aboutsummaryrefslogtreecommitdiff
path: root/spss
diff options
context:
space:
mode:
authormcentner <mcentner@d688527b-c9ab-4aba-bd8d-4036d912da1d>2010-07-02 07:14:41 +0000
committermcentner <mcentner@d688527b-c9ab-4aba-bd8d-4036d912da1d>2010-07-02 07:14:41 +0000
commit68af85701b6f797b0d662b89b95e043ee949defd (patch)
tree070935cdd1144aeeb8ce6adddd0da34a72e6ffef /spss
parent3d707db8bf4ec346b8ab6185b8e5ac5403bf2b0a (diff)
downloadmoa-id-spss-68af85701b6f797b0d662b89b95e043ee949defd.tar.gz
moa-id-spss-68af85701b6f797b0d662b89b95e043ee949defd.tar.bz2
moa-id-spss-68af85701b6f797b0d662b89b95e043ee949defd.zip
Merged branch 1.4.7_MOASP_TSL back into trunk.
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1165 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'spss')
-rw-r--r--spss/handbook/clients/referencedData/.settings/org.eclipse.wst.common.component16
-rw-r--r--spss/handbook/clients/webservice/conf/http.properties2
-rw-r--r--spss/handbook/handbook/config/MOA-SPSS-config-1.4.7.xsd (renamed from spss/handbook/handbook/config/MOA-SPSS-config-1.4.5.xsd)4
-rw-r--r--spss/handbook/handbook/config/config.html10
-rw-r--r--spss/handbook/handbook/faq/faq.html2
-rw-r--r--spss/handbook/handbook/index.html2
-rw-r--r--spss/handbook/handbook/install/install.html4
-rw-r--r--spss/handbook/handbook/intro/intro.html2
-rw-r--r--spss/handbook/handbook/spec/MOA-SPSS-1.3.wsdl2
-rw-r--r--spss/handbook/handbook/usage/usage.html6
-rw-r--r--spss/pom.xml2
-rw-r--r--spss/server/history.txt13
-rw-r--r--spss/server/readme.update.txt13
-rw-r--r--spss/server/serverlib/.classpath22
-rw-r--r--spss/server/serverlib/.settings/org.eclipse.wst.common.component15
-rw-r--r--spss/server/serverlib/pom.xml2
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java24
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java7
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/common/CheckTSLResult.java40
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CheckTSLResultImpl.java66
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java18
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java17
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java17
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java35
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java9
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java7
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java10
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java36
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java16
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java11
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java66
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java17
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java44
-rw-r--r--spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties4
-rw-r--r--spss/server/serverws/.settings/org.eclipse.wst.common.component28
-rw-r--r--spss/server/serverws/resources/wsdl/MOA-SPSS-1.3.wsdl2
36 files changed, 500 insertions, 91 deletions
diff --git a/spss/handbook/clients/referencedData/.settings/org.eclipse.wst.common.component b/spss/handbook/clients/referencedData/.settings/org.eclipse.wst.common.component
index ea8402b5f..a5e02254b 100644
--- a/spss/handbook/clients/referencedData/.settings/org.eclipse.wst.common.component
+++ b/spss/handbook/clients/referencedData/.settings/org.eclipse.wst.common.component
@@ -1,8 +1,8 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project-modules id="moduleCoreId" project-version="1.5.0">
- <wb-module deploy-name="moa-spss-handbook-referencedData">
- <wb-resource deploy-path="/" source-path="/src/main/webapp"/>
- <property name="context-root" value="moa-spss-handbook-referencedData"/>
- <property name="java-output-path"/>
- </wb-module>
-</project-modules>
+<?xml version="1.0" encoding="UTF-8"?>
+<project-modules id="moduleCoreId" project-version="1.5.0">
+ <wb-module deploy-name="moa-spss-handbook-referencedData">
+ <wb-resource deploy-path="/" source-path="/src/main/webapp"/>
+ <property name="context-root" value="moa-spss-handbook-referencedData"/>
+ <property name="java-output-path"/>
+ </wb-module>
+</project-modules>
diff --git a/spss/handbook/clients/webservice/conf/http.properties b/spss/handbook/clients/webservice/conf/http.properties
index e969c0574..8bf490a85 100644
--- a/spss/handbook/clients/webservice/conf/http.properties
+++ b/spss/handbook/clients/webservice/conf/http.properties
@@ -30,7 +30,7 @@ signRequest = resources/requests/CreateXMLSignatureRequest.Simple.xml
verifyServiceQName = SignatureVerification
# Zugangspunkt des Webservices
-verifyServiceEndPoint = http://localhost:8080/moa-spss/services/SignatureVerification
+verifyServiceEndPoint = http://localhost:18080/moa-spss/services/SignatureVerification
#verifyServiceEndPoint = https://localhost:8443/moa-spss/services/SignatureVerification
# Name des zu sendenden Signaturprüfrequests (entweder absolute
diff --git a/spss/handbook/handbook/config/MOA-SPSS-config-1.4.5.xsd b/spss/handbook/handbook/config/MOA-SPSS-config-1.4.7.xsd
index 8da3a72b0..a61eed289 100644
--- a/spss/handbook/handbook/config/MOA-SPSS-config-1.4.5.xsd
+++ b/spss/handbook/handbook/config/MOA-SPSS-config-1.4.7.xsd
@@ -1,4 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v2004 rel. 4 U (http://www.xmlspy.com) by Klaus Stranacher (ORiON) -->
<!--
MOA SP/SS 1.4.5 Configuration Schema
-->
@@ -139,6 +140,7 @@
<xs:element name="Id" type="xs:token"/>
<xs:element name="TrustAnchorsLocation" type="xs:anyURI"/>
<xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/>
+ <xs:element name="TSLLocation" type="xs:anyURI" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
