diff options
16 files changed, 859 insertions, 44 deletions
diff --git a/spss.slinterface/.classpath b/spss.slinterface/.classpath index 3ef5766d8..8c14ea4ef 100644 --- a/spss.slinterface/.classpath +++ b/spss.slinterface/.classpath @@ -4,7 +4,6 @@ <classpathentry kind="var" path="TOMCAT_HOME/common/lib/servlet.jar"/> <classpathentry kind="var" path="TOMCAT_HOME/common/lib/jasper-runtime.jar"/> <classpathentry kind="src" path="WEB-INF/src"/> - <classpathentry kind="src" path="work"/> <classpathentry kind="src" path="res"/> <classpathentry kind="lib" path="WEB-INF/lib/log4j-1.2.7.jar"/> <classpathentry kind="lib" path="WEB-INF/lib/xalan-2.5.1.jar"/> diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java index c6ea9e88d..b47f245fa 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java @@ -19,7 +19,8 @@ public class Constants public static final String IP_MOA2SL_STYLESHEET_ = "location.stylesheet.moa2sl"; public static final String IP_SL_SCHEMA_ = "location.schema.sl"; public static final String IP_MOA_SCHEMA_ = "location.schema.moa"; - public static final String IP_SP_ENDPOINT_ = "service.endpoint.sp"; + public static final String IP_SP_ENDPOINT_ = "service.sp.endpoint"; + public static final String IP_SP_TRUSTPROFILEID_ = "service.sp.trustProfileId"; // Logging hierarchies @@ -45,9 +46,18 @@ public class Constants // Namespace URIs + public static final String NSURI_SL_10_ = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#"; public static final String NSURI_SL_11_ = "http://www.buergerkarte.at/namespaces/securitylayer/20020831#"; public static final String NSURI_SL_12_ = "http://www.buergerkarte.at/namespaces/securitylayer/20031231#"; public static final String NSURI_MOA_12_ = "http://reference.e-government.gv.at/namespace/moa/20020822#"; + public static final String NSURI_NAMESPACES_ = "http://www.w3.org/2000/xmlns/"; + public static final String NSURI_XML_ = "http://www.w3.org/XML/1998/namespace"; + + // Namespace prefixes + public static final String NSPRE_SL_10_ = "sl10"; + public static final String NSPRE_SL_11_ = "sl11"; + public static final String NSPRE_SL_12_ = "sl12"; + public static final String NSPRE_MOA_12_ = "moa"; // MOA invoker constants diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java index 4632c80f5..77c1b9c0e 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java @@ -37,12 +37,17 @@ import org.apache.commons.fileupload.DiskFileUpload; import org.apache.commons.fileupload.FileItem; import org.apache.commons.fileupload.FileUpload; import org.apache.commons.fileupload.FileUploadException; +import org.apache.log4j.Level; import org.apache.log4j.Logger; import org.apache.xerces.parsers.DOMParser; import org.w3c.dom.Document; import org.xml.sax.InputSource; +import org.xml.sax.SAXException; import at.gv.egovernment.moa.spss.slinterface.Constants; +import at.gv.egovernment.moa.spss.slinterface.moainvoker.MOAInvoker; +import at.gv.egovernment.moa.spss.slinterface.transformers.MOA2SL; +import at.gv.egovernment.moa.spss.slinterface.transformers.SL2MOA; /** * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) @@ -67,19 +72,19 @@ public class SL2MOAFilter implements Filter slRequest_ = new SLRequest(); // Initialize stylesheet transform SL2MOA - ServletContext context = config_.getServletContext(); - Transformer sl2MoaTransformer = (Transformer) context.getAttribute(Constants.WSCP_SL2MOA_TRANSFORMER_); - if (sl2MoaTransformer == null) - { - initTransformer(context, Constants.IP_SL2MOA_STYLESHEET_); - } +// ServletContext context = config_.getServletContext(); +// Transformer sl2MoaTransformer = (Transformer) context.getAttribute(Constants.WSCP_SL2MOA_TRANSFORMER_); +// if (sl2MoaTransformer == null) +// { +// initTransformer(context, Constants.IP_SL2MOA_STYLESHEET_); +// } // Initialize stylesheet transform MOA2SL - Transformer moa2SlTransformer = (Transformer) context.getAttribute(Constants.WSCP_MOA2SL_TRANSFORMER_); - if (moa2SlTransformer == null) - { - initTransformer(context, Constants.IP_MOA2SL_STYLESHEET_); - } +// Transformer moa2SlTransformer = (Transformer) context.getAttribute(Constants.WSCP_MOA2SL_TRANSFORMER_); +// if (moa2SlTransformer == null) +// { +// initTransformer(context, Constants.IP_MOA2SL_STYLESHEET_); +// } } @@ -103,22 +108,29 @@ public class SL2MOAFilter implements Filter Document slXMLRequestDoc = parseSlXmlRequest(slXmlRequestCAR); // Transform SL request into a MOA SPSS request - Transformer sl2MoaTransformer = - (Transformer) config_.getServletContext().getAttribute(Constants.WSCP_SL2MOA_TRANSFORMER_); - DOMSource slXMLRequestDS = new DOMSource(slXMLRequestDoc); +// Transformer sl2MoaTransformer = +// (Transformer) config_.getServletContext().getAttribute(Constants.WSCP_SL2MOA_TRANSFORMER_); +// DOMSource slXMLRequestDS = new DOMSource(slXMLRequestDoc); +// ByteArrayOutputStream moaRequestBOS = new ByteArrayOutputStream(); +// StreamResult moaRequestResult = new StreamResult(moaRequestBOS); +// try +// { +// sl2MoaTransformer.transform(slXMLRequestDS, moaRequestResult); +// } +// catch (TransformerException e) +// { +// String message = "Transforming SL XML request into MOA XML request failed."; +// logger_.error(message, e); +// throw new ServletException(message, e); +// } +// logger_.debug("MOA XML Request:\n" + moaRequestBOS.toString()); +// ByteArrayInputStream moaRequestIS = new ByteArrayInputStream(moaRequestBOS.toByteArray()); + Properties initProps = (Properties)config_.getServletContext().getAttribute(Constants.WSCP_INIT_PROPS_); + String trustProfileId = initProps.getProperty(Constants.IP_SP_TRUSTPROFILEID_); + Document moaXMLRequestDoc = SL2MOA.toMoaVerifyXMLSignatureRequest(slXMLRequestDoc, trustProfileId); ByteArrayOutputStream moaRequestBOS = new ByteArrayOutputStream(); - StreamResult moaRequestResult = new StreamResult(moaRequestBOS); - try - { - sl2MoaTransformer.transform(slXMLRequestDS, moaRequestResult); - } - catch (TransformerException e) - { - String message = "Transforming SL XML request into MOA XML request failed."; - logger_.error(message, e); - throw new ServletException(message, e); - } - logger_.debug("MOA XML Request:\n" + moaRequestBOS.toString()); + MOAInvoker.serializeDocument(moaXMLRequestDoc, moaRequestBOS); + logger_.debug("SL request transformed into MOA request:\n" + moaRequestBOS); ByteArrayInputStream moaRequestIS = new ByteArrayInputStream(moaRequestBOS.toByteArray()); // Invoke MOA SPSS @@ -130,22 +142,40 @@ public class SL2MOAFilter implements Filter response.setContentType("text/xml"); // Transform MOA response into a SL response and send SL response back to client - Transformer moa2SlTransformer = - (Transformer) config_.getServletContext().getAttribute(Constants.WSCP_MOA2SL_TRANSFORMER_); +// Transformer moa2SlTransformer = +// (Transformer) config_.getServletContext().getAttribute(Constants.WSCP_MOA2SL_TRANSFORMER_); +// ServletOutputStream moaResponseSOS = (ServletOutputStream) responseWrapper.getOutputStream(); +// ByteArrayInputStream moaResponseBIS = new ByteArrayInputStream(moaResponseSOS.toByteArray()); +// StreamSource moaResponseSource = new StreamSource(moaResponseBIS); +// StreamResult slResponseResult = new StreamResult(response.getOutputStream()); +// try +// { +// moa2SlTransformer.transform(moaResponseSource, slResponseResult); +// } +// catch (TransformerException e) +// { +// String message = "Transforming MOA XML response into SL XML response failed."; +// logger_.error(message, e); +// throw new ServletException(message, e); +// } + DOMParser xmlParser = (DOMParser) config_.getServletContext().getAttribute(Constants.WSCP_XMLPARSER_); ServletOutputStream moaResponseSOS = (ServletOutputStream) responseWrapper.getOutputStream(); ByteArrayInputStream moaResponseBIS = new ByteArrayInputStream(moaResponseSOS.toByteArray()); - StreamSource moaResponseSource = new StreamSource(moaResponseBIS); - StreamResult slResponseResult = new StreamResult(response.getOutputStream()); + InputSource responseSource = new InputSource(moaResponseBIS); try { - moa2SlTransformer.transform(moaResponseSource, slResponseResult); + xmlParser.parse(responseSource); + Document moaResponseDoc = xmlParser.getDocument(); + Document slResponseDoc = MOA2SL.toSlVerifyXMLSignatureResponse(moaResponseDoc); + MOAInvoker.serializeDocument(slResponseDoc, response.getOutputStream()); } - catch (TransformerException e) + catch (SAXException e) { String message = "Transforming MOA XML response into SL XML response failed."; logger_.error(message, e); throw new ServletException(message, e); - } + } + } /* ---------------------------------------------------------------------------------------------------- */ @@ -197,6 +227,7 @@ public class SL2MOAFilter implements Filter } context.setAttribute(contextAttrName, transformer); } + /* ---------------------------------------------------------------------------------------------------- */ /** @@ -298,6 +329,19 @@ public class SL2MOAFilter implements Filter logger_.error(message, e); throw new ServletException(message, e); } + if (logger_.getEffectiveLevel().isGreaterOrEqual(Level.DEBUG)) + { + ByteArrayOutputStream debugOutputStream = new ByteArrayOutputStream(); + try + { + MOAInvoker.serializeDocument(slXmlRequestDoc, debugOutputStream); + logger_.debug("XML-Request received:\n" + debugOutputStream); + } + catch (IOException e) + { + // No debug output if this fails + } + } // Check if namespace is correct String namespaceURI = slXmlRequestDoc.getDocumentElement().getNamespaceURI(); diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/listeners/ContextListener.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/listeners/ContextListener.java index 5b32a482b..0b3980a50 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/listeners/ContextListener.