diff options
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/auth/parser')
7 files changed, 0 insertions, 1120 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java deleted file mode 100644 index a8b870f04..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java +++ /dev/null @@ -1,193 +0,0 @@ -package at.gv.egovernment.moa.id.auth.parser; - -import java.io.ByteArrayInputStream; -import java.io.InputStream; -import java.util.ArrayList; -import java.util.List; - -import org.w3c.dom.Element; -import org.w3c.dom.traversal.NodeIterator; - -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.SAMLAttribute; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * Parses an <code><InfoboxReadResponse></code> returned from - * the security layer - * - * @author Stefan Knirsch - * @version $Id$ - */ - -public class CreateXMLSignatureResponseParser { - // - // XPath namespace prefix shortcuts - // - - /** Xpath prefix for reaching SAML Namespaces */ - private static final String SAML = Constants.SAML_PREFIX + ":"; - /** Xpath prefix for reaching XML-DSIG Namespaces */ - private static final String DSIG = Constants.DSIG_PREFIX + ":"; - /** Xpath expression to the root element */ - private static final String ROOT = ":CreateXMLSignatureResponse/"; - /** Xpath expression to the SAML:Assertion element */ - private static final String SAML_ASSERTION_XPATH = ROOT + SAML + "Assertion"; - /** Xpath expression to the SAML:NameIdentifier element */ - private static final String SAML_SUBJECT_NAME_IDENTIFIER_XPATH = SAML_ASSERTION_XPATH + "/" + SAML + "AttributeStatement/" + SAML + "Subject/" + SAML + "NameIdentifier"; - /** Xpath expression to the AttributeStatement element */ - private static final String SAML_ATTRIBUTE_XPATH = SAML_ASSERTION_XPATH + "/" + SAML + "AttributeStatement/" + SAML + "Attribute"; - /** Xpath expression to the AttributeValue element */ - private static final String SAML_ATTRIBUTE_VALUE_XPATH = SAML + "AttributeValue"; - - - /** This is the root element of the CreateXMLsignatureResponse */ - private Element sigResponse_; - - /** - * Parses and validates the document given as string and extracts the - * root element. - * - * @param xmlResponse <code><CreateXMLSignatureResponse></code> as String - * - * @throws AuthenticationException if any authentication error occurs - * @throws ParseException if an element cannot be parsed - */ - public CreateXMLSignatureResponseParser(String xmlResponse) throws AuthenticationException, ParseException { - try { - InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8")); - init(s); - } - catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString()}, t); - } - } - - /** - * Parses and validates the document given as stream and extracts the - * root element. - * - * @param is <code><InfoboxReadResponse></code> as InputStream - * - * @throws AuthenticationException If any authentication error occurs - * @throws ParseException If an element cannot be parsed - */ - public CreateXMLSignatureResponseParser(InputStream is) throws AuthenticationException, ParseException { - init(is); - } - - /** - * Constructor for CreateXMLSignatureResponseParser. - * The incoming Element will be used for further operations - * @param xmlResponse <code><InfoboxReadResponse></code> as InputStream - */ - public CreateXMLSignatureResponseParser(Element xmlResponse) { - sigResponse_ = xmlResponse; - } - - /** - * Initializes the parser. - * Parses and validates the document given as stream and extracts the - * root element. - * - * @param is The CreateXMLSignatureResponse as stream. - * @throws AuthenticationException if an authentication error occurs. - * @throws ParseException If an error occurs on parsing the the document. - */ - private void init(InputStream is) throws AuthenticationException, ParseException { - try { - - Element responseElem = DOMUtils.parseXmlValidating(is); - - if ("CreateXMLSignatureResponse".equals(responseElem.getLocalName())) { - sigResponse_ = responseElem; - } else { - ErrorResponseParser erp = new ErrorResponseParser(responseElem); - throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()}); - } - - } catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString()}, t); - } - } - - /** - * Unmarshalls the <@link sigResponse> to an - * <code><CreateXMLSignatureResponse></code> object. - * - * @return a <code><CreateXMLSignatureResponse></code> object - * @throws ParseException - */ - - public CreateXMLSignatureResponse parseResponse() throws