diff options
author | gregor <gregor@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2005-07-26 14:43:17 +0000 |
---|---|---|
committer | gregor <gregor@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2005-07-26 14:43:17 +0000 |
commit | 36df570f6c24d60498bb8c040ffbaa4ad0f7583f (patch) | |
tree | 88b72a0f804dab0395768df814997bc777fd64ea /spss.server | |
parent | 39ffc6c32b8c4c28e00f9b72a61542a40fb93946 (diff) | |
download | moa-id-spss-36df570f6c24d60498bb8c040ffbaa4ad0f7583f.tar.gz moa-id-spss-36df570f6c24d60498bb8c040ffbaa4ad0f7583f.tar.bz2 moa-id-spss-36df570f6c24d60498bb8c040ffbaa4ad0f7583f.zip |
Lösung für Bug 232 implementiert. Noch nicht final getestet.
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@406 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'spss.server')
9 files changed, 629 insertions, 56 deletions
diff --git a/spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd b/spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd index 8bd5f4af8..80842b36c 100644 --- a/spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd +++ b/spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd @@ -1,8 +1,8 @@ <?xml version="1.0" encoding="UTF-8"?>
<!--
- MOA SP/SS 1.2 Schema
+ MOA SP/SS 1.3 Schema
-->
-<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2">
+<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">
<xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
<xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
<!--########## Create XML Signature ###-->
@@ -155,8 +155,8 @@ <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any</xsd:documentation>
</xsd:annotation>
</xsd:element>
- <xsd:element name="HashInputData" type="ContentExLocRefBaseType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="ReferenceInputData" type="ContentExLocRefBaseType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
<xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
<xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
@@ -166,6 +166,22 @@ <xsd:simpleType name="ProfileIdentifierType">
<xsd:restriction base="xsd:token"/>
</xsd:simpleType>
+ <xsd:complexType name="InputDataType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentExLocRefBaseType">
+ <xsd:attribute name="PartOf" use="optional" default="SignedInfo">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SignedInfo"/>
+ <xsd:enumeration value="XMLDSIGManifest"/>
+ <xsd:enumeration value="SignatureManifest"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
<xsd:complexType name="MetaInfoType">
<xsd:sequence>
<xsd:element name="MimeType" type="MimeTypeType"/>
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/MOARuntimeException.java b/spss.server/src/at/gv/egovernment/moa/spss/MOARuntimeException.java new file mode 100644 index 000000000..0ff175b50 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/MOARuntimeException.java @@ -0,0 +1,163 @@ +package at.gv.egovernment.moa.spss; +import java.io.PrintStream; +import java.io.PrintWriter; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.w3c.dom.DOMImplementation; +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.spss.util.MessageProvider; +import at.gv.egovernment.moa.util.Constants; + +/** + * Base class of MOA specific runtime exceptions. + * + * This class has the ability to wrap other exceptions which may be seen + * as the root cause for this exception. A similar mechanism is in place + * since JDK1.4 (see the <code>getClause()</code> method) but will not be used + * because of required compatibility with JDK1.3. + * + * @author Patrick Peck + * @version $Id$ + */ +public class MOARuntimeException extends RuntimeException { + /** The message ID. */ + private String messageId; + /** The wrapped <code>Throwable</code>. */ + private Throwable wrapped; + + /** + * Create a <code>MOAException</code>. + * + * @param messageId The message ID of the message contained in the created + * <code>MOAException</code>. + * @param parameters The parameters needed to fill in the message arguments. + */ + public MOARuntimeException(String messageId, Object[] parameters) { + super(MessageProvider.getInstance().getMessage(messageId, parameters)); + this.messageId = messageId; + } + + /** + * Create a <code>MOAException</code>. + * + * @param messageId The message ID of the message contained in the created + * <code>MOAException</code>. + * @param parameters The parameters needed to fill in the message arguments. + * @param