + + + org.apache.maven.plugins + maven-surefire-plugin + 2.20.1 + + + ${project.basedir}/src/main/lib/esteidtestcerts.jar + + + + + + org.apache.maven.plugins + maven-antrun-plugin + 1.8 + + + ant-util-zip + package + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + run + + + + ant-bundle-jar + install + + + + + + + + + + + run + + + + + + org.apache.maven.plugins + maven-source-plugin + 3.0.1 + + + attach-sources + package + + jar + + + + + + org.apache.maven.plugins + maven-javadoc-plugin + + + org.apache.maven.plugins + maven-install-plugin + 2.5.2 + + + org.apache.maven.plugins + maven-gpg-plugin + 1.6 + + + sign-artifacts + verify + + sign + + + + - - - - test-coverage - + + + + org.jacoco + jacoco-maven-plugin + 0.7.9 + + + org.apache.maven.plugins + maven-install-plugin + 2.5.2 + + + org.apache.maven.plugins + maven-compiler-plugin + 3.6.1 + + ${project.encoding} + ${maven.compiler.source} + ${maven.compiler.target} + + + + org.apache.maven.plugins + maven-source-plugin + 3.0.1 + + + org.apache.maven.plugins + maven-surefire-plugin + 2.20 + + + org.apache.maven.plugins + maven-resources-plugin + 3.0.2 + + ${project.encoding} + + jks + p12 + + + + + org.apache.maven.plugins + maven-jar-plugin + 3.0.2 + + + org.apache.maven.plugins + maven-shade-plugin + 3.0.0 + + + org.apache.maven.plugins + maven-assembly-plugin + 3.0.0 + + + org.apache.maven.plugins + maven-release-plugin + 2.5.3 + + true + ${project.version} + + + + org.apache.maven.plugins + maven-javadoc-plugin + 3.0.0 + + prototype,org.digidoc4j.impl,org.digidoc4j.main,org.digidoc4j.utils + ${project.basedir}/src/main/doc + true + ${project.basedir}/src/main/doc/overview.html + public + + + + attach-javadocs + + jar + + + + + + org.jvnet.jaxb2.maven2 + maven-jaxb2-plugin + 0.13.2 + + + org.apache.maven.plugins + maven-deploy-plugin + 2.8.2 + + + org.apache.maven.plugins + maven-antrun-plugin + 1.8 + + + org.apache.maven.plugins + maven-gpg-plugin + 1.6 + + + org.sonatype.plugins + nexus-staging-maven-plugin + 1.6.8 + true + + ossrh + https://oss.sonatype.org/ + true + + + + + + + - - maven-surefire-plugin - - true - - - - org.jacoco - jacoco-maven-plugin - 0.7.9 - - ${project.basedir}/target/jacoco-unit.exec - ${project.basedir}/target/jacoco-unit.exec - - - - prepare-unit-test-agent - process-test-classes - - prepare-agent - - - - generate-unit-test-report - package - - merge - report - - - - + + org.apache.maven.plugins + maven-javadoc-plugin + 3.0.0 + + prototype,org.digidoc4j.impl,org.digidoc4j.main,org.digidoc4j.utils + ${project.basedir}/src/main/doc + true + ${project.basedir}/src/main/doc/overview.html + public + + - - - - - - - lib - file:${project.basedir}/lib - - - - - - ee.sk.digidoc - jdigidoc - 3.12.1 - compile - - - iaik.pkcs - iaikPkcs11Wrapper - - - - - commons-cli - commons-cli - 1.4 - compile - - - org.apache.commons - commons-compress - 1.3 - compile - - - commons-io - commons-io - 2.5 - compile - - - commons-codec - commons-codec - 1.10 - compile - - - org.apache.commons - commons-lang3 - 3.6 - compile - - - commons-logging - commons-logging - 1.2 - compile - - - org.apache.commons - commons-collections4 - 4.1 - compile - - - org.apache.httpcomponents - httpclient - 4.5.3 - compile - - - org.apache.httpcomponents - httpcore - 4.4.6 - compile - - - org.apache.santuario - xmlsec - 2.0.8 - compile - - - org.codehaus.woodstox - woodstox-core-asl - - - - - org.bouncycastle - bcmail-jdk15on - ${bouncycastle.version} - compile - - - org.bouncycastle - bcpkix-jdk15on - ${bouncycastle.version} - compile - - - org.bouncycastle - bcprov-jdk15on - ${bouncycastle.version} - compile - - - xalan - serializer - 2.7.2 - compile - - - xml-apis - xml-apis - - - - - xalan - xalan - 2.7.2 - compile - - - org.yaml - snakeyaml - 1.18 - compile - - - org.slf4j - slf4j-api - ${slf4j.version} - compile - - - - ch.qos.logback - logback-classic - ${logback-classic.version} - compile - - - ch.qos.logback - logback-core - ${logback-classic.version} - compile - - - org.slf4j - log4j-over-slf4j - ${slf4j.version} - compile - - - - org.hamcrest - hamcrest-core - 1.3 - test - - - org.mockito - mockito-all - 1.10.19 - test - - - com.github.stefanbirkner - system-rules - 1.16.1 - test - - - junit - junit - ${junit.version} - test - - - xmlunit - xmlunit - 1.6 - test - - - org.hamcrest - hamcrest-library - 1.3 - test - - - org.databene - contiperf - 2.3.4 - test - - - - com.github.tomakehurst - wiremock - 1.58 - test - - - org.mortbay.jetty - jetty - 6.1.26 - test - - - org.mortbay.jetty - jetty-util - 6.1.26 - test - - - org.mortbay.jetty - servlet-api - 2.5.20110712 - test - - - com.google.guava - guava - 20.0 - compile - - - com.fasterxml.jackson.core - jackson-databind - 2.8.8 - test - - - com.fasterxml.jackson.core - jackson-core - 2.8.8 - test - - - com.fasterxml.jackson.core - jackson-annotations - 2.8.8 - test - - - org.skyscreamer - jsonassert - 1.5.0 - test - - - com.vaadin.external.google - android-json - - - - - org.json - json - 20160810 - test - - - com.jayway.jsonpath - json-path - - - net.minidev - json-smart - - - - - log4j - log4j - 1.2.17 - compile - - - - ${dss.groupId} - dss-common-validation-jaxb - ${dss.version} - compile - - - ${dss.groupId} - dss-detailed-report-jaxb - ${dss.version} - compile - - - ${dss.groupId} - dss-diagnostic-jaxb - ${dss.version} - compile - - - ${dss.groupId} - dss-document - ${dss.version} - compile - - - ${dss.groupId} - dss-model - ${dss.version} - compile - - - ${dss.groupId} - dss-policy-jaxb - ${dss.version} - compile - - - ${dss.groupId} - dss-reports - ${dss.version} - compile - - - ${dss.groupId} - dss-service - ${dss.version} - compile - - - ${dss.groupId} - dss-simple-report-jaxb - ${dss.version} - compile - - - ${dss.groupId} - dss-spi - ${dss.version} - compile - - - ${dss.groupId} - dss-token - ${dss.version} - compile - - - ${dss.groupId} - dss-tsl-jaxb - ${dss.version} - compile - - - ${dss.groupId} - dss-tsl-validation - ${dss.version} - compile - - - ${dss.groupId} - dss-xades - ${dss.version} - compile - - - ${dss.groupId} - dss-cades - ${dss.version} - compile - - - ${dss.groupId} - validation-policy - ${dss.version} - compile - - - ${dss.groupId} - dss-asic-common - ${dss.version} - compile - - - ${dss.groupId} - dss-asic-cades - ${dss.version} - compile - - - ${dss.groupId} - dss-asic-xades - ${dss.version} - compile - - - ${dss.groupId} - dss-utils - ${dss.version} - compile - - - ${dss.groupId} - dss-utils-apache-commons - ${dss.version} - compile - - - ${dss.groupId} - dss-utils-google-guava - ${dss.version} - compile - - - - - src - test - build - target/test-classes - - - - resources - - logback.xml - - - - conf - conf - - - keystore - - keystore_certs/*.* - test_keystore_certs/*.* - - keystore - - - - - - maven-clean-plugin - 3.0.0 - - - clean - clean - - clean - - - - - ${project.basedir}/lib - - **/esteidtestcerts.jar - **/jacocoagent.jar - **/jacocoant.jar - - - - ${dss.util.lib} - - - ${dss.zip.lib} - - - ${project.basedir}/build - - - ${project.basedir}/target - - - - - - - - org.codehaus.mojo - buildnumber-maven-plugin - 1.4 - - - buildnumber - validate - - create - - - - - {0,number} - - buildNumber - - false - false - unknownbuild - - - - org.apache.maven.plugins - maven-dependency-plugin - - - copy-dependencies - compile - - copy-dependencies - - - ${project.basedir}/lib - true - true - - - - copy-utils-jars - compile - - copy-dependencies - - - compile - ${dss.util.lib} - true - true - - contiperf, dss-common-validation-jaxb, - dss-detailed-report-jaxb, dss-diagnostic-jaxb, dss-document, dss-model, dss-policy-jaxb, - dss-reports, dss-service, dss-simple-report-jaxb, dss-spi, dss-token, dss-tsl-jaxb, - dss-tsl-validation, dss-xades, dss-cades, validation-policy, log4j - - - - - copy-zip-jars - compile - - copy-dependencies - - - compile - ${dss.zip.lib} - true - true - - contiperf, log4j-over-slf4j - - - - - - - - org.apache.maven.plugins - maven-assembly-plugin - 3.0.0 - - - assembly/zip.xml - - - - - zip-archive - package - - single - - - - - - - org.apache.maven.plugins - maven-jar-plugin - 3.0.2 - - - main - package - - jar - - - library - - prototype/** - - - - - DigiDoc4j - - Republic of Estonia Information System Authority - Java BDoc/DigiDoc library - ${project.version} - - - - - - - - - - - org.jacoco - jacoco-maven-plugin - 0.7.9 - - ${project.basedir}/target/jacoco-unit.exec - ${project.basedir}/target/jacoco-unit.exec - - - - prepare-unit-test-agent - - prepare-agent - - - - generate-unit-test-report - - merge - report - - - - - - - org.apache.maven.plugins - maven-surefire-plugin - 2.20 - - - ${project.basedir}/lib/esteidtestcerts.jar - - - - - - - org.apache.maven.plugins - maven-antrun-plugin - 1.8 - - - ant-util-zip - package - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - run - - - - ant-bundle-jar - install - - - - - - - - - - - run - - - - - - - org.apache.maven.plugins - maven-source-plugin - 3.0.1 - - - attach-sources - package - - jar - - - - - - org.apache.maven.plugins - maven-javadoc-plugin - - - - maven-deploy-plugin - - - deploy - deploy - - deploy - - - - - - org.apache.maven.plugins - maven-install-plugin - 2.5.2 - - - org.apache.maven.plugins - maven-gpg-plugin - 1.6 - - - sign-artifacts - verify - - sign - - - - - + - - - - org.jacoco - jacoco-maven-plugin - 0.7.9 - - - org.apache.maven.plugins - maven-install-plugin - 2.5.2 - - - org.apache.maven.plugins - maven-compiler-plugin - 3.6.1 - - ${project.encoding} - ${maven.compiler.source} - ${maven.compiler.target} - - - - org.apache.maven.plugins - maven-source-plugin - 3.0.1 - - - org.apache.maven.plugins - maven-surefire-plugin - 2.20 - - - org.apache.maven.plugins - maven-resources-plugin - 3.0.2 - - ${project.encoding} - - jks - p12 - - - - - org.apache.maven.plugins - maven-jar-plugin - 3.0.2 - - - org.apache.maven.plugins - maven-shade-plugin - 3.0.0 - - - org.apache.maven.plugins - maven-assembly-plugin - 3.0.0 - - - org.apache.maven.plugins - maven-release-plugin - 2.5.3 - - true - ${project.version} - - - - org.apache.maven.plugins - maven-javadoc-plugin - 2.10.4 - - prototype - ${project.basedir}/doc - true - ${project.basedir}/doc/overview.html - - - - attach-javadocs - - jar - - - - - - org.jvnet.jaxb2.maven2 - maven-jaxb2-plugin - 0.13.2 - - - org.apache.maven.plugins - maven-deploy-plugin - 2.8.2 - - - org.apache.maven.plugins - maven-antrun-plugin - 1.8 - - - org.apache.maven.plugins - maven-gpg-plugin - 1.6 - - - - - - - - org.apache.maven.plugins - maven-javadoc-plugin - 2.10.4 - - prototype - ${project.basedir}/doc - true - ${project.basedir}/doc/overview.html - - - - diff --git a/publish.sh b/publish.sh deleted file mode 100755 index da8a0a582..000000000 --- a/publish.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -version="1.0.4" -staging_url="https://oss.sonatype.org/service/local/staging/deploy/maven2/" -#staging_url=file:/Users/rainer/tmp/test-local-repo -repositoryId="ossrh" -module="digidoc4j" - -# Starting GPG agent to store GPG passphrase so we wouldn't have to enter the passphrase every time -eval $(gpg-agent --daemon --no-grab) -export GPG_TTY=$(tty) -export GPG_AGENT_INFO - -artifact="dist/$module-$version" -echo "Deploying $artifact" -mvn gpg:sign-and-deploy-file -DpomFile=$artifact.pom -Dfile=$artifact.jar -Durl=$staging_url -DrepositoryId=$repositoryId -mvn gpg:sign-and-deploy-file -DpomFile=$artifact.pom -Dfile=$artifact-sources.jar -Dclassifier=sources -Durl=$staging_url -DrepositoryId=$repositoryId -mvn gpg:sign-and-deploy-file -DpomFile=$artifact.pom -Dfile=$artifact-javadoc.jar -Dclassifier=javadoc -Durl=$staging_url -DrepositoryId=$repositoryId - -echo "Finished deployment" - -killall gpg-agent \ No newline at end of file diff --git a/src/assembly/zip.xml b/src/assembly/zip.xml new file mode 100644 index 000000000..68de9e2e1 --- /dev/null +++ b/src/assembly/zip.xml @@ -0,0 +1,15 @@ + + library + / + + zip + + + + ${dss.zip.lib} + . + + + \ No newline at end of file diff --git a/doc/EL_Regionaalarengu_Fond_horisontaalne.jpg b/src/main/doc/EL_Regionaalarengu_Fond_horisontaalne.jpg similarity index 100% rename from doc/EL_Regionaalarengu_Fond_horisontaalne.jpg rename to src/main/doc/EL_Regionaalarengu_Fond_horisontaalne.jpg diff --git a/doc/overview.html b/src/main/doc/overview.html similarity index 85% rename from doc/overview.html rename to src/main/doc/overview.html index 5b3b9e4fb..0a7772462 100644 --- a/doc/overview.html +++ b/src/main/doc/overview.html @@ -28,6 +28,7 @@

Creating and handling signature containers

  • Using temporary cache files for storing the data file's contents in file system
  • Adding and removing signatures
  • Input/output operations with containers
    • +
  • Timestamping an ASiCS container

    • See also: {@link org.digidoc4j.ContainerBuilder org.digidoc4j.ContainerBuilder} and {@link org.digidoc4j.Container}

    Creating and handling digital signatures

    @@ -37,9 +38,9 @@

    Creating and handling digital signatures

    1. Creating the signature's XAdES-based XML contents
    2. Adding meta-data to the signature: e.g. signature creation location and signer's role
      3. -
    3. Calculating the hash to be signed - e.g. for calculating the raw signature value with a plug-in in browser
      4. -
    4. Calculating the raw RSA signature value
      5. -
    5. Adding a raw signature value that is calculated in an external system (e.g. with plugin when signing in browser) to the signature's XML content. Note that this is currently supported only by DDoc.
      6. +
    6. Calculating the hash to be signed - e.g. for calculating the raw signature value with a plug-in in browser
      7. +
    7. Calculating the raw RSA or ECDSA signature value
      8. +
    8. Adding a raw signature value that is calculated in an external system (e.g. with plugin when signing in browser) to the signature's XML content
    9. Adding long term validation data according to the signature profile: either time-mark or time-stamp and OCSP confirmation*

    * There are two XAdES-LT level compliant signature profiles supported:

    @@ -181,7 +182,7 @@

    Creating a container

    {@link org.digidoc4j.Container Container} container = {@link org.digidoc4j.ContainerBuilder ContainerBuilder}.
    -    {@link org.digidoc4j.ContainerBuilder#aContainer(String) aContainer}("BDOC"). // Supported types are BDOC and DDOC. Default is BDOC
    +    {@link org.digidoc4j.ContainerBuilder#aContainer(String) aContainer}("BDOC"). // Supported types are BDOC, ASICE, ASICS and DDOC. Default is BDOC
       {@link org.digidoc4j.ContainerBuilder#withConfiguration(Configuration) withConfiguration}(configuration). // {@link org.digidoc4j.Configuration} settings
       {@link org.digidoc4j.ContainerBuilder#withDataFile(String, String) withDataFile}("testFiles/legal_contract_1.txt", "text/plain"). // Adding a document from a hard drive
       {@link org.digidoc4j.ContainerBuilder#withDataFile(InputStream, String, String) withDataFile}(inputStream, "legal_contract_2.txt", "text/plain"). // Adding a document from a stream
    @@ -197,7 +198,7 @@

    Creating a container

    {@link org.digidoc4j.ContainerBuilder#aContainer(String) ContainerBuilder.aContainer(String containerType)} can be used - for creating a container of a particular type. Currently supported types are BDOC and DDOC. Default is BDOC 2.1 if no type is provided. + for creating a container of a particular type. Currently supported types are BDOC, ASiCE, ASiCS and DDOC. Default is BDOC 2.1 if no type is provided.

