diff options
| author | gregor <gregor@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2007-01-17 16:37:00 +0000 |
|---|---|---|
| committer | gregor <gregor@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2007-01-17 16:37:00 +0000 |
| commit | 5395e958dd7d0cb0a150fb08e4f8153ce7e8e793 (patch) | |
| tree | f91e73fc4448164d4baecb507c6b00a052800e1d | |
| parent | 32e1a7ef05521924a69cc82a46e3fe84ab85da91 (diff) | |
| download | moa-id-spss-5395e958dd7d0cb0a150fb08e4f8153ce7e8e793.tar.gz moa-id-spss-5395e958dd7d0cb0a150fb08e4f8153ce7e8e793.tar.bz2 moa-id-spss-5395e958dd7d0cb0a150fb08e4f8153ce7e8e793.zip | |
MOA-Wartung/Leistungsaufruf 17
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@786 d688527b-c9ab-4aba-bd8d-4036d912da1d
9 files changed, 450 insertions, 29 deletions
diff --git a/spss.slinterface/build.xml b/spss.slinterface/build.xml index 08c17b9c9..4133c1e77 100644 --- a/spss.slinterface/build.xml +++ b/spss.slinterface/build.xml @@ -1,16 +1,19 @@ <!-- - Ant Buildfile for MOA SP/SS Server + Ant Buildfile for MOA SL - Authors: Patrick Peck, Gregor Karlinger + Authors: Gregor Karlinger $Id$ --> <project name="moa-sl" default="dist-ws" basedir="."> <property environment="env"/> - <property name="script-suffix" value="${env.SCRIPT_SUFFIX}"/> - <property name="version" value="1.1.0"/> + + <!-- Remove comments if targets should be run in test mode, i.e. include test files --> + <!--<property name="isTest" value="dummy"/>--> + + <property name="version" value="1.1.1"/> <property name="lib" value="lib"/> <property name="src" value="src"/> @@ -76,7 +79,7 @@ debug="on"> </javac> </target> - + <target name="package-ws" depends="compile, manifest"> <description>package the server war file</description> <war warfile="${dist.ws}/moa-sl.war" webxml="${web-inf}/web.xml" manifest="${tmp}/MANIFEST.MF"> @@ -91,9 +94,10 @@ <classes dir="${res}" excludes="test/**"/> <classes file="${conf}/log4j/log4j.properties"/> <zipfileset dir="${pages}" excludes="" prefix="pages"/> - <zipfileset dir="${test}" excludes="echtdaten*/** .cvsignore" prefix="test"/> + <zipfileset dir="${test}" excludes=".cvsignore" prefix="test"> + <exclude unless="isTest" name="*/**"/> + </zipfileset> <zipfileset dir="${tempdir}" prefix="workdir/temp"/> - <!--<webinf dir="${handbook}" includes="conf/**"/>--> </war> </target> @@ -127,12 +131,6 @@ <fileset dir="${lib.xalan}"/> <fileset dir="${lib.xerces}"/> </copy> - <!--<copy toDir="${dist.ws}/licenses"> - <fileset dir="${licenses}"/> - </copy>--> - <!--<copy toDir="${dist.ws}"> - <fileset dir="." includes="readme.inst.txt, readme.update.txt, history.txt"/> - </copy>--> <fixcrlf srcdir="${dist.ws}" includes="**/*.sh" eol="lf" eof="remove"/> </target> diff --git a/spss.slinterface/handbook/system/system.html b/spss.slinterface/handbook/system/system.html index b911d84c8..7831b7eb6 100644 --- a/spss.slinterface/handbook/system/system.html +++ b/spss.slinterface/handbook/system/system.html @@ -178,7 +178,7 @@ Der Filter <code>SL2MOAFilter</code></h2> ist ein <code><abbr title="javax.servlet.Filter">Filter</abbr></code>, der einerseits -den <code><abbr title="javax.servlet.http.httpservletrequest=">HttpServletRequest</abbr> +den <code><abbr title="javax.servlet.http.httpservletrequest=">HttpServletRequest</abbr></code> verändert, bevor er an das Servlet <code><abbr title="at.gv.egovernment.moa.spss.slinterface.servlets.MOAServlet">MOAServlet</abbr></code> weitergeleitet wird, und andererseits den <code><abbr title="javax.servlet.http.HttpServletResponse">HttpServletResponse</abbr></code> verändert, nachdem er vom Servlet <code><abbr title="at.gv.egovernment.moa.spss.slinterface.servlets.MOAServlet">MOAServlet</abbr></code> @@ -195,11 +195,28 @@ entsprechend der Webservice-Schnittstelle für das Basismodul MOA SP (MOA-Request). Aufgabe des <code><abbr title="at.gv.egovernment.moa.spss.slinterface.filters.SL2MOAFilter">SL2MOAFilter</abbr></code>s ist es daher, vor der Ausführung des <code><abbr title="at.gv.egovernment.moa.spss.slinterface.servlets.MOAServlet">MOAServlet</abbr></code>s für eine passende Umsetzung des SL-Requests in den -entsprechenden MOA-Request zu sorgen. Zur Erfüllung dieser +entsprechenden MOA-Request zu sorgen. </p> + +<p>Zur Erfüllung dieser Aufgabe bedient sich der <code><abbr title="at.gv.egovernment.moa.spss.slinterface.filters.SL2MOAFilter">SL2MOAFilter</abbr></code> der Klasse <code><abbr title="at.gv.egovernment.moa.spss.slinterface.transformers.SL2MOA">SL2MOA</abbr></code>, -in der die -Request-Transformation gekapselt ist.