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/listeners/ContextListener.java @@ -41,6 +41,8 @@ public class ContextListener implements ServletContextListener "http://apache.org/xml/features/dom/include-ignorable-whitespace"; private static final String XERCES_CREATE_ENTITY_REF_NODES_FEATURE = "http://apache.org/xml/features/dom/create-entity-ref-nodes"; + protected static final String XERCES_DEFER_NODE_EXPANSION_ = + "http://apache.org/xml/features/dom/defer-node-expansion"; private static final int BIG_PRIME = 2039; @@ -103,6 +105,8 @@ public class ContextListener implements ServletContextListener xmlParser.setFeature(XERCES_NORMALIZED_VALUE_FEATURE, false); xmlParser.setFeature(XERCES_INCLUDE_IGNORABLE_WHITESPACE_FEATURE, true); xmlParser.setFeature(XERCES_CREATE_ENTITY_REF_NODES_FEATURE, false); + xmlParser.setFeature(XERCES_DEFER_NODE_EXPANSION_, false); + } catch (SAXException e) { diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/MOA2SL.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/MOA2SL.java new file mode 100644 index 000000000..a85917d81 --- /dev/null +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/MOA2SL.java @@ -0,0 +1,88 @@ +/* + * Created on 20.11.2003 + * + * (c) Stabsstelle IKT-Strategie des Bundes + */ +package at.gv.egovernment.moa.spss.slinterface.transformers; + +import java.util.ArrayList; +import java.util.HashMap; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.NodeList; + +import at.gv.egovernment.moa.spss.slinterface.Constants; + +/** + * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) + */ +public class MOA2SL +{ + /** + * Transforms an MOA VerifyXMLSignatureResponse into a SL VerifyXMLSignatureResponse. + * + * @param moaVerifyXMLSignatureResponse The MOA VerifyXMLSignatureResponse to be transformed. + * + * @return the specified response document, transformed into a SL VerifyXMLSignatureResponse. Please note + * that <code>moaVerifyXMLSignatureResponse</code> is modified into the sl response. + * + * @pre moaVerifyXMLSignatureResponse is a valid instance of the SL Schema (version 1.2 or 1.1). + */ + public static Document toSlVerifyXMLSignatureResponse(Document moaVerifyXMLSignatureResponse) + { + // Namespace to namespace prefix mapping + HashMap prefixMap = new HashMap(4); + prefixMap.put(Constants.NSURI_SL_10_, Constants.NSPRE_SL_10_); + prefixMap.put(Constants.NSURI_SL_11_, Constants.NSPRE_SL_11_); + prefixMap.put(Constants.NSURI_SL_12_, Constants.NSPRE_SL_12_); + prefixMap.put(Constants.NSURI_MOA_12_, Constants.NSPRE_MOA_12_); + + // Namespaces to be changed + HashMap nsTransforms = new HashMap(); + nsTransforms.put(Constants.NSURI_MOA_12_, Constants.NSURI_SL_11_); + + // Names to be changed + HashMap nameTransforms = new HashMap(); + nameTransforms.put( + new QName(Constants.NSURI_MOA_12_, "PublicAuthority"), + new QName(Constants.NSURI_MOA_12_,"PublicAuthority")); + + Element verifyResponseElem = moaVerifyXMLSignatureResponse.getDocumentElement(); + verifyResponseElem.setAttributeNS(Constants.NSURI_NAMESPACES_, + "xmlns:" + Constants.NSPRE_SL_10_, Constants.NSURI_SL_10_); + verifyResponseElem.setAttributeNS(Constants.NSURI_NAMESPACES_, + "xmlns:" + Constants.NSPRE_SL_11_, Constants.NSURI_SL_11_); + + // Convert SL request into MOA request + verifyResponseElem = + Utils.transformDeep(verifyResponseElem, prefixMap, nsTransforms, nameTransforms); + + // Add SignatureManifestCheck element (Code = 98) + Element signatureMFCheckElem = moaVerifyXMLSignatureResponse.createElementNS( + Constants.NSURI_SL_11_, Constants.NSPRE_SL_11_ + ":SignatureManifestCheck"); + Element smfCodeElem = moaVerifyXMLSignatureResponse.createElementNS( + Constants.NSURI_SL_11_, Constants.NSPRE_SL_11_ + ":Code"); + signatureMFCheckElem.appendChild(smfCodeElem); + smfCodeElem.appendChild(moaVerifyXMLSignatureResponse.createTextNode("98")); + Element signatureCheckElem = (Element) verifyResponseElem.getElementsByTagNameNS( + Constants.NSURI_SL_11_, "SignatureCheck").item(0); + verifyResponseElem.insertBefore(signatureMFCheckElem, signatureCheckElem.getNextSibling()); + + // Siblings of Certificate check must be in sl10 namespace + nsTransforms.clear(); + nsTransforms.put(Constants.NSURI_SL_11_, Constants.NSURI_SL_10_); + nameTransforms.clear(); + NodeList signatureCheckChildren = signatureCheckElem.getElementsByTagName("*"); + ArrayList signatureCheckChildrenList = new ArrayList(signatureCheckChildren.getLength()); + for (int i = 0; i < signatureCheckChildren.getLength(); i++) + { + signatureCheckChildrenList.add(signatureCheckChildren.item(i)); + } + for (int i = 0; i < signatureCheckChildrenList.size(); i++) + Utils.transformDeep((Element) signatureCheckChildrenList.get(i), prefixMap, nsTransforms, + nameTransforms); + + return moaVerifyXMLSignatureResponse; + } +} diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/QName.