aboutsummaryrefslogtreecommitdiff
path: root/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java
diff options
context:
space:
mode:
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java')
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java210
1 files changed, 0 insertions, 210 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java
deleted file mode 100644
index 4eed03bc6..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java
+++ /dev/null
@@ -1,210 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-
-import org.w3c.dom.Element;
-import org.w3c.dom.Text;
-
-import at.gv.egovernment.moa.id.*;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Builder for the <code>&lt;VerifyXMLSignatureRequestBuilder&gt;</code> structure
- * used for sending the DSIG-Signature of the Security Layer card for validating to MOA-SP.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class VerifyXMLSignatureRequestBuilder {
- /** The MOA-Prefix */
- private static final String MOA = Constants.MOA_PREFIX + ":";
- /** the request as string */
- private String request;
- /** the request as DOM-Element */
- private Element reqElem;
-
- /**
- * Constructor for VerifyXMLSignatureRequestBuilder.
- */
- public VerifyXMLSignatureRequestBuilder() {
- }
- /**
- * Builds a <code>&lt;VerifyXMLSignatureRequest&gt;</code>
- * from an IdentityLink with a known trustProfileID which
- * has to exist in MOA-SP
- * @param idl - The IdentityLink
- * @param trustProfileID - a preconfigured TrustProfile at MOA-SP
- * @return Element - The complete request as Dom-Element
- * @throws ParseException
- */
- public Element build(IdentityLink idl, String trustProfileID)
- throws ParseException { //samlAssertionObject
- request =
- "<?xml version='1.0' encoding='UTF-8' ?>"
- + "<VerifyXMLSignatureRequest xmlns=\"http://reference.e-government.gv.at/namespace/moa/20020822#\" xmlns:xml=\"http://www.w3.org/XML/1998/namespace\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">"
- + " <VerifySignatureInfo>"
- + " <VerifySignatureEnvironment>"
- + " <Base64Content>"
- + " </Base64Content>"
- + " </VerifySignatureEnvironment>"
- + " <VerifySignatureLocation>//dsig:Signature</VerifySignatureLocation>"
- + " </VerifySignatureInfo>"
- + " <SignatureManifestCheckParams ReturnReferenceInputData=\"false\">" // True bei CreateXMLSig Überprüfung
- +" <ReferenceInfo>" + " <VerifyTransformsInfoProfile/>"
- // Profile ID für create (alle auslesen aus IDCOnfig VerifyAuthBlock)
- +" </ReferenceInfo>"
- + " </SignatureManifestCheckParams>"
- + " <ReturnHashInputData/>"
- + " <TrustProfileID>"
- + trustProfileID
- + "</TrustProfileID>"
- + "</VerifyXMLSignatureRequest>";
-
- try {
- InputStream s = new ByteArrayInputStream(request.getBytes("UTF-8"));
- reqElem = DOMUtils.parseXmlValidating(s);
-
- String CONTENT_XPATH =
- "//"
- + MOA
- + "VerifyXMLSignatureRequest/"
- + MOA
- + "VerifySignatureInfo/"
- + MOA
- + "VerifySignatureEnvironment/"
- + MOA
- + "Base64Content";
-
- Element insertTo = (Element) XPathUtils.selectSingleNode(reqElem, CONTENT_XPATH);
-
- String dtdString = ""
- /* TODO MOA-ID-AUTH remove dtdString processing if it is not nec. in further versions
- + "<!DOCTYPE saml:Assertion [\n"
- + " <!ATTLIST saml:Assertion AssertionID ID #REQUIRED\n"
- + ">\n"
- + "]>"
- */
- ;
-
- String serializedAssertion = DOMUtils.serializeNode(idl.getSamlAssertion());
- //insert mini dtd after xml declaration to allow usage of AssertionID
- //encode then base64 and put this into Element Base64Content
- String dtdAndIL =
- serializedAssertion.substring(0, serializedAssertion.indexOf("?>") + 2)
- + dtdString
- + serializedAssertion.substring(serializedAssertion.indexOf("?>") + 2);
- String b64dtdAndIL = Base64Utils.encode(dtdAndIL.getBytes("UTF-8"));
- //replace all '\r' characters by no char.