</p> +in der die Request-Transformation gekapselt ist. Zunächst wird eine einfache Transformation des SL-Requests in den MOA-Request durchgeführt, +indem die Namen der XML-Elemente entsprechend angepasst werden. Danach werden am dadurch entstandenen MOA-Request noch folgende Modifikationen +durchgeführt: +<ul> + <li>Einfügen eines <code>DateTime</code> Elements in den MOA-Request, wenn bisher kein solches existiert, und wenn in der im MOA-Request + enthaltenen XML Signatur kein Signaturattribut <code>etsi:SigningTime</code> existiert und wenn aus dem E-Recht XML Dokument, das von der + XML-Signatur signiert wird, die Metainformation (Attribut <code>h-created</code> im Wurzelelement <code>erechtdok</code>) des + Erzeugungszeitpunkts des E-Recht XML Dokuments erfolgreich extrahiert werden konnte.</li> + + <li>Hinzufügen des Elements <code>ReturnHashInputData</code>, das MOA SP anweist, die Hashinputdaten für jede <code>dsig:Reference</code> + der zu prüfenden XML Signatur als Teil der MOA-Response zu retournieren.</li> + + <li>Hinzufügen des verpflichtend anzugebenden Elements <code>TrustProfileID</code>, das MOA SP den Hinweis gibt, welches Vertrauensprofil + für die Evaluierung der Vertrauenswürdigkeit des für die Erstellung der XML Signatur verwendeten Signaturzertifikats verwendet + werden soll.</li> +</ul> +</p> <p>Das <code><abbr title="at.gv.egovernment.moa.spss.slinterface.servlets.MOAServlet">MOAServlet</abbr></code> würde dann die Antwort des Basismoduls MOA SP in einem Format diff --git a/spss.slinterface/src/at/gv/egovernment/moa/spss/slinterface/Constants.java b/spss.slinterface/src/at/gv/egovernment/moa/spss/slinterface/Constants.java index 419f1fb9b..6373f37fe 100644 --- a/spss.slinterface/src/at/gv/egovernment/moa/spss/slinterface/Constants.java +++ b/spss.slinterface/src/at/gv/egovernment/moa/spss/slinterface/Constants.java @@ -6,19 +6,16 @@ package at.gv.egovernment.moa.spss.slinterface; /** - * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) + * @author Gregor Karlinger (mailto:gregor.karlinger@siemens.com) */ public class Constants { // System properties - public static final String SP_INIT_PROPS_LOC_ = - "at.gv.egovernment.moa.spss.slinterface.PropertiesLocation"; + + public static final String SP_INIT_PROPS_LOC_ = "at.gv.egovernment.moa.spss.slinterface.PropertiesLocation"; // Init properties - // TODO Revisit if constants can be removed - // public static final String IP_SL2MOA_STYLESHEET_ = "location.stylesheet.sl2moa"; - // public static final String IP_MOA2SL_STYLESHEET_ = "location.stylesheet.moa2sl"; public static final String IP_SL_SCHEMA_ = "location.schema.sl"; public static final String IP_MOA_SCHEMA_ = "location.schema.moa"; public static final String IP_SLXHTML_SCHEMA_ = "location.schema.slxhtml"; @@ -44,15 +41,13 @@ public class Constants public static final String LH_FILTERS_ = LH_BASE_ + ".filters"; public static final String LH_SERVLETS_ = LH_BASE_ + ".servlets"; public static final String LH_BEANS_ = LH_BASE_ + ".beans"; + public static final String LH_TRANSFORMERS_ = LH_BASE_ + ".transformers"; public static final String LH_TEST_ = LH_BASE_ + ".test"; // Web service context parameters public static final String WSCP_INIT_PROPS_ = "initProperties"; public static final String WSCP_INITPROPS_BEAN_ = "initPropertiesBean"; - // TODO Revisit if constants can be removed - // public static final String WSCP_SL2MOA_TRANSFORMER_ = "sl2MoaTransformer"; - // public static final String WSCP_MOA2SL_TRANSFORMER_ = "moa2SlTransformer"; public static final String WSCP_XMLPARSER_ = "xmlParser"; public static final String WSCP_URL_REWRITER_ = "urlRewriter"; @@ -68,13 +63,17 @@ public class Constants public static final String NSURI_SL_10_ = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#"; public