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/QName.java new file mode 100644 index 000000000..6da0c433f --- /dev/null +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/QName.java @@ -0,0 +1,51 @@ +/* + * Created on 20.11.2003 + * + * (c) Stabsstelle IKT-Strategie des Bundes + */ +package at.gv.egovernment.moa.spss.slinterface.transformers; + +/** + * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) + */ +public class QName +{ + public String nsUrl_; + public String localName_; + + /* ---------------------------------------------------------------------------------------------------- */ + + public QName(String nsUrl, String localName) + { + nsUrl_ = nsUrl; + localName_ = localName; + } + + /* ---------------------------------------------------------------------------------------------------- */ + + public boolean equals(Object o) + { + if (o == null) return false; + if (o instanceof QName) + { + QName toBeCompared = (QName) o; + + boolean nsURLEquals = (nsUrl_ == null) + ? toBeCompared.nsUrl_ == null + : nsUrl_.equals(toBeCompared.nsUrl_); + boolean localNameEquals = (localName_ == null) + ? toBeCompared.localName_ == null + : localName_.equals(toBeCompared.localName_); + + return nsURLEquals && localNameEquals; + } + return false; + } + + /* ---------------------------------------------------------------------------------------------------- */ + + public int hashCode() + { + return new String(nsUrl_ + localName_).hashCode(); + } +} diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java new file mode 100644 index 000000000..11855242e --- /dev/null +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/SL2MOA.java @@ -0,0 +1,88 @@ +/* + * Created on 20.11.2003 + * + * (c) Stabsstelle IKT-Strategie des Bundes + */ +package at.gv.egovernment.moa.spss.slinterface.transformers; + +import java.util.HashMap; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.spss.slinterface.Constants; + +/** + * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) + */ +public class SL2MOA +{ + /** + * Transforms an SL VerifyXMLSignatureRequest into a MOA VerifyXMLSignatureRequest. + * + * @param slVerifyXMLSignatureRequest The SL VerifyXMLSignatureRequest to be transformed. + * + * @return the specified request document, transformed into a MOA VerifyXMLSignatureRequest. Please note + * that <code>slVerifyXMLSignatureRequest</code> is modified into the moa request. + * + * @pre slVerifyXMLSignatureRequest is a valid instance of the SL Schema (version 1.2 or 1.1). + */ + public static Document toMoaVerifyXMLSignatureRequest(Document slVerifyXMLSignatureRequest, + String trustProfileID) + { + // Namespace to namespace prefix mapping + HashMap prefixMap = new HashMap(4); + prefixMap.put(Constants.NSURI_SL_10_, Constants.NSPRE_SL_10_); + prefixMap.put(Constants.NSURI_SL_11_, Constants.NSPRE_SL_11_); + prefixMap.put(Constants.NSURI_SL_12_, Constants.NSPRE_SL_12_); + prefixMap.put(Constants.NSURI_MOA_12_, Constants.NSPRE_MOA_12_); + + // Namespaces to be changed + HashMap nsTransforms = new HashMap(); + nsTransforms.put(Constants.NSURI_SL_10_, Constants.NSURI_MOA_12_); + nsTransforms.put(Constants.NSURI_SL_11_, Constants.NSURI_MOA_12_); + nsTransforms.put(Constants.NSURI_SL_12_, Constants.NSURI_MOA_12_); + + // Names to be changed + HashMap nameTransforms = new HashMap(); + nameTransforms.put( + new QName(Constants.NSURI_SL_11_, "SignatureInfo"), + new QName(Constants.NSURI_MOA_12_,"VerifySignatureInfo")); + nameTransforms.put( + new QName(Constants.NSURI_SL_12_, "SignatureInfo"), + new QName(Constants.NSURI_MOA_12_,"VerifySignatureInfo")); + nameTransforms.put( + new QName(Constants.NSURI_SL_11_, "SignatureEnvironment"), + new QName(Constants.NSURI_MOA_12_,"VerifySignatureEnvironment")); + nameTransforms.put( + new QName(Constants.NSURI_SL_12_, "SignatureEnvironment"), + new QName(Constants.NSURI_MOA_12_,"VerifySignatureEnvironment")); + nameTransforms.put( + new QName(Constants.NSURI_SL_11_, "SignatureLocation"), + new QName(Constants.NSURI_MOA_12_,"VerifySignatureLocation")); + nameTransforms.put( + new QName(Constants.NSURI_SL_12_, "SignatureLocation"), + new QName(Constants.NSURI_MOA_12_,"VerifySignatureLocation")); + nameTransforms.put( + new QName(Constants.NSURI_SL_11_, "Supplement"), + new QName(Constants.NSURI_MOA_12_,"SupplementProfile")); + nameTransforms.put( + new QName(Constants.NSURI_SL_12_, "Supplement"), + new QName(Constants.NSURI_MOA_12_,"SupplementProfile")); + + Element verifyRequestElem = slVerifyXMLSignatureRequest.getDocumentElement(); + verifyRequestElem.setAttributeNS(Constants.NSURI_NAMESPACES_, + "xmlns:" + Constants.NSPRE_MOA_12_, Constants.NSURI_MOA_12_); + + // Convert SL request into MOA request + verifyRequestElem = Utils.transformDeep(verifyRequestElem, prefixMap, nsTransforms, nameTransforms); + + // Add trust profile ID element + Element trustProfileIDElem = slVerifyXMLSignatureRequest.createElementNS( + Constants.NSURI_MOA_12_, Constants.NSPRE_MOA_12_ + ":TrustProfileID"); + trustProfileIDElem.appendChild(slVerifyXMLSignatureRequest.createTextNode(trustProfileID)); + verifyRequestElem.appendChild(trustProfileIDElem); + + return slVerifyXMLSignatureRequest; + } +} diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/Utils.