wrapped The exception wrapped by the created + * <code>MOAException</code>. + */ + public MOARuntimeException( + String messageId, + Object[] parameters, + Throwable wrapped) { + + super(MessageProvider.getInstance().getMessage(messageId, parameters)); + this.messageId = messageId; + this.wrapped = wrapped; + } + + /** + * Returns the message ID of this exception. + * + * @return The message ID as provided in the constructor. + */ + public String getMessageId() { + return messageId; + } + + /** + * Returns the exception wrapped by this <code>MOARuntimeException</code>. + * + * @return The exception wrapped by this exception. Possibly + * <code>null</code>, if none was provided at construction time. + */ + public Throwable getWrapped() { + return wrapped; + } + + /** + * Convert this <code>MOARuntimeException</code> to an <code>ErrorResponse</code> + * element from the MOA namespace. + * + * @return An <code>ErrorResponse</code> element, containing the subelements + * <code>ErrorCode</code> and <code>Info</code> required by the MOA schema. + */ + public Element toErrorResponse() { + DocumentBuilder builder; + DOMImplementation impl; + Document doc; + Element errorResponse; + Element errorCode; + Element info; + + // create a new document + try { + builder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); + impl = builder.getDOMImplementation(); + } catch (ParserConfigurationException e) { + return null; + } + + // build the ErrorResponse element + doc = impl.createDocument(Constants.MOA_NS_URI, "ErrorResponse", null); + errorResponse = doc.getDocumentElement(); + + // add MOA namespace declaration + errorResponse.setAttributeNS( + Constants.XMLNS_NS_URI, + "xmlns", + Constants.MOA_NS_URI); + + // build the child elements + errorCode = doc.createElementNS(Constants.MOA_NS_URI, "ErrorCode"); + errorCode.appendChild(doc.createTextNode(messageId)); + info = doc.createElementNS(Constants.MOA_NS_URI, "Info"); + info.appendChild(doc.createTextNode(getMessage())); + errorResponse.appendChild(errorCode); + errorResponse.appendChild(info); + return errorResponse; + } + + /** + * Print a stack trace of this exception to <code>System.err</code>. + * + * @see java.lang.Throwable#printStackTrace() + */ + public void printStackTrace() { + printStackTrace(System.err); + } + + /** + * Print a stack trace of this exception, including the wrapped exception. + * + * @param s The stream to write the stack trace to. + * @see java.lang.Throwable#printStackTrace(java.io.PrintStream) + */ + public void printStackTrace(PrintStream s) { + super.printStackTrace(s); + if (getWrapped() != null) { + s.print("Caused by: "); + getWrapped().printStackTrace(s); + } + } + + /** + * Print a stack trace of this exception, including the wrapped exception. + * + * @param s The stream to write the stacktrace to. + * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter) + */ + public void printStackTrace(PrintWriter s) { + super.printStackTrace(s); + if (getWrapped() != null) { + s.print("Caused by: "); + getWrapped().printStackTrace(s); + } + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/common/InputData.java b/spss.server/src/at/gv/egovernment/moa/spss/api/common/InputData.java new file mode 100644 index 000000000..1ecce90e7 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/api/common/InputData.java @@ -0,0 +1,52 @@ +package at.gv.egovernment.moa.spss.api.common; + +/** + * Interface specifying accessors for two attributes needed for returning + * <code>HashInputData</code> and <code>ReferenceInputData</code> information + * as part of <code>VerifyXMLSignatureResponse</code>. + * + * @author Gregor Karlinger + * + * @version $Id$ + */ +public interface InputData extends Content +{ + /** + * Possible value returned by {@link getPartOf}. + */ + public static String CONTAINER_SIGNEDINFO_ = "SignedInfo"; + + /** + * Possible value returned by {@link getPartOf}. + */ + public static String CONTAINER_XMLDSIGMANIFEST_ = "XMLDSIGManifest"; + + /** + * Possible value returned by {@link getPartOf}. + */ + public static String CONTAINER_SIGNATUREMANIFEST_ = "SignatureManifest"; + + /** + * Value returned by {link getReferringReferenceNumber}, signalling that the + * attribute is not used. + */ + public static int REFERER_NONE_ = -1; + + /** + * Returns a <code>String</code> signalling what kind of container the + * XMLDSIG <code>Reference</code> this <code>InputData</code> belongs + * to is