    Adding data files

    @@ -268,8 +269,8 @@

    Signing externally

    A typical use case would be signing in the Web using a browser plugin:
    1. Create a container with data files
      2. -
    2. Calculate a digest of the container to be signed
      3. -
    3. Sign the digest externally (e.g. via browser plugin)
      4. +
    4. Create SignedInfo data object what contains a digests of the data files to be signed
      5. +
    5. Sign the SignedInfo data object externally (e.g. via browser plugin)
    6. Finalize the signature with the signature value, OCSP response etc
    7. Add the finalized signature to the container
    @@ -283,7 +284,7 @@

    Getting data to sign

    - Then we need to calculate a digest to be signed externally. + Then we need to get the SignedInfo data object to be signed externally.

    @@ -296,13 +297,13 @@

    Getting data to sign

    External signing

    - Now we have a digest that can be used for external signing. {@link org.digidoc4j.DataToSign} class contains {@link org.digidoc4j.DataToSign#getDigestToSign} method - for getting digest to be signed. {@link org.digidoc4j.DataToSign#getDigestAlgorithm} method can be used for getting the digest algorithm to be used in the signing process. + Now we have a data that can be used for external signing. {@link org.digidoc4j.DataToSign} class contains {@link org.digidoc4j.DataToSign#getDataToSign} method + for getting data to be signed. {@link org.digidoc4j.DataToSign#getDigestAlgorithm} method can be used for getting the digest algorithm to be used in the signing process.

    - byte[] digestToSign = dataToSign.{@link org.digidoc4j.DataToSign#getDigestToSign getDigestToSign()}; //Get the digest that should be signed
    - byte[] signatureValue = signDigestSomewhereRemotely(digestToSign, DigestAlgorithm.SHA256); //Sign the digest + byte[] data = dataToSign.{@link org.digidoc4j.DataToSign#getDataToSign getDataToSign()}; //Get the SignedInfo data that should be signed
    + byte[] signatureValue = signDataSomewhereRemotely(data, DigestAlgorithm.SHA256); //Sign the SignedInfo data

    Finalizing signature

    @@ -382,19 +383,66 @@

    Creating a container

    Using the time-mark signature profile

    To sign a container using the time-mark protocol you need to specify the signature profile using the -profile option LT_TM:

    java -jar digidoc4j-util.jar -in "<output_file_name_and_path>" -add "<input_file_name_and_path>" "<mime_type>" -profile LT_TM -pkcs12 "<pkcs12_token_file>" "<pkcs12_token_password>"

    + +

    Using the ID-card

    + +

    java -jar digidoc4j-util.jar -in "<output_file_name_and_path>" -add "<input_file_name_and_path>" "<mime_type>" -profile LT_TM -pkcs11 "<pkcs11_module_path>" "<pkcs11_token_pin_password>" "<pkcs11_slot_index>"

    +

    When the client computer has only one smartcard reader then there are for Estonian ID-card usually two slots available:

    +

    +

      +
    1. slot 0 - for authentication (PIN1)
      2. +
    2. slot 1 - for signing (PIN2)
      3. +
    +

    +

    + In case where computer has multiple smartcard readers the slot numbers are usable in pairs: +

      +
    1. slot 0 - reader 0, PIN1
      2. +
    2. slot 1 - reader 0, PIN2
      3. +
    3. slot 2 - reader 1, PIN1
      4. +
    4. slot 3 - reader 1, PIN2
      5. +
    5. etc
      6. +
    +

    +

    In order to investigate possibilities one can use OpenSC tools, for example:

    + +

    pkcs11-tool -L --module /usr/local/lib/opensc-pkcs11.so

    +

    Example:

    +

    java -Ddigidoc4j.mode=TEST -jar digidoc4j-util.jar -in test.bdoc -add dds_acrobat.pdf application/pdf -pkcs11 /usr/local/lib/opensc-pkcs11.so 22975 1

    Creating multiple signed containers

    To create signatures of all the files within a directory, you need to specify the input directory containing data files, and output directory where the signed containers will be saved.

    java -jar digidoc4j-util.jar -inputDir "<input_directory_path>" -mimeType "<mime_type (optional)>" -outputDir "<output_directory_path>" -pkcs11 "<pkcs11_module_path>" "<pkcs11_token_pin_password>" "<pkcs11_slot_index>"

    +

    e-tokens which are bought from SK are initialized in FIPS 140-2 or EAL4+ CC v3.1 rez mode. + Thanks to that PIN-code cannot be cached without adding PIN-caching to script. This means that you cannot use -inputDir, + but can use only -in parameter with those tokens.

    +

    Creating a timestamped ASiCS container

    +

    A valid ASiCS container contains only one document and is signed or timestamped. + To create such a container the output file extention must be .asics or .scs. + In order to create ASiCS container with + timestamp the option -tst or -timestamp must be used:

    + +

    java -jar digidoc4j-util.jar -in "<output_file_name_and_path>" -add "<input_file_name_and_path>" "<mime_type>" -tst

    +

    NB! For successful timestamping the user must have service agreement with TSA!

    +

    Validation

    -

    The utility performs validation when specifying the -v option. The output shows all signatures and their statuses as well as all errors:

    +

    The utility performs validation when specifying the -v option. The output shows all signatures and their statuses as well as all errors:

    java -jar digidoc4j-util.jar -in "<input_file_name_and_path>" -v -

    In order to see validation warnings in addition to the errors you must specify the -w option:

    +

    In order to see validation warnings in addition to the errors you must specify the -w option:

    java -jar digidoc4j-util.jar -in "<input_file_name_and_path>" -v -w +

    In order to get validation reports in addition to the output on the screen you must specify the -r option:

    +

    java -jar digidoc4j-util.jar -in "<input_file_name_and_path>" -v -r "<report_files_path>" +

    Then you can find in given report directory following xml-files: validationReport.xml, validationDiagnosticData*.xml, + validationDetailReport*.xml and validationSimpleReport*.xml.

    Verbose

    -

    For all tasks more details can be obtained using the -verbose option as in the next example:

    +

    For all tasks more details can be obtained using the -verbose option as in the next example:

    java -jar digidoc4j-util.jar -in "<input_file_name_and_path>" -v -verbose + +

    Test mode

    +

    It is possible to invoke the library in test mode by adding -Ddigidoc4j.mode=TEST. This will use the test TSL and accepts test ID cards.

    + +

    java -Ddigidoc4j.mode=TEST -jar digidoc4j-util.jar

    \ No newline at end of file diff --git a/doc/resources/EL_Regionaalarengu_Fond_horisontaalne-vaike.jpg b/src/main/doc/resources/EL_Regionaalarengu_Fond_horisontaalne-vaike.jpg similarity index 100% rename from doc/resources/EL_Regionaalarengu_Fond_horisontaalne-vaike.jpg rename to src/main/doc/resources/EL_Regionaalarengu_Fond_horisontaalne-vaike.jpg diff --git a/doc/resources/dd4j.jpg b/src/main/doc/resources/dd4j.jpg similarity index 100% rename from doc/resources/dd4j.jpg rename to src/main/doc/resources/dd4j.jpg diff --git a/keystore/keystore_certs/ec.europa.eu.2.crt b/src/main/etc/keystore/keystore_certs/ec.europa.eu.2.crt similarity index 100% rename from keystore/keystore_certs/ec.europa.eu.2.crt rename to src/main/etc/keystore/keystore_certs/ec.europa.eu.2.crt diff --git a/keystore/keystore_certs/ec.europa.eu.3.crt b/src/main/etc/keystore/keystore_certs/ec.europa.eu.3.crt similarity index 100% rename from keystore/keystore_certs/ec.europa.eu.3.crt rename to src/main/etc/keystore/keystore_certs/ec.europa.eu.3.crt diff --git a/keystore/keystore_certs/ec.europa.eu.4.crt b/src/main/etc/keystore/keystore_certs/ec.europa.eu.4.crt similarity index 100% rename from keystore/keystore_certs/ec.europa.eu.4.crt rename to src/main/etc/keystore/keystore_certs/ec.europa.eu.4.crt diff --git a/keystore/keystore_certs/ec.europa.eu.crt b/src/main/etc/keystore/keystore_certs/ec.europa.eu.crt similarity index 100% rename from keystore/keystore_certs/ec.europa.eu.crt rename to src/main/etc/keystore/keystore_certs/ec.europa.eu.crt diff --git a/keystore/test_keystore_certs/test_keystore_cert.crt b/src/main/etc/keystore/test_keystore_certs/test_keystore_cert.crt similarity index 100% rename from keystore/test_keystore_certs/test_keystore_cert.crt rename to src/main/etc/keystore/test_keystore_certs/test_keystore_cert.crt diff --git a/resources/logback.xml b/src/main/etc/logback.xml similarity index 100% rename from resources/logback.xml rename to src/main/etc/logback.xml diff --git a/src/org/digidoc4j/Configuration.java b/src/main/java/org/digidoc4j/Configuration.java similarity index 61% rename from src/org/digidoc4j/Configuration.java rename to src/main/java/org/digidoc4j/Configuration.java index 59aa92718..78ff327c9 100644 --- a/src/org/digidoc4j/Configuration.java +++ b/src/main/java/org/digidoc4j/Configuration.java @@ -10,26 +10,36 @@ package org.digidoc4j; +import static java.util.Arrays.asList; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.InputStream; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.io.Serializable; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Hashtable; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.concurrent.ExecutorService; + import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.StringUtils; import org.digidoc4j.exceptions.ConfigurationException; import org.digidoc4j.exceptions.DigiDoc4JException; import org.digidoc4j.impl.ConfigurationSingeltonHolder; -import org.digidoc4j.impl.bdoc.tsl.TslManager; +import org.digidoc4j.impl.asic.tsl.TslManager; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.yaml.snakeyaml.Yaml; -import java.io.*; -import java.net.MalformedURLException; -import java.net.URL; -import java.util.*; -import java.util.concurrent.ExecutorService; - -import static java.util.Arrays.asList; -import static org.apache.commons.lang3.StringUtils.isNotBlank; -import static org.apache.commons.lang3.StringUtils.isNotEmpty; - import eu.europa.esig.dss.client.http.Protocol; /** @@ -86,31 +96,28 @@ *

    Optional entries of the configuration file:

    * */ public class Configuration implements Serializable { - private static final Logger logger = LoggerFactory.getLogger(Configuration.class); - private static final int ONE_SECOND = 1000; - private static final long ONE_DAY_IN_MILLISECONDS = 1000 * 60 * 60 * 24; - private static final int ONE_DAY_IN_MINUTES = 24 * 60; - public static final long ONE_MB_IN_BYTES = 1048576; - public static final long FIFTEEN_MINUTES = 15; - - public static final String DEFAULT_CANONICALIZATION_FACTORY_IMPLEMENTATION - = "ee.sk.digidoc.c14n.TinyXMLCanonicalizer"; - public static final String DEFAULT_SECURITY_PROVIDER = "org.bouncycastle.jce.provider.BouncyCastleProvider"; - public static final String DEFAULT_SECURITY_PROVIDER_NAME = "BC"; - public static final String DEFAULT_NOTARY_IMPLEMENTATION = "ee.sk.digidoc.factory.BouncyCastleNotaryFactory"; - public static final String DEFAULT_TSL_FACTORY_IMPLEMENTATION = "ee.sk.digidoc.tsl.DigiDocTrustServiceFactory"; - public static final String DEFAULT_FACTORY_IMPLEMENTATION = "ee.sk.digidoc.factory.SAXDigiDocFactory"; - public static final String DEFAULT_KEY_USAGE_CHECK = "false"; - public static final String DEFAULT_DATAFILE_HASHCODE_MODE = "false"; - public static final String DEFAULT_USE_LOCAL_TSL = "true"; - public static final String DEFAULT_MAX_DATAFILE_CACHED = "-1"; - public static final String DEFAULT_TSL_KEYSTORE_LOCATION = "keystore/keystore.jks"; - public static final List DEFAULT_TRUESTED_TERRITORIES = - Arrays.asList("AT", "BE", "BG", "CY", "CZ", /*"DE",*/ "DK", "EE", "ES", "FI", "FR", - "GR", "HU", /*"HR",*/ "IE", "IS", "IT", "LT", "LU", "LV", "LI", "MT", "NO", "NL", - "PL", "PT", "RO", "SE", "SI", "SK", "UK"); - public static final String DEFAULT_SIGNATURE_PROFILE = "LT"; - public static final String DEFAULT_SIGNATURE_DIGEST_ALGORITHM = "SHA256"; - - public static final long CACHE_ALL_DATA_FILES = -1; - public static final long CACHE_NO_DATA_FILES = 0; - - public static final String TEST_OCSP_URL = "http://demo.sk.ee/ocsp"; - public static final String PROD_OCSP_URL = "http://ocsp.sk.ee/"; - private static final String SIGN_OCSP_REQUESTS = "SIGN_OCSP_REQUESTS"; - private static final String OCSP_PKCS_12_CONTAINER = "DIGIDOC_PKCS12_CONTAINER"; - private static final String OCSP_PKCS_12_PASSWD = "DIGIDOC_PKCS12_PASSWD"; - - public static final String JAVAX_NET_SSL_TRUST_STORE_PASSWORD = "javax.net.ssl.trustStorePassword"; - public static final String JAVAX_NET_SSL_TRUST_STORE = "javax.net.ssl.trustStore"; - public static final String JAVAX_NET_SSL_KEY_STORE_PASSWORD = "javax.net.ssl.keyStorePassword"; - public static final String JAVAX_NET_SSL_KEY_STORE = "javax.net.ssl.keyStore"; - public static final String HTTPS_PROXY_PORT = "https.proxyPort"; - public static final String HTTPS_PROXY_HOST = "https.proxyHost"; - public static final String HTTP_PROXY_PORT = "http.proxyPort"; - public static final String HTTP_PROXY_HOST = "http.proxyHost"; + private static final Logger logger = LoggerFactory.getLogger(Configuration.class); + private transient ExecutorService threadExecutor; private final Mode mode; - private LinkedHashMap configurationFromFile; - private String configurationInputSourceName; - private Hashtable jDigiDocConfiguration = new Hashtable<>(); - private ArrayList inputSourceParseErrors = new ArrayList<>(); private TslManager tslManager; - Map configuration = new HashMap<>(); - - private String httpProxyHost = ""; - private Integer httpProxyPort; - private String httpsProxyHost = ""; - private Integer httpsProxyPort; - private String httpProxyUser = ""; - private String httpProxyPassword = ""; + private Hashtable jDigiDocConfiguration = new Hashtable<>(); + private ConfigurationRegistry registry = new ConfigurationRegistry(); private List trustedTerritories = new ArrayList<>(); - private String sslKeystorePath = ""; - private String sslKeystoreType = ""; - private String sslKeystorePassword = ""; - private String sslTruststorePath = ""; - private String sslTruststoreType = ""; - private String sslTruststorePassword = ""; - private transient ExecutorService threadExecutor; + private ArrayList inputSourceParseErrors = new ArrayList<>(); + private LinkedHashMap configurationFromFile; + private String configurationInputSourceName; /** * Application mode @@ -217,7 +169,7 @@ public enum Mode { /** * Getting the default Configuration object.
    *