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/Utils.java new file mode 100644 index 000000000..d03895efe --- /dev/null +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/transformers/Utils.java @@ -0,0 +1,129 @@ +/* + * Created on 20.11.2003 + * + * (c) Stabsstelle IKT-Strategie des Bundes + */ +package at.gv.egovernment.moa.spss.slinterface.transformers; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; + +import org.apache.xerces.dom.DocumentImpl; +import org.w3c.dom.Attr; +import org.w3c.dom.Element; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.traversal.DocumentTraversal; +import org.w3c.dom.traversal.NodeFilter; +import org.w3c.dom.traversal.NodeIterator; + +import at.gv.egovernment.moa.spss.slinterface.Constants; + +/** + * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) + */ +public class Utils +{ + /** + * + * @param elem + * @param prefixes + * @param namespaces + * @param names + * + * @pre <code>elem</code> is backed by a <code>org.apache.xerces.dom.DocumentImpl</code>. + */ + public static Element transformDeep(Element elem, Map prefixes, Map namespaces, Map names) + { + // Get node iterator for element + DocumentTraversal docTraversal = (DocumentImpl) elem.getOwnerDocument(); + NodeIterator elemsIt = docTraversal.createNodeIterator(elem, NodeFilter.SHOW_ELEMENT, null, true); + + // Make iterator immutable + List elemsList = new LinkedList(); + while (true) + { + Node currNode = elemsIt.nextNode(); + if (currNode == null) break; + elemsList.add(currNode); + } + + Iterator elemsImmIt = elemsList.iterator(); + Element returnValue = null; + while (elemsImmIt.hasNext()) + { + Element currElem = (Element) elemsImmIt.next(); + + String nsUri = currElem.getNamespaceURI(); + String localName = currElem.getLocalName(); + QName qName = new QName(nsUri, localName); + + // Check if element is in "names" + QName newQName = (QName)names.get(qName); + if (newQName != null) + { + Element transformedElem = transformElem(currElem, newQName, prefixes); + if (returnValue == null) returnValue = transformedElem; + } + else + { + String newNamespace = (String)namespaces.get(nsUri); + if (newNamespace != null) + { + newQName = new QName(newNamespace, localName); + Element transformedElem = transformElem(currElem, newQName, prefixes); + if (returnValue == null) returnValue = transformedElem; + } + } + } + return returnValue; + } + + /* ---------------------------------------------------------------------------------------------------- */ + + private static Element transformElem(Element currElem, QName newQName, Map prefixes) + { + Element newElem = currElem.getOwnerDocument().createElementNS(newQName.nsUrl_, + (String) prefixes.get(newQName.nsUrl_) + ":" + newQName.localName_); + + currElem.getParentNode().replaceChild(newElem, currElem); + + // Treat attributes of currElem + NamedNodeMap currAttrs = currElem.getAttributes(); + ArrayList currAttrsList = new ArrayList(currAttrs.getLength()); + for (int i = 0; i < currAttrs.getLength(); i++) currAttrsList.add(currAttrs.item(i)); + for (int i = 0; i < currAttrsList.size(); i++) + { + Attr currAttr = (Attr)currAttrsList.get(i); + currAttr.getOwnerElement().removeAttributeNode(currAttr); + + // Workaround for bad Xerces behaviour: default attributes in the xml namespace are created without + // the xml prefix + if (Constants.NSURI_XML_.equals(currAttr.getNamespaceURI()) && "space".equals(currAttr.getLocalName())) + { + newElem.setAttributeNS(Constants.NSURI_XML_, "xml:space", currAttr.getValue()); + } + else + { + newElem.setAttributeNode(currAttr); + } + } + + // Treat child nodes of currElem + NodeList currChildren = currElem.getChildNodes(); + ArrayList currChildrenList = new ArrayList(currChildren.getLength()); + for (int i = 0; i < currChildren.getLength(); i++) currChildrenList.add(currChildren.item(i)); + for (int i = 0; i < currChildrenList.size(); i++) + { + Node currChild = (Node)currChildrenList.get(i); + currElem.removeChild(currChild); + newElem.appendChild(currChild); + } + + return newElem; + } +} diff --git a/spss.slinterface/constraints.txt b/spss.slinterface/constraints.txt new file mode 100644 index 000000000..1333c2d6c --- /dev/null +++ b/spss.slinterface/constraints.txt @@ -0,0 +1,2 @@ +- Prüfung eines ggf. vorhandenen SL-Manifests wird nicht durchgeführt. + In der Antwort wird der Code 98 zurückgeliefert.