</xs:element>
@@ -152,7 +154,7 @@
<xs:element name="MaxRevocationAge" type="xs:integer"/>
<xs:element name="ServiceOrder" minOccurs="0">
<xs:complexType>
- <xs:sequence minOccurs="1" maxOccurs="2">
+ <xs:sequence maxOccurs="2">
<xs:element name="Service">
<xs:simpleType>
<xs:restriction base="xs:token">
diff --git a/spss/handbook/handbook/config/config.html b/spss/handbook/handbook/config/config.html
index 88c770dc1..1fe63c118 100644
--- a/spss/handbook/handbook/config/config.html
+++ b/spss/handbook/handbook/config/config.html
@@ -15,7 +15,7 @@
</tr>
</table>
<hr/>
- <p class="title"><a href="../index.html">MOA: Serversignatur (SS) und Signaturpr&uuml;fung (SP), V 1.4.6</a></p>
+ <p class="title"><a href="../index.html">MOA: Serversignatur (SS) und Signaturpr&uuml;fung (SP), V 1.4.7</a></p>
<p class="subtitle">Konfiguration</p>
<hr/>
<h1>Inhalt</h1>
@@ -135,7 +135,7 @@
</tr>
</table>
<h2><a name="übersicht_zentraledatei" id="übersicht_zentraledatei"></a>1.2 Zentrale Konfigurationsdatei</h2>
- <p>Die Konfiguration von MOA SP/SS erfolgt zentral &uuml;ber eine einzige Konfigurationsdatei. Das Format der Konfigurationsdatei ist XML und muss dem Schema <a href="./MOA-SPSS-config-1.4.5.xsd">MOA-SPSS-config-1.4.5.xsd</a> entsprechen. <a href="#konfigurationsparameter">Abschnitt 2</a> erl&auml;utert die Konfigurationsm&ouml;glichkeiten im Einzelnen.</p>
+ <p>Die Konfiguration von MOA SP/SS erfolgt zentral &uuml;ber eine einzige Konfigurationsdatei. Das Format der Konfigurationsdatei ist XML und muss dem Schema <a href="./MOA-SPSS-config-1.4.7.xsd">MOA-SPSS-config-1.4.7.xsd</a> entsprechen. <a href="#konfigurationsparameter">Abschnitt 2</a> erl&auml;utert die Konfigurationsm&ouml;glichkeiten im Einzelnen.</p>
<h3><a name="&uuml;bersicht_zentraledatei_aktualisierung" id="&uuml;bersicht_zentraledatei_aktualisierung"></a>1.2.1
Aktualisierung auf das Format von MOA SP/SS 1.3</h3>
<p>Mit dem Wechsel auf Version 1.3 verwendet MOA SP/SS ein neues, &uuml;bersichtlicheres Format f&uuml;r die
@@ -690,6 +690,12 @@ als relativ zum Pfad jenes Verzeichnisses interpretiert werden, in dem die zentr
gespeichert ist. Eine absolute URL muss als Protokoll-Teil <code>file</code> verwenden. Das referenzierte
Verzeichnis muss eine oder mehrere DER-kodierte Zertifikatsdateien beinhalten. Jede Zertifikatsdatei
repr&auml;sentiert ein explizit erlaubtes Signatorzertifikat. </li>
+ <li>Element <code>TSLLocation</code>: Dieses optionale Element vom Typ <code>xs:anyURI </code> enth&auml;lt
+ eine relative oder absolute URL, die ein Verzeichnis im lokalen Dateisystem referenziert.
+ Eine relative URL wird relativ zum Pfad jenes Verzeichnisses interpretiert, in dem die zentrale
+ Konfigurationsdatei gespeichert ist. Eine absolute URL muss als Protokoll-Teil <code>file</code> verwenden. Das referenzierte Verzeichnis muss ein oder mehrere Trust-sercice Status Lists beinhalten.<br>
+ Ist dieses Element vorhanden so wird zus&auml;tzlich eine TSL Verifkation durchgef&uuml;hrt, deren Ergebnis in der Response im Element <code>TSLCheck</code> vorhanden ist. <br>
+ <strong>Anmerkung</strong>: F&uuml;r die Nutzung der TSLs gehen wir davon aus, dass die Signatur der TSLs zuvor &uuml;berpr&uuml;ft worden ist. </li>
</ul></td>
</tr>
</table>
diff --git a/spss/handbook/handbook/faq/faq.html b/spss/handbook/handbook/faq/faq.html
index d7e034053..0cf712c63 100644
--- a/spss/handbook/handbook/faq/faq.html
+++ b/spss/handbook/handbook/faq/faq.html
@@ -15,7 +15,7 @@
</tr>
</table>
<hr/>
- <p class="title"><a href="../index.html">MOA: Serversignatur (SS) und Signaturpr&uuml;fung (SP), V 1.4.6</a></p>
+ <p class="title"><a href="../index.html">MOA: Serversignatur (SS) und Signaturpr&uuml;fung (SP), V 1.4.7</a></p>
<p class="subtitle">FAQ</p>
<hr/>
<h1>Inhalt</h1>
diff --git a/spss/handbook/handbook/index.html b/spss/handbook/handbook/index.html
index 72d213fa7..b817c893d 100644
--- a/spss/handbook/handbook/index.html
+++ b/spss/handbook/handbook/index.html
@@ -16,7 +16,7 @@
</table>
<hr/>
<p class="title">MOA: Serversignatur (SS) und Signaturpr&uuml;fung (SP) </p>
- <p class="subtitle">&Uuml;bersicht zur Dokumentation der Version 1.4.6 </p>
+ <p class="subtitle">&Uuml;bersicht zur Dokumentation der Version 1.4.7 </p>
<hr/>
<dl>
<dt><a href="./intro/intro.html">Einf&uuml;hrung</a></dt>
diff --git a/spss/handbook/handbook/install/install.html b/spss/handbook/handbook/install/install.html
index 642f80d6f..f27da9479 100644
--- a/spss/handbook/handbook/install/install.html
+++ b/spss/handbook/handbook/install/install.html
@@ -15,7 +15,7 @@
</tr>
</table>
<hr/>
- <p class="title"><a href="../index.html">MOA: Serversignatur (SS) und Signaturpr&uuml;fung (SP), V 1.4.6</a></p>
+ <p class="title"><a href="../index.html">MOA: Serversignatur (SS) und Signaturpr&uuml;fung (SP), V 1.4.7</a></p>
<p class="subtitle">Installation</p>
<hr/>
<h1>Inhalt</h1>
@@ -114,7 +114,7 @@
<p> Die Basisinstallation des Webservices stellt einerseits die minimalen Anforderungen f&uuml;r den Betrieb von MOA SP/SS als Webservices dar, andererseits dient sie als Ausgangspunkt f&uuml;r optionale <a href="#webservice_erweiterungsm&#246;glichkeiten">Erweiterungsm&ouml;glichkeiten</a>.</p>
<p> Folgende Software ist Voraussetzung f&uuml;r die Basisinstallation des Webservices: </p>
<ul>
- <li><a href="#referenziertesoftware">J2SE 1.4.x SDK oder J2SE 5.0 SDK </a></li>
+ <li><a href="#referenziertesoftware">J2SE 1.4.x SDK oder J2SE 5.0 SDK </a>(Anmerkung: F&uuml;r die Nutzung der TSL Funktionlit&auml;t ist <a href="#referenziertesoftware">J2SE 5.0 SDK</a> Voraussetzung)</li>