    - * The default configuration object is a singelton, meaning that all the containers will use the same configuration + * The default configuration object is a singelton, meaning that all the containers will use the same registry * object. It is a good idea to use only a single configuration object for all the containers so the operation times * would be faster. * @@ -227,41 +179,27 @@ public static Configuration getInstance() { return ConfigurationSingeltonHolder.getInstance(); } - private void initDefaultValues() { - logger.debug(""); - tslManager = new TslManager(this); - - configuration.put("connectionTimeout", String.valueOf(ONE_SECOND)); - configuration.put("socketTimeout", String.valueOf(ONE_SECOND)); - configuration.put("tslKeyStorePassword", "digidoc4j-password"); - configuration.put("revocationAndTimestampDeltaInMinutes", String.valueOf(ONE_DAY_IN_MINUTES)); - configuration.put("tslCacheExpirationTime", String.valueOf(ONE_DAY_IN_MILLISECONDS)); - configuration.put("allowedTimestampAndOCSPResponseDeltaInMinutes", String.valueOf(FIFTEEN_MINUTES)); - configuration.put("signatureProfile", DEFAULT_SIGNATURE_PROFILE); - configuration.put("signatureDigestAlgoritm", DEFAULT_SIGNATURE_DIGEST_ALGORITHM); - - if (mode == Mode.TEST) { - configuration.put("tspSource", "http://demo.sk.ee/tsa"); - configuration.put("tslLocation", "https://open-eid.github.io/test-TL/tl-mp-test-EE.xml"); - configuration.put("tslKeyStoreLocation", "keystore/test-keystore.jks"); - configuration.put("validationPolicy", "conf/test_constraint.xml"); - configuration.put("ocspSource", TEST_OCSP_URL); - configuration.put(SIGN_OCSP_REQUESTS, "false"); - jDigiDocConfiguration.put(SIGN_OCSP_REQUESTS, "false"); - } else { - configuration.put("tspSource", "http://tsa.sk.ee"); - configuration.put("tslLocation", - "https://ec.europa.eu/information_society/policy/esignature/trusted-list/tl-mp.xml"); - configuration.put("tslKeyStoreLocation", DEFAULT_TSL_KEYSTORE_LOCATION); - configuration.put("validationPolicy", "conf/constraint.xml"); - configuration.put("ocspSource", PROD_OCSP_URL); - configuration.put(SIGN_OCSP_REQUESTS, "false"); - jDigiDocConfiguration.put(SIGN_OCSP_REQUESTS, "false"); - trustedTerritories = DEFAULT_TRUESTED_TERRITORIES; - } - logger.debug(mode + "configuration:\n" + configuration); + /** + * Create new configuration + */ + public Configuration() { + this(Mode.TEST.name().equalsIgnoreCase(System.getProperty("digidoc4j.mode")) ? Mode.TEST : Mode.PROD); + } - loadInitialConfigurationValues(); + /** + * Create new configuration for application mode specified + * + * @param mode Application mode + */ + public Configuration(Mode mode) { + logger.debug("------------------------ ------------------------", mode); + this.mode = mode; + this.loadConfiguration("digidoc4j.yaml"); + this.initDefaultValues(); + logger.debug("------------------------ ------------------------", mode); + if (!logger.isDebugEnabled()) { + logger.info("Configuration loaded ..."); + } } /** @@ -270,9 +208,9 @@ private void initDefaultValues() { * @return value indicating if requirements are met */ public boolean isOCSPSigningConfigurationAvailable() { - boolean available = isNotEmpty(getOCSPAccessCertificateFileName()) - && getOCSPAccessCertificatePassword().length != 0; - logger.debug("Is OCSP signing configuration available: " + available); + boolean available = StringUtils.isNotBlank(this.getOCSPAccessCertificateFileName()) + && this.getOCSPAccessCertificatePassword().length != 0; + logger.debug("Is OCSP signing configuration available? {}", available); return available; } @@ -282,9 +220,7 @@ public boolean isOCSPSigningConfigurationAvailable() { * @return filename for the OCSP access certificate */ public String getOCSPAccessCertificateFileName() { - logger.debug("Loading OCSPAccessCertificateFile"); - String ocspAccessCertificateFile = getConfigurationParameter("OCSPAccessCertificateFile"); - logger.debug("OCSPAccessCertificateFile " + ocspAccessCertificateFile + " loaded"); + String ocspAccessCertificateFile = this.getConfigurationParameter(ConfigurationParameter.OcspAccessCertificateFile); return ocspAccessCertificateFile == null ? "" : ocspAccessCertificateFile; } @@ -294,13 +230,11 @@ public String getOCSPAccessCertificateFileName() { * @return password */ public char[] getOCSPAccessCertificatePassword() { - logger.debug("Loading OCSPAccessCertificatePassword"); char[] result = {}; - String password = getConfigurationParameter("OCSPAccessCertificatePassword"); - if (isNotEmpty(password)) { + String password = this.getConfigurationParameter(ConfigurationParameter.OcspAccessCertificatePassword); + if (StringUtils.isNotEmpty(password)) { result = password.toCharArray(); } - logger.debug("OCSPAccessCertificatePassword loaded"); return result; } @@ -310,8 +244,7 @@ public char[] getOCSPAccessCertificatePassword() { * @return password */ public String getOCSPAccessCertificatePasswordAsString() { - logger.debug("Loading OCSPAccessCertificatePassword"); - return getConfigurationParameter("OCSPAccessCertificatePassword"); + return this.getConfigurationParameter(ConfigurationParameter.OcspAccessCertificatePassword); } /** @@ -320,10 +253,8 @@ public String getOCSPAccessCertificatePasswordAsString() { * @param fileName filename for the OCSP access certficate */ public void setOCSPAccessCertificateFileName(String fileName) { - logger.debug("Setting OCSPAccessCertificateFileName: " + fileName); - setConfigurationParameter("OCSPAccessCertificateFile", fileName); - jDigiDocConfiguration.put(OCSP_PKCS_12_CONTAINER, fileName); - logger.debug("OCSPAccessCertificateFile is set"); + this.setConfigurationParameter(ConfigurationParameter.OcspAccessCertificateFile, fileName); + this.setJDigiDocParameter(Constant.JDigiDoc.OCSP_PKCS_12_CONTAINER, fileName); } /** @@ -332,11 +263,9 @@ public void setOCSPAccessCertificateFileName(String fileName) { * @param password password to set */ public void setOCSPAccessCertificatePassword(char[] password) { - logger.debug("Setting OCSPAccessCertificatePassword: "); String value = String.valueOf(password); - setConfigurationParameter("OCSPAccessCertificatePassword", value); - jDigiDocConfiguration.put(OCSP_PKCS_12_PASSWD, value); - logger.debug("OCSPAccessCertificatePassword is set"); + this.setConfigurationParameter(ConfigurationParameter.OcspAccessCertificatePassword, value); + this.setJDigiDocParameter(Constant.JDigiDoc.OCSP_PKCS_12_PASSWORD, value); } /** @@ -345,37 +274,9 @@ public void setOCSPAccessCertificatePassword(char[] password) { * @param shouldSignOcspRequests True if should sign, False otherwise */ public void setSignOCSPRequests(boolean shouldSignOcspRequests) { - logger.debug("Should sign OCSP requests: " + shouldSignOcspRequests); - String valueToSet = String.valueOf(shouldSignOcspRequests); - setConfigurationParameter(SIGN_OCSP_REQUESTS, valueToSet); - jDigiDocConfiguration.put(SIGN_OCSP_REQUESTS, valueToSet); - } - - /** - * Create new configuration - */ - public Configuration() { - mode = ("TEST".equalsIgnoreCase(System.getProperty("digidoc4j.mode")) ? Mode.TEST : Mode.PROD); - loadConfiguration("digidoc4j.yaml"); - - initDefaultValues(); - - logger.info("Configuration loaded for " + mode + " mode"); - } - - /** - * Create new configuration for application mode specified - * - * @param mode Application mode - */ - public Configuration(Mode mode) { - logger.debug("Mode: " + mode); - this.mode = mode; - loadConfiguration("digidoc4j.yaml"); - - initDefaultValues(); - - logger.info("Configuration loaded for " + mode + " mode"); + String value = String.valueOf(shouldSignOcspRequests); + this.setConfigurationParameter(ConfigurationParameter.SignOcspRequests, value); + this.setJDigiDocParameter(Constant.JDigiDoc.OCSP_SIGN_REQUESTS, value); } /** @@ -385,9 +286,8 @@ public Configuration(Mode mode) { * @return configuration hashtable */ public Hashtable loadConfiguration(InputStream stream) { - configurationInputSourceName = "stream"; - - return loadConfigurationSettings(stream); + this.configurationInputSourceName = "stream"; + return this.loadConfigurationSettings(stream); } /** @@ -397,13 +297,13 @@ public Hashtable loadConfiguration(InputStream stream) { * @return configuration hashtable */ public Hashtable loadConfiguration(String file) { - return loadConfiguration(file, true); + return this.loadConfiguration(file, true); } /** * Add configuration settings from a file * - * @param file File name + * @param file File name * @param isReloadFromYaml True if this is reloading call * @return configuration hashtable */ @@ -415,232 +315,28 @@ public Hashtable loadConfiguration(String file, boolean isReload logger.info("Loading configuration from file " + file); configurationInputSourceName = file; InputStream resourceAsStream = null; - try { resourceAsStream = new FileInputStream(file); } catch (FileNotFoundException e) { logger.info("Configuration file " + file + " not found. Trying to search from jar file."); } - if (resourceAsStream == null) { resourceAsStream = getResourceAsStream(file); } return loadConfigurationSettings(resourceAsStream); } - private Hashtable loadConfigurationSettings(InputStream stream) { - configurationFromFile = new LinkedHashMap(); - Yaml yaml = new Yaml(); - - try { - configurationFromFile = (LinkedHashMap) yaml.load(stream); - } catch (Exception e) { - ConfigurationException exception = new ConfigurationException("Configuration from " - + configurationInputSourceName + " is not correctly formatted"); - logger.error(exception.getMessage()); - throw exception; - } - - IOUtils.closeQuietly(stream); - - return mapToJDigiDocConfiguration(); - } - - private InputStream getResourceAsStream(String certFile) { - InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream(certFile); - if (resourceAsStream == null) { - String message = "File " + certFile + " not found in classpath."; - logger.error(message); - throw new ConfigurationException(message); - } - - return resourceAsStream; - } - /** * Returns configuration needed for JDigiDoc library. * * @return configuration values. */ public Hashtable getJDigiDocConfiguration() { - loadCertificateAuthoritiesAndCertificates(); - reportFileParseErrors(); - return jDigiDocConfiguration; - } - - /** - * Gives back all configuration parameters needed for jDigiDoc - * - * @return Hashtable containing jDigiDoc configuration parameters - */ - - private Hashtable mapToJDigiDocConfiguration() { - logger.debug("loading JDigiDoc configuration"); - - inputSourceParseErrors = new ArrayList<>(); - - loadInitialConfigurationValues(); - reportFileParseErrors(); - + this.loadCertificateAuthoritiesAndCertificates(); + this.reportFileParseErrors(); return jDigiDocConfiguration; } - private void loadCertificateAuthoritiesAndCertificates() { - logger.debug(""); - @SuppressWarnings("unchecked") - ArrayList digiDocCAs = (ArrayList) configurationFromFile.get("DIGIDOC_CAS"); - if (digiDocCAs == null) { - String errorMessage = "Empty or no DIGIDOC_CAS entry"; - logError(errorMessage); - return; - } - - int numberOfDigiDocCAs = digiDocCAs.size(); - jDigiDocConfiguration.put("DIGIDOC_CAS", String.valueOf(numberOfDigiDocCAs)); - for (int i = 0; i < numberOfDigiDocCAs; i++) { - String caPrefix = "DIGIDOC_CA_" + (i + 1); - LinkedHashMap digiDocCA = (LinkedHashMap) digiDocCAs.get(i).get("DIGIDOC_CA"); - if (digiDocCA == null) { - String errorMessage = "Empty or no DIGIDOC_CA for entry " + (i + 1); - logError(errorMessage); - } else { - loadCertificateAuthorityCerts(digiDocCA, caPrefix); - loadOCSPCertificates(digiDocCA, caPrefix); - } - } - } - - private void logError(String errorMessage) { - logger.error(errorMessage); - inputSourceParseErrors.add(errorMessage); - } - - private void reportFileParseErrors() { - logger.debug(""); - if (inputSourceParseErrors.size() > 0) { - StringBuilder errorMessage = new StringBuilder(); - errorMessage.append("Configuration from "); - errorMessage.append(configurationInputSourceName); - errorMessage.append(" contains error(s):\n"); - for (String message : inputSourceParseErrors) { - errorMessage.append(message); - } - throw new ConfigurationException(errorMessage.toString()); - } - } - - private void loadInitialConfigurationValues() { - logger.debug(""); - setJDigiDocConfigurationValue("DIGIDOC_SECURITY_PROVIDER", DEFAULT_SECURITY_PROVIDER); - setJDigiDocConfigurationValue("DIGIDOC_SECURITY_PROVIDER_NAME", DEFAULT_SECURITY_PROVIDER_NAME); - setJDigiDocConfigurationValue("KEY_USAGE_CHECK", DEFAULT_KEY_USAGE_CHECK); - setJDigiDocConfigurationValue("DIGIDOC_OCSP_SIGN_CERT_SERIAL", ""); - setJDigiDocConfigurationValue("DATAFILE_HASHCODE_MODE", DEFAULT_DATAFILE_HASHCODE_MODE); - setJDigiDocConfigurationValue("CANONICALIZATION_FACTORY_IMPL", DEFAULT_CANONICALIZATION_FACTORY_IMPLEMENTATION); - setJDigiDocConfigurationValue("DIGIDOC_MAX_DATAFILE_CACHED", DEFAULT_MAX_DATAFILE_CACHED); - setJDigiDocConfigurationValue("DIGIDOC_USE_LOCAL_TSL", DEFAULT_USE_LOCAL_TSL); - setJDigiDocConfigurationValue("DIGIDOC_NOTARY_IMPL", DEFAULT_NOTARY_IMPLEMENTATION); - setJDigiDocConfigurationValue("DIGIDOC_TSLFAC_IMPL", DEFAULT_TSL_FACTORY_IMPLEMENTATION); - setJDigiDocConfigurationValue("DIGIDOC_OCSP_RESPONDER_URL", getOcspSource()); - setJDigiDocConfigurationValue("DIGIDOC_FACTORY_IMPL", DEFAULT_FACTORY_IMPLEMENTATION); - setJDigiDocConfigurationValue("DIGIDOC_DF_CACHE_DIR", null); - - setConfigurationValue("TSL_LOCATION", "tslLocation"); - setConfigurationValue("TSP_SOURCE", "tspSource"); - setConfigurationValue("VALIDATION_POLICY", "validationPolicy"); - setConfigurationValue("OCSP_SOURCE", "ocspSource"); - setConfigurationValue(OCSP_PKCS_12_CONTAINER, "OCSPAccessCertificateFile"); - setConfigurationValue(OCSP_PKCS_12_PASSWD, "OCSPAccessCertificatePassword"); - setConfigurationValue("CONNECTION_TIMEOUT", "connectionTimeout"); - setConfigurationValue("SOCKET_TIMEOUT", "socketTimeout"); - setConfigurationValue(SIGN_OCSP_REQUESTS, SIGN_OCSP_REQUESTS); - setConfigurationValue("TSL_KEYSTORE_LOCATION", "tslKeyStoreLocation"); - setConfigurationValue("TSL_KEYSTORE_PASSWORD", "tslKeyStorePassword"); - setConfigurationValue("TSL_CACHE_EXPIRATION_TIME", "tslCacheExpirationTime"); - setConfigurationValue("REVOCATION_AND_TIMESTAMP_DELTA_IN_MINUTES", - "revocationAndTimestampDeltaInMinutes"); - setConfigurationValue("ALLOWED_TS_AND_OCSP_RESPONSE_DELTA_IN_MINUTES", - "allowedTimestampAndOCSPResponseDeltaInMinutes"); - setConfigurationValue("SIGNATURE_PROFILE", "signatureProfile"); - setConfigurationValue("SIGNATURE_DIGEST_ALGORITHM", "signatureDigestAlgoritm"); - - setJDigiDocConfigurationValue(SIGN_OCSP_REQUESTS, Boolean.toString(hasToBeOCSPRequestSigned())); - setJDigiDocConfigurationValue(OCSP_PKCS_12_CONTAINER, getOCSPAccessCertificateFileName()); - - initOcspAccessCertPasswordForJDigidoc(); - - httpProxyHost = getStringParams(HTTP_PROXY_HOST, "HTTP_PROXY_HOST"); - httpProxyPort = getIntegerParams(HTTP_PROXY_PORT, "HTTP_PROXY_PORT"); - httpsProxyHost = getStringParams(HTTPS_PROXY_HOST, "HTTPS_PROXY_HOST"); - httpsProxyPort = getIntegerParams(HTTPS_PROXY_PORT, "HTTPS_PROXY_PORT"); - - httpProxyUser = getParameterFromFile("HTTP_PROXY_USER"); - httpProxyPassword = getParameterFromFile("HTTP_PROXY_PASSWORD"); - - sslKeystoreType = getParameterFromFile("SSL_KEYSTORE_TYPE"); - sslTruststoreType = getParameterFromFile("SSL_TRUSTSTORE_TYPE"); - - sslKeystorePath = getStringParams(JAVAX_NET_SSL_KEY_STORE, "SSL_KEYSTORE_PATH"); - sslKeystorePassword = getStringParams(JAVAX_NET_SSL_KEY_STORE_PASSWORD, "SSL_KEYSTORE_PASSWORD"); - sslTruststorePath = getStringParams(JAVAX_NET_SSL_TRUST_STORE, "SSL_TRUSTSTORE_PATH"); - sslTruststorePassword = getStringParams(JAVAX_NET_SSL_TRUST_STORE_PASSWORD, "SSL_TRUSTSTORE_PASSWORD"); - - updateTrustedTerritories(); - } - - private void updateTrustedTerritories() { - List territories = getStringListParameterFromFile("TRUSTED_TERRITORIES"); - if (territories != null) { - trustedTerritories = territories; - } - } - - private String getParameterFromFile(String key) { - if (configurationFromFile == null) { - return null; - } - Object fileValue = configurationFromFile.get(key); - if (fileValue == null) { - return null; - } - String value = fileValue.toString(); - if (valueIsAllowed(key, value)) { - return value; - } - return null; - } - - private Integer getIntParameterFromFile(String key) { - String value = getParameterFromFile(key); - if (value == null) { - return null; - } - return new Integer(value); - } - - private List getStringListParameterFromFile(String key) { - String value = getParameterFromFile(key); - if (value == null) { - return null; - } - return Arrays.asList(value.split("\\s*,\\s*")); //Split by comma and trim whitespace - } - - private void setConfigurationValue(String fileKey, String configurationKey) { - if (configurationFromFile == null) return; - Object fileValue = configurationFromFile.get(fileKey); - if (fileValue != null) { - configuration.put(configurationKey, fileValue.toString()); - } - } - - private void setJDigiDocConfigurationValue(String