add Pattern for encryped bPK target identifier and add new method into BpkBuilder

4 files changed, 72 insertions, 25 deletions

diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java
index fed4af32..7b9ffcf0 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilder.java
@@ -27,6 +27,7 @@ import java.text.SimpleDateFormat;
 import java.util.Date;
 import java.util.Map.Entry;
 
+import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
@@ -34,6 +35,7 @@ import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.NoSuchPaddingException;
 
 import org.apache.commons.lang3.StringUtils;
+import org.springframework.util.Assert;
 import org.springframework.util.Base64Utils;
 
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
@@ -293,6 +295,30 @@ public class BpkBuilder {
   }
   
   /**
+   * Remove prefixes from bPK target identifier and get only the SP specific part.
+   * 
+   * @param type full qualified bPK target with 'urn:publicid:gv.at:' prefix
+   * @return SP specific part, or full type if reduction is not supported 
+   */
+  @Nonnull
+  public static String removeBpkTypePrefix(@Nonnull final String type) {
+    Assert.isTrue(type != null, "bPKType is 'NULL'");
+    if (type.startsWith(EaafConstants.URN_PREFIX_WBPK)) {
+      return type.substring(EaafConstants.URN_PREFIX_WBPK.length());
+      
+    } else if (type.startsWith(EaafConstants.URN_PREFIX_CDID)) {
+      return type.substring(EaafConstants.URN_PREFIX_CDID.length());
+      
+    } else if (type.startsWith(EaafConstants.URN_PREFIX_EIDAS)) {
+      return type.substring(EaafConstants.URN_PREFIX_EIDAS.length());
+      
+    } else {
+      return type;
+      
+    }
+  }
+  
+  /**
    * Builds the eIDAS from the given parameters.
    *
    * @param baseId             baseID of the citizen
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BpkAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BpkAttributeBuilder.java
index e18cc1a8..17919fc2 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BpkAttributeBuilder.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BpkAttributeBuilder.java
@@ -19,20 +19,17 @@
 
 package at.gv.egiz.eaaf.core.impl.idp.builder.attributes;
 
-import javax.annotation.Nonnull;
-
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.util.Assert;
 
-import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
 import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder;
 import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
 import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
 
 @PvpMetadata
 public class BpkAttributeBuilder implements IPvpAttributeBuilder {
@@ -61,7 +58,7 @@ public class BpkAttributeBuilder implements IPvpAttributeBuilder {
 
   protected String getBpkForSP(final IAuthData authData) throws UnavailableAttributeException {
     final String bpk = attrMaxSize(authData.getBpk());
-    final String type = removeBpkTypePrefix(authData.getBpkType());
+    final String type = BpkBuilder.removeBpkTypePrefix(authData.getBpkType());
 
     if (StringUtils.isEmpty(bpk)) {
       throw new UnavailableAttributeException(BPK_NAME);
@@ -78,23 +75,5 @@ public class BpkAttributeBuilder implements IPvpAttributeBuilder {
     return attr;
 
   }
-
-  @Nonnull
-  protected String removeBpkTypePrefix(@Nonnull final String type) {
-    Assert.isTrue(type != null, "bPKType is 'NULL'");
-    if (type.startsWith(EaafConstants.URN_PREFIX_WBPK)) {
-      return type.substring(EaafConstants.URN_PREFIX_WBPK.length());
-      
-    } else if (type.startsWith(EaafConstants.URN_PREFIX_CDID)) {
-      return type.substring(EaafConstants.URN_PREFIX_CDID.length());
-      
-    } else if (type.startsWith(EaafConstants.URN_PREFIX_EIDAS)) {
-      return type.substring(EaafConstants.URN_PREFIX_EIDAS.length());
-      
-    } else {
-      return type;
-      
-    }
-
-  }
+  
 }
diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilderTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilderTest.java
index 64c13781..df431186 100644
--- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilderTest.java
+++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/BpkBuilderTest.java
@@ -450,4 +450,39 @@ public class BpkBuilderTest {
     
   }
   
+  @Test
+  public void removeBpkPrefix() {
+    String spTarget = RandomStringUtils.randomAlphabetic(2);
+    Assert.assertEquals("Wrong SP target without prefix", 
+        spTarget, 
+        BpkBuilder.removeBpkTypePrefix(EaafConstants.URN_PREFIX_CDID + spTarget));
+    
+  }
+  
+  @Test
+  public void removeWpbkPrefix() {
+    String spTarget = RandomStringUtils.randomAlphabetic(10);
+    Assert.assertEquals("Wrong SP target without prefix", 
+        spTarget, 
+        BpkBuilder.removeBpkTypePrefix(EaafConstants.URN_PREFIX_WBPK + spTarget));
+    
+  }
+  
+  @Test
+  public void removeEidasPbkPrefix() {
+    String spTarget = RandomStringUtils.randomAlphabetic(2) + "+" + RandomStringUtils.randomAlphabetic(2);
+    Assert.assertEquals("Wrong SP target without prefix", 
+        spTarget, 
+        BpkBuilder.removeBpkTypePrefix(EaafConstants.URN_PREFIX_EIDAS + spTarget));
+    
+  }
+  
+  @Test
+  public void removeUnknownPbkPrefix() {
+    String spTarget = RandomStringUtils.randomAlphabetic(10);
+    Assert.assertEquals("Wrong SP target without prefix", 
+        EaafConstants.URN_PREFIX_BASEID + spTarget, 
+        BpkBuilder.removeBpkTypePrefix(EaafConstants.URN_PREFIX_BASEID + spTarget));
+    
+  }
 }
diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java
index 57375e01..7a8bc67c 100644
--- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java
+++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java
@@ -45,16 +45,23 @@ public class EaafConstants {
   public static final String URN_PART_CDID = "cdid+";
   public static final String URN_PART_WBPK = "wbpk+";
   public static final String URN_PART_EIDAS = "eidasid+";
-
+  public static final String URN_PART_ECDID = "ecdid+";
+  
   public static final String URN_PREFIX = "urn:publicid:gv.at";
   public static final String URN_PREFIX_WITH_COLON = URN_PREFIX + ":";
   public static final String URN_PREFIX_BASEID = URN_PREFIX_WITH_COLON + URN_PART_BASEID;
   public static final String URN_PREFIX_CDID = URN_PREFIX_WITH_COLON + URN_PART_CDID;
+  public static final String URN_PREFIX_ECDID = URN_PREFIX_WITH_COLON + URN_PART_ECDID;
   public static final String URN_PREFIX_BPK = URN_PREFIX_CDID + "bpk";
   public static final String URN_PREFIX_WBPK = URN_PREFIX_WITH_COLON  + URN_PART_WBPK;
   public static final String URN_PREFIX_EIDAS = URN_PREFIX_WITH_COLON + URN_PART_EIDAS;
   public static final String URN_PREFIX_OW_BPK = URN_PREFIX_CDID + "OW";
 
+  /**
+   * encrypted bPK target identifier pattern with {0} as bPK target without prefix and {1} as VKZ/SourceId.
+   */
+  public static final String URN_ECDID_TARGET_PATTERN =  URN_PREFIX_ECDID + "{1}+{0}";
+  
   public static final String URN_PREFIX_WBPK_TARGET_WITH_X = EaafConstants.URN_PREFIX_WBPK + "X";
   private static final String WBPK_TARGET_FN = "FN";
   private static final String WBPK_TARGET_ZVR = "ZVR";