diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-01-29 16:39:18 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-01-29 16:39:18 +0100 |
commit | aa8ef6ac6e9f27cde7d009006de639893e0851f3 (patch) | |
tree | 9aa2d9b209738d42fc5560e10a1c8b11892df42c /spss/server/serverlib | |
parent | 648510a0769be3ebc4dc3d2e454172d230d3f217 (diff) | |
parent | 5ab7e548582a26dd37144df55efb63b7fca4483d (diff) | |
download | moa-id-spss-aa8ef6ac6e9f27cde7d009006de639893e0851f3.tar.gz moa-id-spss-aa8ef6ac6e9f27cde7d009006de639893e0851f3.tar.bz2 moa-id-spss-aa8ef6ac6e9f27cde7d009006de639893e0851f3.zip |
Merge remote-tracking branch 'remotes/origin/moa2_0_kstranacher' into moa2_0_tlenz
Conflicts:
common/pom.xml
id/server/auth/.settings/org.eclipse.wst.common.component
id/server/auth/src/main/webapp/index.html
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
id/server/idserverlib/src/main/resources/resources/wsdl/MOA-ID-1.x.wsdl
pom.xml
spss/handbook/clients/api/pom.xml
spss/handbook/clients/pom.xml
spss/handbook/clients/referencedData/pom.xml
spss/handbook/clients/webservice/pom.xml
spss/handbook/pom.xml
spss/pom.xml
spss/server/pom.xml
spss/server/serverlib/pom.xml
spss/server/serverws/.settings/org.eclipse.wst.common.component
spss/server/serverws/pom.xml
spss/server/tools/pom.xml
Diffstat (limited to 'spss/server/serverlib')
11 files changed, 197 insertions, 28 deletions
diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml index 21fe5fb40..1c756d4d4 100644 --- a/spss/server/serverlib/pom.xml +++ b/spss/server/serverlib/pom.xml @@ -2,13 +2,14 @@ <parent>
<groupId>MOA.spss</groupId>
<artifactId>moa-spss</artifactId>
- <version>1.5.2</version>
+ <version>2.0.x</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<groupId>MOA.spss.server</groupId>
<artifactId>moa-spss-lib</artifactId>
<packaging>jar</packaging>
+ <version>2.0.0</version>
<name>MOA SP/SS API</name>
<properties>
@@ -134,11 +135,10 @@ <artifactId>moa-common</artifactId>
<type>test-jar</type>
<scope>test</scope>
- </dependency>
+ </dependency>
<dependency>
<groupId>MOA.spss.server</groupId>
<artifactId>moa-spss-tools</artifactId>
- <version>1.5.2</version>
<scope>test</scope>
</dependency>
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java index b5cc96a04..d41891167 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java @@ -25,6 +25,7 @@ package at.gv.egovernment.moa.spss.api; import java.io.InputStream; +import java.math.BigDecimal; import java.math.BigInteger; import java.security.cert.X509Certificate; import java.util.Date; @@ -481,7 +482,9 @@ public abstract class SPSSFactory { */ public abstract CMSDataObject createCMSDataObject( MetaInfo metaInfo, - CMSContent content); + CMSContent content, + BigDecimal excludeByteRangeFrom, + BigDecimal excludeByteRangeTo); /** * Create a new <code>CMSContent</code> object from the data contained at the diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSDataObject.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSDataObject.java index 0c4b2ce6d..f9a684676 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSDataObject.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSDataObject.java @@ -24,6 +24,8 @@ package at.gv.egovernment.moa.spss.api.cmsverify; +import java.math.BigDecimal; + import at.gv.egovernment.moa.spss.api.common.MetaInfo; /** @@ -46,4 +48,10 @@ public interface CMSDataObject { * @return The actual content. */ public CMSContent getContent(); -} + + + public BigDecimal getExcludeByteRangeFrom(); + + public BigDecimal getExcludeByteRangeTo(); + + } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSDataObjectImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSDataObjectImpl.java index 0e89885c8..20a9b5654 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSDataObjectImpl.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSDataObjectImpl.java @@ -24,6 +24,8 @@ package at.gv.egovernment.moa.spss.api.impl; +import java.math.BigDecimal; + import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent; import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject; import at.gv.egovernment.moa.spss.api.common.MetaInfo; @@ -40,6 +42,9 @@ public class CMSDataObjectImpl implements CMSDataObject { private MetaInfo metaInfo; /** The <code>CMSContent</code> contained in this data object. */ private CMSContent cmsContent; + + private BigDecimal excludeByteRangeFrom; + private BigDecimal excludeByteRangeTo; /** * Sets the meta information associated with the CMS data object. @@ -67,4 +72,20 @@ public class CMSDataObjectImpl implements CMSDataObject { return cmsContent; } + public void setExcludeByteRangeFrom(BigDecimal excludeByteRangeFrom) { + this.excludeByteRangeFrom = excludeByteRangeFrom; + } + + public BigDecimal getExcludeByteRangeFrom() { + return excludeByteRangeFrom; + } + + public void setExcludeByteRangeTo(BigDecimal excludeByteRangeTo) { + this.excludeByteRangeTo = excludeByteRangeTo; + } + + public BigDecimal getExcludeByteRangeTo() { + return excludeByteRangeTo; + } + } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java index 8e3bb7636..ac3d4c940 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java @@ -25,7 +25,7 @@ package at.gv.egovernment.moa.spss.api.impl; import java.io.InputStream; - +import java.math.BigDecimal; import java.math.BigInteger; import java.security.cert.X509Certificate; import java.util.Date; @@ -273,11 +273,15 @@ public class SPSSFactoryImpl extends SPSSFactory { public CMSDataObject createCMSDataObject( MetaInfo metaInfo, - CMSContent content) { + CMSContent content, + BigDecimal excludeByteRangeFrom, + BigDecimal excludeByteRangeTo) { CMSDataObjectImpl cmsDataObject = new CMSDataObjectImpl(); cmsDataObject.setMetaInfo(metaInfo); cmsDataObject.setContent(content); + cmsDataObject.setExcludeByteRangeFrom(excludeByteRangeFrom); + cmsDataObject.setExcludeByteRangeTo(excludeByteRangeTo); return cmsDataObject; } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureRequestParser.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureRequestParser.java index 737915ecd..a8cae9c4e 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureRequestParser.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureRequestParser.java @@ -25,6 +25,7 @@ package at.gv.egovernment.moa.spss.api.xmlbind; import java.io.InputStream; +import java.math.BigDecimal; import java.util.ArrayList; import java.util.List; @@ -38,7 +39,6 @@ import at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo; import at.gv.egovernment.moa.spss.api.cmssign.SingleSignatureInfo; import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent; import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject; -import at.gv.egovernment.moa.spss.api.common.Content; import at.gv.egovernment.moa.spss.api.common.MetaInfo; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.BoolUtils; @@ -71,6 +71,9 @@ public class CreateCMSSignatureRequestParser { private static final String META_INFO_XPATH = MOA + "MetaInfo"; private static final String CONTENT_XPATH = MOA + "Content"; private static final String BASE64_CONTENT_XPATH = MOA + "Base64Content"; + private static final String EXCLUDEBYTERANGE_FROM_XPATH = MOA + "ExcludedByteRange/" + MOA + "From"; + private static final String EXCLUDEBYTERANGE_TO_XPATH = MOA + "ExcludedByteRange/" + MOA + "To"; + /** The factory to create API objects. */ @@ -212,7 +215,18 @@ public class CreateCMSSignatureRequestParser { metaInfo = RequestParserUtils.parseMetaInfo(metaInfoElem); } - return factory.createCMSDataObject(metaInfo, content); + String excludeByteRangeFromStr = XPathUtils.getElementValue(dataObjectElem, EXCLUDEBYTERANGE_FROM_XPATH, null); + String excludeByteRangeToStr = XPathUtils.getElementValue(dataObjectElem, EXCLUDEBYTERANGE_TO_XPATH, null); + + BigDecimal excludeByteRangeFrom = null; + BigDecimal excludeByteRangeTo = null; + + if (excludeByteRangeFromStr != null) + excludeByteRangeFrom = new BigDecimal(excludeByteRangeFromStr); + if (excludeByteRangeToStr != null) + excludeByteRangeTo = new BigDecimal(excludeByteRangeToStr); + + return factory.createCMSDataObject(metaInfo, content, excludeByteRangeFrom, excludeByteRangeTo); } else { return null; diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java index d50a17ffc..6209d8ef9 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java @@ -25,6 +25,7 @@ package at.gv.egovernment.moa.spss.api.xmlbind; import java.io.InputStream; +import java.math.BigDecimal; import java.util.ArrayList; import java.util.Date; import