Signature.java
- /*
- * GovWay - A customizable API Gateway
- * https://govway.org
- *
- * Copyright (c) 2005-2025 Link.it srl (https://link.it).
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3, as published by
- * the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- */
- package org.openspcoop2.pdd.logger.traccia;
- import java.io.File;
- import java.io.FileInputStream;
- import java.io.InputStream;
- import java.lang.reflect.Field;
- import java.util.Properties;
- import org.openspcoop2.message.xml.MessageXMLUtils;
- import org.openspcoop2.utils.certificate.KeystoreType;
- import org.openspcoop2.utils.certificate.KeystoreUtils;
- import org.openspcoop2.utils.security.JOSESerialization;
- import org.openspcoop2.utils.security.JWSOptions;
- import org.openspcoop2.utils.security.JsonSignature;
- import org.openspcoop2.utils.security.XmlSignature;
- import org.w3c.dom.Element;
- /**
- * Signature
- *
- * @author Poli Andrea (apoli@link.it)
- * @author $Author$
- * @version $Rev$, $Date$
- */
- public class Signature {
- private String keystore_type = KeystoreType.JKS.getNome();
- private String keystore_path = null;
- private String keystore_password = null;
- private String key_alias = null;
- private String key_password = null;
- private String json_signatureAlgorithm = "RS256";
- private JOSESerialization json_signatureSerialization = JOSESerialization.COMPACT;
- private boolean json_signatureDetached = false;
- private boolean json_signaturePayloadEncoding = true;
- private String xml_signatureAlgorithm = XmlSignature.DEFAULT_SIGNATURE_METHOD;
- private String xml_digestAlgorithm = XmlSignature.DEFAULT_DIGEST_METHOD;
- private String xml_canonicalizationAlgorithm = XmlSignature.DEFAULT_CANONICALIZATION_METHOD;
- private boolean xml_addBouncyCastleProvider;
- private boolean xml_addX509KeyInfo = true;
- private boolean xml_addRSAKeyInfo = false;
-
- public Signature() {
- }
- public Signature(Properties pConf) throws TracciaException {
- try {
- Field [] fields = Signature.class.getDeclaredFields();
- for (Field field : fields) {
- String fieldName = field.getName();
- fieldName = fieldName.replace("_", ".");
- if(pConf.containsKey(fieldName)) {
- String value = pConf.getProperty(fieldName);
- String bCN = boolean.class.getName()+"";
- String joseS = JOSESerialization.class.getName()+"";
- if(bCN.equals(field.getType().getName())) {
- field.set(this, "true".equalsIgnoreCase(value));
- }
- else if(joseS.equals(field.getType().getName())) {
- field.set(this, JOSESerialization.valueOf(value));
- }
- else {
- field.set(this, value);
- }
- }
- }
- }catch(Exception e) {
- throw new TracciaException(e.getMessage(),e);
- }
- }
-
-
- private boolean initialized = false;
- private JsonSignature jsonCompactSignature;
- private XmlSignature xmlSignature;
- private MessageXMLUtils xmlUtils;
-
- public synchronized void init() throws TracciaException {
-
- if(!this.initialized) {
-
- if(this.keystore_path==null) {
- throw new TracciaException("Keystore path undefined");
- }
- if(this.keystore_type==null) {
- throw new TracciaException("Keystore type undefined");
- }
- if(this.keystore_password==null) {
- throw new TracciaException("Keystore type undefined");
- }
-
- if(this.key_alias==null) {
- throw new TracciaException("Alias key undefined");
- }
- if(this.key_password==null) {
- throw new TracciaException("Password key undefined");
- }
-
- if(this.json_signatureAlgorithm==null) {
- throw new TracciaException("Json Signature Algorithm undefined");
- }
- if(this.json_signatureSerialization==null) {
- throw new TracciaException("Json Signature Representation undefined");
- }
-
- if(this.xml_signatureAlgorithm==null) {
- throw new TracciaException("Xml Signature Algorithm undefined");
- }
- if(this.xml_digestAlgorithm==null) {
- throw new TracciaException("Xml Digest Algorithm undefined");
- }
- if(this.xml_canonicalizationAlgorithm==null) {
- throw new TracciaException("Xml Canonicalization Algorithm undefined");