key, String defaultValue) { - String value = defaultIfNull(key, defaultValue); - if (value != null) { - jDigiDocConfiguration.put(key, value); - } - } - /** * Enables big files support. Sets limit in MB when handling files are creating temporary file for streaming in * container creation and adding data files. @@ -692,13 +388,13 @@ public boolean storeDataFilesOnlyInMemory() { } /** - * Returns configuration item must be OCSP request signed. Reads it from configuration parameter SIGN_OCSP_REQUESTS. + * Returns configuration item must be OCSP request signed. Reads it from registry parameter SIGN_OCSP_REQUESTS. * Default value is false for {@link Configuration.Mode#PROD} and false for {@link Configuration.Mode#TEST} * * @return must be OCSP request signed */ public boolean hasToBeOCSPRequestSigned() { - String signOcspRequests = getConfigurationParameter(SIGN_OCSP_REQUESTS); + String signOcspRequests = getConfigurationParameter(ConfigurationParameter.SignOcspRequests); return StringUtils.equalsIgnoreCase("true", signOcspRequests); } @@ -711,7 +407,7 @@ public long getMaxDataFileCachedInMB() { String maxDataFileCached = jDigiDocConfiguration.get("DIGIDOC_MAX_DATAFILE_CACHED"); logger.debug("Maximum datafile cached in MB: " + maxDataFileCached); - if (maxDataFileCached == null) return CACHE_ALL_DATA_FILES; + if (maxDataFileCached == null) return Constant.CACHE_ALL_DATA_FILES; return Long.parseLong(maxDataFileCached); } @@ -722,183 +418,44 @@ public long getMaxDataFileCachedInMB() { */ public long getMaxDataFileCachedInBytes() { long maxDataFileCachedInMB = getMaxDataFileCachedInMB(); - if (maxDataFileCachedInMB == CACHE_ALL_DATA_FILES) { - return CACHE_ALL_DATA_FILES; + if (maxDataFileCachedInMB == Constant.CACHE_ALL_DATA_FILES) { + return Constant.CACHE_ALL_DATA_FILES; } else { - return (maxDataFileCachedInMB * ONE_MB_IN_BYTES); + return (maxDataFileCachedInMB * Constant.ONE_MB_IN_BYTES); } } - private String defaultIfNull(String configParameter, String defaultValue) { - logger.debug("Parameter: " + configParameter); - if (configurationFromFile == null) return defaultValue; - Object value = configurationFromFile.get(configParameter); - if (value != null) { - return valueIsAllowed(configParameter, value.toString()) ? value.toString() : ""; + /** + * Get TSL location. + * + * @return url + */ + public String getTslLocation() { + String urlString = getConfigurationParameter(ConfigurationParameter.TslLocation); + if (!Protocol.isFileUrl(urlString)) return urlString; + try { + String filePath = new URL(urlString).getPath(); + if (!new File(filePath).exists()) { + URL resource = getClass().getClassLoader().getResource(filePath); + if (resource != null) + urlString = resource.toString(); + } + } catch (MalformedURLException e) { + logger.warn(e.getMessage()); } - String configuredValue = jDigiDocConfiguration.get(configParameter); - return configuredValue != null ? configuredValue : defaultValue; + return urlString == null ? "" : urlString; } - private boolean valueIsAllowed(String configParameter, String value) { - logger.debug("Parameter: " + configParameter + ", value: " + value); - - List mustBeBooleans = - asList(SIGN_OCSP_REQUESTS, "KEY_USAGE_CHECK", "DATAFILE_HASHCODE_MODE", "DIGIDOC_USE_LOCAL_TSL"); - List mustBeIntegers = - asList("DIGIDOC_MAX_DATAFILE_CACHED", "HTTP_PROXY_PORT"); - - boolean errorFound = false; - if (mustBeBooleans.contains(configParameter)) { - errorFound = !(isValidBooleanParameter(configParameter, value)); - } + /** + * Set the TSL certificate source. + * + * @param certificateSource TSL certificate source + * When certificateSource equals null then getTSL() will load the TSL according to the TSL + * location specified . + */ - if (mustBeIntegers.contains(configParameter)) { - errorFound = !(isValidIntegerParameter(configParameter, value)) || errorFound; - } - return (!errorFound); - } - - private boolean isValidBooleanParameter(String configParameter, String value) { - if (!("true".equals(value.toLowerCase()) || "false".equals(value.toLowerCase()))) { - String errorMessage = "Configuration parameter " + configParameter + " should be set to true or false" - + " but the actual value is: " + value + "."; - logError(errorMessage); - return false; - } - return true; - } - - private boolean isValidIntegerParameter(String configParameter, String value) { - Integer parameterValue; - - try { - parameterValue = Integer.parseInt(value); - } catch (Exception e) { - String errorMessage = "Configuration parameter " + configParameter + " should have an integer value" - + " but the actual value is: " + value + "."; - logError(errorMessage); - return false; - } - - if (configParameter.equals("DIGIDOC_MAX_DATAFILE_CACHED") && parameterValue < -1) { - String errorMessage = "Configuration parameter " + configParameter + " should be greater or equal -1" - + " but the actual value is: " + value + "."; - logError(errorMessage); - return false; - } - - return true; - } - - private void loadOCSPCertificates(LinkedHashMap digiDocCA, String caPrefix) { - logger.debug(""); - String errorMessage; - - @SuppressWarnings("unchecked") - ArrayList ocsps = (ArrayList) digiDocCA.get("OCSPS"); - if (ocsps == null) { - errorMessage = "No OCSPS entry found or OCSPS entry is empty. Configuration from: " - + configurationInputSourceName; - logError(errorMessage); - return; - } - - int numberOfOCSPCertificates = ocsps.size(); - jDigiDocConfiguration.put(caPrefix + "_OCSPS", String.valueOf(numberOfOCSPCertificates)); - - for (int i = 1; i <= numberOfOCSPCertificates; i++) { - String prefix = caPrefix + "_OCSP" + i; - LinkedHashMap ocsp = ocsps.get(i - 1); - - List entries = asList("CA_CN", "CA_CERT", "CN", "URL"); - for (String entry : entries) { - if (!loadOCSPCertificateEntry(entry, ocsp, prefix)) { - errorMessage = "OCSPS list entry " + i + " does not have an entry for " + entry - + " or the entry is empty\n"; - logError(errorMessage); - } - } - - if (!getOCSPCertificates(prefix, ocsp)) { - errorMessage = "OCSPS list entry " + i + " does not have an entry for CERTS or the entry is empty\n"; - logError(errorMessage); - } - } - } - - private boolean loadOCSPCertificateEntry(String ocspsEntryName, LinkedHashMap ocsp, String prefix) { - Object ocspEntry = ocsp.get(ocspsEntryName); - if (ocspEntry == null) return false; - jDigiDocConfiguration.put(prefix + "_" + ocspsEntryName, ocspEntry.toString()); - return true; - } - - @SuppressWarnings("unchecked") - private boolean getOCSPCertificates(String prefix, LinkedHashMap ocsp) { - ArrayList certificates = (ArrayList) ocsp.get("CERTS"); - if (certificates == null) return false; - for (int j = 0; j < certificates.size(); j++) { - if (j == 0) { - jDigiDocConfiguration.put(prefix + "_CERT", certificates.get(0)); - } else { - jDigiDocConfiguration.put(prefix + "_CERT_" + j, certificates.get(j)); - } - } - return true; - } - - private void loadCertificateAuthorityCerts(LinkedHashMap digiDocCA, String caPrefix) { - logger.debug(""); - ArrayList certificateAuthorityCerts = getCACertsAsArray(digiDocCA); - - jDigiDocConfiguration.put(caPrefix + "_NAME", digiDocCA.get("NAME").toString()); - jDigiDocConfiguration.put(caPrefix + "_TRADENAME", digiDocCA.get("TRADENAME").toString()); - int numberOfCACertificates = certificateAuthorityCerts.size(); - jDigiDocConfiguration.put(caPrefix + "_CERTS", String.valueOf(numberOfCACertificates)); - - for (int i = 0; i < numberOfCACertificates; i++) { - String certFile = certificateAuthorityCerts.get(i); - jDigiDocConfiguration.put(caPrefix + "_CERT" + (i + 1), certFile); - } - } - - @SuppressWarnings("unchecked") - private ArrayList getCACertsAsArray(LinkedHashMap digiDocCa) { - return (ArrayList) digiDocCa.get("CERTS"); - } - - /** - * Get TSL location. - * - * @return url - */ - public String getTslLocation() { - String urlString = getConfigurationParameter("tslLocation"); - if (!Protocol.isFileUrl(urlString)) return urlString; - try { - String filePath = new URL(urlString).getPath(); - if (!new File(filePath).exists()) { - URL resource = getClass().getClassLoader().getResource(filePath); - if (resource != null) - urlString = resource.toString(); - } - } catch (MalformedURLException e) { - logger.warn(e.getMessage()); - } - return urlString == null ? "" : urlString; - } - - /** - * Set the TSL certificate source. - * - * @param certificateSource TSL certificate source - * When certificateSource equals null then getTSL() will load the TSL according to the TSL - * location specified . - */ - - public void setTSL(TSLCertificateSource certificateSource) { - tslManager.setTsl(certificateSource); + public void setTSL(TSLCertificateSource certificateSource) { + tslManager.setTsl(certificateSource); } /** @@ -933,9 +490,8 @@ public boolean shouldValidateTslSignature() { * @param tslLocation TSL Location to be used */ public void setTslLocation(String tslLocation) { - logger.debug("Set TSL location: " + tslLocation); - setConfigurationParameter("tslLocation", tslLocation); - tslManager.setTsl(null); + this.setConfigurationParameter(ConfigurationParameter.TslLocation, tslLocation); + this.tslManager.setTsl(null); } /** @@ -944,9 +500,7 @@ public void setTslLocation(String tslLocation) { * @return TSP Source */ public String getTspSource() { - String tspSource = getConfigurationParameter("tspSource"); - logger.debug("TSP Source: " + tspSource); - return tspSource; + return this.getConfigurationParameter(ConfigurationParameter.TspSource); } /** @@ -955,8 +509,7 @@ public String getTspSource() { * @param connectionTimeout connection timeout in milliseconds */ public void setConnectionTimeout(int connectionTimeout) { - logger.debug("Set connection timeout to " + connectionTimeout + " ms"); - setConfigurationParameter("connectionTimeout", String.valueOf(connectionTimeout)); + this.setConfigurationParameter(ConfigurationParameter.ConnectionTimeoutInMillis, String.valueOf(connectionTimeout)); } /** @@ -965,8 +518,7 @@ public void setConnectionTimeout(int connectionTimeout) { * @param socketTimeoutMilliseconds socket timeout in milliseconds */ public void setSocketTimeout(int socketTimeoutMilliseconds) { - logger.debug("Set socket timeout to " + socketTimeoutMilliseconds + " ms"); - setConfigurationParameter("socketTimeout", String.valueOf(socketTimeoutMilliseconds)); + this.setConfigurationParameter(ConfigurationParameter.SocketTimeoutInMillis, String.valueOf(socketTimeoutMilliseconds)); } /** @@ -975,7 +527,7 @@ public void setSocketTimeout(int socketTimeoutMilliseconds) { * @return connection timeout in milliseconds */ public int getConnectionTimeout() { - return Integer.parseInt(getConfigurationParameter("connectionTimeout")); + return this.getConfigurationParameter(ConfigurationParameter.ConnectionTimeoutInMillis, Integer.class); } /** @@ -984,7 +536,7 @@ public int getConnectionTimeout() { * @return socket timeout in milliseconds */ public int getSocketTimeout() { - return Integer.parseInt(getConfigurationParameter("socketTimeout")); + return this.getConfigurationParameter(ConfigurationParameter.SocketTimeoutInMillis, Integer.class); } /** @@ -993,8 +545,7 @@ public int getSocketTimeout() { * @param tspSource TSPSource to be used */ public void setTspSource(String tspSource) { - logger.debug("Set TSP source: " + tspSource); - setConfigurationParameter("tspSource", tspSource); + this.setConfigurationParameter(ConfigurationParameter.TspSource, tspSource); } /** @@ -1003,9 +554,7 @@ public void setTspSource(String tspSource) { * @return OCSP Source */ public String getOcspSource() { - String ocspSource = getConfigurationParameter("ocspSource"); - logger.debug("OCSP source: " + ocspSource); - return ocspSource; + return this.getConfigurationParameter(ConfigurationParameter.OcspSource); } /** @@ -1014,8 +563,7 @@ public String getOcspSource() { * @param tslKeyStoreLocation KeyStore location to use */ public void setTslKeyStoreLocation(String tslKeyStoreLocation) { - logger.debug("Set tsl KeyStore Location: " + tslKeyStoreLocation); - setConfigurationParameter("tslKeyStoreLocation", tslKeyStoreLocation); + this.setConfigurationParameter(ConfigurationParameter.TslKeyStoreLocation, tslKeyStoreLocation); } /** @@ -1024,9 +572,7 @@ public void setTslKeyStoreLocation(String tslKeyStoreLocation) { * @return KeyStore Location */ public String getTslKeyStoreLocation() { - String keystoreLocation = getConfigurationParameter("tslKeyStoreLocation"); - logger.debug("tsl KeyStore Location: " + keystoreLocation); - return keystoreLocation; + return this.getConfigurationParameter(ConfigurationParameter.TslKeyStoreLocation); } /** @@ -1035,8 +581,7 @@ public String getTslKeyStoreLocation() { * @param tslKeyStorePassword Keystore password */ public void setTslKeyStorePassword(String tslKeyStorePassword) { - logger.debug("Set tsl KeyStore Password: " + tslKeyStorePassword); - setConfigurationParameter("tslKeyStorePassword", tslKeyStorePassword); + this.setConfigurationParameter(ConfigurationParameter.TslKeyStorePassword, tslKeyStorePassword); } /** @@ -1045,9 +590,7 @@ public void setTslKeyStorePassword(String tslKeyStorePassword) { * @return Tsl Keystore password */ public String getTslKeyStorePassword() { - String keystorePassword = getConfigurationParameter("tslKeyStorePassword"); - logger.debug("tsl KeyStore Password: " + keystorePassword); - return keystorePassword; + return getConfigurationParameter(ConfigurationParameter.TslKeyStorePassword); } /** @@ -1058,8 +601,7 @@ public String getTslKeyStorePassword() { * @param cacheExpirationTimeInMilliseconds cache expiration time in milliseconds */ public void setTslCacheExpirationTime(long cacheExpirationTimeInMilliseconds) { - logger.debug("Setting TSL cache expiration time in milliseconds: " + cacheExpirationTimeInMilliseconds); - setConfigurationParameter("tslCacheExpirationTime", String.valueOf(cacheExpirationTimeInMilliseconds)); + this.setConfigurationParameter(ConfigurationParameter.TslCacheExpirationTimeInMillis, String.valueOf(cacheExpirationTimeInMilliseconds)); } /** @@ -1068,9 +610,7 @@ public void setTslCacheExpirationTime(long cacheExpirationTimeInMilliseconds) { * @return TSL cache expiration time in milliseconds. */ public long getTslCacheExpirationTime() { - String tslCacheExpirationTime = getConfigurationParameter("tslCacheExpirationTime"); - logger.debug("TSL cache expiration time in milliseconds: " + tslCacheExpirationTime); - return Long.parseLong(tslCacheExpirationTime); + return this.getConfigurationParameter(ConfigurationParameter.TslCacheExpirationTimeInMillis, Long.class); } /** @@ -1079,11 +619,7 @@ public long getTslCacheExpirationTime() { * @return Allowed delay between timestamp and OCSP response in minutes. */ public Integer getAllowedTimestampAndOCSPResponseDeltaInMinutes() { - String allowedTimestampAndOCSPResponseDeltaInMinutes = - getConfigurationParameter("allowedTimestampAndOCSPResponseDeltaInMinutes"); - logger.debug("Allowed delay between timestamp and OCSP response in minutes: " - + allowedTimestampAndOCSPResponseDeltaInMinutes); - return Integer.parseInt(allowedTimestampAndOCSPResponseDeltaInMinutes); + return this.getConfigurationParameter(ConfigurationParameter.AllowedTimestampAndOCSPResponseDeltaInMinutes, Integer.class); } /** @@ -1092,8 +628,7 @@ public Integer getAllowedTimestampAndOCSPResponseDeltaInMinutes() { * @param timeInMinutes Allowed delay between timestamp and OCSP response in minutes */ public void setAllowedTimestampAndOCSPResponseDeltaInMinutes(int timeInMinutes) { - logger.debug("Set allowed delay between timestamp and OCSP response in minutes: " + timeInMinutes); - setConfigurationParameter("allowedTimestampAndOCSPResponseDeltaInMinutes", String.valueOf(timeInMinutes)); + this.setConfigurationParameter(ConfigurationParameter.AllowedTimestampAndOCSPResponseDeltaInMinutes, String.valueOf(timeInMinutes)); } /** @@ -1102,8 +637,7 @@ public void setAllowedTimestampAndOCSPResponseDeltaInMinutes(int timeInMinutes) * @param ocspSource OCSP Source to be used */ public void setOcspSource(String ocspSource) { - logger.debug("Set OCSP source: " + ocspSource); - setConfigurationParameter("ocspSource", ocspSource); + this.setConfigurationParameter(ConfigurationParameter.OcspSource, ocspSource); } /** @@ -1112,9 +646,7 @@ public void setOcspSource(String ocspSource) { * @return Validation policy */ public String getValidationPolicy() { - String validationPolicy = getConfigurationParameter("validationPolicy"); - logger.debug("Validation policy: " + validationPolicy); - return validationPolicy; + return this.getConfigurationParameter(ConfigurationParameter.ValidationPolicy); } /** @@ -1123,8 +655,7 @@ public String getValidationPolicy() { * @param validationPolicy Policy to be used */ public void setValidationPolicy(String validationPolicy) { - logger.debug("Set validation policy: " + validationPolicy); - setConfigurationParameter("validationPolicy", validationPolicy); + this.setConfigurationParameter(ConfigurationParameter.ValidationPolicy, validationPolicy); } /** @@ -1133,9 +664,7 @@ public