<li><a href="#referenziertesoftware">Apache Tomcat 4.1.18 oder h&ouml;her </a></li>
</ul>
<p>In diesem Betriebs-Szenario wird das MOA SP/SS Webservice in Tomcat zum Einsatz gebracht. Tomcat fungiert gleichzeitig als HTTP- und HTTPS-Endpunkt f&uuml;r das MOA SP/SS Webservice. Beide Protokolle werden direkt in Tomcat konfiguriert. Das MOA SP/SS Webservice verwendet Log4j als Logging Toolkit.</p>
diff --git a/spss/handbook/handbook/intro/intro.html b/spss/handbook/handbook/intro/intro.html
index 27031018d..339528911 100644
--- a/spss/handbook/handbook/intro/intro.html
+++ b/spss/handbook/handbook/intro/intro.html
@@ -15,7 +15,7 @@
</tr>
</table>
<hr/>
- <p class="title"><a href="../index.html">MOA: Serversignatur (SS) und Signaturpr&uuml;fung (SP), V 1.4.6</a></p>
+ <p class="title"><a href="../index.html">MOA: Serversignatur (SS) und Signaturpr&uuml;fung (SP), V 1.4.7</a></p>
<p class="subtitle">Einf&uuml;hrung</p>
<hr/>
<h1>Inhalt</h1>
diff --git a/spss/handbook/handbook/spec/MOA-SPSS-1.3.wsdl b/spss/handbook/handbook/spec/MOA-SPSS-1.3.wsdl
index cc7aec4dc..8ae1c1ff4 100644
--- a/spss/handbook/handbook/spec/MOA-SPSS-1.3.wsdl
+++ b/spss/handbook/handbook/spec/MOA-SPSS-1.3.wsdl
@@ -3,7 +3,7 @@
Web Service Description for MOA SP/SS 1.3
-->
<definitions name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="../resources/schemas/MOA-SPSS-1.3.xsd"/>
+ <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="MOA-SPSS-1.3.xsd"/>
<message name="CreateXMLSignatureInput">
<part name="body" element="moa:CreateXMLSignatureRequest"/>
</message>
diff --git a/spss/handbook/handbook/usage/usage.html b/spss/handbook/handbook/usage/usage.html
index 71b901812..a3c411a1d 100644
--- a/spss/handbook/handbook/usage/usage.html
+++ b/spss/handbook/handbook/usage/usage.html
@@ -15,7 +15,7 @@
</tr>
</table>
<hr/>
- <p class="title"><a href="../index.html">MOA: Serversignatur (SS) und Signaturpr&uuml;fung (SP), V 1.4.6</a></p>
+ <p class="title"><a href="../index.html">MOA: Serversignatur (SS) und Signaturpr&uuml;fung (SP), V 1.4.7</a></p>
<p class="subtitle">Anwendung</p>
<hr/>
<h1>Inhalt</h1>
@@ -1214,10 +1214,6 @@ Ich habe weiters ein eigenens ID-Attribut bekommen.&lt;/doc:Paragraph&gt;
<td>Webservice-Framework aus dem Apache Project</td>
</tr>
<tr>
- <td><a href="http://java.sun.com/j2se/1.3.1/" target="_blank">J2SE 1.3.1 SDK/JRE</a> </td>
- <td>Java 2 Standard Edition in der Version 1.3.1 (Software Development Kit bzw. Java Runtime Environment) </td>
- </tr>
- <tr>
<td><a href="http://java.sun.com/j2se/1.4.2/" target="_blank">J2SE 1.4.2 SDK/JRE</a></td>
<td>Java 2 Standard Edition in der Version 1.4.2 (Software Development Kit bzw. Java Runtime Environment) </td>
</tr>
diff --git a/spss/pom.xml b/spss/pom.xml
index 841f1e665..d0ea8fd65 100644
--- a/spss/pom.xml
+++ b/spss/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA</groupId>
<artifactId>MOA</artifactId>
- <version>1.4.6</version>
+ <version>1.4.7</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/spss/server/history.txt b/spss/server/history.txt
index 3aa79b3f6..3f2f420a0 100644
--- a/spss/server/history.txt
+++ b/spss/server/history.txt
@@ -1,4 +1,17 @@
##############
+1.4.7
+##############
+
+- In den Trustprofilen können nun Trust-service Status Lists (TSLs) angegeben werden.
+ MOA-SP liefert hierbei in der Response das TSL Verifikationsergebnis im Element
+ TSLCheck retour (siehe hierzu Dokumentation - Konfiguration Kapitel "2.3.1.2.2
+ Vertrauensprofile").
+
+- Bei Nutzung der TSL-Funktionalität ist Java 1.5 Voraussetzung
+
+- IAIK Libraries aktualisiert:
+ iaik-moa: Version 1.27
+##############
1.4.6
##############
diff --git a/spss/server/readme.update.txt b/spss/server/readme.update.txt
index e2d2f5dbd..fb87ed327 100644
--- a/spss/server/readme.update.txt
+++ b/spss/server/readme.update.txt
@@ -1,11 +1,11 @@
======================================================================
- Update einer bestehenden MOA-SPSS-Installation auf Version 1.4.6
+ Update einer bestehenden MOA-SPSS-Installation auf Version 1.4.7
======================================================================
Es gibt zwei Möglichkeiten (im Folgenden als "Update Variante A" und
"Update Variante B" bezeichnet), das Update von MOA-SPSS auf Version
-1.4.6 durchzuführen. Update Variante A geht dabei den Weg über eine
+1.4.7 durchzuführen. Update Variante A geht dabei den Weg über eine
vorangestellte Neuinstallation, während Variante B direkt eine
bestehende Installation aktualisiert.
@@ -16,8 +16,10 @@ JAVA_HOME bezeichnet das Wurzelverzeichnis der JDK-Installation
CATALINA_HOME bezeichnet das Wurzelverzeichnis der Tomcat-Installation
MOA_SPSS_INST bezeichnet das Verzeichnis, in das Sie die Datei
-moa-spss-1.4.6.zip entpackt haben.
+moa-spss-1.4.7.zip entpackt haben.
+Anmerkung: Wenn Sie MOA-SP mit TSL Unterstützung verwenden wollen, dann
+ist die Verwendung von Java 1.5 Voraussetzung dafür.
=================
Update Variante A
@@ -35,8 +37,7 @@ Update Variante A
die Sie aus Ihrer alten Installation beibehalten möchten, aus Ihrer
Sicherungskopie in die entsprechenden Verzeichnisse der neuen
Installation.
- Anmerkung: Diese Distribution enthält neue A-TRUST und E-CARD-Zertifikate.
- Falls Sie Ihre alten Trustprofile beibehalten wollen, gehen Sie wie unter
+ Anmerkung: Falls Sie Ihre alten Trustprofile beibehalten wollen, gehen Sie wie unter
Update Variante B, Punkt 9 beschrieben vor, um Ihre alten Trustprofile
auf einen aktuellen Stand zu bringen.
@@ -55,7 +56,7 @@ Update Variante B
1.) Erstellen Sie eine Sicherungskopie des kompletten Tomcat-Verzeichnisses
Ihrer MOA-SPSS-Installation.
-2.) Entpacken Sie die Datei "moa-spss-1.4.6.zip" in das Verzeichnis MOA_SPSS_INST.
