From c5c2c73f3fe46e23871f609b82791540c1a16a24 Mon Sep 17 00:00:00 2001 From: CGantert345 <57003061+CGantert345@users.noreply.github.com> Date: Tue, 30 May 2023 12:19:12 +0200 Subject: fix on the security provider --- src/main/java/org/uic/barcode/Encoder.java | 15 +- .../org/uic/barcode/staticFrame/StaticFrame.java | 1 - .../ticket/api/utils/Api2OpenAsnEncoder.java | 2 +- .../ticket/api/test/SecurityProviderTestV1.java | 168 +++++++++++++++++++++ 4 files changed, 182 insertions(+), 4 deletions(-) create mode 100644 src/test/java/org/uic/barcode/ticket/api/test/SecurityProviderTestV1.java (limited to 'src') diff --git a/src/main/java/org/uic/barcode/Encoder.java b/src/main/java/org/uic/barcode/Encoder.java index f2b9b0c..f8dae02 100644 --- a/src/main/java/org/uic/barcode/Encoder.java +++ b/src/main/java/org/uic/barcode/Encoder.java @@ -370,16 +370,27 @@ public class Encoder { */ public void signLevel1(String securityProvider,PrivateKey key,String signingAlg, String keyId) throws Exception { if (dynamicFrame != null) { - dynamicFrame.getLevel2Data().getLevel1Data().setSecurityProvider(securityProvider); + if (securityProvider != null && securityProvider.length() > 0) { + dynamicFrame.getLevel2Data().getLevel1Data().setSecurityProvider(securityProvider); + } dynamicFrame.getLevel2Data().getLevel1Data().setLevel1SigningAlg(signingAlg); dynamicFrame.getLevel2Data().getLevel1Data().setKeyId(Long.parseLong(keyId)); dynamicFrame.signLevel1(key); } else if (staticFrame != null) { staticFrame.setSignatureKey(keyId); staticFrame.setSecurityProvider(securityProvider); - if (staticFrame.getHeaderRecord()!= null && staticFrame.getHeaderRecord().getIssuer() == null) { + if (securityProvider != null && + securityProvider.length() > 0 && + staticFrame.getHeaderRecord()!= null) { staticFrame.getHeaderRecord().setIssuer(securityProvider); } + if (securityProvider != null && + securityProvider.length() > 0 && + staticFrame.getuFlex() != null && + staticFrame.getuFlex().getTicket() != null && + staticFrame.getuFlex().getTicket().getIssuerDetails() != null) { + staticFrame.getuFlex().getTicket().getIssuerDetails().setSecurityProvider(securityProvider); + } staticFrame.signByAlgorithmOID(key,signingAlg); } else if (ssbFrame != null) { ssbFrame.signLevel1(key, null, keyId, signingAlg); diff --git a/src/main/java/org/uic/barcode/staticFrame/StaticFrame.java b/src/main/java/org/uic/barcode/staticFrame/StaticFrame.java index 25649df..6b577c5 100644 --- a/src/main/java/org/uic/barcode/staticFrame/StaticFrame.java +++ b/src/main/java/org/uic/barcode/staticFrame/StaticFrame.java @@ -19,7 +19,6 @@ import java.util.zip.DataFormatException; import java.util.zip.Deflater; import java.util.zip.Inflater; -import org.uic.barcode.dynamicFrame.Constants; import org.uic.barcode.ticket.EncodingFormatException; import org.uic.barcode.utils.SecurityUtils; diff --git a/src/main/java/org/uic/barcode/ticket/api/utils/Api2OpenAsnEncoder.java b/src/main/java/org/uic/barcode/ticket/api/utils/Api2OpenAsnEncoder.java index d8934d9..ada4c1a 100644 --- a/src/main/java/org/uic/barcode/ticket/api/utils/Api2OpenAsnEncoder.java +++ b/src/main/java/org/uic/barcode/ticket/api/utils/Api2OpenAsnEncoder.java @@ -2127,7 +2127,7 @@ public class Api2OpenAsnEncoder implements Api2AsnEncoder { if (data.getSecurityProvider() != null) { asnData.setSecurityProviderNum(UicEncoderUtils.getNum(data.getSecurityProvider())); - data.setSecurityProvider(data.getIssuer()); + asnData.setSecurityProviderIA5(UicEncoderUtils.getIA5NonNum(data.getSecurityProvider())); } else { asnData.setSecurityProviderNum(UicEncoderUtils.getNum(data.getIssuer())); } diff --git a/src/test/java/org/uic/barcode/ticket/api/test/SecurityProviderTestV1.java b/src/test/java/org/uic/barcode/ticket/api/test/SecurityProviderTestV1.java new file mode 100644 index 0000000..8318467 --- /dev/null +++ b/src/test/java/org/uic/barcode/ticket/api/test/SecurityProviderTestV1.java @@ -0,0 +1,168 @@ +package org.uic.barcode.ticket.api.test; + +import java.io.IOException; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.SecureRandom; +import