diff options
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java')
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java | 206 |
1 files changed, 0 insertions, 206 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java deleted file mode 100644 index 758f28150..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java +++ /dev/null @@ -1,206 +0,0 @@ -package at.gv.egovernment.moa.id.auth.builder; - -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; - -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; - -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.util.Base64Utils; -import at.gv.egovernment.moa.util.Constants; - -/** - * Builder for the <code><VerifyXMLSignatureRequestBuilder></code> structure - * used for sending the DSIG-Signature of the Security Layer card for validating to MOA-SP. - * - * @author Stefan Knirsch - * @version $Id$ - */ -public class VerifyXMLSignatureRequestBuilder { - - /** shortcut for XMLNS namespace URI */ - private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI; - /** shortcut for MOA namespace URI */ - private static final String MOA_NS_URI = Constants.MOA_NS_URI; - /** The DSIG-Prefix */ - private static final String DSIG = Constants.DSIG_PREFIX + ":"; - - /** The document containing the <code>VerifyXMLsignatureRequest</code> */ - private Document requestDoc_; - /** the <code>VerifyXMLsignatureRequest</code> root element */ - private Element requestElem_; - - - /** - * Builds the body for a <code>VerifyXMLsignatureRequest</code> including the root - * element and namespace declarations. - * - * @throws BuildException If an error occurs on building the document. - */ - public VerifyXMLSignatureRequestBuilder() throws BuildException { - try { - DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); - requestDoc_ = docBuilder.newDocument(); - requestElem_ = requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest"); - requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI); - requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns:" + Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); - requestDoc_.appendChild(requestElem_); - } catch (Throwable t) { - throw new BuildException( - "builder.00", - new Object[] {"VerifyXMLSignatureRequest", t.toString()}, - t); - } - } - - - /** - * Builds a <code><VerifyXMLSignatureRequest></code> - * from an IdentityLink with a known trustProfileID which - * has to exist in MOA-SP - * @param identityLink - The IdentityLink - * @param trustProfileID - a preconfigured TrustProfile at MOA-SP - * - * @return Element - The complete request as Dom-Element - * - * @throws ParseException - */ - public Element build(IdentityLink identityLink, String trustProfileID) - throws ParseException - { - try { - // build the request - Element dateTimeElem = requestDoc_.createElementNS(MOA_NS_URI, "DateTime"); - requestElem_.appendChild(dateTimeElem); - Node dateTime = requestDoc_.createTextNode(identityLink.getIssueInstant()); - dateTimeElem.appendChild(dateTime); - Element verifiySignatureInfoElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo"); - requestElem_.appendChild(verifiySignatureInfoElem); - Element verifySignatureEnvironmentElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment"); - verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem); - Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content"); - verifySignatureEnvironmentElem.appendChild(base64ContentElem); - // insert the base64 encoded identity link SAML assertion - String serializedAssertion = identityLink.getSerializedSamlAssertion(); - String base64EncodedAssertion = Base64Utils.encode(serializedAssertion.getBytes("UTF-8")); - //replace all '\r' characters by no char. - StringBuffer replaced = new StringBuffer(); - for (int i = 0; i < base64EncodedAssertion.length(); i ++) { - char c = base64EncodedAssertion.charAt(i); - if (c != '\r') { - replaced.append(c); - } - } - base64EncodedAssertion = replaced.toString(); - Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion); - base64ContentElem.appendChild(base64Content); - // specify the signature location - Element verifySignatureLocationElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation"); - verifiySignatureInfoElem.appendChild(verifySignatureLocationElem); - Node signatureLocation = requestDoc_.createTextNode(DSIG + "Signature"); - verifySignatureLocationElem.appendChild(signatureLocation); - // signature manifest params - Element signatureManifestCheckParamsElem = - requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams"); - requestElem_.appendChild(signatureManifestCheckParamsElem); - signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false"); - // add the transforms - Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo"); - signatureManifestCheckParamsElem.appendChild(referenceInfoElem); - Element[] dsigTransforms = identityLink.getDsigReferenceTransforms(); - for (int i = 0; i < dsigTransforms.length; i++) { - Element verifyTransformsInfoProfileElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfile"); - referenceInfoElem.appendChild(verifyTransformsInfoProfileElem); - verifyTransformsInfoProfileElem.appendChild(requestDoc_.importNode(dsigTransforms[i], true)); - } - Element returnHashInputDataElem = - requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData"); - requestElem_.appendChild(returnHashInputDataElem); - Element trustProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID"); - trustProfileIDElem.appendChild(requestDoc_.createTextNode(trustProfileID)); - requestElem_.appendChild(trustProfileIDElem); - } catch (Throwable t) { - throw new ParseException("builder.00", - new Object[] { "VerifyXMLSignatureRequest (IdentityLink)" }, t); - } - - return requestElem_; - } - - - /** - * Builds a <code><VerifyXMLSignatureRequest></code> - * from the signed AUTH-Block with a known trustProfileID which - * has to exist in MOA-SP - * @param csr - signed AUTH-Block - * @param verifyTransformsInfoProfileID - allowed verifyTransformsInfoProfileID - * @param trustProfileID - a preconfigured TrustProfile at MOA-SP - * @return Element - The complete request as Dom-Element - * @throws ParseException - */ - public Element build( - CreateXMLSignatureResponse csr, - String[] verifyTransformsInfoProfileID, - String trustProfileID) - throws BuildException { //samlAssertionObject - - try { - // build the request -// requestElem_.setAttributeNS(Constants.XMLNS_NS_URI, "xmlns:" -// + Constants.XML_PREFIX, Constants.XMLNS_NS_URI); - Element verifiySignatureInfoElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo"); - requestElem_.appendChild(verifiySignatureInfoElem); - Element verifySignatureEnvironmentElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment"); - verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem); - Element xmlContentElem = requestDoc_.createElementNS(MOA_NS_URI, "XMLContent"); - verifySignatureEnvironmentElem.appendChild(xmlContentElem); - xmlContentElem.setAttribute(Constants.XML_PREFIX + ":space", "preserve"); - // insert the SAML assertion - xmlContentElem.appendChild(requestDoc_.importNode(csr.getSamlAssertion(), true)); - // specify the signature location - Element verifySignatureLocationElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation"); - verifiySignatureInfoElem.appendChild(verifySignatureLocationElem); - Node signatureLocation = requestDoc_.createTextNode(DSIG + "Signature"); - verifySignatureLocationElem.appendChild(signatureLocation); - // signature manifest params - Element signatureManifestCheckParamsElem = - requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams"); - requestElem_.appendChild(signatureManifestCheckParamsElem); - signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "true"); - // add the transform profile IDs - Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo"); - signatureManifestCheckParamsElem.appendChild(referenceInfoElem); - for (int i = 0; i < verifyTransformsInfoProfileID.length; i++) { - Element verifyTransformsInfoProfileIDElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfileID"); - referenceInfoElem.appendChild(verifyTransformsInfoProfileIDElem); - verifyTransformsInfoProfileIDElem.appendChild( - requestDoc_.createTextNode(verifyTransformsInfoProfileID[i])); - } - Element returnHashInputDataElem = - requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData"); - requestElem_.appendChild(returnHashInputDataElem); - Element trustProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID"); - trustProfileIDElem.appendChild(requestDoc_.createTextNode(trustProfileID)); - requestElem_.appendChild(trustProfileIDElem); - - } catch (Throwable t) { - throw new BuildException("builder.00", new Object[] { "VerifyXMLSignatureRequest" }, t); - } - - return requestElem_; - } - -} |