static final String NSURI_SL_11_ = "http://www.buergerkarte.at/namespaces/securitylayer/20020831#"; + // TODO Change Namespace to final SL 1.2 public static final String NSURI_SL_12_ = "http://www.buergerkarte.at/namespaces/securitylayer/20031231#"; + public static final String NSURI_MOA_12_ = "http://reference.e-government.gv.at/namespace/moa/20020822#"; public static final String NSURI_NAMESPACES_ = "http://www.w3.org/2000/xmlns/"; public static final String NSURI_XML_ = "http://www.w3.org/XML/1998/namespace"; public static final String NSURI_DSIG_ = "http://www.w3.org/2000/09/xmldsig#"; public static final String NSURI_XHTML_ = "http://www.w3.org/1999/xhtml"; + public static final String NSURI_ETSI_ = "http://uri.etsi.org/01903/v1.2.2#"; + public static final String NSURI_XMLBGBL_ = "http://www.bka.gv.at"; // Namespace prefixes public static final String NSPRE_SL_10_ = "sl10"; @@ -83,6 +82,8 @@ public class Constants public static final String NSPRE_MOA_12_ = "moa"; public static final String NSPRE_DSIG_ = "dsig"; public static final String NSPRE_XHTML_ = "xhtml"; + public static final String NSPRE_ETSI_ = "etsi"; + public static final String NSPRE_XMLBGBL_ = "bka"; // MOA invoker constants diff --git a/spss.slinterface/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java b/spss.slinterface/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java index 6c476e9ce..eec295bab 100644 --- a/spss.slinterface/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java +++ b/spss.slinterface/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java @@ -5,20 +5,49 @@ */ package at.gv.egovernment.moa.spss.slinterface.transformers; +import java.io.InputStream; +import java.net.URL; +import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.GregorianCalendar; import java.util.HashMap; +import java.util.StringTokenizer; +import javax.servlet.ServletException; + +import org.apache.log4j.Logger; import org.w3c.dom.Document; import org.w3c.dom.Element; +import org.w3c.dom.NodeList; import at.gv.egovernment.moa.spss.slinterface.Constants; +import at.gv.egovernment.moa.spss.slinterface.DOMUtils; +import at.gv.egovernment.moa.spss.slinterface.XPathUtils; /** - * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) + * @author Gregor Karlinger (mailto:gregor.karlinger@siemens.com) */ public class SL2MOA { + private static Logger logger_ = Logger.getLogger(Constants.LH_TRANSFORMERS_); + /** - * Transforms an SL VerifyXMLSignatureRequest into a MOA VerifyXMLSignatureRequest. + * Transforms an SL <code>VerifyXMLSignatureRequest</code> into a MOA <code>VerifyXMLSignatureRequest + * </code> and makes the following additions to the resulting <code>VerifyXMLSignatureRequest</code>: + * <ul> + * <li>Insertion of a <code>DateTime</code> element to MOA <code>VerifyXMLSignatureRequest</code>, if no + * one exists and if no <code>etsi:SigningTime</code> element exists in the xml signature of the MOA + * VerifyXMLSinatureRequest</li> and if the creation time meta information could be extracted + * successfully from the E-Recht XML document signed by the XML signature contained in the + * MOA <code>VerifyXMLSignatureRequest</code> (see @link #extractXMLDocCreationTime(Element)).<li> + * + * <li>Addition of the <code>ReturnHashInputData</code> element indicating that MOA SP should return + * the hash input data for each <code>dsig:Reference</code> of the XML signature.</li> + * + * <li>Addition of the obligatory <code>TrustProfileID</code> element indicating the trust profile + * MOA ID should use for evaluating wheter the signer certificate used for creating the XML signature + * contained in the MOA <code>VerifyXMLSignatureRequest</code> is trusted.