Signature.java

  1. /*
  2.  * GovWay - A customizable API Gateway
  3.  * https://govway.org
  4.  *
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it).
  6.  *
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */

  20. package org.openspcoop2.pdd.logger.traccia;

  21. import java.io.File;
  22. import java.io.FileInputStream;
  23. import java.io.InputStream;
  24. import java.lang.reflect.Field;
  25. import java.util.Properties;

  26. import org.openspcoop2.message.xml.MessageXMLUtils;
  27. import org.openspcoop2.utils.certificate.KeystoreType;
  28. import org.openspcoop2.utils.certificate.KeystoreUtils;
  29. import org.openspcoop2.utils.security.JOSESerialization;
  30. import org.openspcoop2.utils.security.JWSOptions;
  31. import org.openspcoop2.utils.security.JsonSignature;
  32. import org.openspcoop2.utils.security.XmlSignature;
  33. import org.w3c.dom.Element;

  34. /**
  35.  * Signature
  36.  *
  37.  * @author Poli Andrea (apoli@link.it)
  38.  * @author $Author$
  39.  * @version $Rev$, $Date$
  40.  */
  41. public class Signature {

  42.     private String keystore_type = KeystoreType.JKS.getNome();
  43.     private String keystore_path = null;
  44.     private String keystore_password = null;
  45.     private String key_alias = null;
  46.     private String key_password = null;
  47.     private String json_signatureAlgorithm = "RS256";
  48.     private JOSESerialization json_signatureSerialization = JOSESerialization.COMPACT;
  49.     private boolean json_signatureDetached = false;
  50.     private boolean json_signaturePayloadEncoding = true;
  51.     private String xml_signatureAlgorithm = XmlSignature.DEFAULT_SIGNATURE_METHOD;
  52.     private String xml_digestAlgorithm = XmlSignature.DEFAULT_DIGEST_METHOD;
  53.     private String xml_canonicalizationAlgorithm = XmlSignature.DEFAULT_CANONICALIZATION_METHOD;
  54.     private boolean xml_addBouncyCastleProvider;
  55.     private boolean xml_addX509KeyInfo = true;
  56.     private boolean xml_addRSAKeyInfo = false;
  57.    
  58.     public Signature() {        
  59.     }
  60.     public Signature(Properties pConf) throws TracciaException {
  61.         try {
  62.             Field [] fields = Signature.class.getDeclaredFields();
  63.             for (Field field : fields) {
  64.                 String fieldName = field.getName();
  65.                 fieldName = fieldName.replace("_", ".");
  66.                 if(pConf.containsKey(fieldName)) {
  67.                     String value = pConf.getProperty(fieldName);
  68.                     String bCN = boolean.class.getName()+"";
  69.                     String joseS = JOSESerialization.class.getName()+"";
  70.                     if(bCN.equals(field.getType().getName())) {
  71.                         field.set(this, "true".equalsIgnoreCase(value));
  72.                     }
  73.                     else if(joseS.equals(field.getType().getName())) {
  74.                         field.set(this, JOSESerialization.valueOf(value));
  75.                     }
  76.                     else {
  77.                         field.set(this, value);
  78.                     }
  79.                 }
  80.             }
  81.         }catch(Exception e) {
  82.             throw new TracciaException(e.getMessage(),e);
  83.         }
  84.     }
  85.    
  86.    
  87.     private boolean initialized = false;
  88.     private JsonSignature jsonCompactSignature;
  89.     private XmlSignature xmlSignature;
  90.     private MessageXMLUtils xmlUtils;
  91.    
  92.     public synchronized void init() throws TracciaException {
  93.        
  94.         if(!this.initialized) {
  95.        
  96.             if(this.keystore_path==null) {
  97.                 throw new TracciaException("Keystore path undefined");
  98.             }
  99.             if(this.keystore_type==null) {
  100.                 throw new TracciaException("Keystore type undefined");
  101.             }
  102.             if(this.keystore_password==null) {
  103.                 throw new TracciaException("Keystore type undefined");
  104.             }
  105.            
  106.             if(this.key_alias==null) {
  107.                 throw new TracciaException("Alias key undefined");
  108.             }
  109.             if(this.key_password==null) {
  110.                 throw new TracciaException("Password key undefined");
  111.             }
  112.            
  113.             if(this.json_signatureAlgorithm==null) {
  114.                 throw new TracciaException("Json Signature Algorithm undefined");
  115.             }
  116.             if(this.json_signatureSerialization==null) {
  117.                 throw new TracciaException("Json Signature Representation undefined");
  118.             }
  119.            
  120.             if(this.xml_signatureAlgorithm==null) {
  121.                 throw new TracciaException("Xml Signature Algorithm undefined");
  122.             }
  123.             if(this.xml_digestAlgorithm==null) {
  124.                 throw new TracciaException("Xml Digest Algorithm undefined");
  125.             }
  126.             if(this.xml_canonicalizationAlgorithm==null) {
  127.                 throw new TracciaException("Xml Canonicalization Algorithm undefined");
  128.             }
  129.            
  130.             InputStream isKeystore = Signature.class.getResourceAsStream(this.keystore_path);
  131.             try {
  132.                 if(isKeystore==null) {
  133.                     File f = new File(this.keystore_path);
  134.                     if(!f.exists()) {
  135.                         throw new TracciaException("Keystore path '"+this.keystore_path+"' not exists");
  136.                     }
  137.                     if(!f.canRead()) {
  138.                         throw new TracciaException("Keystore path '"+this.keystore_path+"' cannot read");
  139.                     }
  140.                     isKeystore = new FileInputStream(f);
  141.                 }
  142.                
  143.                 java.security.KeyStore keystore = KeystoreUtils.readKeystore(isKeystore, this.keystore_type, this.keystore_password);
  144.                
  145.                 JWSOptions jwsOptions = new JWSOptions(this.json_signatureSerialization);
  146.                 jwsOptions.setDetached(this.json_signatureDetached);
  147.                 jwsOptions.setPayloadEncoding(this.json_signaturePayloadEncoding);
  148.                 this.jsonCompactSignature = new JsonSignature(keystore, false, this.key_alias, this.key_password, this.json_signatureAlgorithm, jwsOptions);
  149.                
  150.                 this.xmlSignature = new XmlSignature(keystore, this.key_alias, this.key_password, this.xml_addBouncyCastleProvider);
  151.                 if(this.xml_addX509KeyInfo) {
  152.                     this.xmlSignature.addX509KeyInfo();
  153.                 }
  154.                 else if(this.xml_addRSAKeyInfo) {
  155.                     this.xmlSignature.addRSAKeyInfo();
  156.                 }
  157.                
  158.                 this.xmlUtils = MessageXMLUtils.DEFAULT;
  159.             }
  160.             catch(Exception e) {
  161.                 throw new TracciaException(e.getMessage(),e);
  162.             }
  163.             finally {
  164.                 try {
  165.                     if(isKeystore!=null) {
  166.                         isKeystore.close();
  167.                     }
  168.                 }catch(Exception eClose) {
  169.                     // close
  170.                 }
  171.             }
  172.        
  173.             this.initialized = true;
  174.         }
  175.     }
  176.    
  177.     public String jsonSign(String content) throws TracciaException {
  178.         try {
  179.             return this.jsonCompactSignature.sign(content);
  180.         }
  181.         catch(Exception e) {
  182.             throw new TracciaException(e.getMessage(),e);
  183.         }
  184.     }
  185.    
  186.     public String xmlSign(String content) throws TracciaException {
  187.         return this.xmlSign(content.getBytes());
  188.     }
  189.     public String xmlSign(byte[] content) throws TracciaException {
  190.         try {
  191.             Element node = this.xmlUtils.newElement(content);
  192.             this.xmlSignature.sign(node);
  193.             return this.xmlUtils.toString(node);
  194.         }
  195.         catch(Exception e) {
  196.             throw new TracciaException(e.getMessage(),e);
  197.         }
  198.     }