+2.) Entpacken Sie die Datei "moa-spss-1.4.7.zip" in das Verzeichnis MOA_SPSS_INST.
3.) Erstellen Sie eine Sicherungskopie aller "iaik*.jar"-Dateien im Verzeichnis
JAVA_HOME\jre\lib\ext und löschen Sie diese Dateien danach.
diff --git a/spss/server/serverlib/.classpath b/spss/server/serverlib/.classpath
index 1c79cc393..f0e483a4a 100644
--- a/spss/server/serverlib/.classpath
+++ b/spss/server/serverlib/.classpath
@@ -1,9 +1,13 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<classpath>
- <classpathentry kind="src" output="target/classes" path="src/main/java"/>
- <classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources"/>
- <classpathentry kind="src" output="target/test-classes" path="src/test/java"/>
- <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.4"/>
- <classpathentry kind="con" path="org.maven.ide.eclipse.MAVEN2_CLASSPATH_CONTAINER"/>
- <classpathentry kind="output" path="target/classes"/>
-</classpath>
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+ <classpathentry kind="src" output="target/classes" path="src/main/java"/>
+ <classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources"/>
+ <classpathentry kind="src" output="target/test-classes" path="src/test/java"/>
+ <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.4"/>
+ <classpathentry kind="con" path="org.maven.ide.eclipse.MAVEN2_CLASSPATH_CONTAINER">
+ <attributes>
+ <attribute name="org.eclipse.jst.component.nondependency" value=""/>
+ </attributes>
+ </classpathentry>
+ <classpathentry kind="output" path="target/classes"/>
+</classpath>
diff --git a/spss/server/serverlib/.settings/org.eclipse.wst.common.component b/spss/server/serverlib/.settings/org.eclipse.wst.common.component
index ebc030867..e4ceae723 100644
--- a/spss/server/serverlib/.settings/org.eclipse.wst.common.component
+++ b/spss/server/serverlib/.settings/org.eclipse.wst.common.component
@@ -1,8 +1,7 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project-modules id="moduleCoreId" project-version="1.5.0">
-<wb-module deploy-name="moa-spss-lib">
-<wb-resource deploy-path="/" source-path="/src/main/java"/>
-<wb-resource deploy-path="/" source-path="/src/test/java"/>
-<wb-resource deploy-path="/" source-path="/src/main/resources"/>
-</wb-module>
-</project-modules>
+<?xml version="1.0" encoding="UTF-8"?>
+<project-modules id="moduleCoreId" project-version="1.5.0">
+<wb-module deploy-name="moa-spss-lib">
+<wb-resource deploy-path="/" source-path="/src/main/java"/>
+<wb-resource deploy-path="/" source-path="/src/main/resources"/>
+</wb-module>
+</project-modules>
diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml
index 6648f8c55..4ee7075e3 100644
--- a/spss/server/serverlib/pom.xml
+++ b/spss/server/serverlib/pom.xml
@@ -9,7 +9,7 @@
<groupId>MOA.spss.server</groupId>
<artifactId>moa-spss-lib</artifactId>
<packaging>jar</packaging>
- <version>1.4.6</version>
+ <version>1.4.7</version>
<name>MOA SP/SS API</name>
<properties>
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
index 0aedba6a6..1a778ad2b 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
@@ -22,17 +22,17 @@ import java.util.Date;
import java.util.List;
import java.util.Map;
+import org.apache.commons.discovery.tools.DiscoverClass;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
-import org.apache.commons.discovery.tools.DiscoverClass;
-
import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.CheckTSLResult;
import at.gv.egovernment.moa.spss.api.common.Content;
import at.gv.egovernment.moa.spss.api.common.MetaInfo;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
@@ -434,6 +434,7 @@ public abstract class SPSSFactory {
* @param signerInfo Information about the signer certificate.
* @param signatureCheck Result of the singature value check.
* @param certificateCheck Result of the certificate status check.
+ * @param tslCheck Result of the TSL check
* @return The new <code>VerifyCMSSignatureResponseElement</code> containing
* the above data.
*
@@ -444,7 +445,8 @@ public abstract class SPSSFactory {
public abstract VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement(
SignerInfo signerInfo,
CheckResult signatureCheck,
- CheckResult certificateCheck);
+ CheckResult certificateCheck,
+ CheckTSLResult tslCheck);
//
// Factory methods for verifying XML signatures
@@ -698,7 +700,8 @@ public abstract class SPSSFactory {
ReferencesCheckResult signatureCheck,
ReferencesCheckResult signatureManifestCheck,
List xmlDsigManifestChecks,
- CheckResult certificateCheck);
+ CheckResult certificateCheck,
+ CheckTSLResult tslCheck);
/**
* Create a new <code>ReferencesCheckResult</code> object.
@@ -988,6 +991,19 @@ public abstract class SPSSFactory {
public abstract CheckResult createCheckResult(int code, NodeList info);
/**
+ * Create a new <code>CheckTSLResult</code> object.
+ *
+ * @param code The numerical error code.
+ * @param info Verbose error information.
+ * @return The new <code>CheckTSLResult</code> containing the above data.
+ *
+ * @pre code >= 0
+ * @pre info != null
+ * @post return != null
+ */
+ public abstract CheckTSLResult createCheckTSLResult(int code, String info);
+
+ /**
* Create a new <code>SignerInfo</code> object.
*
* @param signerCertificate The signer certificate in binary form.
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
index 26fd5911d..e2f44c540 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
@@ -16,6 +16,7 @@
package at.gv.egovernment.moa.spss.api.cmsverify;
import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.CheckTSLResult;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
/**
@@ -44,4 +45,10 @@ public interface VerifyCMSSignatureResponseElement {
* @return The result of the certificate verification.
*/
public CheckResult getCertificateCheck();
+ /**
+ * Gets the result of the TSL verification
+ *
+ * @return The result of the TSL verification
+ */
+ public CheckTSLResult getTSLCheck();
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/common/CheckTSLResult.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/common/CheckTSLResult.java
new file mode 100644
index 000000000..f31512cdb
--- /dev/null
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/common/CheckTSLResult.java
@@ -0,0 +1,40 @@
+/*
+* Copyright 2003 Federal Chancellery Austria
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egovernment.moa.spss.api.common;
+
+import org.w3c.dom.NodeList;
+
+/**
+ * Object encapsulating the result of a TSL verification.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id: CheckResult.java 1087 2008-08-28 07:55:59Z mcentner $
+ */
+public interface CheckTSLResult {
+ /**
+ * Gets the result code.
+ *
+ * @return The result code.
+ */
+ public int getCode();
+ /**
+ * Gets descriptive information.
+ *
+ * @return Descriptive information.