</li> + * </ul> * * @param slVerifyXMLSignatureRequest The SL VerifyXMLSignatureRequest to be transformed. * @@ -26,9 +55,11 @@ public class SL2MOA * that <code>slVerifyXMLSignatureRequest</code> is modified into the moa request. * * @pre slVerifyXMLSignatureRequest is a valid instance of the SL Schema (version 1.2 or 1.1). + * + * @throws ServletException if transforming the request fails for any reason. */ public static Document toMoaVerifyXMLSignatureRequest(Document slVerifyXMLSignatureRequest, - String trustProfileID) + String trustProfileID) throws ServletException { // Namespace to namespace prefix mapping HashMap prefixMap = new HashMap(4); @@ -77,6 +108,29 @@ public class SL2MOA // Convert SL request into MOA request verifyRequestElem = Utils.transformDeep(verifyRequestElem, prefixMap, nsTransforms, nameTransforms); + // Add DateTime element to MOA VerifyXMLSignature request, if + // - no one exists and + // - no etsi:SigningTime element exists in the xml signature of the MOA VerifyXMLSinatureRequest + if (!dateTimeExists(verifyRequestElem) && !signingTimeExists(verifyRequestElem)) + { + // Extract creation date meta information from E-Recht XML document for use in MOA VerifyXMLSignature request + String dateTimeStr = extractXMLDocCreationTime(verifyRequestElem); + + if (dateTimeStr != null) + { + // Creation date meta information could be extracted successfully from E-Recht XML document + Element dateTimeElem = slVerifyXMLSignatureRequest.createElementNS( + Constants.NSURI_MOA_12_, Constants.NSPRE_MOA_12_ + ":DateTime"); + dateTimeElem.appendChild(slVerifyXMLSignatureRequest.createTextNode(dateTimeStr)); + Element verifySignatureInfoElem = DOMUtils.getChildElem(verifyRequestElem, Constants.NSURI_MOA_12_, "VerifySignatureInfo"); + verifyRequestElem.insertBefore(dateTimeElem, verifySignatureInfoElem); + } + else + { + logger_.warn("Could not extract creation date meta information from E-Recht XML document."); + } + } + // Add ReturnHashInputData element Element returnHashInputDataElem = slVerifyXMLSignatureRequest.createElementNS( Constants.NSURI_MOA_12_, Constants.NSPRE_MOA_12_ + ":ReturnHashInputData"); @@ -90,4 +144,194 @@ public class SL2MOA return slVerifyXMLSignatureRequest; } + + /** + * Extracts the creation time meta information from the E-Recht XML document that is referenced by + * the XML signature contained in the specified MOA <code>VerifyXMLSignatureRequest</code>. + * + * @param verifyRequestElem The MOA <code>VerifyXMLSignatureRequest</code>. It is assumed that the + * request contains an XML signature which signs a E-Recht XML document + * (referring to the E-Recht XML document and transforming it to a corresponding + * XHTML representation respectively). The E-Recht XML document is assumed to + * have a root element with the name <code>erechtdok</code> in the namespace + * <code>http://www.bka.gv.at</code>. The creation time meta information is + * assumed to be contained in the attribute <code>h-created</code> of the root + * element. The value of the attribute <code>h-created</code> is assumed to have + * the format <code>dd. MMMMM yyyy, hh:mm:ss</code> where MMMMM denotes the month + * in German prose (see @link #convertMonth(String)). + * + * @return the extracted creation time meta information, or <code>null</code>, if the extraction fails for + * any reason. + */ + private static String extractXMLDocCreationTime(Element verifyRequestElem) + { + + // Get E-Recht XML document using location information in MOA VerifyXMLSignature request + String nSPrefixes = Constants.NSPRE_MOA_12_ + " " + Constants.NSURI_MOA_12_; + String xPathXMLDocumentLocContent = + "//" + Constants.NSPRE_MOA_12_ + ":SupplementProfile" + + "/" + Constants.NSPRE_MOA_12_ + ":Content[@Reference=\"dokument.xml\"]" + + "/" + Constants.NSPRE_MOA_12_ + ":LocRefContent"; + Document xmlDocument = null; + try + { + XPathUtils utils = new XPathUtils(); + utils.setupContext(xPathXMLDocumentLocContent, verifyRequestElem, nSPrefixes); + NodeList resultNL = utils.selectNodeSet(verifyRequestElem); + + if (resultNL == null || resultNL.getLength() < 1) + { + logger_.warn("LocRefContent element for E-Recht XML document not found in MOA VerifyXMLSignatureRequest."); + return null; + } + + URL locRefURL = new URL(DOMUtils.getText((Element) resultNL.item(0))); + InputStream locRefURLIS = locRefURL.openStream(); + xmlDocument = DOMUtils.parseWellFormed(locRefURLIS); + } + catch (Exception e) + { + String message = "An error occurred while trying to load E-Recht XML document:"; + logger_.warn(message, e); + return null; + } + + // Extract