void setValidationPolicy(String validationPolicy) { * @return timestamp delta in minutes. */ public int getRevocationAndTimestampDeltaInMinutes() { - String timeDelta = getConfigurationParameter("revocationAndTimestampDeltaInMinutes"); - logger.debug("Revocation and timestamp delta in minutes: " + timeDelta); - return Integer.parseInt(timeDelta); + return this.getConfigurationParameter(ConfigurationParameter.RevocationAndTimestampDeltaInMinutes, Integer.class); } /** @@ -1144,8 +673,7 @@ public int getRevocationAndTimestampDeltaInMinutes() { * @param timeInMinutes delta in minutes. */ public void setRevocationAndTimestampDeltaInMinutes(int timeInMinutes) { - logger.debug("Set revocation and timestamp delta in minutes: " + timeInMinutes); - setConfigurationParameter("revocationAndTimestampDeltaInMinutes", String.valueOf(timeInMinutes)); + this.setConfigurationParameter(ConfigurationParameter.RevocationAndTimestampDeltaInMinutes, String.valueOf(timeInMinutes)); } /** @@ -1154,9 +682,7 @@ public void setRevocationAndTimestampDeltaInMinutes(int timeInMinutes) { * @return SignatureProfile. */ public SignatureProfile getSignatureProfile() { - String signatureProfile = getConfigurationParameter("signatureProfile"); - logger.debug("Signature profile: " + signatureProfile); - return SignatureProfile.findByProfile(signatureProfile); + return SignatureProfile.findByProfile(this.getConfigurationParameter(ConfigurationParameter.SignatureProfile)); } /** @@ -1165,37 +691,33 @@ public SignatureProfile getSignatureProfile() { * @return DigestAlgorithm. */ public DigestAlgorithm getSignatureDigestAlgorithm() { - String signatureDigestAlgorithm = getConfigurationParameter("signatureDigestAlgoritm"); - logger.debug("Signature digest algorithm: " + signatureDigestAlgorithm); - return DigestAlgorithm.findByAlgorithm(signatureDigestAlgorithm); + return DigestAlgorithm.findByAlgorithm(getConfigurationParameter(ConfigurationParameter.SignatureDigestAlgorithm)); } public String getHttpsProxyHost() { - return httpsProxyHost; + return this.getConfigurationParameter(ConfigurationParameter.HttpsProxyHost); } /** * Set HTTPS network proxy host. * - * @param httpsProxyHost - * https proxy host. + * @param httpsProxyHost https proxy host. */ public void setHttpsProxyHost(String httpsProxyHost) { - this.httpsProxyHost = httpsProxyHost; + this.setConfigurationParameter(ConfigurationParameter.HttpsProxyHost, httpsProxyHost); } public Integer getHttpsProxyPort() { - return httpsProxyPort; + return this.getConfigurationParameter(ConfigurationParameter.HttpsProxyPort, Integer.class); } /** * Set HTTPS network proxy port. * - * @param httpsProxyPort - * https proxy port. + * @param httpsProxyPort https proxy port. */ public void setHttpsProxyPort(int httpsProxyPort) { - this.httpsProxyPort = httpsProxyPort; + this.setConfigurationParameter(ConfigurationParameter.HttpsProxyPort, String.valueOf(httpsProxyPort)); } @@ -1205,7 +727,7 @@ public void setHttpsProxyPort(int httpsProxyPort) { * @return http proxy host. */ public String getHttpProxyHost() { - return httpProxyHost; + return this.getConfigurationParameter(ConfigurationParameter.HttpProxyHost); } /** @@ -1214,7 +736,7 @@ public String getHttpProxyHost() { * @param httpProxyHost http proxy host. */ public void setHttpProxyHost(String httpProxyHost) { - this.httpProxyHost = httpProxyHost; + this.setConfigurationParameter(ConfigurationParameter.HttpProxyHost, httpProxyHost); } /** @@ -1223,7 +745,7 @@ public void setHttpProxyHost(String httpProxyHost) { * @return http proxy port. */ public Integer getHttpProxyPort() { - return httpProxyPort; + return this.getConfigurationParameter(ConfigurationParameter.HttpProxyPort, Integer.class); } /** @@ -1232,7 +754,7 @@ public Integer getHttpProxyPort() { * @param httpProxyPort Port number. */ public void setHttpProxyPort(int httpProxyPort) { - this.httpProxyPort = httpProxyPort; + this.setConfigurationParameter(ConfigurationParameter.HttpProxyPort, String.valueOf(httpProxyPort)); } /** @@ -1241,7 +763,7 @@ public void setHttpProxyPort(int httpProxyPort) { * @param httpProxyUser username. */ public void setHttpProxyUser(String httpProxyUser) { - this.httpProxyUser = httpProxyUser; + this.setConfigurationParameter(ConfigurationParameter.HttpProxyUser, httpProxyUser); } /** @@ -1250,7 +772,7 @@ public void setHttpProxyUser(String httpProxyUser) { * @return http proxy user. */ public String getHttpProxyUser() { - return httpProxyUser; + return this.getConfigurationParameter(ConfigurationParameter.HttpProxyUser); } /** @@ -1259,7 +781,7 @@ public String getHttpProxyUser() { * @param httpProxyPassword password. */ public void setHttpProxyPassword(String httpProxyPassword) { - this.httpProxyPassword = httpProxyPassword; + this.setConfigurationParameter(ConfigurationParameter.HttpProxyPassword, httpProxyPassword); } /** @@ -1268,7 +790,7 @@ public void setHttpProxyPassword(String httpProxyPassword) { * @return http proxy password. */ public String getHttpProxyPassword() { - return httpProxyPassword; + return this.getConfigurationParameter(ConfigurationParameter.HttpProxyPassword); } /** @@ -1277,8 +799,23 @@ public String getHttpProxyPassword() { * @return True if network proxy is enabled, otherwise False. */ public boolean isNetworkProxyEnabled() { - return httpProxyPort != null && isNotBlank(httpProxyHost) - || httpsProxyPort != null && isNotBlank(httpsProxyHost); + return this.getConfigurationParameter(ConfigurationParameter.HttpProxyPort, Integer.class) != null && + StringUtils.isNotBlank(this.getConfigurationParameter(ConfigurationParameter.HttpProxyHost)) + || this.getConfigurationParameter(ConfigurationParameter.HttpsProxyPort, Integer.class) != null && + StringUtils.isNotBlank(this.getConfigurationParameter(ConfigurationParameter.HttpsProxyHost)); + } + + public boolean isProxyOfType(Protocol protocol) { + switch (protocol) { + case HTTP: + return this.getConfigurationParameter(ConfigurationParameter.HttpProxyPort, Integer.class) != null && + StringUtils.isNotBlank(this.getConfigurationParameter(ConfigurationParameter.HttpProxyHost)); + case HTTPS: + return this.getConfigurationParameter(ConfigurationParameter.HttpsProxyPort, Integer.class) != null && + StringUtils.isNotBlank(this.getConfigurationParameter(ConfigurationParameter.HttpsProxyHost)); + default: + throw new RuntimeException(String.format("Protocol <%s> not supported", protocol)); + } } /** @@ -1287,7 +824,7 @@ public boolean isNetworkProxyEnabled() { * @return True if SSL configuration is enabled, otherwise False. */ public boolean isSslConfigurationEnabled() { - return sslKeystorePath != null && isNotBlank(sslKeystorePath); + return StringUtils.isNotBlank(this.getConfigurationParameter(ConfigurationParameter.SslKeystorePath)); } /** @@ -1296,7 +833,7 @@ public boolean isSslConfigurationEnabled() { * @param sslKeystorePath path to a file */ public void setSslKeystorePath(String sslKeystorePath) { - this.sslKeystorePath = sslKeystorePath; + this.setConfigurationParameter(ConfigurationParameter.SslKeystorePath, sslKeystorePath); } /** @@ -1305,7 +842,7 @@ public void setSslKeystorePath(String sslKeystorePath) { * @return path to a file */ public String getSslKeystorePath() { - return sslKeystorePath; + return this.getConfigurationParameter(ConfigurationParameter.SslKeystorePath); } /** @@ -1314,7 +851,7 @@ public String getSslKeystorePath() { * @param sslKeystoreType type. */ public void setSslKeystoreType(String sslKeystoreType) { - this.sslKeystoreType = sslKeystoreType; + this.setConfigurationParameter(ConfigurationParameter.SslKeystoreType, sslKeystoreType); } /** @@ -1323,7 +860,7 @@ public void setSslKeystoreType(String sslKeystoreType) { * @return type. */ public String getSslKeystoreType() { - return sslKeystoreType; + return this.getConfigurationParameter(ConfigurationParameter.SslKeystoreType); } /** @@ -1332,7 +869,7 @@ public String getSslKeystoreType() { * @param sslKeystorePassword password. */ public void setSslKeystorePassword(String sslKeystorePassword) { - this.sslKeystorePassword = sslKeystorePassword; + this.setConfigurationParameter(ConfigurationParameter.SslKeystorePassword, sslKeystorePassword); } /** @@ -1341,7 +878,7 @@ public void setSslKeystorePassword(String sslKeystorePassword) { * @return password. */ public String getSslKeystorePassword() { - return sslKeystorePassword; + return this.getConfigurationParameter(ConfigurationParameter.SslKeystorePassword); } /** @@ -1350,7 +887,7 @@ public String getSslKeystorePassword() { * @param sslTruststorePath path to a file. */ public void setSslTruststorePath(String sslTruststorePath) { - this.sslTruststorePath = sslTruststorePath; + this.setConfigurationParameter(ConfigurationParameter.SslTruststorePath, sslTruststorePath); } /** @@ -1359,7 +896,7 @@ public void setSslTruststorePath(String sslTruststorePath) { * @return path to a file. */ public String getSslTruststorePath() { - return sslTruststorePath; + return this.getConfigurationParameter(ConfigurationParameter.SslTruststorePath); } /** @@ -1368,7 +905,7 @@ public String getSslTruststorePath() { * @param sslTruststoreType type. */ public void setSslTruststoreType(String sslTruststoreType) { - this.sslTruststoreType = sslTruststoreType; + this.setConfigurationParameter(ConfigurationParameter.SslTruststoreType, sslTruststoreType); } /** @@ -1377,7 +914,7 @@ public void setSslTruststoreType(String sslTruststoreType) { * @return type. */ public String getSslTruststoreType() { - return sslTruststoreType; + return this.getConfigurationParameter(ConfigurationParameter.SslTruststoreType); } /** @@ -1386,7 +923,7 @@ public String getSslTruststoreType() { * @param sslTruststorePassword password. */ public void setSslTruststorePassword(String sslTruststorePassword) { - this.sslTruststorePassword = sslTruststorePassword; + this.setConfigurationParameter(ConfigurationParameter.SslTruststorePassword, sslTruststorePassword); } /** @@ -1395,7 +932,7 @@ public void setSslTruststorePassword(String sslTruststorePassword) { * @return password. */ public String getSslTruststorePassword() { - return sslTruststorePassword; + return this.getConfigurationParameter(ConfigurationParameter.SslTruststorePassword); } /** @@ -1441,24 +978,12 @@ public List getTrustedTerritories() { return trustedTerritories; } - private void setConfigurationParameter(String key, String value) { - logger.debug("Key: " + key + ", value: " + value); - configuration.put(key, value); - } - - private String getConfigurationParameter(String key) { - logger.debug("Key: " + key); - String value = configuration.get(key); - logger.debug("Value: " + value); - return value; - } - /** * @return true when configuration is Configuration.Mode.TEST * @see Configuration.Mode#TEST */ public boolean isTest() { - boolean isTest = mode == Mode.TEST; + boolean isTest = Mode.TEST.equals(this.mode); logger.debug("Is test: " + isTest); return isTest; } @@ -1492,55 +1017,423 @@ public Configuration copy() { return copyConfiguration; } - private void initOcspAccessCertPasswordForJDigidoc() { - char[] ocspAccessCertificatePassword = getOCSPAccessCertificatePassword(); - if (ocspAccessCertificatePassword != null && ocspAccessCertificatePassword.length > 0) { - setJDigiDocConfigurationValue(OCSP_PKCS_12_PASSWD, String.valueOf(ocspAccessCertificatePassword)); + /* + * RESTRICTED METHODS + */ + + protected ConfigurationRegistry getRegistry() { + return this.registry; + } + + private void initDefaultValues() { + logger.debug("------------------------ DEFAULTS ------------------------"); + this.tslManager = new TslManager(this); + this.setConfigurationParameter(ConfigurationParameter.ConnectionTimeoutInMillis, String.valueOf(Constant.ONE_SECOND_IN_MILLISECONDS)); + this.setConfigurationParameter(ConfigurationParameter.SocketTimeoutInMillis, String.valueOf(Constant.ONE_SECOND_IN_MILLISECONDS)); + this.setConfigurationParameter(ConfigurationParameter.TslKeyStorePassword, "digidoc4j-password"); + this.setConfigurationParameter(ConfigurationParameter.RevocationAndTimestampDeltaInMinutes, String.valueOf(Constant.ONE_DAY_IN_MINUTES)); + this.setConfigurationParameter(ConfigurationParameter.TslCacheExpirationTimeInMillis, String.valueOf(Constant.ONE_DAY_IN_MILLISECONDS)); + this.setConfigurationParameter(ConfigurationParameter.AllowedTimestampAndOCSPResponseDeltaInMinutes, "15"); + this.setConfigurationParameter(ConfigurationParameter.SignatureProfile, Constant.Default.SIGNATURE_PROFILE); + this.setConfigurationParameter(ConfigurationParameter.SignatureDigestAlgorithm, Constant.Default.SIGNATURE_DIGEST_ALGORITHM); + if (Mode.TEST.equals(this.mode)) { + this.setConfigurationParameter(ConfigurationParameter.TspSource, Constant.Test.TSP_SOURCE); + this.setConfigurationParameter(ConfigurationParameter.TslLocation, Constant.Test.TSL_LOCATION); + this.setConfigurationParameter(ConfigurationParameter.TslKeyStoreLocation, Constant.Test.TSL_KEYSTORE_LOCATION); + this.setConfigurationParameter(ConfigurationParameter.ValidationPolicy, Constant.Test.VALIDATION_POLICY); + this.setConfigurationParameter(ConfigurationParameter.OcspSource, Constant.Test.OCSP_SOURCE); + this.setConfigurationParameter(ConfigurationParameter.SignOcspRequests, "false"); + this.setJDigiDocParameter("SIGN_OCSP_REQUESTS", "false"); + } else { + this.setConfigurationParameter(ConfigurationParameter.TspSource, Constant.Production.TSP_SOURCE); + this.setConfigurationParameter(ConfigurationParameter.TslLocation, Constant.Production.TSL_LOCATION); + this.setConfigurationParameter(ConfigurationParameter.TslKeyStoreLocation, Constant.Production.TSL_KEYSTORE_LOCATION); + this.setConfigurationParameter(ConfigurationParameter.ValidationPolicy, Constant.Production.VALIDATION_POLICY); + this.setConfigurationParameter(ConfigurationParameter.OcspSource, Constant.Production.OCSP_SOURCE); + this.setConfigurationParameter(ConfigurationParameter.SignOcspRequests, "false"); + this.trustedTerritories = Constant.Production.DEFAULT_TRUESTED_TERRITORIES; + this.setJDigiDocParameter("SIGN_OCSP_REQUESTS", "false"); + } + logger.debug("{} configuration: {}", this.mode, this.registry); + this.loadInitialConfigurationValues(); + } + + private void loadInitialConfigurationValues() { + logger.debug("------------------------ LOADING INITIAL CONFIGURATION ------------------------"); + this.setJDigiDocConfigurationValue("DIGIDOC_SECURITY_PROVIDER", Constant.JDigiDoc.SECURITY_PROVIDER); + this.setJDigiDocConfigurationValue("DIGIDOC_SECURITY_PROVIDER_NAME", Constant.JDigiDoc.SECURITY_PROVIDER_NAME); + this.setJDigiDocConfigurationValue("KEY_USAGE_CHECK", Constant.JDigiDoc.KEY_USAGE_CHECK); + this.setJDigiDocConfigurationValue("DIGIDOC_OCSP_SIGN_CERT_SERIAL", ""); + this.setJDigiDocConfigurationValue("DATAFILE_HASHCODE_MODE", "false"); + this.setJDigiDocConfigurationValue("CANONICALIZATION_FACTORY_IMPL", Constant.JDigiDoc.CANONICALIZATION_FACTORY_IMPLEMENTATION); + this.setJDigiDocConfigurationValue("DIGIDOC_MAX_DATAFILE_CACHED", Constant.JDigiDoc.MAX_DATAFILE_CACHED); + this.setJDigiDocConfigurationValue("DIGIDOC_USE_LOCAL_TSL", Constant.JDigiDoc.USE_LOCAL_TSL); + this.setJDigiDocConfigurationValue("DIGIDOC_NOTARY_IMPL", Constant.JDigiDoc.NOTARY_IMPLEMENTATION); + this.setJDigiDocConfigurationValue("DIGIDOC_TSLFAC_IMPL", Constant.JDigiDoc.TSL_FACTORY_IMPLEMENTATION); + this.setJDigiDocConfigurationValue("DIGIDOC_OCSP_RESPONDER_URL", this.getOcspSource()); + this.setJDigiDocConfigurationValue("DIGIDOC_FACTORY_IMPL", Constant.JDigiDoc.FACTORY_IMPLEMENTATION); + this.setJDigiDocConfigurationValue("DIGIDOC_DF_CACHE_DIR", null); + this.setConfigurationValue("TSL_LOCATION", ConfigurationParameter.TslLocation); + this.setConfigurationValue("TSP_SOURCE", ConfigurationParameter.TspSource); + this.setConfigurationValue("VALIDATION_POLICY", ConfigurationParameter.ValidationPolicy); + this.setConfigurationValue("OCSP_SOURCE", ConfigurationParameter.OcspSource); + this.setConfigurationValue("DIGIDOC_PKCS12_CONTAINER", ConfigurationParameter.OcspAccessCertificateFile); + this.setConfigurationValue("DIGIDOC_PKCS12_PASSWD", ConfigurationParameter.OcspAccessCertificatePassword); + this.setConfigurationValue("CONNECTION_TIMEOUT", ConfigurationParameter.ConnectionTimeoutInMillis); + this.setConfigurationValue("SOCKET_TIMEOUT", ConfigurationParameter.SocketTimeoutInMillis); + this.setConfigurationValue("SIGN_OCSP_REQUESTS", ConfigurationParameter.SignOcspRequests); + this.setConfigurationValue("TSL_KEYSTORE_LOCATION", ConfigurationParameter.TslKeyStoreLocation); + this.setConfigurationValue("TSL_KEYSTORE_PASSWORD", ConfigurationParameter.TslKeyStorePassword); + this.setConfigurationValue("TSL_CACHE_EXPIRATION_TIME", ConfigurationParameter.TslCacheExpirationTimeInMillis); + this.setConfigurationValue("REVOCATION_AND_TIMESTAMP_DELTA_IN_MINUTES", ConfigurationParameter.RevocationAndTimestampDeltaInMinutes); + this.setConfigurationValue("ALLOWED_TS_AND_OCSP_RESPONSE_DELTA_IN_MINUTES", ConfigurationParameter.AllowedTimestampAndOCSPResponseDeltaInMinutes); + this.setConfigurationValue("SIGNATURE_PROFILE", ConfigurationParameter.SignatureProfile); + this.setConfigurationValue("SIGNATURE_DIGEST_ALGORITHM", ConfigurationParameter.SignatureDigestAlgorithm); + this.setJDigiDocConfigurationValue("SIGN_OCSP_REQUESTS", Boolean.toString(this.hasToBeOCSPRequestSigned())); + this.setJDigiDocConfigurationValue("DIGIDOC_PKCS12_CONTAINER", this.getOCSPAccessCertificateFileName()); + this.initOcspAccessCertPasswordForJDigidoc(); + this.setConfigurationParameter(ConfigurationParameter.HttpProxyHost, this.getParameter(Constant.System.HTTP_PROXY_HOST, "HTTP_PROXY_HOST")); + this.setConfigurationParameter(ConfigurationParameter.HttpProxyPort, this.getParameter(Constant.System.HTTP_PROXY_PORT, "HTTP_PROXY_PORT")); + this.setConfigurationParameter(ConfigurationParameter.HttpsProxyHost, this.getParameter(Constant.System.HTTPS_PROXY_HOST, "HTTPS_PROXY_HOST")); + this.setConfigurationParameter(ConfigurationParameter.HttpsProxyPort, this.getParameter(Constant.System.HTTPS_PROXY_PORT, "HTTPS_PROXY_PORT")); + this.setConfigurationParameter(ConfigurationParameter.HttpProxyUser, this.getParameterFromFile("HTTP_PROXY_USER")); + this.setConfigurationParameter(ConfigurationParameter.HttpProxyPassword, this.getParameterFromFile("HTTP_PROXY_PASSWORD")); + this.setConfigurationParameter(ConfigurationParameter.SslKeystoreType, this.getParameterFromFile("SSL_KEYSTORE_TYPE")); + this.setConfigurationParameter(ConfigurationParameter.SslTruststoreType, this.getParameterFromFile("SSL_TRUSTSTORE_TYPE")); + this.setConfigurationParameter(ConfigurationParameter.SslKeystorePath, this.getParameter(Constant.System.JAVAX_NET_SSL_KEY_STORE, "SSL_KEYSTORE_PATH")); + this.setConfigurationParameter(ConfigurationParameter.SslKeystorePassword, this.getParameter(Constant.System.JAVAX_NET_SSL_KEY_STORE_PASSWORD, "SSL_KEYSTORE_PASSWORD")); + this.setConfigurationParameter(ConfigurationParameter.SslTruststorePath, this.getParameter(Constant.System.JAVAX_NET_SSL_TRUST_STORE, "SSL_TRUSTSTORE_PATH")); + this.setConfigurationParameter(ConfigurationParameter.SslTruststorePassword, this.getParameter(Constant.System.JAVAX_NET_SSL_TRUST_STORE_PASSWORD, "SSL_TRUSTSTORE_PASSWORD")); + this.updateTrustedTerritories(); + } + + private