+ */
+ public String getInfo();
+}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CheckTSLResultImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CheckTSLResultImpl.java
new file mode 100644
index 000000000..62f3ab979
--- /dev/null
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CheckTSLResultImpl.java
@@ -0,0 +1,66 @@
+/*
+* Copyright 2003 Federal Chancellery Austria
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.CheckTSLResult;
+
+/**
+ * Default implementation of <code>CheckTSLResult</code>.
+ *
+ * @author Fatemeh Philippi
+ * @author Klaus Stranacher
+ * @version $Id: CheckResultImpl.java 1087 2008-08-28 07:55:59Z mcentner $
+ */
+public class CheckTSLResultImpl implements CheckTSLResult {
+ /** The result code. */
+ private int code;
+
+ /** Additional information. */
+ private String info;
+
+ /**
+ * Sets a result code.
+ *
+ * @param code The result code.
+ */
+ public void setCode(int code) {
+ this.code = code;
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.CheckTSLResult#getCode()
+ */
+ public int getCode() {
+ return code;
+ }
+
+ /**
+ * Sets a descriptive information.
+ *
+ * @param info The descriptive information.
+ */
+ public void setInfo(String info) {
+ this.info = info;
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.CheckTSLResult#getInfo()
+ */
+ public String getInfo() {
+ return info;
+ }
+
+}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
index f0d16046c..8cf06bb15 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
@@ -32,6 +32,7 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.CheckTSLResult;
import at.gv.egovernment.moa.spss.api.common.Content;
import at.gv.egovernment.moa.spss.api.common.MetaInfo;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
@@ -259,12 +260,15 @@ public class SPSSFactoryImpl extends SPSSFactory {
public VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement(
SignerInfo signerInfo,
CheckResult signatureCheck,
- CheckResult certificateCheck) {
+ CheckResult certificateCheck,
+ CheckTSLResult tslCheck) {
VerifyCMSSignatureResponseElementImpl verifyCMSSignatureResponseElement =
new VerifyCMSSignatureResponseElementImpl();
verifyCMSSignatureResponseElement.setSignerInfo(signerInfo);
verifyCMSSignatureResponseElement.setSignatureCheck(signatureCheck);
verifyCMSSignatureResponseElement.setCertificateCheck(certificateCheck);
+ verifyCMSSignatureResponseElement.setTSLCheck(tslCheck);
+
return verifyCMSSignatureResponseElement;
}
@@ -390,7 +394,8 @@ public class SPSSFactoryImpl extends SPSSFactory {
ReferencesCheckResult signatureCheck,
ReferencesCheckResult signatureManifestCheck,
List xmlDsigManifestChecks,
- CheckResult certificateCheck) {
+ CheckResult certificateCheck,
+ CheckTSLResult tslCheck) {
VerifyXMLSignatureResponseImpl verifyXMLSignatureResponse =
new VerifyXMLSignatureResponseImpl();
verifyXMLSignatureResponse.setSignerInfo(signerInfo);
@@ -401,6 +406,8 @@ public class SPSSFactoryImpl extends SPSSFactory {
signatureManifestCheck);
verifyXMLSignatureResponse.setXMLDsigManifestChecks(xmlDsigManifestChecks);
verifyXMLSignatureResponse.setCertificateCheck(certificateCheck);
+ verifyXMLSignatureResponse.setTSLCheck(tslCheck);
+
return verifyXMLSignatureResponse;
}
@@ -557,6 +564,13 @@ public class SPSSFactoryImpl extends SPSSFactory {
checkResult.setInfo(info);
return checkResult;
}
+
+ public CheckTSLResult createCheckTSLResult(int code, String info) {
+ CheckTSLResultImpl checkTSLResult = new CheckTSLResultImpl();
+ checkTSLResult.setCode(code);
+ checkTSLResult.setInfo(info);
+ return checkTSLResult;
+ }
public SignerInfo createSignerInfo(
X509Certificate signerCertificate,
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
index 322e83baa..f80c4ace2 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
@@ -17,6 +17,7 @@ package at.gv.egovernment.moa.spss.api.impl;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.CheckTSLResult;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
/**
@@ -34,7 +35,9 @@ public class VerifyCMSSignatureResponseElementImpl
private CheckResult signatureCheck;
/** Information about the certificate check. */
private CheckResult certificateCheck;
-
+ /** Information about the TSL check */
+ private CheckTSLResult tslCheck;
+
/**
* Sets a SignerInfo element according to CMS.
*
@@ -73,5 +76,17 @@ public class VerifyCMSSignatureResponseElementImpl
public CheckResult getCertificateCheck() {
return certificateCheck;
}
+
+ /**
+ * Sets a result of the TSL verification.
+ *
+ * @param tslCheck The result of the TSL verification.
+ */
+ public void setTSLCheck(CheckTSLResult tslCheck) {
+ this.tslCheck = tslCheck;
+ }
+ public CheckTSLResult getTSLCheck() {
+ return tslCheck;
+ }
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java
index 3777e8958..ea6a180a7 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java
@@ -20,6 +20,7 @@ import java.util.Collections;
import java.util.List;
import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.CheckTSLResult;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
@@ -52,7 +53,9 @@ public class VerifyXMLSignatureResponseImpl
private List xmlDsigManifestChecks = new ArrayList();
/** Information about the certificate check. */
private CheckResult certificateCheck;
-
+ /** Information about the TSL check. */
+ private CheckTSLResult tslCheck;
+
/**
* Sets information about the signer certificate.
*
@@ -136,6 +139,18 @@ public class VerifyXMLSignatureResponseImpl
public CheckResult getCertificateCheck() {
return certificateCheck;
}
+ /**
+ * Sets the result of the TSL verification.
+ *
+ * @param certificateCheck The result of the TSL verification.
+ */
+ public void setTSLCheck(CheckTSLResult tslCheck) {
+ this.tslCheck = tslCheck;
+ }
+
+ public CheckTSLResult getTSLCheck() {
+ return tslCheck;
+ }
/**
* Sets the XMLDSigManifestChecks.
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
index 3bef8659a..30d19023a 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
@@ -217,5 +217,40 @@ class ResponseBuilderUtils {
}
root.appendChild(codeInfoElem);
}
+
+ /**
+ * Add an element containing <code>Code</code> and <code>Info</code>
+ * subelements.
+ *
+ * @param response The response document, in order to create new elements in
+ * it.
+ * @param root The root element into which to insert the newly created
+ * element.
+ * @param elementName The name of the newly created element.
+ * @param code The content of the <code>Code</code> subelement.
+ * @param info The content of the <code>Info</code> subelement.