- }
-
- InputStream isKeystore = Signature.class.getResourceAsStream(this.keystore_path);
- try {
- if(isKeystore==null) {
- File f = new File(this.keystore_path);
- if(!f.exists()) {
- throw new TracciaException("Keystore path '"+this.keystore_path+"' not exists");
- }
- if(!f.canRead()) {
- throw new TracciaException("Keystore path '"+this.keystore_path+"' cannot read");
- }
- isKeystore = new FileInputStream(f);
- }
-
- java.security.KeyStore keystore = KeystoreUtils.readKeystore(isKeystore, this.keystore_type, this.keystore_password);
-
- JWSOptions jwsOptions = new JWSOptions(this.json_signatureSerialization);
- jwsOptions.setDetached(this.json_signatureDetached);
- jwsOptions.setPayloadEncoding(this.json_signaturePayloadEncoding);
- this.jsonCompactSignature = new JsonSignature(keystore, false, this.key_alias, this.key_password, this.json_signatureAlgorithm, jwsOptions);
-
- this.xmlSignature = new XmlSignature(keystore, this.key_alias, this.key_password, this.xml_addBouncyCastleProvider);
- if(this.xml_addX509KeyInfo) {
- this.xmlSignature.addX509KeyInfo();
- }
- else if(this.xml_addRSAKeyInfo) {
- this.xmlSignature.addRSAKeyInfo();
- }
-
- this.xmlUtils = MessageXMLUtils.DEFAULT;
- }
- catch(Exception e) {
- throw new TracciaException(e.getMessage(),e);
- }
- finally {
- try {
- if(isKeystore!=null) {
- isKeystore.close();
- }
- }catch(Exception eClose) {
- // close
- }
- }
-
- this.initialized = true;
- }
- }
-
- public String jsonSign(String content) throws TracciaException {
- try {
- return this.jsonCompactSignature.sign(content);
- }
- catch(Exception e) {
- throw new TracciaException(e.getMessage(),e);
- }
- }
-
- public String xmlSign(String content) throws TracciaException {
- return this.xmlSign(content.getBytes());
- }
- public String xmlSign(byte[] content) throws TracciaException {
- try {
- Element node = this.xmlUtils.newElement(content);
- this.xmlSignature.sign(node);
- return this.xmlUtils.toString(node);
- }
- catch(Exception e) {
- throw new TracciaException(e.getMessage(),e);
- }
- }
-
- public void setKeystore_type(String keystore_type) {
- this.keystore_type = keystore_type;
- }
- public void setKeystore_path(String keystore_path) {
- this.keystore_path = keystore_path;
- }
- public void setKeystore_password(String keystore_password) {
- this.keystore_password = keystore_password;
- }
- public void setKey_alias(String key_alias) {
- this.key_alias = key_alias;
- }
- public void setKey_password(String key_password) {
- this.key_password = key_password;
- }
- public void setJson_signatureAlgorithm(String json_signatureAlgorithm) {
- this.json_signatureAlgorithm = json_signatureAlgorithm;
- }
- public void setJson_signatureSerialization(JOSESerialization json_signatureSerialization) {
- this.json_signatureSerialization = json_signatureSerialization;
- }
- public void setJson_signatureDetached(boolean json_signatureDetached) {
- this.json_signatureDetached = json_signatureDetached;
- }
- public void setJson_signaturePayloadEncoding(boolean json_signaturePayloadEncoding) {
- this.json_signaturePayloadEncoding = json_signaturePayloadEncoding;
- }
- public void setXml_signatureAlgorithm(String xml_signatureAlgorithm) {
- this.xml_signatureAlgorithm = xml_signatureAlgorithm;
- }
- public void setXml_digestAlgorithm(String xml_digestAlgorithm) {
- this.xml_digestAlgorithm = xml_digestAlgorithm;
- }
- public void setXml_canonicalizationAlgorithm(String xml_canonicalizationAlgorithm) {
- this.xml_canonicalizationAlgorithm = xml_canonicalizationAlgorithm;
- }
- public void setXml_addBouncyCastleProvider(boolean xml_addBouncyCastleProvider) {
- this.xml_addBouncyCastleProvider = xml_addBouncyCastleProvider;
- }
- public void setXml_addX509KeyInfo(boolean xml_addX509KeyInfo) {
- this.xml_addX509KeyInfo = xml_addX509KeyInfo;
- }
- public void setXml_addRSAKeyInfo(boolean xml_addRSAKeyInfo) {
- this.xml_addRSAKeyInfo = xml_addRSAKeyInfo;
- }
- }