java.util.List; @@ -65,6 +66,9 @@ public class VerifyCMSSignatureRequestParser { private static final String META_INFO_XPATH = MOA + "MetaInfo"; private static final String CONTENT_XPATH = MOA + "Content"; private static final String BASE64_CONTENT_XPATH = MOA + "Base64Content"; + private static final String EXCLUDEBYTERANGE_FROM_XPATH = MOA + "ExcludedByteRange/" + MOA + "From"; + private static final String EXCLUDEBYTERANGE_TO_XPATH = MOA + "ExcludedByteRange/" + MOA + "To"; + /** The <code>SPSSFactory</code> for creating new API objects. */ private SPSSFactory factory = SPSSFactory.getInstance(); @@ -161,7 +165,20 @@ public class VerifyCMSSignatureRequestParser { metaInfo = RequestParserUtils.parseMetaInfo(metaInfoElem); } - return factory.createCMSDataObject(metaInfo, content); + String excludeByteRangeFromStr = XPathUtils.getElementValue(dataObjectElem, EXCLUDEBYTERANGE_FROM_XPATH, null); + String excludeByteRangeToStr = XPathUtils.getElementValue(dataObjectElem, EXCLUDEBYTERANGE_TO_XPATH, null); + + BigDecimal excludeByteRangeFrom = null; + BigDecimal excludeByteRangeTo = null; + + if (excludeByteRangeFromStr != null) + excludeByteRangeFrom = new BigDecimal(excludeByteRangeFromStr); + if (excludeByteRangeToStr != null) + excludeByteRangeTo = new BigDecimal(excludeByteRangeToStr); + + return factory.createCMSDataObject(metaInfo, content, excludeByteRangeFrom, excludeByteRangeTo); + + } else { return null; } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java index e058c8a4b..718673a93 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java @@ -38,6 +38,7 @@ import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; +import java.math.BigDecimal; import java.math.BigInteger; import java.security.Principal; import java.security.cert.X509Certificate; @@ -51,8 +52,6 @@ import java.util.Set; import at.gv.egovernment.moa.logging.LogMsg; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.logging.LoggingContext; -import at.gv.egovernment.moa.logging.LoggingContextManager; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.MOASystemException; @@ -238,12 +237,32 @@ public class CMSSignatureCreationInvoker { OutputStream signedDataStream = signature.getSignature(out, base64); // now write the data to be signed to the signedDataStream - byte[] buf = new byte[4096]; - int bytesRead; - while ((bytesRead = contentIs.read(buf)) >= 0) { - signedDataStream.write(buf, 0, bytesRead); - } - + + int byteRead; + BigDecimal counter = new BigDecimal("0"); + BigDecimal one = new BigDecimal("1"); + + while ((byteRead=contentIs.read()) >= 0) { + //System.out.println("counterXX: " + counter); + + if (inRange(counter, dataobject)) { + //System.out.println("Lösche..."); + // set byte to 0x00 + signedDataStream.write(0); + } + else + signedDataStream.write(byteRead); + + counter = counter.add(one); + } + + +// byte[] buf = new byte[4096]; +// int bytesRead; +// while ((bytesRead = contentIs.read(buf)) >= 0) { +// signedDataStream.write(buf, 0, bytesRead); +// } +// // finish SignedData processing by closing signedDataStream signedDataStream.close(); String base64value = out.toString(); @@ -269,6 +288,28 @@ public class CMSSignatureCreationInvoker { return responseBuilder.getResponse(); } + + private boolean inRange(BigDecimal counter, CMSDataObject dataobject) { + BigDecimal from = dataobject.getExcludeByteRangeFrom(); + BigDecimal to = dataobject.getExcludeByteRangeTo(); + + if ( (from == null) || (to == null)) + return false; + + int compare = counter.compareTo(from); + if (compare == -1) + return false; + else { + compare = counter.compareTo(to); + if (compare == 1) + return false; + else + return true; + } + + + + } private String getDigestAlgorithm(ConfigurationProvider config, String keyGroupID) throws MOASystemException { diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java index 7a4103957..0e5faf790 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java @@ -31,17 +31,16 @@ import iaik.server.modules.cmsverify.CMSSignatureVerificationModuleFactory; import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile; import iaik.server.modules.cmsverify.CMSSignatureVerificationResult; import iaik.x509.X509Certificate; -import iaik.xml.crypto.tsl.ex.TSLEngineDiedException; -import