java.security.Security; +import java.security.SignatureException; +import java.util.zip.DataFormatException; + +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.junit.Before; +import org.junit.Test; +import org.uic.barcode.Decoder; +import org.uic.barcode.Encoder; +import org.uic.barcode.dynamicFrame.Constants; +import org.uic.barcode.logger.LoggerFactory; +import org.uic.barcode.staticFrame.ticketLayoutBarcode.TicketLayout; +import org.uic.barcode.test.utils.SimpleTestTicketLayout; +import org.uic.barcode.test.utils.SimpleUICTestTicket; +import org.uic.barcode.ticket.EncodingFormatException; +import org.uic.barcode.ticket.api.spec.IUicRailTicket; + +/** + * The Class SecurityProviderTest. + */ +public class SecurityProviderTestV1 { + + /** The algorithm OID. */ + public String algorithmOID = Constants.DSA_SHA224; + + public int keySize = 2048; + + /** The key pair. */ + public KeyPair keyPair = null; + + + public IUicRailTicket testFCBticket = null; + + public TicketLayout testLayout = null; + + + /** + * Initialize. + * + * set the signature algorithm + * generate a key pair + * set the test content + * for ticket and layout + */ + @Before public void initialize() { + + LoggerFactory.setActivateConsoleLog(true); + + algorithmOID = Constants.DSA_SHA224; + keySize = 2048; + testFCBticket = SimpleUICTestTicket.getUicTestTicket(); + testLayout = SimpleTestTicketLayout.getSimpleTestTicketLayout(); + testFCBticket.getIssuerDetails().setSecurityProvider("1080"); + testFCBticket.getIssuerDetails().setIssuer("4711"); + + + Security.addProvider(new BouncyCastleProvider()); + + try { + keyPair = generateDSAKeys(keySize); + } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidAlgorithmParameterException e) { + e.printStackTrace(); + } + + assert(keyPair != null); + + } + + + + /** + * Test security provider encoding decoding. + */ + @Test public void testSecurityProviderDecoding() { + + + IUicRailTicket ticket = testFCBticket; + + TicketLayout layout = testLayout; + + + Encoder enc = null; + + try { + enc = new Encoder(ticket, layout, Encoder.UIC_BARCODE_TYPE_CLASSIC, 2, 13); + } catch (IOException | EncodingFormatException e1) { + assert(false); + } + + enc.setStaticHeaderParams("123456789012", "de"); + + assert(enc != null); + + try { + enc.signLevel1("1080", keyPair.getPrivate(), algorithmOID, "1"); + } catch (Exception e) { + assert(false); + } + + + byte[] encoded = null; + try { + encoded = enc.encode(); + } catch (Exception e) { + assert(false); + } + + assert(encoded != null); + + Decoder dec = null; + try { + dec = new Decoder(encoded); + } catch (IOException e) { + assert(false); + } catch (EncodingFormatException e) { + assert(false); + } catch (DataFormatException e) { + assert(false); + } + assert(dec != null); + + int signatureCheck = 0; + try { + signatureCheck = dec.validateLevel1(keyPair.getPublic(),algorithmOID); + } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException | IllegalArgumentException + | UnsupportedOperationException | IOException | EncodingFormatException e) { + assert(false); + } + + assert(signatureCheck == Constants.LEVEL1_VALIDATION_OK); + + + assert(dec.getUicTicket().getIssuerDetails().getSecurityProvider().equals("1080")); + assert(dec.getUicTicket().getIssuerDetails().getIssuer().equals("4711")); + assert(dec.getStaticFrame().getHeaderRecord().getIssuer().equals("1080")); + + + SimpleUICTestTicket.compare(ticket, dec.getUicTicket()); + + SimpleTestTicketLayout.compare(layout, dec.getLayout()); + + } + + /** + * Generate DSA keys. + * + * @return the key pair + * @throws NoSuchAlgorithmException the no such algorithm exception + * @throws NoSuchProviderException the no such provider exception + * @throws InvalidAlgorithmParameterException the invalid algorithm parameter exception + */ + public KeyPair generateDSAKeys(int keySize) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException{ + KeyPairGenerator g = KeyPairGenerator.getInstance("DSA", "BC"); + g.initialize(keySize, new SecureRandom()); + return g.generateKeyPair(); + } + +} -- cgit v1.2.3