ParseException { - CreateXMLSignatureResponse cResp; - try { - cResp = new CreateXMLSignatureResponse(); - String slPrefix = XPathUtils.getSlPrefix(sigResponse_); - cResp.setSamlNameIdentifier(XPathUtils.getElementValue(sigResponse_, "/" + slPrefix + SAML_SUBJECT_NAME_IDENTIFIER_XPATH, null)); - cResp.setSamlAssertion((Element) XPathUtils.selectSingleNode(sigResponse_, "/" + slPrefix + SAML_ASSERTION_XPATH)); - NodeIterator attrIter = XPathUtils.selectNodeIterator(sigResponse_, "/" + slPrefix + SAML_ATTRIBUTE_XPATH); - Element samlAttr; - List samlAttributes = new ArrayList(); - while ((samlAttr = (Element) attrIter.nextNode()) != null) { - String attrName = XPathUtils.getAttributeValue(samlAttr, "@AttributeName", ""); - String attrNamespace = XPathUtils.getAttributeValue(samlAttr, "@AttributeNamespace", ""); - Object attrValue; - Element attrValueElem = (Element)XPathUtils.selectSingleNode(samlAttr, SAML_ATTRIBUTE_VALUE_XPATH); - attrValue = DOMUtils.getElementFromNodeList(attrValueElem.getChildNodes()); - if (attrValue == null) { - if (null!=attrValueElem.getFirstChild()) { - attrValue = attrValueElem.getFirstChild().getNodeValue(); - } else { - attrValue = ""; - } - } - samlAttributes.add(new SAMLAttribute(attrName, attrNamespace, attrValue)); - } - SAMLAttribute[] result = new SAMLAttribute[samlAttributes.size()]; - samlAttributes.toArray(result); - cResp.setSamlAttributes(result); - } - catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString()}, t); - } - return cResp; - } - -// public CreateXMLSignatureResponse parseResponse() throws ParseException { -// CreateXMLSignatureResponse cResp; -// try { -// cResp = new CreateXMLSignatureResponse(); -// Element samlAssertion = (Element)sigResponse.getElementsByTagNameNS(Constants.SAML_NS_URI, "Assertion").item(0); -// cResp.setSamlAssertion(samlAssertion); -// Element samlAttributeStatement = (Element)samlAssertion.getElementsByTagNameNS(Constants.SAML_NS_URI, "AttributeStatement").item(0); -// Element samlSubject = (Element)samlAttributeStatement.getElementsByTagNameNS(Constants.SAML_NS_URI, "Subject").item(0); -// Element samlNameIdentifier = (Element)samlSubject.getElementsByTagNameNS(Constants.SAML_NS_URI, "NameIdentifier").item(0); -// cResp.setSamlNameIdentifier(samlNameIdentifier.getFirstChild().getNodeValue()); -// NodeList nl = samlAttributeStatement.getElementsByTagNameNS(Constants.SAML_NS_URI, "Attribute"); -// List samlAttributes = new ArrayList(); -// for (int i=0; i<nl.getLength(); i++) { -// Element samlAttribute = (Element)nl.item(i); -// String attrName = samlAttribute.getAttribute("AttributeName"); -// String attrNamespace = samlAttribute.getAttribute("AttributeNamespace"); -// String attrValue = ((Element)samlAttribute.getElementsByTagNameNS(Constants.SAML_NS_URI, "AttributeValue").item(0)).getFirstChild().getNodeValue(); -// samlAttributes.add(new SAMLAttribute(attrName, attrNamespace, attrValue)); -// } -// SAMLAttribute[] result = new SAMLAttribute[samlAttributes.size()]; -// samlAttributes.toArray(result); -// cResp.setSamlAttributes(result); -// } -// catch (Throwable t) { -// throw new ParseException("parser.01", new Object[] { t.toString()}, t); -// } -// return cResp; -// } - - - - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java deleted file mode 100644 index e3c54095d..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java +++ /dev/null @@ -1,72 +0,0 @@ -package at.gv.egovernment.moa.id.auth.parser; - -import java.util.List; - -import org.w3c.dom.Element; -import org.w3c.dom.NodeList; - -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.util.DOMUtils; - -/** - * Parses an <code><ErrorResponse></code>. - * - * @author Stefan Knirsch - * @version $Id$ - */ - -public class ErrorResponseParser { - - /** - * The error code included in this error response. - * <code>1000</code> is used as default value, if some problems occur on - * evaluating the error response. - */ - private String errorCode_ = "1000"; - - /** - * The error info included in this error response. - * <code><Unklassifizierter Fehler.