Hashtable loadConfigurationSettings(InputStream stream) { + configurationFromFile = new LinkedHashMap(); + Yaml yaml = new Yaml(); + try { + configurationFromFile = (LinkedHashMap) yaml.load(stream); + } catch (Exception e) { + ConfigurationException exception = new ConfigurationException("Configuration from " + + configurationInputSourceName + " is not correctly formatted"); + logger.error(exception.getMessage()); + throw exception; + } + IOUtils.closeQuietly(stream); + return mapToJDigiDocConfiguration(); + } + + private InputStream getResourceAsStream(String certFile) { + InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream(certFile); + if (resourceAsStream == null) { + String message = "File " + certFile + " not found in classpath."; + logger.error(message); + throw new ConfigurationException(message); + } + return resourceAsStream; + } + + private String defaultIfNull(String configParameter, String defaultValue) { + logger.debug("Parameter: " + configParameter); + if (configurationFromFile == null) return defaultValue; + Object value = configurationFromFile.get(configParameter); + if (value != null) { + return valueIsAllowed(configParameter, value.toString()) ? value.toString() : ""; + } + String configuredValue = jDigiDocConfiguration.get(configParameter); + return configuredValue != null ? configuredValue : defaultValue; + } + + private boolean valueIsAllowed(String configParameter, String value) { + List mustBeBooleans = Arrays.asList("SIGN_OCSP_REQUESTS", "KEY_USAGE_CHECK", "DATAFILE_HASHCODE_MODE", "DIGIDOC_USE_LOCAL_TSL"); + List mustBeIntegers = Arrays.asList("DIGIDOC_MAX_DATAFILE_CACHED", "HTTP_PROXY_PORT"); + boolean errorFound = false; + if (mustBeBooleans.contains(configParameter)) { + errorFound = !(isValidBooleanParameter(configParameter, value)); + } + if (mustBeIntegers.contains(configParameter)) { + errorFound = !(isValidIntegerParameter(configParameter, value)) || errorFound; + } + return (!errorFound); + } + + private boolean isValidBooleanParameter(String configParameter, String value) { + if (!("true".equals(value.toLowerCase()) || "false".equals(value.toLowerCase()))) { + String errorMessage = "Configuration parameter " + configParameter + " should be set to true or false" + + " but the actual value is: " + value + "."; + logError(errorMessage); + return false; + } + return true; + } + + private boolean isValidIntegerParameter(String configParameter, String value) { + Integer parameterValue; + try { + parameterValue = Integer.parseInt(value); + } catch (Exception e) { + String errorMessage = "Configuration parameter " + configParameter + " should have an integer value" + + " but the actual value is: " + value + "."; + logError(errorMessage); + return false; + } + if (configParameter.equals("DIGIDOC_MAX_DATAFILE_CACHED") && parameterValue < -1) { + String errorMessage = "Configuration parameter " + configParameter + " should be greater or equal -1" + + " but the actual value is: " + value + "."; + logError(errorMessage); + return false; + } + return true; + } + + private void loadOCSPCertificates(LinkedHashMap digiDocCA, String caPrefix) { + logger.debug(""); + String errorMessage; + @SuppressWarnings("unchecked") + ArrayList ocsps = (ArrayList) digiDocCA.get("OCSPS"); + if (ocsps == null) { + errorMessage = "No OCSPS entry found or OCSPS entry is empty. Configuration from: " + + configurationInputSourceName; + logError(errorMessage); + return; + } + int numberOfOCSPCertificates = ocsps.size(); + jDigiDocConfiguration.put(caPrefix + "_OCSPS", String.valueOf(numberOfOCSPCertificates)); + for (int i = 1; i <= numberOfOCSPCertificates; i++) { + String prefix = caPrefix + "_OCSP" + i; + LinkedHashMap ocsp = ocsps.get(i - 1); + List entries = asList("CA_CN", "CA_CERT", "CN", "URL"); + for (String entry : entries) { + if (!loadOCSPCertificateEntry(entry, ocsp, prefix)) { + errorMessage = "OCSPS list entry " + i + " does not have an entry for " + entry + + " or the entry is empty\n"; + logError(errorMessage); + } + } + if (!getOCSPCertificates(prefix, ocsp)) { + errorMessage = "OCSPS list entry " + i + " does not have an entry for CERTS or the entry is empty\n"; + logError(errorMessage); + } } } /** - * Get Integer value through JVM parameters or from configuration file - * - * @param sysParamKey jvm value key . - * @param fileKey file value key. + * Gives back all configuration parameters needed for jDigiDoc * - * @return Integer value from JVM parameters or from file + * @return Hashtable containing jDigiDoc configuration parameters */ - private Integer getIntegerParams(String sysParamKey, String fileKey) { - Integer valueFromJvm = System.getProperty(sysParamKey) != null - ? new Integer(System.getProperty(sysParamKey)) : null; - Integer valueFromFile = getIntParameterFromFile(fileKey); - addParamToLog(valueFromJvm, valueFromFile, sysParamKey, fileKey); - return valueFromJvm != null ? valueFromJvm : valueFromFile; + + private Hashtable mapToJDigiDocConfiguration() { + logger.debug("loading JDigiDoc configuration"); + inputSourceParseErrors = new ArrayList<>(); + loadInitialConfigurationValues(); + reportFileParseErrors(); + return jDigiDocConfiguration; + } + + private void loadCertificateAuthoritiesAndCertificates() { + logger.debug(""); + @SuppressWarnings("unchecked") + ArrayList digiDocCAs = (ArrayList) configurationFromFile.get("DIGIDOC_CAS"); + if (digiDocCAs == null) { + String errorMessage = "Empty or no DIGIDOC_CAS entry"; + logError(errorMessage); + return; + } + + int numberOfDigiDocCAs = digiDocCAs.size(); + jDigiDocConfiguration.put("DIGIDOC_CAS", String.valueOf(numberOfDigiDocCAs)); + for (int i = 0; i < numberOfDigiDocCAs; i++) { + String caPrefix = "DIGIDOC_CA_" + (i + 1); + LinkedHashMap digiDocCA = (LinkedHashMap) digiDocCAs.get(i).get("DIGIDOC_CA"); + if (digiDocCA == null) { + String errorMessage = "Empty or no DIGIDOC_CA for entry " + (i + 1); + logError(errorMessage); + } else { + loadCertificateAuthorityCerts(digiDocCA, caPrefix); + loadOCSPCertificates(digiDocCA, caPrefix); + } + } + } + + private void logError(String errorMessage) { + logger.error(errorMessage); + inputSourceParseErrors.add(errorMessage); + } + + private void reportFileParseErrors() { + logger.debug(""); + if (inputSourceParseErrors.size() > 0) { + StringBuilder errorMessage = new StringBuilder(); + errorMessage.append("Configuration from "); + errorMessage.append(configurationInputSourceName); + errorMessage.append(" contains error(s):\n"); + for (String message : inputSourceParseErrors) { + errorMessage.append(message); + } + throw new ConfigurationException(errorMessage.toString()); + } + } + + private void updateTrustedTerritories() { + List territories = getStringListParameterFromFile("TRUSTED_TERRITORIES"); + if (territories != null) { + trustedTerritories = territories; + } + } + + private String getParameterFromFile(String key) { + if (configurationFromFile == null) { + return null; + } + Object fileValue = configurationFromFile.get(key); + if (fileValue == null) { + return null; + } + String value = fileValue.toString(); + if (valueIsAllowed(key, value)) { + return value; + } + return null; + } + + private Integer getIntParameterFromFile(String key) { + String value = getParameterFromFile(key); + if (value == null) { + return null; + } + return new Integer(value); + } + + private List getStringListParameterFromFile(String key) { + String value = getParameterFromFile(key); + if (value == null) { + return null; + } + return Arrays.asList(value.split("\\s*,\\s*")); //Split by comma and trim whitespace + } + + private void setConfigurationValue(String fileKey, ConfigurationParameter parameter) { + if (this.configurationFromFile == null) { + return; + } + Object fileValue = this.configurationFromFile.get(fileKey); + if (fileValue != null) { + this.setConfigurationParameter(parameter, fileValue.toString()); + } + } + + private void setJDigiDocConfigurationValue(String key, String defaultValue) { + String value = defaultIfNull(key, defaultValue); + if (value != null) { + jDigiDocConfiguration.put(key, value); + } + } + + private boolean loadOCSPCertificateEntry(String ocspsEntryName, LinkedHashMap ocsp, String prefix) { + Object ocspEntry = ocsp.get(ocspsEntryName); + if (ocspEntry == null) return false; + jDigiDocConfiguration.put(prefix + "_" + ocspsEntryName, ocspEntry.toString()); + return true; + } + + @SuppressWarnings("unchecked") + private boolean getOCSPCertificates(String prefix, LinkedHashMap ocsp) { + ArrayList certificates = (ArrayList) ocsp.get("CERTS"); + if (certificates == null) { + return false; + } + for (int j = 0; j < certificates.size(); j++) { + if (j == 0) { + this.setJDigiDocParameter(String.format("%s_CERT", prefix), certificates.get(0)); + } else { + this.setJDigiDocParameter(String.format("%s_CERT_%s", prefix, j), certificates.get(j)); + } + } + return true; + } + + private void loadCertificateAuthorityCerts(LinkedHashMap digiDocCA, String caPrefix) { + logger.debug("Loading CA certificates"); + ArrayList certificateAuthorityCerts = this.getCACertsAsArray(digiDocCA); + this.setJDigiDocParameter(String.format("%s_NAME", caPrefix), digiDocCA.get("NAME").toString()); + this.setJDigiDocParameter(String.format("%s_TRADENAME", caPrefix), digiDocCA.get("TRADENAME").toString()); + int numberOfCACertificates = certificateAuthorityCerts.size(); + this.setJDigiDocParameter(String.format("%s_CERTS", caPrefix), String.valueOf(numberOfCACertificates)); + for (int i = 0; i < numberOfCACertificates; i++) { + this.setJDigiDocParameter(String.format("%s_CERT%s", caPrefix, i + 1), certificateAuthorityCerts.get(i)); + } + } + + @SuppressWarnings("unchecked") + private ArrayList getCACertsAsArray(LinkedHashMap digiDocCa) { + return (ArrayList) digiDocCa.get("CERTS"); + } + + private void setConfigurationParameter(ConfigurationParameter parameter, String value) { + if (StringUtils.isBlank(value)) { + logger.info("Parameter <{}> has blank value, hence will not be registered", parameter); + return; + } + logger.debug("Setting parameter <{}> to <{}>", parameter, value); + this.registry.put(parameter, value); + } + + private T getConfigurationParameter(ConfigurationParameter parameter, Class clazz) { + String value = this.getConfigurationParameter(parameter); + if (StringUtils.isNotBlank(value)) { + if (clazz.isAssignableFrom(Integer.class)) { + return (T) Integer.valueOf(value); + } else if (clazz.isAssignableFrom(Long.class)) { + return (T) Long.valueOf(value); + } + throw new RuntimeException(String.format("Type <%s> not supported", clazz.getSimpleName())); + } + return null; + } + + private String getConfigurationParameter(ConfigurationParameter parameter) { + if (!this.registry.containsKey(parameter)) { + logger.debug("Requested parameter <{}> not found", parameter); + return null; + } + String value = this.registry.get(parameter); + logger.debug("Requesting parameter <{}>. Returned value is <{}>", parameter, value); + return value; + } + + private void initOcspAccessCertPasswordForJDigidoc() { + char[] ocspAccessCertificatePassword = this.getOCSPAccessCertificatePassword(); + if (ocspAccessCertificatePassword != null && ocspAccessCertificatePassword.length > 0) { + this.setJDigiDocConfigurationValue(Constant.JDigiDoc.OCSP_PKCS_12_PASSWORD, String.valueOf(ocspAccessCertificatePassword)); + } } /** * Get String value through JVM parameters or from configuration file * - * @param sysParamKey jvm value key . - * @param fileKey file value key. - * + * @param systemKey jvm value key . + * @param fileKey file value key. * @return String value from JVM parameters or from file */ - private String getStringParams(String sysParamKey, String fileKey) { - String valueFromJvm = System.getProperty(sysParamKey); - String valueFromFile = getParameterFromFile(fileKey); - addParamToLog(valueFromJvm, valueFromFile, sysParamKey, fileKey); + private String getParameter(String systemKey, String fileKey) { + String valueFromJvm = System.getProperty(systemKey); + String valueFromFile = this.getParameterFromFile(fileKey); + this.log(valueFromJvm, valueFromFile, systemKey, fileKey); return valueFromJvm != null ? valueFromJvm : valueFromFile; } - private void addParamToLog(Object jvmParam, Object fileParam, - String sysParamKey, String fileKey) { + private void setJDigiDocParameter(String key, String value) { + logger.debug("Setting JDigiDoc parameter <{}> to <{}>", key, value); + this.jDigiDocConfiguration.put(key, value); + } + + private void log(Object jvmParam, Object fileParam, String sysParamKey, String fileKey) { if (jvmParam != null) { - logger.debug("In use param form JVM: key = " + sysParamKey + "; value = " - + jvmParam); + logger.debug(String.format("JVM parameter <%s> detected and applied with value <%s>", sysParamKey, jvmParam)); } if (jvmParam == null && fileParam != null) { - logger.debug("In use param form file: key = " + fileKey + "; value = " - + fileParam); + logger.debug(String.format("YAML file parameter <%s> detected and applied with value <%s>", fileKey, fileParam)); } } -} - +} \ No newline at end of file diff --git a/src/main/java/org/digidoc4j/ConfigurationParameter.java b/src/main/java/org/digidoc4j/ConfigurationParameter.java new file mode 100644 index 000000000..9f69813f9 --- /dev/null +++ b/src/main/java/org/digidoc4j/ConfigurationParameter.java @@ -0,0 +1,38 @@ +package org.digidoc4j; + +/** + * Created by Janar Rahumeel (CGI Estonia) + */ + +public enum ConfigurationParameter { + + ConnectionTimeoutInMillis, + SocketTimeoutInMillis, + TslCacheExpirationTimeInMillis, + TslKeyStorePassword, + RevocationAndTimestampDeltaInMinutes, + AllowedTimestampAndOCSPResponseDeltaInMinutes, + SignatureProfile, + SignatureDigestAlgorithm, + TspSource, + TslLocation, + TslKeyStoreLocation, + ValidationPolicy, + OcspSource, + OcspAccessCertificateFile, + OcspAccessCertificatePassword, + HttpProxyHost, + HttpProxyPort, + HttpsProxyHost, + HttpsProxyPort, + HttpProxyUser, + HttpProxyPassword, + SslKeystoreType, + SslTruststoreType, + SslKeystorePath, + SslKeystorePassword, + SslTruststorePath, + SslTruststorePassword, + SignOcspRequests + +} diff --git a/src/main/java/org/digidoc4j/ConfigurationRegistry.java b/src/main/java/org/digidoc4j/ConfigurationRegistry.java new file mode 100644 index 000000000..6f4125ef7 --- /dev/null +++ b/src/main/java/org/digidoc4j/ConfigurationRegistry.java @@ -0,0 +1,109 @@ +package org.digidoc4j; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.security.MessageDigest; +import java.util.HashMap; + +import org.apache.commons.codec.binary.Hex; +import org.apache.commons.lang3.StringUtils; +import org.digidoc4j.impl.asic.asice.bdoc.BDocContainer; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Offers registry for configuration parameters. + *