+ */
+ public static void addCodeInfoElement(
+ Document response,
+ Element root,
+ String elementName,
+ int code,
+ String info) {
+
+ Element codeInfoElem = response.createElementNS(MOA_NS_URI, elementName);
+ Element codeElem = response.createElementNS(MOA_NS_URI, "Code");
+ Element infoElem;
+ int i;
+
+ codeElem.appendChild(response.createTextNode(Integer.toString(code)));
+ codeInfoElem.appendChild(codeElem);
+
+ if (info != null) {
+ infoElem = response.createElementNS(MOA_NS_URI, "Info");
+ infoElem.appendChild(response.createTextNode(info));
+ codeInfoElem.appendChild(infoElem);
+ }
+ root.appendChild(codeInfoElem);
+ }
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java
index 80d8575f9..2e4a95a89 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java
@@ -25,6 +25,7 @@ import at.gv.egovernment.moa.spss.MOASystemException;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.CheckTSLResult;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
/**
@@ -89,6 +90,7 @@ public class VerifyCMSSignatureResponseBuilder {
SignerInfo signerInfo = responseElement.getSignerInfo();
CheckResult signatureCheck = responseElement.getSignatureCheck();
CheckResult certCheck = responseElement.getCertificateCheck();
+ CheckTSLResult tslCheck = responseElement.getTSLCheck();
ResponseBuilderUtils.addSignerInfo(
responseDoc,
@@ -111,6 +113,13 @@ public class VerifyCMSSignatureResponseBuilder {
"CertificateCheck",
certCheck.getCode(),
certCheck.getInfo());
+
+ ResponseBuilderUtils.addCodeInfoElement(
+ responseDoc,
+ responseElem,
+ "TSLCheck",
+ tslCheck.getCode(),
+ tslCheck.getInfo());
}
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java
index a8be59766..dedb1dc88 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java
@@ -135,6 +135,13 @@ public class VerifyXMLSignatureResponseBuilder {
"CertificateCheck",
response.getCertificateCheck().getCode(),
response.getCertificateCheck().getInfo());
+
+ ResponseBuilderUtils.addCodeInfoElement(
+ responseDoc,
+ responseElem,
+ "TSLCheck",
+ response.getTSLCheck().getCode(),
+ response.getTSLCheck().getInfo());
return responseDoc;
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java
index 01fe9cf2c..63da503cb 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java
@@ -18,6 +18,7 @@ package at.gv.egovernment.moa.spss.api.xmlverify;
import java.util.List;
import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.CheckTSLResult;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
/**
@@ -71,5 +72,14 @@ public interface VerifyXMLSignatureResponse {
* @return The result of the certificate verification.
*/
public CheckResult getCertificateCheck();
+
+ /**
+ * Gets the result of the TSL verification.
+ *
+ * @return The result of the TSL verification.
+ */
+ public CheckTSLResult getTSLCheck();
+
+
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
index 3ad7b761f..51669026f 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -949,7 +949,8 @@ public class ConfigurationPartsBuilder {
String id = getElementValue(profileElem, CONF + "Id", null);
String trustAnchorsLocStr = getElementValue(profileElem, CONF + "TrustAnchorsLocation", null);
String signerCertsLocStr = getElementValue(profileElem, CONF + "SignerCertsLocation", null);
-
+ String tslLocStr = getElementValue(profileElem, CONF + "TSLLocation", null);
+
URI trustAnchorsLocURI = null;
try
{
@@ -973,6 +974,34 @@ public class ConfigurationPartsBuilder {
warn("config.27", new Object[] { "uri", id });
continue;
}
+
+
+ URI tslLocURI = null;
+ if (tslLocStr != null) {
+
+ try
+ {
+ tslLocURI = new URI(tslLocStr);
+ if (!tslLocURI.isAbsolute()) { // make it absolute to the config file
+ tslLocURI = new URI(configRoot_.toURL() + tslLocStr);
+ }
+ }
+ catch (URIException e) {
+ warn("config.14", new Object[] { "uriTSL", id, tslLocStr }, e);
+ continue;
+ }
+ catch (MalformedURLException e)
+ {
+ warn("config.33", new Object[] {id}, e);
+ continue;
+ }
+
+ File profileDirTSL = new File(tslLocURI.getPath());
+ if (!profileDirTSL.exists() || !profileDirTSL.isDirectory()) {
+ warn("config.27", new Object[] { "uriTSL", id });
+ continue;
+ }
+ }
if (trustProfiles.containsKey(id)) {
warn("config.04", new Object[] { "TrustProfile", id });
@@ -1004,7 +1033,10 @@ public class ConfigurationPartsBuilder {
}
signerCertsLocStr = (signerCertsLocURI != null) ? signerCertsLocURI.toString() : null;
- TrustProfile profile = new TrustProfile(id, trustAnchorsLocURI.toString(), signerCertsLocStr);
+ String tslLocURIString = null;
+ if (tslLocURI != null)
+ tslLocURIString = tslLocURI.toString();
+ TrustProfile profile = new TrustProfile(id, trustAnchorsLocURI.toString(), signerCertsLocStr, tslLocURIString);
trustProfiles.put(id, profile);
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java
index 85d3947aa..66c08e34e 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java
@@ -28,7 +28,9 @@ public class TrustProfile {
private String uri;
/** The URI giving the location of the allowed signer certificates. */
private String signerCertsUri;
-
+ /** The URI giving the location of the TSLs */
+ private String uriTSL;
+
/**
* Create a <code>TrustProfile</code>.
*
@@ -36,11 +38,13 @@ public class TrustProfile {
* @param uri The URI of the <code>TrustProfile</code> to create.
* @param signerCertsUri The URI of the location of the allowed signer
* certificates of the <code>TrustProfile</code> to create.