attribute "h-created" from E-Recht XML document root element + String hCreated = xmlDocument.getDocumentElement().getAttributeNS(null, "h-created"); + if (hCreated == null || "".equals(hCreated)) + { + logger_.warn("Attribute \"h-created\" not found in E-Recht XML document root element."); + return null; + } + + // Convert attribute "h-created" into a java date ("h-created" has formats like "10. März 2006, 11:15:09") + try + { + String dateStr = hCreated.substring(0, hCreated.indexOf(',')).trim(); + String timeStr = hCreated.substring(hCreated.indexOf(',') + 1).trim(); + + StringTokenizer tokenizer = new StringTokenizer(dateStr, " "); + String dateDayStr = tokenizer.nextToken(); + int dateDay = Integer.parseInt(dateDayStr.substring(0, dateDayStr.indexOf('.'))); + String dateMonthAlphaStr = tokenizer.nextToken(); + int dateMonthNum = convertMonth(dateMonthAlphaStr); + int dateYear = Integer.parseInt(tokenizer.nextToken()); + + tokenizer = new StringTokenizer(timeStr, ":"); + int timeHours = Integer.parseInt(tokenizer.nextToken()); + int timeMins = Integer.parseInt(tokenizer.nextToken()); + int timeSecs = Integer.parseInt(tokenizer.nextToken()); + + GregorianCalendar calendar = new GregorianCalendar(dateYear, dateMonthNum, dateDay, timeHours, timeMins, timeSecs); + SimpleDateFormat dF = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss"); + return dF.format(calendar.getTime()); + } + catch (Throwable t) + { + logger_.warn("Attribute \"h-created\" in E-Recht XML document root element has unexpected format: " + hCreated); + return null; + } + } + + /** + * Converts the specified month name into a numeric representation as specified in @link Calendar, e.g. + * @link Calendar#JANUARY. + * + * @param dateMonthAlphaStr The specified month name; must be one of <code>Jänner</code>, <code>Januar</code>, + * <code>Februar</code>, <code>Feber</code>, <code>März</code>, <code>April</code>, + * <code>Mai</code>, <code>Juni</code>, <code>Juli</code>, <code>August</code>, + * <code>September</code>, <code>Oktober</code>, <code>November</code>, or + * <code>Dezember</code>. + * + * @return the numeric representation of the specified month. + * + * @throws Exception if <code>dateMonthAlphaStr</code> contains an invalid month name. + */ + private static int convertMonth(String dateMonthAlphaStr) throws Exception + { + if ("Jänner".equalsIgnoreCase(dateMonthAlphaStr) || "Januar".equalsIgnoreCase(dateMonthAlphaStr)) return Calendar.JANUARY; + if ("Februar".equalsIgnoreCase(dateMonthAlphaStr) || "Feber".equalsIgnoreCase(dateMonthAlphaStr)) return Calendar.FEBRUARY; + if ("März".equalsIgnoreCase(dateMonthAlphaStr)) return Calendar.MARCH; + if ("April".equalsIgnoreCase(dateMonthAlphaStr)) return Calendar.APRIL; + if ("Mai".equalsIgnoreCase(dateMonthAlphaStr)) return Calendar.MAY; + if ("Juni".equalsIgnoreCase(dateMonthAlphaStr)) return Calendar.JUNE; + if ("Juli".equalsIgnoreCase(dateMonthAlphaStr)) return Calendar.JULY; + if ("August".equalsIgnoreCase(dateMonthAlphaStr)) return Calendar.AUGUST; + if ("September".equalsIgnoreCase(dateMonthAlphaStr)) return Calendar.SEPTEMBER; + if ("Oktober".equalsIgnoreCase(dateMonthAlphaStr)) return Calendar.OCTOBER; + if ("November".equalsIgnoreCase(dateMonthAlphaStr)) return Calendar.NOVEMBER; + if ("Dezember".equalsIgnoreCase(dateMonthAlphaStr)) return Calendar.DECEMBER; + + String message = "Invalid month identifier found in attribute \"h-created\":" + dateMonthAlphaStr; + logger_.warn(message); + throw new Exception(message); + } + + /** + * Checks wheter a <code>DateTime</code> element exists in the specified MOA <code> + * VerifyXMLSignatureRequest</code>. + * + * @param moaVerifyXMLSignatureRequest The MOA <code>VerifyXMLSingatureRequest</code>. + * + * @return <code>true</code> if the element exists, <code>false</code> otherwhise. + * + * @throws ServletException if the check fails for any reason. + */ + private static boolean dateTimeExists(Element moaVerifyXMLSignatureRequest) throws ServletException + { + String nSPrefixes = Constants.NSPRE_MOA_12_ + " " + Constants.NSURI_MOA_12_; + String xPathDateTime = "//" + Constants.NSPRE_MOA_12_ + ":DateTime"; + + NodeList resultNL; + try + { + XPathUtils utils = new XPathUtils(); + utils.setupContext(xPathDateTime, moaVerifyXMLSignatureRequest, nSPrefixes); + resultNL = utils.selectNodeSet(moaVerifyXMLSignatureRequest); + } + catch (Exception e) + { + String message = "An error occurred while checking for DateTime element in MOA VerifyXMLSignatureRequest:"; + logger_.error(message, e); + throw new ServletException(message, e); + } + + if (resultNL == null) return false; + if (resultNL.getLength() < 1) return false; + return true; + } + + /** + * Checks whether an <code>etsi:SigningTime</code> signed attribute exists as part of the XML signature + * contained in the specified MOA <code>VerifyXMLSingatureRequest</code>. + * + * @param moaVerifyXMLSignatureRequest The MOA <code>VerifyXMLSingatureRequest</code>. + * + * @return <code>true</code>, if the attribute exists, <code>false</code> otherwhise. + * + * @throws ServletException if the check fails for any reason. + */ + private static boolean signingTimeExists(Element moaVerifyXMLSignatureRequest) throws ServletException + { + String nSPrefixes = Constants.NSPRE_ETSI_ + " " + Constants.NSURI_ETSI_; + String xPathDateTime = "//" + Constants.NSPRE_ETSI_ + ":SigningTime"; + + NodeList resultNL; + try + { + XPathUtils utils = new XPathUtils(); + utils.setupContext(xPathDateTime, moaVerifyXMLSignatureRequest, nSPrefixes); + resultNL = utils.selectNodeSet(moaVerifyXMLSignatureRequest); + } + catch (Exception e) + { + String message = "An error occurred while checking for " + Constants.NSPRE_ETSI_ + ":SigningTime element in XML signature in MOA VerifyXMLSignatureRequest:"; + logger_.error(message, e); + throw new ServletException(message, e); + } + + if (resultNL == null) return false; + if (resultNL.getLength() < 1) return false; + return true; + } } diff --git a/spss.slinterface/test/moa-wartung-la17/dokument.xml b/spss.slinterface/test/moa-wartung-la17/dokument.xml new file mode 100644 index 000000000..0154db7a2 --- /dev/null +++ b/spss.slinterface/test/moa-wartung-la17/dokument.xml @@ -0,0 +1 @@ +<erechtdok stylesheet="eRechtXML2XHTML11_1.9.0.xsl" h-version="2.8.1_20.02.2006" h-creator="RTF2XML.Converter_10. März 2006_11:15:06(3036)" h-created="10. März 2006, 11:15:09" xmlns="http://www.bka.gv.at">Test</erechtdok>
\ No newline at end of file diff --git a/spss.slinterface/test/moa-wartung-la17/signatur.xml b/spss.slinterface/test/moa-wartung-la17/signatur.xml new file mode 100644 index 000000000..9ba54eee7 --- /dev/null +++ b/spss.slinterface/test/moa-wartung-la17/signatur.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/><dsig:Reference Id="reference-1-1" URI="dokument.xml"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"><xsl:include href="stylesheet.xsl"/></xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>W8W5rmqsVfSPwZ3bLF/dZPCAdXQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>R/flqO2oXfd/bdqWADtuA571WCV4x+yO1rKW4tpU0+MJYv3e+xnJwFyv51ipp7cx</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIID+DCCA2WgAwIBAgIBCTAJBgUrDgMCHQUAMH8xCzAJBgNVBAYTAkFUMSwwKgYD +VQQKEyNTdGFic3RlbGxlIElLVC1TdHJhdGVnaWUgZGVzIEJ1bmRlczEeMBwGA1UE +CxMVVGVjaG5payB1bmQgU3RhbmRhcmRzMSIwIAYDVQQDExlUZXN0IENBIC0gU2ln +bmF0dXJkaWVuc3RlMB4XDTA0MDgwNDA4MjM0OFoXDTA3MDgwNDA4MjM0OFowgZgx +CzAJBgNVBAYTAkFUMS0wKwYDVQQKEyRTdGFic3N0ZWxsZSBJS1QtU3RyYXRlZ2ll +IGRlcyBCdW5kZXMxHjAcBgNVBAsTFVRlY2huaWsgdW5kIFN0YW5kYXJkczE6MDgG +A1UEAxMxVGVzdDogU2lnbmF0dXJkaWVuc3QgYWxsZXIgS3VuZGVuOiBFQ0RTQSAo +UDE5MnYxKTCB8zCBvAYHKoZIzj0CATCBsAIBATAkBgcqhkjOPQEBAhkA//////// +/////////////v//////////MDQEGP////////////////////7//////////AQY +ZCEFGeWcgOcPp+mrciQwSf643uzBRrmxBDEEGI2oDrAwkPZ8vyDrQ6GIAPT/Cv2C +/xASBxkrlf/I2nhjEBHtayTN1XP5d6EeeUgRAhkA////////////////md74NhRr +ybG00igxAgEBAzIABNHWY9lQOE1zgmpcpjTg2WIg6qgEsGhpXELPinJoMPDVheTv +2BZPG42YJsNfvWgC06OCARwwggEYMA4GA1UdDwEB/wQEAwIGwDAMBgNVHRMBAf8E +AjAAMB0GA1UdDgQWBBRHH5EXnrWosCmIa+JyEM5seMxFVzBdBgNVHSAEVjBUMFIG +DCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0 +IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2VlaWduZXQuMEMGA1UdHwQ8MDowOKA2 +oDSGMmh0dHA6Ly9sYWJzLmNpby5ndi5hdC90ZW1wL2NybHMvc2lnbmF0dXJkaWVu +c3QuY3JsMBQGByooAAoBAQEECQwHQktBLUlLVDAfBgNVHSMEGDAWgBRAl0P5fWaw +vf59+uxGcYY9wffZPTAJBgUrDgMCHQUAA4GBAIMKUsnajgfBtpHeDdMdQMLA8fdt +lluezDOM78WYYSFURP04QZk5iHkShzptgZCF5Y/T4an3dC3SnytL67LJvEoKUyja +iTMLo7650xRTvAjTaMJ+nly/wTRYJKplOLXKWj3WwfObMHXdsDE8NJmpJSRE7Sw7 ++tj+UiTiNNSaXirq</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo></dsig:Signature>
