diff options
author | (no author) <(no author)@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2004-06-28 20:46:16 +0000 |
---|---|---|
committer | (no author) <(no author)@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2004-06-28 20:46:16 +0000 |
commit | a5694b6491307efb55893ac7ea61920b48d8c9cc (patch) | |
tree | 8f601119d277a90bbddae005d8fc02272dde01e3 /id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java | |
parent | 4dd1877ef3771633e096509dae7b8c99fee9ce4b (diff) | |
download | moa-id-spss-a5694b6491307efb55893ac7ea61920b48d8c9cc.tar.gz moa-id-spss-a5694b6491307efb55893ac7ea61920b48d8c9cc.tar.bz2 moa-id-spss-a5694b6491307efb55893ac7ea61920b48d8c9cc.zip |
This commit was manufactured by cvs2svn to create tagtags/Root_proxy_parameter_ordering_projekt
'Root_proxy_parameter_ordering_projekt'.
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/tags/Root_proxy_parameter_ordering_projekt@146 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java')
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java | 210 |
1 files changed, 0 insertions, 210 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java deleted file mode 100644 index 4eed03bc6..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java +++ /dev/null @@ -1,210 +0,0 @@ -package at.gv.egovernment.moa.id.auth.builder; - -import java.io.ByteArrayInputStream; -import java.io.InputStream; - -import org.w3c.dom.Element; -import org.w3c.dom.Text; - -import at.gv.egovernment.moa.id.*; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.util.Base64Utils; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * Builder for the <code><VerifyXMLSignatureRequestBuilder></code> structure - * used for sending the DSIG-Signature of the Security Layer card for validating to MOA-SP. - * - * @author Stefan Knirsch - * @version $Id$ - */ -public class VerifyXMLSignatureRequestBuilder { - /** The MOA-Prefix */ - private static final String MOA = Constants.MOA_PREFIX + ":"; - /** the request as string */ - private String request; - /** the request as DOM-Element */ - private Element reqElem; - - /** - * Constructor for VerifyXMLSignatureRequestBuilder. - */ - public VerifyXMLSignatureRequestBuilder() { - } - /** - * Builds a <code><VerifyXMLSignatureRequest></code> - * from an IdentityLink with a known trustProfileID which - * has to exist in MOA-SP - * @param idl - The IdentityLink - * @param trustProfileID - a preconfigured TrustProfile at MOA-SP - * @return Element - The complete request as Dom-Element - * @throws ParseException - */ - public Element build(IdentityLink idl, String trustProfileID) - throws ParseException { //samlAssertionObject - request = - "<?xml version='1.0' encoding='UTF-8' ?>" - + "<VerifyXMLSignatureRequest xmlns=\"http://reference.e-government.gv.at/namespace/moa/20020822#\" xmlns:xml=\"http://www.w3.org/XML/1998/namespace\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">" - + " <VerifySignatureInfo>" - + " <VerifySignatureEnvironment>" - + " <Base64Content>" - + " </Base64Content>" - + " </VerifySignatureEnvironment>" - + " <VerifySignatureLocation>//dsig:Signature</VerifySignatureLocation>" - + " </VerifySignatureInfo>" - + " <SignatureManifestCheckParams ReturnReferenceInputData=\"false\">" // True bei CreateXMLSig Überprüfung - +" <ReferenceInfo>" + " <VerifyTransformsInfoProfile/>" - // Profile ID für create (alle auslesen aus IDCOnfig VerifyAuthBlock) - +" </ReferenceInfo>" - + " </SignatureManifestCheckParams>" - + " <ReturnHashInputData/>" - + " <TrustProfileID>" - + trustProfileID - + "</TrustProfileID>" - + "</VerifyXMLSignatureRequest>"; - - try { - InputStream s = new ByteArrayInputStream(request.getBytes("UTF-8")); - reqElem = DOMUtils.parseXmlValidating(s); - - String CONTENT_XPATH = - "//" - + MOA - + "VerifyXMLSignatureRequest/" - + MOA - + "VerifySignatureInfo/" - + MOA - + "VerifySignatureEnvironment/" - + MOA - + "Base64Content"; - - Element insertTo = (Element) XPathUtils.selectSingleNode(reqElem, CONTENT_XPATH); - - String dtdString = "" - /* TODO MOA-ID-AUTH remove dtdString processing if it is not nec. in further versions - + "<!DOCTYPE saml:Assertion [\n" - + " <!ATTLIST saml:Assertion AssertionID ID #REQUIRED\n" - + ">\n" - + "]>" - */ - ; - - String serializedAssertion = DOMUtils.serializeNode(idl.getSamlAssertion()); - //insert mini dtd after xml declaration to allow usage of AssertionID - //encode then base64 and put this into Element Base64Content - String dtdAndIL = - serializedAssertion.substring(0, serializedAssertion.indexOf("?