+ * @param uriTSL The URI to the TSLs
*/
- public TrustProfile(String id, String uri, String signerCertsUri) {
+ public TrustProfile(String id, String uri, String signerCertsUri, String uriTSL) {
this.id = id;
this.uri = uri;
this.signerCertsUri = signerCertsUri;
+ this.uriTSL = uriTSL;
}
/**
@@ -70,4 +74,12 @@ public class TrustProfile {
public String getSignerCertsUri() {
return signerCertsUri;
}
+
+ /**
+ * Return the URI of the location of the TSLS
+ * @return The URI of the location of the TSLS
+ */
+ public String getUriTSL() {
+ return uriTSL;
+ }
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
index 96c8b984e..b5c1023ab 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
@@ -39,6 +39,7 @@ import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentReference;
import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.server.config.TrustProfile;
import at.gv.egovernment.moa.spss.server.logging.IaikLog;
import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
@@ -113,7 +114,11 @@ public class CMSSignatureVerificationInvoker {
// get the signature
signature = request.getCMSSignature();
+ // get the actual trustprofile
+ TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId());
+
try {
+
// get the signed content
signedContent = getSignedContent(request);
@@ -169,7 +174,7 @@ public class CMSSignatureVerificationInvoker {
for (resultIter = results.iterator(); resultIter.hasNext();) {
result = (CMSSignatureVerificationResult) resultIter.next();
- responseBuilder.addResult(result);
+ responseBuilder.addResult(result, trustProfile);
}
} else {
int i;
@@ -180,7 +185,7 @@ public class CMSSignatureVerificationInvoker {
try {
result =
(CMSSignatureVerificationResult) results.get(signatories[i] - 1);
- responseBuilder.addResult(result);
+ responseBuilder.addResult(result, trustProfile);
} catch (IndexOutOfBoundsException e) {
throw new MOAApplicationException(
"2249",
@@ -188,7 +193,7 @@ public class CMSSignatureVerificationInvoker {
}
}
}
-
+
return responseBuilder.getResponse();
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
index 8a0b3de13..b7bdbc9b8 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
@@ -15,19 +15,25 @@
*/
package at.gv.egovernment.moa.spss.server.invoke;
+import iaik.server.modules.cmsverify.CMSSignatureVerificationResult;
+import iaik.server.modules.cmsverify.CertificateValidationResult;
+import iaik.server.modules.xmlverify.XMLSignatureVerificationResult;
+
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
-
-import iaik.server.modules.cmsverify.CMSSignatureVerificationResult;
-import iaik.server.modules.cmsverify.CertificateValidationResult;
+import java.util.ListIterator;
import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOAException;
import at.gv.egovernment.moa.spss.api.SPSSFactory;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.CheckTSLResult;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+import at.gv.egovernment.moa.spss.server.config.TrustProfile;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
/**
* A class to build a <code>VerifyCMSSignatureResponse</code> object.
@@ -60,21 +66,24 @@ public class VerifyCMSSignatureResponseBuilder {
* Add a verification result to the response.
*
* @param result The result to add.
- * @throws MOAApplicationException An error occurred adding the result.
+ * @param trustprofile The actual trustprofile
+ * @throws MOAException
*/
- public void addResult(CMSSignatureVerificationResult result)
- throws MOAApplicationException {
+ public void addResult(CMSSignatureVerificationResult result, TrustProfile trustProfile)
+ throws MOAException {
CertificateValidationResult certResult =
result.getCertificateValidationResult();
int signatureCheckCode =
result.getSignatureValueVerificationCode().intValue();
int certificateCheckCode = certResult.getValidationResultCode().intValue();
+
VerifyCMSSignatureResponseElement responseElement;
SignerInfo signerInfo;
CheckResult signatureCheck;
CheckResult certificateCheck;
-
+ CheckTSLResult tslCheck;
+
// add SignerInfo element
signerInfo =
factory.createSignerInfo(
@@ -88,14 +97,55 @@ public class VerifyCMSSignatureResponseBuilder {
// add CertificateCheck element
certificateCheck = factory.createCheckResult(certificateCheckCode, null);
+
+ // add TSL check
+ tslCheck = validateTSL(result, trustProfile);
+
// build the response element
responseElement =
factory.createVerifyCMSSignatureResponseElement(
signerInfo,
signatureCheck,
- certificateCheck);
+ certificateCheck,
+ tslCheck);
responseElements.add(responseElement);
}
+
+ /**
+ * Checks the certificate chain against the given (in the provided <code>trustProfile</code>) TSLs
+ *
+ * @param result The result produced by the <code>XMLSignatureVerificationModule</code>.
+ *
+ * @param trustProfile The trust profile the signer certificate is validated against.
+ *
+ * @return The overal result of the TSL validation.
+ *
+ * @throws MOAException
+ */
+ private CheckTSLResult validateTSL(CMSSignatureVerificationResult result, TrustProfile trustProfile)
+ throws MOAException
+{
+ MessageProvider msg = MessageProvider.getInstance();
+ //String logMsg = msg.getMessage("tsl.00", new Object[]{trustProfile.getId(), files[i].getName()});
+
+ // TODO KS: TSL initialisieren, TSL abfrage mit chain
+
+ List chain = result.getCertificateValidationResult().getCertificateChain();
+ String uriTSL = trustProfile.getUriTSL();
+ //System.out.println("Size: " + chain.size());
+ ListIterator it = chain.listIterator();
+ while(it.hasNext()) {
+ X509Certificate cert = (X509Certificate) it.next();
+ //System.out.println(cert.getSubjectDN());
+ }
+ //System.out.println("URL-TSL: " + uriTSL);
+
+ int resultCode = 0;
+ String resultInfo = msg.getMessage("tsl.00", null);
+
+ SPSSFactory factory = SPSSFactory.getInstance();
+ return factory.createCheckTSLResult(resultCode, resultInfo);
+}
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
index 1250fcad5..68ba4ad7e 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
@@ -42,6 +42,7 @@ import org.w3c.dom.NodeList;
import at.gv.egovernment.moa.spss.MOAApplicationException;
import at.gv.egovernment.moa.spss.api.SPSSFactory;
import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.CheckTSLResult;
import at.gv.egovernment.moa.spss.api.common.Content;
import at.gv.egovernment.moa.spss.api.common.InputData;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
@@ -86,6 +87,9 @@ public class VerifyXMLSignatureResponseBuilder {
private List xmlDsigManifestChecks;
/** The result of the certificate check. */
private CheckResult certificateCheck;
+ /** The result of the TSL check. */
+ private CheckTSLResult tslCheck;
+
/**
* Get the <code>VerifyMLSignatureResponse</code> built so far.
@@ -100,7 +104,8 @@ public class VerifyXMLSignatureResponseBuilder {
signatureCheck,
signatureManifestCheck,
xmlDsigManifestChecks,
- certificateCheck);
+ certificateCheck,
+ tslCheck);
}
/**
@@ -113,14 +118,16 @@ public class VerifyXMLSignatureResponseBuilder {
* @param profile The profile used for verifying the signature.
* @param transformsSignatureManifestCheck The overall result for the signature
* manifest check.
- * @param certificateCheck The overall result for the certificate check.
+ * @param certificateCheck The overall result for the certificate check.
+ * @param tslCheck The result of the TSL check
* @throws MOAApplicationException An error occurred adding the result.