\ No newline at end of file diff --git a/spss.slinterface/res/resources/properties/init.properties b/spss.slinterface/res/resources/properties/init.properties index b0757310e..0946d3817 100644 --- a/spss.slinterface/res/resources/properties/init.properties +++ b/spss.slinterface/res/resources/properties/init.properties @@ -4,4 +4,5 @@ location.stylesheet.moa2sl = /WEB-INF/classes/resources/stylesheets/moa2sl.xsl location.schema.sl = /WEB-INF/classes/resources/schemas/Core.20031231.xsd location.schema.moa = /WEB-INF/classes/resources/schemas/MOA-SPSS-1.2.xsd -service.endpoint.sp = http://localhost:8080/moa-spss/services/SignatureVerification
\ No newline at end of file +service.sp.endpoint = http://localhost:8080/moa-spss/services/SignatureVerification +service.sp.trustProfileId = TrustProfile1
\ No newline at end of file diff --git a/spss.slinterface/res/resources/schemas/Core.20020225.xsd b/spss.slinterface/res/resources/schemas/Core.20020225.xsd index 2797cf612..627c74ea7 100644 --- a/spss.slinterface/res/resources/schemas/Core.20020225.xsd +++ b/spss.slinterface/res/resources/schemas/Core.20020225.xsd @@ -3,8 +3,8 @@ <!-- XML-Schema für Schnittstellenspezifikation Version 1.1.0, Protokollelemente im datierten Namespace 20020225 -->
<!-- 31. 08. 2002, Operative Unit, CIO, BMOeLS -->
<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.0">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
<!--########### Create CMS Signature ###-->
<!--### Create CMS Signature Request ###-->
<xsd:element name="CreateCMSSignatureRequest" type="CreateCMSSignatureRequestType"/>
diff --git a/spss.slinterface/res/resources/schemas/Core.20020831.xsd b/spss.slinterface/res/resources/schemas/Core.20020831.xsd index 6ec40be63..48345fd4d 100644 --- a/spss.slinterface/res/resources/schemas/Core.20020831.xsd +++ b/spss.slinterface/res/resources/schemas/Core.20020831.xsd @@ -3,8 +3,8 @@ <!-- XML-Schema für Schnittstellenspezifikation Version 1.1.0, Protokollelemente im datierten Namespace 20020831 -->
<!-- 31. 08. 2002, Operative Unit, CIO, BMOeLS -->
<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/securitylayer/20020831#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.buergerkarte.at/namespaces/securitylayer/20020831#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.0">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
<xsd:import namespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" schemaLocation="Core.20020225.xsd"/>
<!--########## Create XML Signature ###-->
<!--### Create XML Signature Request ###-->
diff --git a/spss.slinterface/res/resources/schemas/Core.20031231.xsd b/spss.slinterface/res/resources/schemas/Core.20031231.xsd index 3ab0c0ddd..194be22a8 100644 --- a/spss.slinterface/res/resources/schemas/Core.20031231.xsd +++ b/spss.slinterface/res/resources/schemas/Core.20031231.xsd @@ -3,8 +3,8 @@ <!-- XML-Schema für Schnittstellenspezifikation Version 1.2.0, Protokollelemente im datierten Namespace 20031231 -->
<!-- 19. 11. 2003, Stabstelle IKT-Strategie, Bundeskanzleramt -->
<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/securitylayer/20031231#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#" xmlns="http://www.buergerkarte.at/namespaces/securitylayer/20031231#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.0">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
<xsd:import namespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" schemaLocation="Core.20020225.xsd"/>
<xsd:import namespace="http://www.buergerkarte.at/namespaces/securitylayer/20020831#" schemaLocation="Core.20020831.xsd"/>
<!--########## Verify XML Signature ###-->
diff --git a/spss.slinterface/res/resources/schemas/MOA-SPSS-1.2.xsd b/spss.slinterface/res/resources/schemas/MOA-SPSS-1.2.xsd index c3a746446..f0a53cfa0 100644 --- a/spss.slinterface/res/resources/schemas/MOA-SPSS-1.2.xsd +++ b/spss.slinterface/res/resources/schemas/MOA-SPSS-1.2.xsd @@ -3,8 +3,8 @@ MOA SP/SS 1.2 Schema
-->
<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
- <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
<!--########## Create XML Signature ###-->
<!--### Create XML Signature Request ###-->
<xsd:element name="CreateXMLSignatureRequest">
diff --git a/spss.slinterface/res/resources/schemas/xml.xsd b/spss.slinterface/res/resources/schemas/xml.xsd new file mode 100644 index 000000000..117670acd --- /dev/null +++ b/spss.slinterface/res/resources/schemas/xml.xsd @@ -0,0 +1,81 @@ +<?xml version='1.0'?> +<!DOCTYPE xs:schema PUBLIC "-//W3C//DTD XMLSCHEMA 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd" > +<xs:schema targetNamespace="http://www.w3.org/XML/1998/namespace" xmlns:xs="http://www.w3.org/2001/XMLSchema" xml:lang="en"> + + <xs:annotation> + <xs:documentation> + See http://www.w3.org/XML/1998/namespace.html and + http://www.w3.org/TR/REC-xml for information about this namespace. + </xs:documentation> + </xs:annotation> + + <xs:annotation> + <xs:documentation>This schema defines attributes and an attribute group + suitable for use by + schemas wishing to allow xml:base, xml:lang or xml:space attributes + on elements they define. + + To enable this, such a schema must import this schema + for the XML namespace, e.g. as follows: + <schema . . .> + . . . + <import namespace="http://www.w3.org/XML/1998/namespace" + schemaLocation="http://www.w3.org/2001/03/xml.xsd"/> + + Subsequently, qualified reference to any of the attributes + or the group defined below will have the desired effect, e.g. + + <type . . .