>") + 2) - + dtdString - + serializedAssertion.substring(serializedAssertion.indexOf("?>") + 2); - String b64dtdAndIL = Base64Utils.encode(dtdAndIL.getBytes("UTF-8")); - //replace all '\r' characters by no char. - String replaced = ""; - for (int i = 0; i < b64dtdAndIL.length(); i ++) { - if (b64dtdAndIL.charAt(i) != '\r') replaced += b64dtdAndIL.charAt(i); - } - b64dtdAndIL = replaced; - Text b64content = (Text) insertTo.getFirstChild(); - b64content.setData(b64dtdAndIL); - - String SIGN_MANI_CHECK_PARAMS_XPATH = - "//" + MOA + "VerifyXMLSignatureRequest/" + MOA + "SignatureManifestCheckParams"; - insertTo = (Element) XPathUtils.selectSingleNode(reqElem, SIGN_MANI_CHECK_PARAMS_XPATH); - insertTo.removeChild( - (Element) XPathUtils.selectSingleNode( - reqElem, - SIGN_MANI_CHECK_PARAMS_XPATH + "/" + MOA + "ReferenceInfo")); - Element[] dsigTransforms = idl.getDsigReferenceTransforms(); - for (int i = 0; i < 1; i++) //dsigTransforms.length; i++) - { - Element refInfo = - insertTo.getOwnerDocument().createElementNS(Constants.MOA_NS_URI, "ReferenceInfo"); - insertTo.appendChild(refInfo); - Element verifyTransformsInfoProfile = - insertTo.getOwnerDocument().createElementNS( - Constants.MOA_NS_URI, - "VerifyTransformsInfoProfile"); - refInfo.appendChild(verifyTransformsInfoProfile); - verifyTransformsInfoProfile.appendChild( - insertTo.getOwnerDocument().importNode(dsigTransforms[i], true)); - } - } catch (Throwable t) { - throw new ParseException(//"VerifyXMLSignatureRequest (IdentityLink)"); - "builder.00", new Object[] { "VerifyXMLSignatureRequest (IdentityLink)" }, t); - } - - return reqElem; - } - - /** - * Builds a <code><VerifyXMLSignatureRequest></code> - * from the signed AUTH-Block with a known trustProfileID which - * has to exist in MOA-SP - * @param csr - signed AUTH-Block - * @param verifyTransformsInfoProfileID - allowed verifyTransformsInfoProfileID - * @param trustProfileID - a preconfigured TrustProfile at MOA-SP - * @return Element - The complete request as Dom-Element - * @throws ParseException - */ - public Element build( - CreateXMLSignatureResponse csr, - String[] verifyTransformsInfoProfileID, - String trustProfileID) - throws ParseException { //samlAssertionObject - request = - "<?xml version='1.0' encoding='UTF-8' ?>" - + "<VerifyXMLSignatureRequest xmlns=\"http://reference.e-government.gv.at/namespace/moa/20020822#\" xmlns:xml=\"http://www.w3.org/XML/1998/namespace\" xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">" - + " <VerifySignatureInfo>" - + " <VerifySignatureEnvironment>" - + " <XMLContent xml:space=\"preserve\"/>" - + " </VerifySignatureEnvironment>" - + " <VerifySignatureLocation>//dsig:Signature</VerifySignatureLocation>" - + " </VerifySignatureInfo>" - + " <SignatureManifestCheckParams ReturnReferenceInputData=\"true\">" - + " <ReferenceInfo>"; - - for (int i = 0; i < verifyTransformsInfoProfileID.length; i++) { - request += " <VerifyTransformsInfoProfileID>" - + verifyTransformsInfoProfileID[i] - + "</VerifyTransformsInfoProfileID>"; - // Profile ID für create (auslesen aus IDCOnfig VerifyAuthBlock ODER per String übergeben....) - - } - - request += " </ReferenceInfo>" + " </SignatureManifestCheckParams>" - // Testweise ReturnReferenceInputData = False - +" <ReturnHashInputData/>" - + " <TrustProfileID>" - + trustProfileID - + "</TrustProfileID>" - + "</VerifyXMLSignatureRequest>"; - - try { - // Build a DOM-Tree of the obove String - InputStream s = new ByteArrayInputStream(request.getBytes("UTF-8")); - reqElem = DOMUtils.parseXmlValidating(s); - //Insert the SAML-Assertion-Object - String CONTENT_XPATH = - "//" - + MOA - + "VerifyXMLSignatureRequest/" - + MOA - + "VerifySignatureInfo/" - + MOA - + "VerifySignatureEnvironment/" - + MOA - + "XMLContent"; - - Element insertTo = (Element) XPathUtils.selectSingleNode(reqElem, CONTENT_XPATH); - insertTo.appendChild(insertTo.getOwnerDocument().importNode(csr.getSamlAssertion(), true)); - - } catch (Throwable t) { - throw new ParseException("builder.00", new Object[] { "VerifyXMLSignatureRequest" }, t); - } - - return reqElem; - } - -} |