part of. + * + * @return the kind of container. + */ + public String getPartOf(); + + /** + * If this <code>InputData</code> belongs to an XMLDSIG <code>Reference</code> + * being part of either a XMLDSIGManifest or a SignatureManifest, this method + * returns a positive int value signalling the particular <code>Reference</code> + * of the XMLDSIG <code>SignedInfo</code> referring to the XMLDSIGManifest or + * SignatureManifest respectively. + */ + public int getReferringReferenceNumber(); +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java new file mode 100644 index 000000000..42d61559e --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java @@ -0,0 +1,99 @@ +package at.gv.egovernment.moa.spss.api.impl; + +import java.io.InputStream; + +import at.gv.egovernment.moa.spss.MOARuntimeException; +import at.gv.egovernment.moa.spss.api.common.Content; +import at.gv.egovernment.moa.spss.api.common.ContentBinary; +import at.gv.egovernment.moa.spss.api.common.InputData; + +/** + * Content wrapper decorating a binary content with two additional attributes + * needed for returning <code>HashInputData</code> and <code>ReferenceInputData + * </code> information as part of <code>VerifyXMLSignatureResponse</code>. + * + * @author Gregor Karlinger + * + * @version $Id$ + */ +public class InputDataBinaryImpl implements ContentBinary, InputData +{ + /** + * The wrapped <code>Content</code>. + */ + protected ContentBinary wrapped_; + + /** + * This attribute signals what kind of container the XMLDSIG <code>Reference</code> + * this <code>InputData</code> belongs to is part of. + */ + protected String partOf_; + + /** + * If this <code>InputData</code> belongs to an XMLDSIG <code>Reference</code> + * being part of either a XMLDSIGManifest or a SignatureManifest, this attribute + * (a positive int) signals the particular <code>Reference</code> of the XMLDSIG + * <code>SignedInfo</code> referring to the XMLDSIGManifest or SignatureManifest + * respectively. + */ + protected int referringReferenceNumber_; + + /** + * Creates a new instance. + * + * @param wrapped The wrapped <code>Content</code>. Must be of type {@link Content#BINARY_CONTENT}. + * + * @param partOf see {@link InputData} + * + * @param referringReferenceNumber see {@link InputData} + */ + public InputDataBinaryImpl(Content wrapped, String partOf, int referringReferenceNumber) throws MOARuntimeException + { + if (wrapped.getContentType() != Content.BINARY_CONTENT) throw new MOARuntimeException("9901", null); + + wrapped_ = (ContentBinary) wrapped; + partOf_ = partOf; + referringReferenceNumber_ = referringReferenceNumber; + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.Content#getContentType() + */ + public int getContentType() + { + return wrapped_.getContentType(); + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.Content#getReference() + */ + public String getReference() + { + return wrapped_.getReference(); + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.ContentBinary#getBinaryContent() + */ + public InputStream getBinaryContent() + { + return wrapped_.getBinaryContent(); + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.InputData#getPartOf() + */ + public String getPartOf() + { + return partOf_; + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.InputData#getReferringReferenceNumber() + */ + public int getReferringReferenceNumber() + { + return referringReferenceNumber_; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java new file mode 100644 index 000000000..029a402f5 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java @@ -0,0 +1,99 @@ +package at.gv.egovernment.moa.spss.api.impl; + +import org.w3c.dom.NodeList; + +import at.gv.egovernment.moa.spss.MOARuntimeException; +import at.gv.egovernment.moa.spss.api.common.Content; +import at.gv.egovernment.moa.spss.api.common.ContentXML; +import at.gv.egovernment.moa.spss.api.common.InputData; + +/** + * Content wrapper decorating an XML content with two additional attributes + * needed for returning <code>HashInputData</code> and <code>ReferenceInputData + * </code> information as part of <code>VerifyXMLSignatureResponse</code>. + * + * @author Gregor Karlinger + * + * @version $Id$ + */ +public class InputDataXMLImpl implements ContentXML, InputData +{ + /** + * The wrapped <code>ContentXML</code>. + */ + protected ContentXML wrapped_; + + /** + * This attribute signals what kind of container the XMLDSIG <code>Reference</code> + * this <code>InputData</code> belongs to is part of. + */ + protected String partOf_; + + /** + * If this <code>InputData</code> belongs to an XMLDSIG <code>Reference</code> + * being part of either a XMLDSIGManifest or a SignatureManifest, this attribute + * (a positive int) signals the particular <code>Reference</code> of the XMLDSIG + * <code>SignedInfo</code> referring to the XMLDSIGManifest or SignatureManifest + * respectively. + */ + protected int referringReferenceNumber_; + + /** + * Creates a new instance. + * + * @param wrapped The wrapped <code>ContentBinary</code>. Must be of type {@link Content#XML_CONTENT}. + * + * @param partOf see {@link InputData} + * + * @param referringReferenceNumber see {@link InputData} + */ + public InputDataXMLImpl(Content wrapped, String partOf, int referringReferenceNumber) + { + if (wrapped.getContentType() != Content.XML_CONTENT) throw new MOARuntimeException("9901", null); + + wrapped_ = (ContentXML) wrapped; + partOf_ = partOf; + referringReferenceNumber_ = referringReferenceNumber; + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.Content#getContentType() + */ + public int getContentType() + { + return wrapped_.getContentType(); + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.Content#getReference() + */ + public String getReference() + { + return wrapped_.getReference(); + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.ContentXML#getXMLContent() + */ + public NodeList getXMLContent() + { + return wrapped_.getXMLContent(); + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.InputData#getPartOf() + */ + public String getPartOf() + { + return partOf_; + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.InputData#getReferringReferenceNumber() + */ + public int getReferringReferenceNumber() + { + return referringReferenceNumber_; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java index f163013c1..989dbfb4a 100644 --- a/spss.server/src/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java +++ b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java @@ -18,10 +18,17 @@ public class VerifyXMLSignatureResponseImpl /** Information about the signer certificate. */ private SignerInfo signerInfo; - /** The hash input data objects. */ + + /** + * The hash input data objects. The list consists of {@link at.gv.egovernment.moa.spss.api.common.InputData}s. + * */ private List hashInputDatas = new ArrayList(); - /** The reference input data objects. */ + + /** + * The reference input data objects. The list consists of {@link at.gv.egovernment.moa.spss.api.common.InputData}s. + * */ private List referenceInputDatas = new ArrayList(); + /** Information about the signature check. */ private ReferencesCheckResult signatureCheck; /** Information about the signature manifest check. */ diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java b/spss.server/src/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java index 56bcf63fa..960d9571d 100644 --- a/spss.server/src/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java +++ b/spss.server/src/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java @@ -17,6 +17,7 @@ import at.gv.egovernment.moa.spss.MOASystemException; import at.gv.egovernment.moa.spss.api.common.Content; import at.gv.egovernment.moa.spss.api.common.ContentBinary; import at.gv.egovernment.moa.spss.api.common.ContentXML; +import at.gv.egovernment.moa.spss.api.common.InputData; import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResult; import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; @@ -78,8 +79,8 @@ public class VerifyXMLSignatureResponseBuilder { responseData = response.getHashInputDatas(); if (responseData != null && !responseData.isEmpty()) { for (iter = responseData.iterator(); iter.hasNext();) { - Content content = (Content) iter.next(); - addContent("HashInputData", content); + InputData inputData = (InputData) iter.next(); + addContent("HashInputData", inputData); } } @@ -87,8 +88,8 @@ public class VerifyXMLSignatureResponseBuilder { responseData = response.getReferenceInputDatas(); if (responseData != null && !responseData.isEmpty()) { for (iter = responseData.iterator(); iter.hasNext();) { - Content content = (Content) iter.next(); - addContent("ReferenceInputData", content); + InputData inputData = (InputData) iter.next(); + addContent("ReferenceInputData", inputData); } } @@ -127,23 +128,32 @@ public class VerifyXMLSignatureResponseBuilder { * Add an element of type <code>ContentBaseType</code> to the response. * * @param elementName The name of the element. - * @param content The <code>Content</code> to add. Based on the type of - * the <code>Content</code>, either a <code>Base64Content</code> element - * or a <code>XMLContent</code> subelement will be added. A - * <code>ContentBinary</code> of type <code>BinaryDataObject</code> will be - * added as a <code>Base64Content</code> child element. - * <code>ContentXML</code> will be added as <code>XMLContent</code> child - * element. + * + * @param inputData The <code>InputData</code> to add. Based on the type of + * + * the <code>InputData</code>, either a <code>Base64Content</code> element + * or a <code>XMLContent</code> subelement will be added. An <code> + * InputDataBinaryImpl</code> will be added as a <code>Base64Content</code> + * child element. An<code>InputDataXMLImpl</code> will be added as <code> + * XMLContent</code> child element. + * * @throws MOAApplicationException An error occurred adding the content. */ - private void addContent(String elementName, Content content) + private void addContent(String elementName, InputData inputData) throws MOAApplicationException { Element contentElem = responseDoc.createElementNS(MOA_NS_URI, elementName); - switch (content.getContentType()) { + contentElem.setAttributeNS(null, "PartOf", inputData.getPartOf()); + if (inputData.getReferringReferenceNumber() != InputData.REFERER_NONE_) + contentElem.setAttributeNS( + null, + "ReferringSigReference", + Integer.toString(inputData.getReferringReferenceNumber())); + + switch (inputData.getContentType()) { case Content.XML_CONTENT : - ContentXML contentXml = (ContentXML) content; + ContentXML contentXml = (ContentXML) inputData; NodeList nodes = contentXml.getXMLContent(); Element xmlElem; int i; @@ -161,7 +171,7 @@ public class VerifyXMLSignatureResponseBuilder { case Content.BINARY_CONTENT : Element binaryElem = responseDoc.createElementNS(MOA_NS_URI, "Base64Content"); - ContentBinary contentBinary = (ContentBinary) content; + ContentBinary contentBinary = (ContentBinary) inputData; String base64Str; try { diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java index af5787795..076e9d1a5 100644 --- a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java @@ -1,13 +1,5 @@ package at.gv.egovernment.moa.spss.server.invoke; -import java.io.InputStream; -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; - -import org.w3c.dom.DocumentFragment; -import org.w3c.dom.NodeList; - import iaik.ixsil.algorithms.CanonicalizationAlgorithm; import iaik.ixsil.algorithms.CanonicalizationAlgorithmImplExclusiveCanonicalXMLWithComments; import iaik.server.modules.xml.BinaryDataObject; @@ -24,19 +16,29 @@ import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile; import iaik.server.modules.xmlverify.XMLSignatureVerificationResult; import iaik.x509.X509Certificate; -import at.gv.egovernment.moa.util.CollectionUtils; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.NodeListAdapter; +import java.io.InputStream; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import org.w3c.dom.DocumentFragment; +import org.w3c.dom.NodeList; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.api.SPSSFactory; import at.gv.egovernment.moa.spss.api.common.CheckResult; import at.gv.egovernment.moa.spss.api.common.Content; +import at.gv.egovernment.moa.spss.api.common.InputData; import at.gv.egovernment.moa.spss.api.common.SignerInfo; +import at.gv.egovernment.moa.spss.api.impl.InputDataBinaryImpl; +import at.gv.egovernment.moa.spss.api.impl.InputDataXMLImpl; import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResultInfo; import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult; import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResultInfo; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.util.CollectionUtils; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.NodeListAdapter; /** * A class to build a <code>VerifyXMLSignatureResponse</code> object. @@ -123,23 +125,76 @@ public class VerifyXMLSignatureResponseBuilder { certResult.isPublicAuthorityCertificate(), certResult.getPublicAuthorityID()); - // add HashInputData Content objects + // Create HashInputData Content objects referenceDataList = result.getReferenceDataList(); if (profile.includeHashInputData()) { hashInputDatas = new ArrayList(); - for (iter = referenceDataList.iterator(); iter.hasNext();) { - referenceData = (ReferenceData) iter.next(); - hashInputDatas.add(buildContent(referenceData.getHashInputData())); + + // Include SignedInfo references + addHashInputDatas( + hashInputDatas, + referenceDataList, + InputData.CONTAINER_SIGNEDINFO_, + InputData.REFERER_NONE_); + + // Include SignatureManifest references + if (result.containsSecurityLayerManifest()) + { + List sigMFReferenceDataList = result.getSecurityLayerManifest().getReferenceDataList(); + addHashInputDatas( + hashInputDatas, + sigMFReferenceDataList, + InputData.CONTAINER_SIGNATUREMANIFEST_, + result.getSecurityLayerManifest().getReferringReferenceInfo().getReferenceIndex()); + } + + // Include XMLDSIGManifest references + List xMLDSIGManifests = result.getDsigManifestList(); + for (iter = xMLDSIGManifests.iterator(); iter.hasNext();) + { + DsigManifest currentMF = (DsigManifest) iter.next(); + List xMLDSIGMFReferenceDataList = currentMF.getReferenceDataList(); + addHashInputDatas( + hashInputDatas, + xMLDSIGMFReferenceDataList, + InputData.CONTAINER_XMLDSIGMANIFEST_, + currentMF.getReferringReferenceInfo().getReferenceIndex()); } } - // create the ReferenceInputData Content objects + // Create the ReferenceInputData Content objects if (profile.includeReferenceInputData()) { referenceInputDatas = new ArrayList(); - for (iter = referenceDataList.iterator(); iter.hasNext();) { - referenceData = (ReferenceData) iter.next(); - referenceInputDatas.add( - buildContent(referenceData.getReferenceInputData())); + + // Include SignedInfo references + addReferenceInputDatas( + referenceInputDatas, + referenceDataList, + InputData.CONTAINER_SIGNEDINFO_, + InputData.REFERER_NONE_); + + // Include SignatureManifest references + if (result.containsSecurityLayerManifest()) + { + List sigMFReferenceDataList = result.getSecurityLayerManifest().getReferenceDataList(); + addReferenceInputDatas( + referenceInputDatas, + sigMFReferenceDataList, + InputData.CONTAINER_SIGNATUREMANIFEST_, + result.getSecurityLayerManifest().getReferringReferenceInfo().getReferenceIndex()); + } + + // Include XMLDSIGManifest references + List xMLDSIGManifests = result.getDsigManifestList(); + for (iter = xMLDSIGManifests.iterator(); iter.hasNext();) + { + DsigManifest currentMF = (DsigManifest) iter.next(); + List xMLDSIGMFReferenceDataList = currentMF.getReferenceDataList(); + addReferenceInputDatas( + referenceInputDatas, + xMLDSIGMFReferenceDataList, + InputData.CONTAINER_XMLDSIGMANIFEST_, + currentMF.getReferringReferenceInfo().getReferenceIndex()); } } @@ -183,7 +238,7 @@ public class VerifyXMLSignatureResponseBuilder { else { // security layer manifest exists, but has errors - failedReferences = buildFailedReferences(slManifest.getReferenceInfoList()); + failedReferences = buildFailedReferences(slManifest.getReferenceDataList()); checkResultInfo = (failedReferences != null) ? factory.createReferencesCheckResultInfo(null, failedReferences) : null; @@ -221,7 +276,7 @@ public class VerifyXMLSignatureResponseBuilder { ManifestRefsCheckResultInfo manifestCheckResultInfo; failedReferences = - buildFailedReferences(dsigManifest.getReferenceInfoList()); + buildFailedReferences(dsigManifest.getReferenceDataList()); manifestCheckResultInfo = factory.createManifestRefsCheckResultInfo( null, @@ -239,27 +294,93 @@ public class VerifyXMLSignatureResponseBuilder { } /** - * Build a <code>Content</code> object from the given <code>DataObject</code>. + * Adds {@link InputData} entries to the specified <code>inputDatas</code> list. The content of the entry will + * be created from {@link ReferenceData#getHashInputData()}. + * + * @param inputDatas The list to be amended. + * + * @param referenceDataList The list of {@link ReferenceData} objects to be investigated. + * + * @param containerType The type of container of the {@link InputData} objects to be created. + * + * @param refererNumber The number of the referring reference for the {@link InputData} objects to be created. + * + * @throws MOAApplicationException if creating an {@link InputData} fails. + */ + private void addHashInputDatas(List inputDatas, List referenceDataList, String containerType, int refererNumber) + throws MOAApplicationException + { + for (Iterator iter = referenceDataList.iterator(); iter.hasNext();) + { + ReferenceData referenceData = (ReferenceData) iter.next(); + inputDatas.add(buildInputData( + referenceData.getHashInputData(), + containerType, + refererNumber)); + } + } + + /** + * Adds {@link InputData} entries to the specified <code>inputDatas</code> list. The content of the entry will + * be created from {@link ReferenceData#getReferenceInputData()}. + * + * @param inputDatas The list to be amended. + * + * @param referenceDataList The list of {@link ReferenceData} objects to be investigated. + * + * @param containerType The type of container of the {@link InputData} objects to be created. + * + * @param refererNumber The number of the referring reference for the {@link InputData} objects to be created. + * + * @throws MOAApplicationException if creating an {@link InputData} fails. + */ + private void addReferenceInputDatas(List inputDatas, List referenceDataList, String containerType, int refererNumber) + throws MOAApplicationException + { + for (Iterator iter = referenceDataList.iterator(); iter.hasNext();) + { + ReferenceData referenceData = (ReferenceData) iter.next(); + inputDatas.add(buildInputData( + referenceData.getReferenceInputData(), + containerType, + refererNumber)); + } + } + + /** + * Build a <code>InputDataBinaryImpl</code> or an <code>InputDataXMLImpl</code> + * object from the given <code>DataObject</code> and the given attributes. + * + * @param dataObject The <code>DataObject</code> from which to build the result. + * Based on the type of this parameter, the type of the result will either be + * <code>InputDataBinaryImpl</code> or <code>InputDataXMLImpl</code>. + * + * @param partof see {@link InputData} + * + * @param referringReferenceNumber see {@link InputData} * - * @param dataObject The <code>DataObject</code> from which to build the - * <code>Content</code>. Based on the type of this parameter, the type of - * <code>Content</code> will either be <code>XML_CONTENT</code> or - * <code>BINARY_CONTENT</code>. - * @return The <code>Content</code> object containing the data. - * @throws MOAApplicationException An error occurred adding the content. + * @return The corresponinding input data implementation. + * + * @throws MOAApplicationException An error occurred creating the result. */ - private Content buildContent(DataObject dataObject) + private Content buildInputData(DataObject dataObject, String partOf, int referringReferenceNumber) throws MOAApplicationException { if (dataObject instanceof BinaryDataObject) { BinaryDataObject binaryData = (BinaryDataObject) dataObject; - return factory.createContent(binaryData.getInputStream(), null); + return new InputDataBinaryImpl( + factory.createContent(binaryData.getInputStream(), null), + partOf, + referringReferenceNumber); } else if (dataObject instanceof XMLDataObject) { XMLDataObject xmlData = (XMLDataObject) dataObject; List nodes = new ArrayList(); nodes.add(xmlData.getElement()); - return factory.createContent(new NodeListAdapter(nodes), null); + return new InputDataXMLImpl( + factory.createContent(new NodeListAdapter(nodes), null), + partOf, + referringReferenceNumber); } else { // dataObject instanceof XMLNodeListDataObject // if the data in the NodeList can be converted back to valid XML, // write it as XMLContent; otherwise, write it as Base64Content @@ -271,7 +392,10 @@ public class VerifyXMLSignatureResponseBuilder { try { DocumentFragment fragment = DOMUtils.nodeList2DocumentFragment(nodes); - return factory.createContent(fragment.getChildNodes(), null); + return new InputDataXMLImpl( + factory.createContent(fragment.getChildNodes(), null), + partOf, + referringReferenceNumber); } catch (Exception e) { // not successful -> fall through to the Base64Content } @@ -285,7 +409,10 @@ public class VerifyXMLSignatureResponseBuilder { c14n.setInput(nodes); is = c14n.canonicalize(); - return factory.createContent(is, null); + return new InputDataBinaryImpl( + factory.createContent(is, null), + partOf, + referringReferenceNumber); } catch (Exception e) { throw new MOAApplicationException("2200", null); } diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java index 1f9d45ed1..e675a40d6 100644 --- a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java @@ -501,7 +501,7 @@ public class XMLSignatureVerificationInvoker { Set transformParameterURIs = buildTransformParameterURIs(profile.getTransformationSupplements()); List referenceInfoList = - result.getSecurityLayerManifest().getReferenceInfoList(); + result.getSecurityLayerManifest().getReferenceDataList(); Iterator refIter; for (refIter = referenceInfoList.iterator(); refIter.hasNext();) { |