> + . . . + <attributeGroup ref="xml:specialAttrs"/> + + will define a type which will schema-validate an instance + element with any of those attributes</xs:documentation> + </xs:annotation> + + <xs:annotation> + <xs:documentation>In keeping with the XML Schema WG's standard versioning + policy, this schema document will persist at + http://www.w3.org/2001/03/xml.xsd. + At the date of issue it can also be found at + http://www.w3.org/2001/xml.xsd. + The schema document at that URI may however change in the future, + in order to remain compatible with the latest version of XML Schema + itself. In other words, if the XML Schema namespace changes, the version + of this document at + http://www.w3.org/2001/xml.xsd will change + accordingly; the version at + http://www.w3.org/2001/03/xml.xsd will not change. + </xs:documentation> + </xs:annotation> + + <xs:attribute name="lang" type="xs:language"> + <xs:annotation> + <xs:documentation>In due course, we should install the relevant ISO 2- and 3-letter + codes as the enumerated possible values . . .</xs:documentation> + </xs:annotation> + </xs:attribute> + + <xs:attribute name="space" default="preserve"> + <xs:simpleType> + <xs:restriction base="xs:NCName"> + <xs:enumeration value="default"/> + <xs:enumeration value="preserve"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + + <xs:attribute name="base" type="xs:anyURI"> + <xs:annotation> + <xs:documentation>See http://www.w3.org/TR/xmlbase/ for + information about this attribute.</xs:documentation> + </xs:annotation> + </xs:attribute> + + <xs:attributeGroup name="specialAttrs"> + <xs:attribute ref="xml:base"/> + <xs:attribute ref="xml:lang"/> + <xs:attribute ref="xml:space"/> + </xs:attributeGroup> + +</xs:schema> diff --git a/spss.slinterface/res/resources/schemas/xmldsig-core-schema.xsd b/spss.slinterface/res/resources/schemas/xmldsig-core-schema.xsd new file mode 100644 index 000000000..df126b30e --- /dev/null +++ b/spss.slinterface/res/resources/schemas/xmldsig-core-schema.xsd @@ -0,0 +1,318 @@ +<?xml version="1.0" encoding="utf-8"?> +<!DOCTYPE schema + PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd" + [ + <!ATTLIST schema + xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#"> + <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'> + <!ENTITY % p ''> + <!ENTITY % s ''> + ]> + +<!-- Schema for XML Signatures + http://www.w3.org/2000/09/xmldsig# + $Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $ + + Copyright 2001 The Internet Society and W3C (Massachusetts Institute + of Technology, Institut National de Recherche en Informatique et en + Automatique, Keio University). All Rights Reserved. + http://www.w3.org/Consortium/Legal/ + + This document is governed by the W3C Software License [1] as described + in the FAQ [2]. + + [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720 + [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD +--> + + +<schema xmlns="http://www.w3.org/2001/XMLSchema" + xmlns:ds="http://www.w3.org/2000/09/xmldsig#" + targetNamespace="http://www.w3.org/2000/09/xmldsig#" + version="0.1" elementFormDefault="qualified"> + +<!-- Basic Types Defined for Signatures --> + +<simpleType name="CryptoBinary"> + <restriction base="base64Binary"> + </restriction> +</simpleType> + +<!-- Start Signature --> + +<element name="Signature" type="ds:SignatureType"/> +<complexType name="SignatureType"> + <sequence> + <element ref="ds:SignedInfo"/> + <element ref="ds:SignatureValue"/> + <element ref="ds:KeyInfo" minOccurs="0"/> + <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + + <element name="SignatureValue" type="ds:SignatureValueType"/> + <complexType name="SignatureValueType"> + <simpleContent> + <extension base="base64Binary"> + <attribute name="Id" type="ID" use="optional"/> + </extension> + </simpleContent> + </complexType> + +<!-- Start SignedInfo --> + +<element name="SignedInfo" type="ds:SignedInfoType"/> +<complexType name="SignedInfoType"> + <sequence> + <element ref="ds:CanonicalizationMethod"/> + <element ref="ds:SignatureMethod"/> + <element ref="ds:Reference" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + + <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/> + <complexType name="CanonicalizationMethodType" mixed="true"> + <sequence> + <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/> + <!-- (0,unbounded) elements from (1,1) namespace --> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + + <element name="SignatureMethod" type="ds:SignatureMethodType"/> + <complexType name="SignatureMethodType" mixed="true"> + <sequence> + <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/> + <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + <!-- (0,unbounded) elements from (1,1) external namespace --> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + +<!-- Start Reference --> + +<element name="Reference" type="ds:ReferenceType"/> +<complexType name="ReferenceType"> + <sequence> + <element ref="ds:Transforms" minOccurs="0"/> + <element ref="ds:DigestMethod"/> + <element ref="ds:DigestValue"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + <attribute name="URI" type="anyURI" use="optional"/> + <attribute name="Type" type="anyURI" use="optional"/> +</complexType> + + <element name="Transforms" type="ds:TransformsType"/> + <complexType name="TransformsType"> + <sequence> + <element ref="ds:Transform" maxOccurs="unbounded"/> + </sequence> + </complexType> + + <element name="Transform" type="ds:TransformType"/> + <complexType name="TransformType" mixed="true"> + <choice minOccurs="0" maxOccurs="unbounded"> + <any namespace="##other" processContents="lax"/> + <!-- (1,1) elements from (0,unbounded) namespaces --> + <element name="XPath" type="string"/> + </choice> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + +<!