- String replaced = "";
- for (int i = 0; i < b64dtdAndIL.length(); i ++) {
- if (b64dtdAndIL.charAt(i) != '\r') replaced += b64dtdAndIL.charAt(i);
- }
- b64dtdAndIL = replaced;
- Text b64content = (Text) insertTo.getFirstChild();
- b64content.setData(b64dtdAndIL);
-
- String SIGN_MANI_CHECK_PARAMS_XPATH =
- "//" + MOA + "VerifyXMLSignatureRequest/" + MOA + "SignatureManifestCheckParams";
- insertTo = (Element) XPathUtils.selectSingleNode(reqElem, SIGN_MANI_CHECK_PARAMS_XPATH);
- insertTo.removeChild(
- (Element) XPathUtils.selectSingleNode(
- reqElem,
- SIGN_MANI_CHECK_PARAMS_XPATH + "/" + MOA + "ReferenceInfo"));
- Element[] dsigTransforms = idl.getDsigReferenceTransforms();
- for (int i = 0; i < 1; i++) //dsigTransforms.length; i++)
- {
- Element refInfo =
- insertTo.getOwnerDocument().createElementNS(Constants.MOA_NS_URI, "ReferenceInfo");
- insertTo.appendChild(refInfo);
- Element verifyTransformsInfoProfile =
- insertTo.getOwnerDocument().createElementNS(
- Constants.MOA_NS_URI,
- "VerifyTransformsInfoProfile");
- refInfo.appendChild(verifyTransformsInfoProfile);
- verifyTransformsInfoProfile.appendChild(
- insertTo.getOwnerDocument().importNode(dsigTransforms[i], true));
- }
- } catch (Throwable t) {
- throw new ParseException(//"VerifyXMLSignatureRequest (IdentityLink)");
- "builder.00", new Object[] { "VerifyXMLSignatureRequest (IdentityLink)" }, t);
- }
-
- return reqElem;
- }
-
- /**
- * Builds a <code>&lt;VerifyXMLSignatureRequest&gt;</code>
- * from the signed AUTH-Block with a known trustProfileID which
- * has to exist in MOA-SP
- * @param csr - signed AUTH-Block
- * @param verifyTransformsInfoProfileID - allowed verifyTransformsInfoProfileID
- * @param trustProfileID - a preconfigured TrustProfile at MOA-SP
- * @return Element - The complete request as Dom-Element
- * @throws ParseException
- */
- public Element build(
- CreateXMLSignatureResponse csr,
- String[] verifyTransformsInfoProfileID,
- String trustProfileID)
- throws ParseException { //samlAssertionObject
- request =
- "<?xml version='1.0' encoding='UTF-8' ?>"
- + "<VerifyXMLSignatureRequest xmlns=\"http://reference.e-government.gv.at/namespace/moa/20020822#\" xmlns:xml=\"http://www.w3.org/XML/1998/namespace\" xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">"
- + " <VerifySignatureInfo>"
- + " <VerifySignatureEnvironment>"
- + " <XMLContent xml:space=\"preserve\"/>"
- + " </VerifySignatureEnvironment>"
- + " <VerifySignatureLocation>//dsig:Signature</VerifySignatureLocation>"
- + " </VerifySignatureInfo>"
- + " <SignatureManifestCheckParams ReturnReferenceInputData=\"true\">"
- + " <ReferenceInfo>";
-
- for (int i = 0; i < verifyTransformsInfoProfileID.length; i++) {
- request += " <VerifyTransformsInfoProfileID>"
- + verifyTransformsInfoProfileID[i]
- + "</VerifyTransformsInfoProfileID>";
- // Profile ID für create (auslesen aus IDCOnfig VerifyAuthBlock ODER per String übergeben....)
-
- }
-
- request += " </ReferenceInfo>" + " </SignatureManifestCheckParams>"
- // Testweise ReturnReferenceInputData = False
- +" <ReturnHashInputData/>"
- + " <TrustProfileID>"
- + trustProfileID
- + "</TrustProfileID>"
- + "</VerifyXMLSignatureRequest>";
-
- try {
- // Build a DOM-Tree of the obove String
- InputStream s = new ByteArrayInputStream(request.getBytes("UTF-8"));
- reqElem = DOMUtils.parseXmlValidating(s);
- //Insert the SAML-Assertion-Object
- String CONTENT_XPATH =
- "//"
- + MOA
- + "VerifyXMLSignatureRequest/"
- + MOA
- + "VerifySignatureInfo/"
- + MOA
- + "VerifySignatureEnvironment/"
- + MOA
- + "XMLContent";
-
- Element insertTo = (Element) XPathUtils.selectSingleNode(reqElem, CONTENT_XPATH);
- insertTo.appendChild(insertTo.getOwnerDocument().importNode(csr.getSamlAssertion(), true));
-
- } catch (Throwable t) {
- throw new ParseException("builder.00", new Object[] { "VerifyXMLSignatureRequest" }, t);
- }
-
- return reqElem;
- }
-
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 10:49:16 +0000