*/
public void setResult(
XMLSignatureVerificationResult result,
XMLSignatureVerificationProfile profile,
ReferencesCheckResult transformsSignatureManifestCheck,
- CheckResult certificateCheck)
+ CheckResult certificateCheck,
+ CheckTSLResult tslCheck)
throws MOAApplicationException {
CertificateValidationResult certResult =
@@ -284,6 +291,10 @@ public class VerifyXMLSignatureResponseBuilder {
// create the certificate check
this.certificateCheck = certificateCheck;
+
+ // create the tsl check
+ this.tslCheck = tslCheck;
+
}
/**
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
index f08588ecb..765a48e79 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
@@ -43,6 +43,7 @@ import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
+import java.util.ListIterator;
import java.util.Map;
import java.util.Set;
@@ -58,6 +59,7 @@ import at.gv.egovernment.moa.spss.MOAException;
import at.gv.egovernment.moa.spss.MOASystemException;
import at.gv.egovernment.moa.spss.api.SPSSFactory;
import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.CheckTSLResult;
import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo;
import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
@@ -225,6 +227,7 @@ public class XMLSignatureVerificationInvoker {
signatureEnvironmentParent.appendChild(signatureEnvironment.getElement());
}
+
// check the result
signatureManifestCheck =
validateSignatureManifest(request, result, profile);
@@ -233,8 +236,11 @@ public class XMLSignatureVerificationInvoker {
TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId());
CheckResult certificateCheck = validateSignerCertificate(result, trustProfile);
+ // Check the TSL result
+ CheckTSLResult tslCheck = validateTSL(result, trustProfile);
+
// build the response
- responseBuilder.setResult(result, profile, signatureManifestCheck, certificateCheck);
+ responseBuilder.setResult(result, profile, signatureManifestCheck, certificateCheck, tslCheck);
return responseBuilder.getResponse();
}
@@ -318,6 +324,42 @@ public class XMLSignatureVerificationInvoker {
SPSSFactory factory = SPSSFactory.getInstance();
return factory.createCheckResult(resultCode, null);
}
+
+ /**
+ * Checks the certificate chain against the given (in the provided <code>trustProfile</code>) TSLs
+ *
+ * @param result The result produced by the <code>XMLSignatureVerificationModule</code>.
+ *
+ * @param trustProfile The trust profile the signer certificate is validated against.
+ *
+ * @return The overal result of the TSL validation.
+ *
+ * @throws MOAException
+ */
+ private CheckTSLResult validateTSL(XMLSignatureVerificationResult result, TrustProfile trustProfile)
+ throws MOAException
+{
+ MessageProvider msg = MessageProvider.getInstance();
+ //String logMsg = msg.getMessage("tsl.00", new Object[]{trustProfile.getId(), files[i].getName()});
+
+ // TODO KS: TSL initialisieren, TSL abfrage mit chain
+
+ List chain = result.getCertificateValidationResult().getCertificateChain();
+ String uriTSL = trustProfile.getUriTSL();
+ //System.out.println("Size: " + chain.size());
+ ListIterator it = chain.listIterator();
+ while(it.hasNext()) {
+ X509Certificate cert = (X509Certificate) it.next();
+ //System.out.println(cert.getSubjectDN());
+ }
+ //System.out.println("URL-TSL: " + uriTSL);
+
+ int resultCode = 0;
+ String resultInfo = msg.getMessage("tsl.00", null);
+
+ SPSSFactory factory = SPSSFactory.getInstance();
+ return factory.createCheckTSLResult(resultCode, resultInfo);
+}
/**
* Select the <code>dsig:Signature</code> DOM element within the signature
diff --git a/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties b/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties
index 9b896c059..4c9d11f63 100644
--- a/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties
+++ b/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties
@@ -134,7 +134,7 @@ config.28=Einen detaillierten Fehlerbericht entnehmen Sie bitte der Log-Datei.
config.29=Es sind folgende leichte Fehler aufgetreten:
config.31=Fehler in der Konfiguration der KeyGroup mit id={0}: Der Schlüssel im KeyModule id={1} mit IssuerName={2} und SerialNumber={3} konnte nicht geladen werden
config.32=Fehler in der Konfiguration: Verzeichnisangabe für den Zertifikatsspeicher ist ungültig ({0}).
-
+config.33=Fehler beim Erstellen des TrustProfile id={0}: Name des TSL-Verzeichnisses konnte nicht in eine URL umgewandet werden
handler.00=Starte neue Transaktion: TID={0}, Service={1}
handler.01=Aufruf von Adresse={0}
@@ -149,3 +149,5 @@ invoker.00=Das Signature Environment konnte nicht validierend geparst werden
invoker.01=Keine passende Transformationskette gefunden (Index={0})
invoker.02=Der Hashwert der Transformation stimmt nicht überein (Index={0})
invoker.03=Signatorzertifikat aus Trustprofile mit id={0} konnte nicht geparst werden (Dateiname={1})
+
+tsl.00 = Das Zertifikat konnte erfolgreich gegen die TSL verifiziert werden \ No newline at end of file
diff --git a/spss/server/serverws/.settings/org.eclipse.wst.common.component b/spss/server/serverws/.settings/org.eclipse.wst.common.component
index c83fdc828..f859c643a 100644
--- a/spss/server/serverws/.settings/org.eclipse.wst.common.component
+++ b/spss/server/serverws/.settings/org.eclipse.wst.common.component
@@ -1,14 +1,14 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project-modules id="moduleCoreId" project-version="1.5.0">
-<wb-module deploy-name="moa-spss">
- <wb-resource deploy-path="/" source-path="/src/main/webapp"/>
- <dependent-module deploy-path="/WEB-INF/lib" handle="module:/resource/moa-spss-lib/moa-spss-lib">
- <dependency-type>uses</dependency-type>
- </dependent-module>
- <dependent-module deploy-path="/WEB-INF/lib" handle="module:/resource/moa-common/moa-common">
- <dependency-type>uses</dependency-type>
- </dependent-module>
-<property name="context-root" value="moa-spss"/>
-<property name="java-output-path" value="target/classes"/>
-</wb-module>
-</project-modules>
+<?xml version="1.0" encoding="UTF-8"?>
+<project-modules id="moduleCoreId" project-version="1.5.0">
+<wb-module deploy-name="moa-spss">
+ <wb-resource deploy-path="/" source-path="/src/main/webapp"/>
+ <dependent-module deploy-path="/WEB-INF/lib" handle="module:/resource/moa-spss-lib/moa-spss-lib">
+ <dependency-type>uses</dependency-type>
+ </dependent-module>
+ <dependent-module deploy-path="/WEB-INF/lib" handle="module:/resource/moa-common/moa-common">
+ <dependency-type>uses</dependency-type>
+ </dependent-module>
+<property name="context-root" value="moa-spss"/>
+<property name="java-output-path" value="target/classes"/>
+</wb-module>
+</project-modules>
diff --git a/spss/server/serverws/resources/wsdl/MOA-SPSS-1.3.wsdl b/spss/server/serverws/resources/wsdl/MOA-SPSS-1.3.wsdl
index c5cd8fc0f..68c3d0ebd 100644
--- a/spss/server/serverws/resources/wsdl/MOA-SPSS-1.3.wsdl
+++ b/spss/server/serverws/resources/wsdl/MOA-SPSS-1.3.wsdl
@@ -3,7 +3,7 @@
Web Service Description for MOA SP/SS 1.4
-->
<definitions name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="../resources/schemas/MOA-SPSS-1.3.xsd"/>
+ <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="MOA-SPSS-1.3.xsd"/>
<message name="CreateXMLSignatureInput">
<part name="body" element="moa:CreateXMLSignatureRequest"/>
</message>