-- End Reference --> + +<element name="DigestMethod" type="ds:DigestMethodType"/> +<complexType name="DigestMethodType" mixed="true"> + <sequence> + <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> +</complexType> + +<element name="DigestValue" type="ds:DigestValueType"/> +<simpleType name="DigestValueType"> + <restriction base="base64Binary"/> +</simpleType> + +<!-- End SignedInfo --> + +<!-- Start KeyInfo --> + +<element name="KeyInfo" type="ds:KeyInfoType"/> +<complexType name="KeyInfoType" mixed="true"> + <choice maxOccurs="unbounded"> + <element ref="ds:KeyName"/> + <element ref="ds:KeyValue"/> + <element ref="ds:RetrievalMethod"/> + <element ref="ds:X509Data"/> + <element ref="ds:PGPData"/> + <element ref="ds:SPKIData"/> + <element ref="ds:MgmtData"/> + <any processContents="lax" namespace="##other"/> + <!-- (1,1) elements from (0,unbounded) namespaces --> + </choice> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + + <element name="KeyName" type="string"/> + <element name="MgmtData" type="string"/> + + <element name="KeyValue" type="ds:KeyValueType"/> + <complexType name="KeyValueType" mixed="true"> + <choice> + <element ref="ds:DSAKeyValue"/> + <element ref="ds:RSAKeyValue"/> + <any namespace="##other" processContents="lax"/> + </choice> + </complexType> + + <element name="RetrievalMethod" type="ds:RetrievalMethodType"/> + <complexType name="RetrievalMethodType"> + <sequence> + <element ref="ds:Transforms" minOccurs="0"/> + </sequence> + <attribute name="URI" type="anyURI"/> + <attribute name="Type" type="anyURI" use="optional"/> + </complexType> + +<!-- Start X509Data --> + +<element name="X509Data" type="ds:X509DataType"/> +<complexType name="X509DataType"> + <sequence maxOccurs="unbounded"> + <choice> + <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/> + <element name="X509SKI" type="base64Binary"/> + <element name="X509SubjectName" type="string"/> + <element name="X509Certificate" type="base64Binary"/> + <element name="X509CRL" type="base64Binary"/> + <any namespace="##other" processContents="lax"/> + </choice> + </sequence> +</complexType> + +<complexType name="X509IssuerSerialType"> + <sequence> + <element name="X509IssuerName" type="string"/> + <element name="X509SerialNumber" type="integer"/> + </sequence> +</complexType> + +<!-- End X509Data --> + +<!-- Begin PGPData --> + +<element name="PGPData" type="ds:PGPDataType"/> +<complexType name="PGPDataType"> + <choice> + <sequence> + <element name="PGPKeyID" type="base64Binary"/> + <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/> + <any namespace="##other" processContents="lax" minOccurs="0" + maxOccurs="unbounded"/> + </sequence> + <sequence> + <element name="PGPKeyPacket" type="base64Binary"/> + <any namespace="##other" processContents="lax" minOccurs="0" + maxOccurs="unbounded"/> + </sequence> + </choice> +</complexType> + +<!-- End PGPData --> + +<!-- Begin SPKIData --> + +<element name="SPKIData" type="ds:SPKIDataType"/> +<complexType name="SPKIDataType"> + <sequence maxOccurs="unbounded"> + <element name="SPKISexp" type="base64Binary"/> + <any namespace="##other" processContents="lax" minOccurs="0"/> + </sequence> +</complexType> + +<!-- End SPKIData --> + +<!-- End KeyInfo --> + +<!-- Start Object (Manifest, SignatureProperty) --> + +<element name="Object" type="ds:ObjectType"/> +<complexType name="ObjectType" mixed="true"> + <sequence minOccurs="0" maxOccurs="unbounded"> + <any namespace="##any" processContents="lax"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + <attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet --> + <attribute name="Encoding" type="anyURI" use="optional"/> +</complexType> + +<element name="Manifest" type="ds:ManifestType"/> +<complexType name="ManifestType"> + <sequence> + <element ref="ds:Reference" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + +<element name="SignatureProperties" type="ds:SignaturePropertiesType"/> +<complexType name="SignaturePropertiesType"> + <sequence> + <element ref="ds:SignatureProperty" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + + <element name="SignatureProperty" type="ds:SignaturePropertyType"/> + <complexType name="SignaturePropertyType" mixed="true"> + <choice maxOccurs="unbounded"> + <any namespace="##other" processContents="lax"/> + <!-- (1,1) elements from (1,unbounded) namespaces --> + </choice> + <attribute name="Target" type="anyURI" use="required"/> + <attribute name="Id" type="ID" use="optional"/> + </complexType> + +<!-- End Object (Manifest, SignatureProperty) --> + +<!-- Start Algorithm Parameters --> + +<simpleType name="HMACOutputLengthType"> + <restriction base="integer"/> +</simpleType> + +<!-- Start KeyValue Element-types --> + +<element name="DSAKeyValue" type="ds:DSAKeyValueType"/> +<complexType name="DSAKeyValueType"> + <sequence> + <sequence minOccurs="0"> + <element name="P" type="ds:CryptoBinary"/> + <element name="Q" type="ds:CryptoBinary"/> + </sequence> + <element name="G" type="ds:CryptoBinary" minOccurs="0"/> + <element name="Y" type="ds:CryptoBinary"/> + <element name="J" type="ds:CryptoBinary" minOccurs="0"/> + <sequence minOccurs="0"> + <element name="Seed" type="ds:CryptoBinary"/> + <element name="PgenCounter" type="ds:CryptoBinary"/> + </sequence> + </sequence> +</complexType> + +<element name="RSAKeyValue" type="ds:RSAKeyValueType"/> +<complexType name="RSAKeyValueType"> + <sequence> + <element name="Modulus" type="ds:CryptoBinary"/> + <element name="Exponent" type="ds:CryptoBinary"/> + </sequence> +</complexType> + +<!-- End KeyValue Element-types --> + +<!-- End Signature --> + +</schema> |