  199.    
  200.     public void setKeystore_type(String keystore_type) {
  201.         this.keystore_type = keystore_type;
  202.     }
  203.     public void setKeystore_path(String keystore_path) {
  204.         this.keystore_path = keystore_path;
  205.     }
  206.     public void setKeystore_password(String keystore_password) {
  207.         this.keystore_password = keystore_password;
  208.     }
  209.     public void setKey_alias(String key_alias) {
  210.         this.key_alias = key_alias;
  211.     }
  212.     public void setKey_password(String key_password) {
  213.         this.key_password = key_password;
  214.     }
  215.     public void setJson_signatureAlgorithm(String json_signatureAlgorithm) {
  216.         this.json_signatureAlgorithm = json_signatureAlgorithm;
  217.     }
  218.     public void setJson_signatureSerialization(JOSESerialization json_signatureSerialization) {
  219.         this.json_signatureSerialization = json_signatureSerialization;
  220.     }
  221.     public void setJson_signatureDetached(boolean json_signatureDetached) {
  222.         this.json_signatureDetached = json_signatureDetached;
  223.     }
  224.     public void setJson_signaturePayloadEncoding(boolean json_signaturePayloadEncoding) {
  225.         this.json_signaturePayloadEncoding = json_signaturePayloadEncoding;
  226.     }
  227.     public void setXml_signatureAlgorithm(String xml_signatureAlgorithm) {
  228.         this.xml_signatureAlgorithm = xml_signatureAlgorithm;
  229.     }
  230.     public void setXml_digestAlgorithm(String xml_digestAlgorithm) {
  231.         this.xml_digestAlgorithm = xml_digestAlgorithm;
  232.     }
  233.     public void setXml_canonicalizationAlgorithm(String xml_canonicalizationAlgorithm) {
  234.         this.xml_canonicalizationAlgorithm = xml_canonicalizationAlgorithm;
  235.     }
  236.     public void setXml_addBouncyCastleProvider(boolean xml_addBouncyCastleProvider) {
  237.         this.xml_addBouncyCastleProvider = xml_addBouncyCastleProvider;
  238.     }
  239.     public void setXml_addX509KeyInfo(boolean xml_addX509KeyInfo) {
  240.         this.xml_addX509KeyInfo = xml_addX509KeyInfo;
  241.     }
  242.     public void setXml_addRSAKeyInfo(boolean xml_addRSAKeyInfo) {
  243.         this.xml_addRSAKeyInfo = xml_addRSAKeyInfo;
  244.     }

  245. }