    + * Dedicated serialization and deserialization is provided to identify configuration changes when object is + * deserialized in different environment having other configuration setup. This is a workaround when no singleton + * {@link Configuration} object instance is used e.g. {@link BDocContainer} has embedded + * {@link Configuration} + *

    + * + * @author Janar Rahumeel (CGI Estonia) + */ + +public class ConfigurationRegistry extends HashMap { + + private static final Logger logger = LoggerFactory.getLogger(ConfigurationRegistry.class); + private static final long serialVersionUID = 7829136421415567565L; + private String sealValue = ""; + + protected String generateSealValue() { + return this.seal(); + } + + protected String getSealValue() { + return this.sealValue; + } + + private void writeObject(ObjectOutputStream stream) throws IOException { + for (ConfigurationParameter parameter : ConfigurationParameter.values()) { + String value; + if (this.containsKey(parameter)) { + value = String.format("%s|%s", parameter, this.get(parameter).replaceAll("[\\\\]*[\\|]", "\\\\|")); + } else { + value = String.format("%s", parameter); + } + logger.trace("Writing {}", value); + stream.writeUTF(value); + } + stream.writeUTF(this.generateSealValue()); + } + + private void readObject(ObjectInputStream stream) throws IOException, ClassNotFoundException { + for (int i = 0; i <= ConfigurationParameter.values().length; i++) { + try { + String token = stream.readUTF(); + try { + String[] s = StringUtils.split(token, "|"); + logger.trace("Reading {}", s[0]); + this.put(ConfigurationParameter.valueOf(s[0]), s[1].replaceAll("[\\\\]+[\\|]", "\\|")); + } catch (IndexOutOfBoundsException ignore) { + logger.trace("Ignoring, no value: {}", ignore.getMessage()); + } catch (IllegalArgumentException e) { + logger.debug("Seal <{}> found", token); + this.sealValue = token; + } + } catch (IOException ignore) { + if (logger.isDebugEnabled()) { + logger.warn("Error", ignore); + } else { + logger.warn("Error: {}", ignore.getMessage()); + } + } + } + this.checkCurrentConfiguration(); + } + + private void checkCurrentConfiguration() { + ConfigurationRegistry registry = Configuration.getInstance().getRegistry(); + String currentSealValue = registry.generateSealValue(); + if (logger.isDebugEnabled()) { + logger.debug("Seal {} {} {}", this.sealValue, this.sealValue.equals(currentSealValue) ? "==" : "!=", currentSealValue); + } + if (!this.sealValue.equals(currentSealValue)) { + logger.info("Overwriting deserialized registry with current one"); + this.clear(); + this.putAll(registry); + } + } + + private String seal() { + try { + return Hex.encodeHexString(MessageDigest.getInstance("MD5").digest(this.calculateToken().getBytes("UTF-8"))); + } catch (Exception e) { + throw new RuntimeException(e); + } + } + + private String calculateToken() { + StringBuilder sb = new StringBuilder(); + for (ConfigurationParameter parameter : ConfigurationParameter.values()) { + sb.append(String.format("%s", this.get(parameter))); + } + return sb.toString(); + } + +} diff --git a/src/main/java/org/digidoc4j/Constant.java b/src/main/java/org/digidoc4j/Constant.java new file mode 100644 index 000000000..bcc2c6c1e --- /dev/null +++ b/src/main/java/org/digidoc4j/Constant.java @@ -0,0 +1,89 @@ +package org.digidoc4j; + +import java.util.Arrays; +import java.util.List; + +/** + * Constants holder for system property names, default and environmental values. There is dedicated constant class for + * JDigiDoc properties and parameters to keep integration as apart as possible + * + * @author Janar Rahumeel (CGI Estonia) + */ + +public final class Constant { + + public static final int ONE_SECOND_IN_MILLISECONDS = 1000; + public static final int ONE_DAY_IN_MINUTES = 24 * 60; + public static final long ONE_DAY_IN_MILLISECONDS = 1000 * 60 * 60 * 24; + public static final long ONE_MB_IN_BYTES = 1048576; + public static final long CACHE_ALL_DATA_FILES = -1; + public static final long CACHE_NO_DATA_FILES = 0; + + public static final String BDOC_CONTAINER_TYPE = "BDOC"; + public static final String DDOC_CONTAINER_TYPE = "DDOC"; + public static final String ASICE_CONTAINER_TYPE = "ASICE"; + public static final String ASICS_CONTAINER_TYPE = "ASICS"; + public static final String PADES_CONTAINER_TYPE = "PADES"; + + public static class System { + + public static final String JAVAX_NET_SSL_TRUST_STORE_PASSWORD = "javax.net.ssl.trustStorePassword"; + public static final String JAVAX_NET_SSL_TRUST_STORE = "javax.net.ssl.trustStore"; + public static final String JAVAX_NET_SSL_KEY_STORE_PASSWORD = "javax.net.ssl.keyStorePassword"; + public static final String JAVAX_NET_SSL_KEY_STORE = "javax.net.ssl.keyStore"; + public static final String HTTPS_PROXY_PORT = "https.proxyPort"; + public static final String HTTPS_PROXY_HOST = "https.proxyHost"; + public static final String HTTP_PROXY_PORT = "http.proxyPort"; + public static final String HTTP_PROXY_HOST = "http.proxyHost"; + + } + + public static class Default { + + public static final String SIGNATURE_PROFILE = "LT"; + public static final String SIGNATURE_DIGEST_ALGORITHM = "SHA256"; + + } + + public static class Test { + + public static final String TSP_SOURCE = "http://demo.sk.ee/tsa"; + public static final String TSL_LOCATION = "https://open-eid.github.io/test-TL/tl-mp-test-EE.xml"; + public static final String TSL_KEYSTORE_LOCATION = "keystore/test-keystore.jks"; + public static final String VALIDATION_POLICY = "conf/test_constraint.xml"; + public static final String OCSP_SOURCE = "http://demo.sk.ee/ocsp"; + + } + + public static class Production { + + public static final String TSP_SOURCE = "http://tsa.sk.ee"; + public static final String TSL_LOCATION = "https://ec.europa.eu/information_society/policy/esignature/trusted-list/tl-mp.xml"; + public static final String TSL_KEYSTORE_LOCATION = "keystore/keystore.jks"; + public static final String VALIDATION_POLICY = "conf/constraint.xml"; + public static final String OCSP_SOURCE = "http://ocsp.sk.ee/"; + public static final List DEFAULT_TRUESTED_TERRITORIES = + Arrays.asList("AT", "BE", "BG", "CY", "CZ", /*"DE",*/ "DK", "EE", "ES", "FI", "FR", + "GR", "HU", /*"HR",*/ "IE", "IS", "IT", "LT", "LU", "LV", "LI", "MT", "NO", "NL", + "PL", "PT", "RO", "SE", "SI", "SK", "UK"); + + } + + public static class JDigiDoc { + + public static final String OCSP_PKCS_12_CONTAINER = "DIGIDOC_PKCS12_CONTAINER"; + public static final String OCSP_PKCS_12_PASSWORD = "DIGIDOC_PKCS12_PASSWD"; + public static final String OCSP_SIGN_REQUESTS = "SIGN_OCSP_REQUESTS"; + public static final String SECURITY_PROVIDER = "org.bouncycastle.jce.provider.BouncyCastleProvider"; + public static final String SECURITY_PROVIDER_NAME = "BC"; + public static final String CANONICALIZATION_FACTORY_IMPLEMENTATION = "ee.sk.digidoc.c14n.TinyXMLCanonicalizer"; + public static final String NOTARY_IMPLEMENTATION = "ee.sk.digidoc.factory.BouncyCastleNotaryFactory"; + public static final String TSL_FACTORY_IMPLEMENTATION = "ee.sk.digidoc.tsl.DigiDocTrustServiceFactory"; + public static final String FACTORY_IMPLEMENTATION = "ee.sk.digidoc.factory.SAXDigiDocFactory"; + public static final String MAX_DATAFILE_CACHED = "-1"; + public static final String USE_LOCAL_TSL = "true"; + public static final String KEY_USAGE_CHECK = "false"; + + } + +} diff --git a/src/org/digidoc4j/Container.java b/src/main/java/org/digidoc4j/Container.java similarity index 95% rename from src/org/digidoc4j/Container.java rename to src/main/java/org/digidoc4j/Container.java index 46c5f23a9..2d343e89e 100644 --- a/src/org/digidoc4j/Container.java +++ b/src/main/java/org/digidoc4j/Container.java @@ -150,6 +150,13 @@ public interface Container extends Serializable { */ ValidationResult validate(); + /** + * Adds timestamp token + * + * @param timeStampToken + */ + void setTimeStampToken(DataFile timeStampToken); + //Deprecated methods below /** @@ -165,9 +172,7 @@ public interface Container extends Serializable { /** * Document types - * @deprecated will be removed in the future. */ - @Deprecated enum DocumentType { /** * BDOC 2.1 container with mime-type "application/vnd.etsi.asic-e+zip" @@ -176,12 +181,26 @@ enum DocumentType { /** * DIGIDOC-XML 1.3 container */ - DDOC; + DDOC, + /** + * ASiCS container with mime-type "application/vnd.etsi.asic-s+zip" + */ + ASICS, + /** + * ASiCE container with mime-type "application/vnd.etsi.asic-e+zip" + */ + ASICE, + /** + * PADES container + */ + PADES; @Override public String toString() { - if (this == BDOC) + if (this == BDOC || this == ASICE) return MimeType.ASICE.getMimeTypeString(); + if (this == ASICS) + return MimeType.ASICS.getMimeTypeString(); return super.toString(); } } diff --git a/src/org/digidoc4j/ContainerBuilder.java b/src/main/java/org/digidoc4j/ContainerBuilder.java similarity index 75% rename from src/org/digidoc4j/ContainerBuilder.java rename to src/main/java/org/digidoc4j/ContainerBuilder.java index 1e4539c1a..1105b6ae2 100644 --- a/src/org/digidoc4j/ContainerBuilder.java +++ b/src/main/java/org/digidoc4j/ContainerBuilder.java @@ -18,15 +18,22 @@ import java.util.Map; import org.apache.commons.lang3.StringUtils; +import org.digidoc4j.exceptions.DigiDoc4JException; import org.digidoc4j.exceptions.InvalidDataFileException; import org.digidoc4j.exceptions.NotSupportedException; import org.digidoc4j.impl.CustomContainerBuilder; -import org.digidoc4j.impl.bdoc.BDocContainerBuilder; +import org.digidoc4j.impl.asic.asice.AsicEContainerBuilder; +import org.digidoc4j.impl.asic.asice.bdoc.BDocContainerBuilder; +import org.digidoc4j.impl.asic.asics.AsicSContainerBuilder; import org.digidoc4j.impl.ddoc.DDocContainerBuilder; +import org.digidoc4j.impl.pades.PadesContainerBuilder; +import org.digidoc4j.signers.TimestampToken; import org.digidoc4j.utils.Helper; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import eu.europa.esig.dss.DigestAlgorithm; + /** * Class for creating and opening containers. *