\ No newline at end of file diff --git a/spss.slinterface/test/moa-wartung-la17/stylesheet.xsl b/spss.slinterface/test/moa-wartung-la17/stylesheet.xsl new file mode 100644 index 000000000..2adcf2a45 --- /dev/null +++ b/spss.slinterface/test/moa-wartung-la17/stylesheet.xsl @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:er="http://www.bka.gv.at" xmlns="http://www.w3.org/1999/xhtml"> + <xsl:output encoding="UTF-8" method="xml" indent="yes"/> + <xsl:template match="/"> + <html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <title>HTML-Dokument</title> + </head> + <body> + <xsl:apply-templates/> + </body> + </html> + </xsl:template> + <xsl:template match="er:erechtdok"> + <p><xsl:value-of select="."/></p> + </xsl:template> +</xsl:stylesheet>
\ No newline at end of file diff --git a/spss.slinterface/test/moa-wartung-la17/verify.jsp b/spss.slinterface/test/moa-wartung-la17/verify.jsp new file mode 100644 index 000000000..1ceb3c665 --- /dev/null +++ b/spss.slinterface/test/moa-wartung-la17/verify.jsp @@ -0,0 +1,80 @@ +<%@ page contentType="text/html; charset=UTF-8" %> + +<jsp:useBean + id="initPropertiesBean" + class="at.gv.egovernment.moa.spss.slinterface.beans.InitPropertiesBean" scope="application"> +</jsp:useBean> + +<html> +<head> + <title>Testanwendung für SL</title> +</head> + <body> +<form action="<% out.write(initPropertiesBean.getMOASLWebAppURL() + request.getContextPath()); %>/http-security-layer-request" method="post"> +<table width="800px" align="center"> +<tr> +<td> +<h1 align="center">Testanwendung für SL</h1> +<p align="center">Das signierte Dokument ist ein Security-Layer XHTML Dokument.</p> +<table bgcolor="#eeeeee" width="790px" border="1" cellpadding="3"> +<tr> +<td>Signaturprüfrequest</td> +<td> +<textarea name="XMLRequest" cols=80 rows=20> +<VerifyXMLSignatureRequest xmlns="http://www.buergerkarte.at/namespaces/securitylayer/20031231#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SignatureInfo> + <SignatureEnvironment> + <XMLContent><dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/><dsig:Reference Id="reference-1-1" URI="dokument.xml"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"><xsl:include href="stylesheet.xsl"/></xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>W8W5rmqsVfSPwZ3bLF/dZPCAdXQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>R/flqO2oXfd/bdqWADtuA571WCV4x+yO1rKW4tpU0+MJYv3e+xnJwFyv51ipp7cx</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIID+DCCA2WgAwIBAgIBCTAJBgUrDgMCHQUAMH8xCzAJBgNVBAYTAkFUMSwwKgYD +VQQKEyNTdGFic3RlbGxlIElLVC1TdHJhdGVnaWUgZGVzIEJ1bmRlczEeMBwGA1UE +CxMVVGVjaG5payB1bmQgU3RhbmRhcmRzMSIwIAYDVQQDExlUZXN0IENBIC0gU2ln +bmF0dXJkaWVuc3RlMB4XDTA0MDgwNDA4MjM0OFoXDTA3MDgwNDA4MjM0OFowgZgx +CzAJBgNVBAYTAkFUMS0wKwYDVQQKEyRTdGFic3N0ZWxsZSBJS1QtU3RyYXRlZ2ll +IGRlcyBCdW5kZXMxHjAcBgNVBAsTFVRlY2huaWsgdW5kIFN0YW5kYXJkczE6MDgG +A1UEAxMxVGVzdDogU2lnbmF0dXJkaWVuc3QgYWxsZXIgS3VuZGVuOiBFQ0RTQSAo +UDE5MnYxKTCB8zCBvAYHKoZIzj0CATCBsAIBATAkBgcqhkjOPQEBAhkA//////// +/////////////v//////////MDQEGP////////////////////7//////////AQY +ZCEFGeWcgOcPp+mrciQwSf643uzBRrmxBDEEGI2oDrAwkPZ8vyDrQ6GIAPT/Cv2C +/xASBxkrlf/I2nhjEBHtayTN1XP5d6EeeUgRAhkA////////////////md74NhRr +ybG00igxAgEBAzIABNHWY9lQOE1zgmpcpjTg2WIg6qgEsGhpXELPinJoMPDVheTv +2BZPG42YJsNfvWgC06OCARwwggEYMA4GA1UdDwEB/wQEAwIGwDAMBgNVHRMBAf8E +AjAAMB0GA1UdDgQWBBRHH5EXnrWosCmIa+JyEM5seMxFVzBdBgNVHSAEVjBUMFIG +DCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0 +IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2VlaWduZXQuMEMGA1UdHwQ8MDowOKA2 +oDSGMmh0dHA6Ly9sYWJzLmNpby5ndi5hdC90ZW1wL2NybHMvc2lnbmF0dXJkaWVu +c3QuY3JsMBQGByooAAoBAQEECQwHQktBLUlLVDAfBgNVHSMEGDAWgBRAl0P5fWaw +vf59+uxGcYY9wffZPTAJBgUrDgMCHQUAA4GBAIMKUsnajgfBtpHeDdMdQMLA8fdt +lluezDOM78WYYSFURP04QZk5iHkShzptgZCF5Y/T4an3dC3SnytL67LJvEoKUyja +iTMLo7650xRTvAjTaMJ+nly/wTRYJKplOLXKWj3WwfObMHXdsDE8NJmpJSRE7Sw7 ++tj+UiTiNNSaXirq</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo></dsig:Signature></XMLContent> + </SignatureEnvironment> + <SignatureLocation>/dsig:Signature</SignatureLocation> + </SignatureInfo> + <Supplement> + <Content Reference="stylesheet.xsl"> + <LocRefContent><% out.write(initPropertiesBean.getMOASLWebAppURL() + request.getContextPath()); %>/test/moa-wartung-la17/stylesheet.xsl</LocRefContent> + </Content> + </Supplement> + <Supplement> + <Content Reference="dokument.xml"> + <LocRefContent><% out.write(initPropertiesBean.getMOASLWebAppURL() + request.getContextPath()); %>/test/moa-wartung-la17/dokument.xml</LocRefContent> + </Content> + </Supplement> +</VerifyXMLSignatureRequest> +</textarea> +</td> +</tr> +<tr> +<td>DataURL</td> +<td><input name="DataURL" value="<% out.write(initPropertiesBean.getMOASLWebAppURL() + request.getContextPath()); %>/dataurl" size=70/> +</td> +</tr> +</table> +<p align="center"> +<input type="submit"> +</p> +</td> +</tr> +</table> +</form> +</body> +</html> diff --git a/spss.slinterface/test/moa-wartung-la17/verifyRequest.xml b/spss.slinterface/test/moa-wartung-la17/verifyRequest.xml new file mode 100644 index 000000000..d66d6ecc6 --- /dev/null +++ b/spss.slinterface/test/moa-wartung-la17/verifyRequest.xml @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8"?> +<VerifyXMLSignatureRequest xmlns="http://www.buergerkarte.at/namespaces/securitylayer/20031231#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SignatureInfo> + <SignatureEnvironment> + <XMLContent><dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/><dsig:Reference Id="reference-1-1" URI="dokument.xml"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"><xsl:include href="stylesheet.xsl"/></xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>W8W5rmqsVfSPwZ3bLF/dZPCAdXQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>R/flqO2oXfd/bdqWADtuA571WCV4x+yO1rKW4tpU0+MJYv3e+xnJwFyv51ipp7cx</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIID+DCCA2WgAwIBAgIBCTAJBgUrDgMCHQUAMH8xCzAJBgNVBAYTAkFUMSwwKgYD +VQQKEyNTdGFic3RlbGxlIElLVC1TdHJhdGVnaWUgZGVzIEJ1bmRlczEeMBwGA1UE +CxMVVGVjaG5payB1bmQgU3RhbmRhcmRzMSIwIAYDVQQDExlUZXN0IENBIC0gU2ln +bmF0dXJkaWVuc3RlMB4XDTA0MDgwNDA4MjM0OFoXDTA3MDgwNDA4MjM0OFowgZgx +CzAJBgNVBAYTAkFUMS0wKwYDVQQKEyRTdGFic3N0ZWxsZSBJS1QtU3RyYXRlZ2ll +IGRlcyBCdW5kZXMxHjAcBgNVBAsTFVRlY2huaWsgdW5kIFN0YW5kYXJkczE6MDgG +A1UEAxMxVGVzdDogU2lnbmF0dXJkaWVuc3QgYWxsZXIgS3VuZGVuOiBFQ0RTQSAo +UDE5MnYxKTCB8zCBvAYHKoZIzj0CATCBsAIBATAkBgcqhkjOPQEBAhkA//////// +/////////////v//////////MDQEGP////////////////////7//////////AQY +ZCEFGeWcgOcPp+mrciQwSf643uzBRrmxBDEEGI2oDrAwkPZ8vyDrQ6GIAPT/Cv2C +/xASBxkrlf/I2nhjEBHtayTN1XP5d6EeeUgRAhkA////////////////md74NhRr +ybG00igxAgEBAzIABNHWY9lQOE1zgmpcpjTg2WIg6qgEsGhpXELPinJoMPDVheTv +2BZPG42YJsNfvWgC06OCARwwggEYMA4GA1UdDwEB/wQEAwIGwDAMBgNVHRMBAf8E +AjAAMB0GA1UdDgQWBBRHH5EXnrWosCmIa+JyEM5seMxFVzBdBgNVHSAEVjBUMFIG +DCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0 +IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2VlaWduZXQuMEMGA1UdHwQ8MDowOKA2 +oDSGMmh0dHA6Ly9sYWJzLmNpby5ndi5hdC90ZW1wL2NybHMvc2lnbmF0dXJkaWVu +c3QuY3JsMBQGByooAAoBAQEECQwHQktBLUlLVDAfBgNVHSMEGDAWgBRAl0P5fWaw +vf59+uxGcYY9wffZPTAJBgUrDgMCHQUAA4GBAIMKUsnajgfBtpHeDdMdQMLA8fdt +lluezDOM78WYYSFURP04QZk5iHkShzptgZCF5Y/T4an3dC3SnytL67LJvEoKUyja +iTMLo7650xRTvAjTaMJ+nly/wTRYJKplOLXKWj3WwfObMHXdsDE8NJmpJSRE7Sw7 ++tj+UiTiNNSaXirq</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo></dsig:Signature></XMLContent> + </SignatureEnvironment> + <SignatureLocation>/dsig:Signature</SignatureLocation> + </SignatureInfo> + <Supplement> + <Content Reference="stylesheet.xsl"> + <LocRefContent><% out.write(initPropertiesBean.getMOASLWebAppURL() + request.getContextPath()); %>/test/moa-wartung-la17/stylesheet.xsl</LocRefContent> + </Content> + </Supplement> + <Supplement> + <Content Reference="dokument.xml"> + <LocRefContent><% out.write(initPropertiesBean.getMOASLWebAppURL() + request.getContextPath()); %>/test/moa-wartung-la17/dokument.xml</LocRefContent> + </Content> + </Supplement> +</VerifyXMLSignatureRequest> |