iaik.xml.crypto.tsl.ex.TSLSearchException; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; +import java.math.BigDecimal; import java.util.Date; import java.util.Iterator; import java.util.List; -import at.gv.egovernment.moa.logging.LogMsg; -import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.logging.LoggingContext; import at.gv.egovernment.moa.logging.LoggingContextManager; import at.gv.egovernment.moa.spss.MOAApplicationException; @@ -57,9 +56,7 @@ import at.gv.egovernment.moa.spss.server.logging.IaikLog; import at.gv.egovernment.moa.spss.server.logging.TransactionId; import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; -import at.gv.egovernment.moa.spss.tsl.timer.TSLUpdaterTimerTask; import at.gv.egovernment.moa.spss.util.CertificateUtils; -import at.gv.egovernment.moa.spss.util.MessageProvider; import at.gv.egovernment.moa.spss.util.QCSSCDResult; /** @@ -273,6 +270,7 @@ public class CMSSignatureVerificationInvoker { private InputStream getSignedContent(VerifyCMSSignatureRequest request) throws MOAApplicationException { + InputStream is = null; CMSDataObject dataObj; CMSContent content; @@ -282,23 +280,86 @@ public class CMSSignatureVerificationInvoker { return null; } content = dataObj.getContent(); - + // build the content data switch (content.getContentType()) { case CMSContent.EXPLICIT_CONTENT : - return ((CMSContentExcplicit) content).getBinaryContent(); + is = ((CMSContentExcplicit) content).getBinaryContent(); + is = excludeByteRange(is, request); + return is; case CMSContent.REFERENCE_CONTENT : String reference = ((CMSContentReference) content).getReference(); if (!"".equals(reference)) { ExternalURIResolver resolver = new ExternalURIResolver(); - return resolver.resolve(reference); + is = resolver.resolve(reference); + is = excludeByteRange(is, request); + return is; } else { return null; } default : return null; } + + + } + + private InputStream excludeByteRange(InputStream contentIs, VerifyCMSSignatureRequest request) throws MOAApplicationException { + + int byteRead; + + ByteArrayOutputStream contentOs = new ByteArrayOutputStream(); + + + BigDecimal counter = new BigDecimal("0"); + BigDecimal one = new BigDecimal("1"); + + try { + while ((byteRead=contentIs.read()) >= 0) { + + if (inRange(counter, request.getDataObject())) { + // if byte is in byte range, set byte to 0x00 + contentOs.write(0); + } + else + contentOs.write(byteRead); + + counter = counter.add(one); + } + + InputStream is = new ByteArrayInputStream(contentOs.toByteArray()); + + return is; + + + } catch (IOException e) { + throw new MOAApplicationException("2301", null, e); + } + + } + + + private boolean inRange(BigDecimal counter, CMSDataObject dataobject) { + BigDecimal from = dataobject.getExcludeByteRangeFrom(); + BigDecimal to = dataobject.getExcludeByteRangeTo(); + + if ( (from == null) || (to == null)) + return false; + + int compare = counter.compareTo(from); + if (compare == -1) + return false; + else { + compare = counter.compareTo(to); + if (compare == 1) + return false; + else + return true; + } + + + } } diff --git a/spss/server/serverlib/src/main/resources/resources/wsdl/MOA-SPSS-1.5.2.wsdl b/spss/server/serverlib/src/main/resources/resources/wsdl/MOA-SPSS-2.0.0.wsdl index be40c110d..f9b942a51 100644 --- a/spss/server/serverlib/src/main/resources/resources/wsdl/MOA-SPSS-1.5.2.wsdl +++ b/spss/server/serverlib/src/main/resources/resources/wsdl/MOA-SPSS-2.0.0.wsdl @@ -3,7 +3,7 @@ Web Service Description for MOA SP/SS 1.4
-->
<definitions xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
- <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="../resources/schemas/MOA-SPSS-1.5.2.xsd"/>
+ <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="../resources/schemas/MOA-SPSS-2.0.0.xsd"/>
<message name="CreateCMSSignatureInput">
<part name="body" element="moa:CreateCMSSignatureRequest"/>
</message>
diff --git a/spss/server/serverlib/src/main/resources/resources/wsdl/MOA-SPSS-1.5.2.xsd b/spss/server/serverlib/src/main/resources/resources/wsdl/MOA-SPSS-2.0.0.xsd index 4ae327ab3..4ae327ab3 100644 --- a/spss/server/serverlib/src/main/resources/resources/wsdl/MOA-SPSS-1.5.2.xsd +++ b/spss/server/serverlib/src/main/resources/resources/wsdl/MOA-SPSS-2.0.0.xsd |