public void addSignatureData(WonSignatureData wonSignatureData) { signatures.add(wonSignatureData); if (!signedGraphNameToSignatureGraphName.containsKey(wonSignatureData.getSignedGraphUri())) { signedGraphNameToSignatureGraphName.put(wonSignatureData.getSignedGraphUri(), new ArrayList<String>()); } signatureGraphNameToSignedGraphName.put(wonSignatureData.getSignatureUri(), wonSignatureData.getSignedGraphUri()); signedGraphNameToSignatureGraphName.get(wonSignatureData.getSignedGraphUri()).add(wonSignatureData.getSignatureUri()); signatureGraphNameToSignatureValue.put(wonSignatureData.getSignatureUri(), wonSignatureData.getSignatureValue()); }
private void extractSignatureData(final String uri, final Model model) { WonSignatureData wonSignatureData = WonRdfUtils.SignatureUtils.extractWonSignatureData(uri,model); if (wonSignatureData != null && wonSignatureData.getSignatureValue() != null) { graphUriToSigUri.put(wonSignatureData.getSignedGraphUri(), uri); sigUriToSigReference.put(uri, wonSignatureData); } }
/** * If the provided signing stage has unsigned content graphs, sign them. * This adds the signature triples to the graph, add signature graphs * to the dataset, and add signature references of those signatures into the envelope graph * that has has content property referencing signed by that signature content graph * @param msgDataset * @param sigStage * @param signer * @param privateKey * @param privateKeyUri */ private static void signContents(final Dataset msgDataset, final SigningStage sigStage, final WonSigner signer, final PrivateKey privateKey, final String privateKeyUri, final PublicKey publicKey) throws Exception { List<WonSignatureData> sigRefs = signer.sign(privateKey, privateKeyUri, publicKey, sigStage.getUnsignedContentUris()); for (WonSignatureData sigRef : sigRefs) { String envUri = sigStage.getEnvelopeUriContainingContent(sigRef.getSignedGraphUri()); addSignature(sigRef, envUri, msgDataset,true); } }
if (!dataset.containsNamedModel(wonSignatureData.getSignedGraphUri())) { logger.debug("cannot verify signature {} as it is not part of this message ", wonSignatureData.getSignatureUri()); continue; GraphCollection inputGraph = ModelConverter.modelToGraphCollection(wonSignatureData.getSignedGraphUri(), dataset); canonicAlgorithm.canonicalize(inputGraph); canonicAlgorithm.postCanonicalize(inputGraph); if (logger.isDebugEnabled()) { StringWriter sw = new StringWriter(); RDFDataMgr.write(sw, dataset.getNamedModel(wonSignatureData.getSignedGraphUri()), Lang.TRIG); logger.debug("wrong signature hash for graph {} with content: {}", wonSignatureData.getSignedGraphUri(), sw.toString());
/** * Adds the triples holding the signature data to the model of the specified resource, using the resource as the * subject. * @param subject * @param wonSignatureData */ public static void addSignature(Resource subject, WonSignatureData wonSignatureData){ assert wonSignatureData.getHash() != null; assert wonSignatureData.getSignatureValue() != null; assert wonSignatureData.getPublicKeyFingerprint() != null; assert wonSignatureData.getSignedGraphUri() != null; assert wonSignatureData.getVerificationCertificateUri() != null; Model containingGraph = subject.getModel(); subject.addProperty(RDF.type, SFSIG.SIGNATURE); subject.addProperty(WONMSG.HAS_HASH_PROPERTY, wonSignatureData.getHash()); subject.addProperty(SFSIG.HAS_SIGNATURE_VALUE, wonSignatureData.getSignatureValue()); subject.addProperty(WONMSG.HAS_SIGNED_GRAPH_PROPERTY, containingGraph.createResource(wonSignatureData.getSignedGraphUri())); subject.addProperty(WONMSG.HAS_PUBLIC_KEY_FINGERPRINT_PROPERTY, wonSignatureData.getPublicKeyFingerprint()); subject.addProperty(SFSIG.HAS_VERIFICATION_CERT, containingGraph.createResource(wonSignatureData .getVerificationCertificateUri())); } }