    @@ -38,6 +45,7 @@ *    {@link ContainerBuilder#withConfiguration(Configuration) withConfiguration(configuration)}. // Configuration settings
    *    {@link ContainerBuilder#withDataFile(String, String) withDataFile("testFiles/legal_contract_1.txt", "text/plain")}. // Adding a document from a hard drive
    *    {@link ContainerBuilder#withDataFile(InputStream, String, String) withDataFile(inputStream, "legal_contract_2.txt", "text/plain")}. // Adding a document from a stream
    + *    {@link ContainerBuilder#withTimeStampToken(DigestAlgorithm digestAlgorithm)}. // Adding timestamp token in case of ASICS
    *    {@link ContainerBuilder#build() build()};
    *

    *

    @@ -50,39 +58,46 @@ public abstract class ContainerBuilder { private static final Logger logger = LoggerFactory.getLogger(ContainerBuilder.class); - public static final String BDOC_CONTAINER_TYPE = "BDOC"; - public static final String DDOC_CONTAINER_TYPE = "DDOC"; protected static Map> containerImplementations = new HashMap<>(); protected Configuration configuration; protected List dataFiles = new ArrayList<>(); protected String containerFilePath; protected InputStream containerInputStream; + protected static String containerType; + private DataFile timeStampToken; /** * Create a new BDoc container builder. * - * @return builder for creating or opening a container. + * @return builder for creating or opening a BDOC(ASICE) container. */ public static ContainerBuilder aContainer() { - return aContainer(BDOC_CONTAINER_TYPE); + return aContainer(Constant.BDOC_CONTAINER_TYPE); } /** * Create a new container builder based on a container type. * - * @param containerType a type of container to be created, e.g. "BDOC" or "DDOC". + * @param containerType a type of container to be created, e.g. "BDOC(ASICE)" , "ASICS" or "DDOC". * * @return builder for creating a container. */ public static ContainerBuilder aContainer(String containerType) { + ContainerBuilder.containerType = containerType; if (isCustomContainerType(containerType)) { return new CustomContainerBuilder(containerType); } switch (containerType) { - case BDOC_CONTAINER_TYPE: + case Constant.BDOC_CONTAINER_TYPE: return new BDocContainerBuilder(); - case DDOC_CONTAINER_TYPE: + case Constant.DDOC_CONTAINER_TYPE: return new DDocContainerBuilder(); + case Constant.ASICS_CONTAINER_TYPE: + return new AsicSContainerBuilder(); + case Constant.ASICE_CONTAINER_TYPE: + return new AsicEContainerBuilder(); + case Constant.PADES_CONTAINER_TYPE: + return new PadesContainerBuilder(); } throw new NotSupportedException("Container type is not supported: " + containerType); } @@ -100,6 +115,9 @@ public Container build() { } Container container = createNewContainer(); addDataFilesToContainer(container); + if (timeStampToken != null){ + addTimeStampTokenToContainer(container); + } return container; } @@ -123,6 +141,10 @@ public ContainerBuilder withConfiguration(Configuration configuration) { * @throws InvalidDataFileException */ public ContainerBuilder withDataFile(String filePath, String mimeType) throws InvalidDataFileException { + if (Constant.ASICS_CONTAINER_TYPE.equals(ContainerBuilder.containerType) + && !dataFiles.isEmpty()){ + throw new DigiDoc4JException("Cannot add second file in case of ASICS container"); + } dataFiles.add(new ContainerDataFile(filePath, mimeType)); return this; } @@ -137,6 +159,10 @@ public ContainerBuilder withDataFile(String filePath, String mimeType) throws In * @throws InvalidDataFileException */ public ContainerBuilder withDataFile(InputStream inputStream, String fileName, String mimeType) throws InvalidDataFileException { + if (Constant.ASICS_CONTAINER_TYPE.equals(ContainerBuilder.containerType) + && !dataFiles.isEmpty()){ + throw new DigiDoc4JException("Cannot add second file in case of ASICS container"); + } dataFiles.add(new ContainerDataFile(inputStream, fileName, mimeType)); return this; } @@ -150,6 +176,10 @@ public ContainerBuilder withDataFile(InputStream inputStream, String fileName, S * @throws InvalidDataFileException */ public ContainerBuilder withDataFile(File file, String mimeType) throws InvalidDataFileException { + if (Constant.ASICS_CONTAINER_TYPE.equals(ContainerBuilder.containerType) + && !dataFiles.isEmpty()){ + throw new DigiDoc4JException("Cannot add second file in case of ASICS container"); + } dataFiles.add(new ContainerDataFile(file.getPath(), mimeType)); return this; } @@ -161,10 +191,25 @@ public ContainerBuilder withDataFile(File file, String mimeType) throws InvalidD * @return builder for creating or opening a container. */ public ContainerBuilder withDataFile(DataFile dataFile) { + if (Constant.ASICS_CONTAINER_TYPE.equals(ContainerBuilder.containerType) + && !dataFiles.isEmpty()){ + throw new DigiDoc4JException("Cannot add second file in case of ASICS container"); + } dataFiles.add(new ContainerDataFile(dataFile)); return this; } + /** + * Add time stamp token to container + * + * @param digestAlgorithm + * @return ContainerBuilder + */ + public ContainerBuilder withTimeStampToken(DigestAlgorithm digestAlgorithm){ + timeStampToken = TimestampToken.generateTimestampToken(digestAlgorithm, dataFiles, configuration); + return this; + } + /** * Open container from an existing file. * @@ -211,9 +256,21 @@ public static void removeCustomContainerImplementations() { protected abstract Container createNewContainer(); - protected abstract Container openContainerFromFile(); + protected Container openContainerFromFile() { + if (configuration == null) { + return ContainerOpener.open(containerFilePath); + } else { + return ContainerOpener.open(containerFilePath, configuration); + } + } - protected abstract Container openContainerFromStream(); + protected Container openContainerFromStream() { + if (configuration == null) { + boolean actAsBigFilesSupportEnabled = true; + return ContainerOpener.open(containerInputStream, actAsBigFilesSupportEnabled); + } + return ContainerOpener.open(containerInputStream, configuration); + } protected void addDataFilesToContainer(Container container) { for (ContainerDataFile file : dataFiles) { @@ -227,6 +284,10 @@ protected void addDataFilesToContainer(Container container) { } } + private void addTimeStampTokenToContainer(Container container) { + container.setTimeStampToken(timeStampToken); + } + protected boolean shouldOpenContainerFromFile() { return StringUtils.isNotBlank(containerFilePath); } @@ -241,13 +302,13 @@ private static boolean isCustomContainerType(String containerType) { return containerImplementations.containsKey(containerType); } - private class ContainerDataFile { + public class ContainerDataFile { - String filePath; + public String filePath; String mimeType; - InputStream inputStream; + public InputStream inputStream; DataFile dataFile; - boolean isStream; + public boolean isStream; public ContainerDataFile(String filePath, String mimeType) { this.filePath = filePath; @@ -265,7 +326,6 @@ public ContainerDataFile(InputStream inputStream, String filePath, String mimeTy validateFileName(); } - public ContainerDataFile(DataFile dataFile) { this.dataFile = dataFile; isStream = false; @@ -276,7 +336,7 @@ public boolean isDataFile() { } private void validateDataFile() { - if(StringUtils.isBlank(filePath)) { + if (StringUtils.isBlank(filePath)) { throw new InvalidDataFileException("File name/path cannot be empty"); } if (StringUtils.isBlank(mimeType)) { diff --git a/src/org/digidoc4j/ContainerOpener.java b/src/main/java/org/digidoc4j/ContainerOpener.java similarity index 80% rename from src/org/digidoc4j/ContainerOpener.java rename to src/main/java/org/digidoc4j/ContainerOpener.java index eb695d565..9280979fd 100644 --- a/src/org/digidoc4j/ContainerOpener.java +++ b/src/main/java/org/digidoc4j/ContainerOpener.java @@ -18,8 +18,10 @@ import org.apache.commons.io.IOUtils; import org.digidoc4j.exceptions.DigiDoc4JException; -import org.digidoc4j.impl.bdoc.ExistingBDocContainer; +import org.digidoc4j.impl.asic.asice.bdoc.BDocContainer; +import org.digidoc4j.impl.asic.asics.AsicSContainer; import org.digidoc4j.impl.ddoc.DDocOpener; +import org.digidoc4j.impl.pades.PadesContainer; import org.digidoc4j.utils.Helper; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -46,7 +48,9 @@ public class ContainerOpener { public static Container open(String path, Configuration configuration) throws DigiDoc4JException { logger.debug("Opening container from path: " + path); try { - if (Helper.isZipFile(new File(path))) { + if (Helper.isPdfFile(path)){ + return openPadesContainer(path, configuration); + } else if (Helper.isZipFile(new File(path))) { return openBDocContainer(path, configuration); } else { return new DDocOpener().open(path, configuration); @@ -89,8 +93,10 @@ public static Container open(InputStream stream, boolean actAsBigFilesSupportEna try { if (Helper.isZipFile(bufferedInputStream)) { - //TODO support big file support flag - return new ExistingBDocContainer(bufferedInputStream); + if (Helper.isAsicSContainer(bufferedInputStream)){ + return new AsicSContainer(bufferedInputStream); + } + return new BDocContainer(bufferedInputStream); } else { return new DDocOpener().open(bufferedInputStream); } @@ -116,7 +122,10 @@ public static Container open(InputStream stream, Configuration configuration) { try { if (Helper.isZipFile(bufferedInputStream)) { - return new ExistingBDocContainer(bufferedInputStream, configuration); + if (Helper.isAsicSContainer(bufferedInputStream)){ + return new AsicSContainer(bufferedInputStream, configuration); + } + return new BDocContainer(bufferedInputStream, configuration); } else { return new DDocOpener().open(bufferedInputStream, configuration); } @@ -130,6 +139,14 @@ public static Container open(InputStream stream, Configuration configuration) { private static Container openBDocContainer(String path, Configuration configuration) { configuration.loadConfiguration("digidoc4j.yaml", false); - return new ExistingBDocContainer(path, configuration); + if (Helper.isAsicSContainer(path)){ + return new AsicSContainer(path, configuration); + } + return new BDocContainer(path, configuration); + } + + private static Container openPadesContainer(String path, Configuration configuration) { + configuration.loadConfiguration("digidoc4j.yaml", false); + return new PadesContainer(path, configuration); } } diff --git a/src/org/digidoc4j/DataFile.java b/src/main/java/org/digidoc4j/DataFile.java similarity index 99% rename from src/org/digidoc4j/DataFile.java rename to src/main/java/org/digidoc4j/DataFile.java index 87ee194dd..f866fcb0e 100644 --- a/src/org/digidoc4j/DataFile.java +++ b/src/main/java/org/digidoc4j/DataFile.java @@ -24,10 +24,10 @@ import org.digidoc4j.exceptions.DigiDoc4JException; import org.digidoc4j.exceptions.InvalidDataFileException; import org.digidoc4j.exceptions.TechnicalException; +import org.digidoc4j.impl.StreamDocument; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.digidoc4j.impl.StreamDocument; import eu.europa.esig.dss.DSSDocument; import eu.europa.esig.dss.DSSException; import eu.europa.esig.dss.DSSUtils; @@ -99,7 +99,7 @@ protected DataFile(DSSDocument document) { this.document = document; } - protected DataFile() { + public DataFile() { } protected MimeType getMimeType(String mimeType) { @@ -293,7 +293,7 @@ public DSSDocument getDocument() { return document; } - protected void setDocument(DSSDocument document) { + public void setDocument(DSSDocument document) { this.document = document; } } diff --git a/src/org/digidoc4j/DataToSign.java b/src/main/java/org/digidoc4j/DataToSign.java similarity index 74% rename from src/org/digidoc4j/DataToSign.java rename to src/main/java/org/digidoc4j/DataToSign.java index e168dd2ad..ed2cc7a90 100644 --- a/src/org/digidoc4j/DataToSign.java +++ b/src/main/java/org/digidoc4j/DataToSign.java @@ -21,7 +21,8 @@ * Data to be signed externally (e.g. in the Web by a browser plugin). *

    *

    - * {@link DataToSign#getDigestToSign()} and {@link DataToSign#getDigestAlgorithm()} can be used to get the digest bytes to be signed and + * {@link DataToSign#getDataToSign()} and {@link DataToSign#getDigestAlgorithm()} can be used to get the data bytes to be signed + * (this is usually data derived from signature parameters - SignedInfo) and * digest algorithm (e.g. SHA-256, SHA-512 etc) used in signing. *

    *

    @@ -32,13 +33,20 @@ */ public class DataToSign implements Serializable { - private final static Logger logger = LoggerFactory.getLogger(DataToSign.class); - private byte[] digestToSign; + private static final Logger logger = LoggerFactory.getLogger(DataToSign.class); + private byte[] dataToSign; + private SignatureParameters signatureParameters; private SignatureFinalizer signatureFinalizer; - public DataToSign(byte[] digestToSign, SignatureParameters signatureParameters, SignatureFinalizer signatureFinalizer) { - this.digestToSign = digestToSign; + /** + * Constructor + * @param data Digest value of the data + * @param signatureParameters Signature parameters + * @param signatureFinalizer Signature finalizer + */ + public DataToSign(byte[] data, SignatureParameters signatureParameters, SignatureFinalizer signatureFinalizer) { + this.dataToSign = data; this.signatureParameters = signatureParameters; this.signatureFinalizer = signatureFinalizer; } @@ -61,10 +69,10 @@ public DigestAlgorithm getDigestAlgorithm() { /** * Data to be signed externally. - * @return digest bytes to be signed. + * @return data bytes to be signed. */ - public byte[] getDigestToSign() { - return digestToSign; + public byte[] getDataToSign() { + return dataToSign; } /** diff --git a/src/org/digidoc4j/DigestAlgorithm.java b/src/main/java/org/digidoc4j/DigestAlgorithm.java similarity index 100% rename from src/org/digidoc4j/DigestAlgorithm.java rename to src/main/java/org/digidoc4j/DigestAlgorithm.java index cf9cabf31..ffbcd37bf 100644 --- a/src/org/digidoc4j/DigestAlgorithm.java +++ b/src/main/java/org/digidoc4j/DigestAlgorithm.java @@ -10,11 +10,11 @@ package org.digidoc4j; -import org.digidoc4j.exceptions.DigiDoc4JException; - import java.net.MalformedURLException; import java.net.URL; +import org.digidoc4j.exceptions.DigiDoc4JException; + /** * Supported algorithms */ diff --git a/src/org/digidoc4j/EncryptionAlgorithm.java b/src/main/java/org/digidoc4j/EncryptionAlgorithm.java similarity index 100% rename from src/org/digidoc4j/EncryptionAlgorithm.java rename to src/main/java/org/digidoc4j/EncryptionAlgorithm.java diff --git a/src/org/digidoc4j/LargeDataFile.java b/src/main/java/org/digidoc4j/LargeDataFile.java similarity index 100% rename from src/org/digidoc4j/LargeDataFile.java rename to src/main/java/org/digidoc4j/LargeDataFile.java diff --git a/src/org/digidoc4j/Signature.java b/src/main/java/org/digidoc4j/Signature.java similarity index 98% rename from src/org/digidoc4j/Signature.java rename to src/main/java/org/digidoc4j/Signature.java index 9e3c5f5bf..69af86340 100644 --- a/src/org/digidoc4j/Signature.java +++ b/src/main/java/org/digidoc4j/Signature.java @@ -10,12 +10,12 @@ package org.digidoc4j; -import org.digidoc4j.exceptions.DigiDoc4JException; - import java.io.Serializable; import java.util.Date; import java.util.List; +import org.digidoc4j.exceptions.DigiDoc4JException; + /** * Signature interface. Provides an interface for handling a signature and the corresponding OCSP response properties. */ @@ -45,7 +45,7 @@ public interface Signature extends Serializable { /** * Returns the signature OCSP response nonce. *

    - * For a BDOC Signature it throws a NotYetImplementedException. + * For a sic Signature it throws a NotYetImplementedException. * * @return OCSP response nonce */ diff --git a/src/org/digidoc4j/SignatureBuilder.java b/src/main/java/org/digidoc4j/SignatureBuilder.java similarity index 97% rename from src/org/digidoc4j/SignatureBuilder.java rename to src/main/java/org/digidoc4j/SignatureBuilder.java index 232ef16a6..b2fbe2c60 100644 --- a/src/org/digidoc4j/SignatureBuilder.java +++ b/src/main/java/org/digidoc4j/SignatureBuilder.java @@ -11,8 +11,9 @@ package org.digidoc4j; import static java.util.Arrays.asList; -import static org.digidoc4j.ContainerBuilder.BDOC_CONTAINER_TYPE; -import static org.digidoc4j.ContainerBuilder.DDOC_CONTAINER_TYPE; +import static org.digidoc4j.Constant.ASICS_CONTAINER_TYPE; +import static org.digidoc4j.Constant.BDOC_CONTAINER_TYPE; +import static org.digidoc4j.Constant.DDOC_CONTAINER_TYPE; import java.io.Serializable; import java.security.cert.X509Certificate; @@ -25,7 +26,8 @@ import org.digidoc4j.exceptions.SignatureTokenMissingException; import org.digidoc4j.exceptions.SignerCertificateRequiredException; import org.digidoc4j.exceptions.TechnicalException; -import org.digidoc4j.impl.bdoc.BDocSignatureBuilder; +import org.digidoc4j.impl.asic.AsicSignatureBuilder; +import org.digidoc4j.impl.asic.asice.bdoc.BDocSignatureBuilder; import org.digidoc4j.impl.ddoc.DDocSignatureBuilder; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -85,6 +87,8 @@ private static SignatureBuilder createBuilder(Container container) { return createCustomSignatureBuilder(containerType); } else if (isContainerType(containerType, BDOC_CONTAINER_TYPE)) { return new BDocSignatureBuilder(); + } else if (isContainerType(containerType, ASICS_CONTAINER_TYPE)) { + return new AsicSignatureBuilder(); } else if (isContainerType(containerType, DDOC_CONTAINER_TYPE)) { return new DDocSignatureBuilder(); } else { diff --git a/src/org/digidoc4j/SignatureParameters.java b/src/main/java/org/digidoc4j/SignatureParameters.java similarity index 96% rename from src/org/digidoc4j/SignatureParameters.java rename to src/main/java/org/digidoc4j/SignatureParameters.java index 41ad06649..4ade2ab8a 100644 --- a/src/org/digidoc4j/SignatureParameters.java +++ b/src/main/java/org/digidoc4j/SignatureParameters.java @@ -10,16 +10,20 @@ package org.digidoc4j; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.io.Serializable; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.List; + import org.apache.commons.io.IOUtils; import org.digidoc4j.exceptions.DigiDoc4JException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import java.io.*; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.List; - /** * Signature parameters. Parameter information is used when signing a document. Following items can be specified: *