Red Hat Application Migration Toolkit
package ee.sk.digidoc.factory; import ee.sk.digidoc.DigiDocException; import ee.sk.digidoc.TokenKeyInfo; import ee.sk.digidoc.factory.SignatureFactory; import ee.sk.utils.ConfigManager; import ee.sk.utils.ConvertUtils; import java.io.FileInputStream; import java.security.Key; import java.security.KeyStore; import java.security.PrivateKey; import java.security.Provider; import java.security.Security; import java.security.Signature; import java.security.cert.X509Certificate; import java.util.Enumeration; import java.util.Vector; import javax.crypto.Cipher; import org.apache.log4j.Logger; public class Pkcs12SignatureFactory implements SignatureFactory { private KeyStore m_keyStore; private static Logger m_logger = Logger.getLogger(Pkcs12SignatureFactory.class); private Provider m_secProvider; public void init() throws DigiDocException { this.initProvider(); if(this.m_keyStore == null) { ConfigManager cfg = ConfigManager.instance(); String storeFile = cfg.getProperty("DIGIDOC_KEYSTORE_FILE"); String storeType = cfg.getProperty("DIGIDOC_KEYSTORE_TYPE"); String storePasswd = cfg.getProperty("DIGIDOC_KEYSTORE_PASSWD"); if(storeFile != null && storeType != null && storePasswd != null) { this.load(storeFile, storeType, storePasswd); } } } public boolean load(String storeName, String storeType, String passwd) throws DigiDocException { try { if(m_logger.isDebugEnabled()) { m_logger.debug("Load store: " + storeName + " type: " + storeType); } this.m_keyStore = KeyStore.getInstance(storeType); if(this.m_keyStore != null) { this.m_keyStore.load(new FileInputStream(storeName), passwd.toCharArray()); return true; } } catch (Exception var5) { m_logger.error("Error loading store: " + storeName + " - " + var5); } return false; } private void initProvider() throws DigiDocException { try { this.m_secProvider = (Provider)Class.forName(ConfigManager.instance().getProperty("DIGIDOC_SECURITY_PROVIDER")).newInstance(); Security.addProvider(this.m_secProvider); } catch (Exception var2) { this.m_secProvider = null; DigiDocException.handleException(var2, 58); } } public TokenKeyInfo[] getTokenKeys() throws DigiDocException { return null; } public TokenKeyInfo[] getTokensOfType(boolean bSign) { return null; } public String[] getAvailableTokenNames() throws DigiDocException { Vector vec = new Vector(); try { if(this.m_keyStore != null) { Enumeration arr = this.m_keyStore.aliases(); while(arr.hasMoreElements()) { String i = (String)arr.nextElement(); vec.add(i); } } } catch (Exception var4) { m_logger.error("Error reading store aliases: " + var4); } String[] var5 = new String[vec.size()]; for(int var6 = 0; vec != null && var6 < vec.size(); ++var6) { var5[var6] = (String)vec.elementAt(var6); } return var5; } private String getTokenName(int nIdx) { try { if(this.m_keyStore != null) { Enumeration ex = this.m_keyStore.aliases(); for(int i = 0; ex.hasMoreElements(); ++i) { String alias = (String)ex.nextElement(); if(i == nIdx) { return alias; } } } } catch (Exception var5) { m_logger.error("Error reading store aliases: " + var5); } return null; } public static Signature sigMeth2SigSignatureInstance(ee.sk.digidoc.Signature sig, Key key) throws DigiDocException { Signature instance = null; String sigMeth = null; String sigType = null; try { if(sig != null && sig.getSignedInfo() != null && sig.getSignedInfo().getSignatureMethod() != null) { sigMeth = sig.getSignedInfo().getSignatureMethod(); } ConfigManager.instance(); sigType = ConfigManager.sigMeth2SigType(sigMeth); if(m_logger.isDebugEnabled()) { m_logger.debug("Key: " + (key != null?"OK, algorithm: " + key.getAlgorithm():"NULL") + " method: " + sigMeth + " type: " + sigType); } if(sigType == null) { throw new DigiDocException(24, "SignatureMethod not specified!", (Throwable)null); } instance = Signature.getInstance(sigType, ConfigManager.addProvider()); } catch (Exception var6) { m_logger.error("Error constructing signature instance: " + var6); } return instance; } public byte[] sign(byte[] xml, int token, String passwd, ee.sk.digidoc.Signature sig) throws DigiDocException { try { if(this.m_keyStore == null) { throw new DigiDocException(16, "Keystore not initialized", (Throwable)null); } else { String ex = this.getTokenName(token); if(ex == null) { throw new DigiDocException(60, "Invalid token nr: " + token, (Throwable)null); } else { if(m_logger.isDebugEnabled()) { m_logger.debug("loading key: " + ex + " passwd-len: " + (passwd != null?passwd.length():0)); } Key key = this.m_keyStore.getKey(ex, passwd.toCharArray()); if(m_logger.isDebugEnabled()) { m_logger.debug("Key: " + (key != null?"OK, algorithm: " + key.getAlgorithm():"NULL")); } if(key == null) { throw new DigiDocException(60, "Invalid password for token nr: " + token, (Throwable)null); } else { String sigMeth = null; if(sig != null && sig.getSignedInfo() != null && sig.getSignedInfo().getSignatureMethod() != null) { sigMeth = sig.getSignedInfo().getSignatureMethod(); } if(m_logger.isDebugEnabled()) { m_logger.debug("Signing\n---\n" + new String(xml) + "\n---\n method: " + sigMeth); } Signature instance = sigMeth2SigSignatureInstance(sig, key); if(m_logger.isDebugEnabled()) { m_logger.debug("Signature instance: " + (instance != null?"OK":"NULL")); } instance.initSign((PrivateKey)key); instance.update(xml); byte[] signature = instance.sign(); if(m_logger.isDebugEnabled()) { m_logger.debug("Signature len: " + (signature != null?signature.length:0) + "\n---\n sig: " + ConvertUtils.bin2hex(signature)); } return signature; } } } } catch (DigiDocException var10) { m_logger.error("DigiDoc Error signing: " + var10); throw var10; } catch (Exception var11) { m_logger.error("Error signing: " + var11); return null; } } public X509Certificate getCertificate(int token, String pin) throws DigiDocException { if(this.m_keyStore == null) { throw new DigiDocException(16, "Keystore not initialized", (Throwable)null); } else { String alias = this.getTokenName(token); if(alias == null) { throw new DigiDocException(60, "Invalid token nr: " + token, (Throwable)null); } else { try { return (X509Certificate)this.m_keyStore.getCertificate(alias); } catch (Exception var5) { m_logger.error("Error reading cert for alias: " + alias + " - " + var5); return null; } } } } public X509Certificate getAuthCertificate(int token, String pin) throws DigiDocException { return this.getCertificate(token, pin); } public void reset() throws DigiDocException { this.m_keyStore = null; } public void closeSession() throws DigiDocException { this.reset(); } public byte[] decrypt(byte[] data, int token, String pin) throws DigiDocException { try { if(this.m_keyStore == null) { throw new DigiDocException(16, "Keystore not initialized", (Throwable)null); } else { String ex = this.getTokenName(token); if(ex == null) { throw new DigiDocException(60, "Invalid token nr: " + token, (Throwable)null); } else { if(m_logger.isDebugEnabled()) { m_logger.debug("loading key: " + ex + " passwd-len: " + (pin != null?pin.length():0)); } Key key = this.m_keyStore.getKey(ex, pin.toCharArray()); if(m_logger.isDebugEnabled()) { m_logger.debug("Key: " + (key != null?"OK, algorithm: " + key.getAlgorithm():"NULL")); } if(key == null) { throw new DigiDocException(60, "Invalid password for token: " + ex, (Throwable)null); } else { Cipher cipher = Cipher.getInstance("RSA"); cipher.init(2, key); byte[] decdata = cipher.doFinal(data); if(m_logger.isDebugEnabled()) { m_logger.debug("Decrypted len: " + (decdata != null?decdata.length:0)); } return decdata; } } } } catch (Exception var8) { m_logger.error("Error decrypting: " + var8); return null; } } public String getType() { return "PKCS12"; } }