></code> is used as default value, - * if some problems occur on evaluating the error response. - */ - private String errorInfo_ = "Unklassifizierter Fehler."; - - - /** - * This Constructor extracts the error code and error info included in this - * error response. - * - * @param errorElement The error element. This is the root element of - * the error response. - */ - public ErrorResponseParser(Element errorElement) throws ParseException { - if (errorElement != null) { - String namespace = errorElement.getNamespaceURI(); - NodeList nl = errorElement.getElementsByTagNameNS(namespace, "ErrorCode"); - if (nl.getLength() == 1) { - errorCode_ = ((Element)nl.item(0)).getFirstChild().getNodeValue(); - } - nl = errorElement.getElementsByTagNameNS(namespace, "Info"); - if (nl.getLength() == 1) { - errorInfo_ = ((Element)nl.item(0)).getFirstChild().getNodeValue(); - } - } - } - - /** - * Returns the error code included in this error response. - */ - public String getErrorCode() { - return errorCode_ ; - } - - /** - * Returns the information included in this error response. - * @return The error infomation String - */ - public String getErrorInfo() { - return errorInfo_ ; - } - - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java deleted file mode 100644 index e493f07fb..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/ExtendedInfoboxReadResponseParser.java +++ /dev/null @@ -1,157 +0,0 @@ -package at.gv.egovernment.moa.id.auth.parser; - -import java.util.Iterator; -import java.util.List; -import java.util.Vector; - -import org.w3c.dom.Document; -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.auth.data.InfoboxToken; -import at.gv.egovernment.moa.id.auth.data.InfoboxTokenImpl; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; - -/** - * Parses and unmarshales <code>InfoboxReadResponse<code>. - * This parser is especially used for parsing additional responses (additional to that - * one containing the <code>IdentityLink</code> retuned from the BKU as an answer of - * a <code><PushInfobox></code> request. - */ -public class ExtendedInfoboxReadResponseParser { - - /** - * Hide default constructor. - */ - private ExtendedInfoboxReadResponseParser() { - } - - /** - * Parses and unmarshales the given <code>infoboxReadResponse</code> to a list of - * {@link at.gv.egovernment.moa.id.auth.data.InfoboxToken InfoboxToken} objects. - * The method parses the given <code>infoboxReadResponse</code> - * - * @param infoboxReadResponse The infobox read response to be unmarshaled. - * @param infoboxName The name of the infobox the reponse corresponds to. - * - * @return A list of {@link at.gv.egovernment.moa.id.auth.data.InfoboxToken InfoboxToken} - * objects. Maybe empty. - * - * @throws ParseException If an error occurs on parsing and unmarshaling the response. - */ - public static List parseInfoboxReadResponse(String infoboxReadResponse, String infoboxName) - throws ParseException - { - Element infoboxReadResponseElem = null; - try { - Document doc = - DOMUtils.parseDocument(infoboxReadResponse, true, Constants.ALL_SCHEMA_LOCATIONS, null); - infoboxReadResponseElem = doc.getDocumentElement(); - } catch (Exception e) { - Logger.error("InfoboxReadResponse for \"" + infoboxName + - "\"-infobox could not be parsed successfully: " + e.getMessage()); - throw new ParseException("parser.01", new Object[] {infoboxName + "-InfoboxReadResponse"}); - } - - Vector infoboxTokenList = new Vector(); - - if (infoboxReadResponseElem != null) { - // avoid using namespace URI or prefix, because it might change within the response - // (e.g.: sl11-namespace, some child sl10-namespace - List infoboxReadResponseChildren = DOMUtils.getChildElements(infoboxReadResponseElem); - String key = null; - boolean primary = true; - Element infoboxReadResponseChild = (Element)infoboxReadResponseChildren.get(0); - String infoboxReadResponseChildName = infoboxReadResponseChild.getLocalName(); - if (infoboxReadResponseChildName.equals("AssocArrayData")) { - // get the <Pair> child elements from the <AssocArrayData> element - List assocArrayPairs = DOMUtils.getChildElements(infoboxReadResponseChild); - Iterator assocArrayPairIt = assocArrayPairs.iterator(); - int pairCount = 0; - // step through the <Pair> elemnts - while (assocArrayPairIt.hasNext()) { - Element assocArrayPair = (Element)assocArrayPairIt.next(); - // check if the element actually a "Pair" element and not only a "key" - if (assocArrayPair.getLocalName().equals("Key")) { - // do not accept only a Key - throw new ParseException("parser.07", new Object[] {infoboxName}); - } - key = assocArrayPair.getAttribute("Key"); - if (pairCount > 0) { - primary = false; - } - pairCount++; - infoboxTokenList.addAll(getTokenFromXMLOrBase64Content(assocArrayPair, infoboxName, key, primary)); - } - - } else if (infoboxReadResponseChildName.equals("BinaryFileData")) { - infoboxTokenList.addAll(getTokenFromXMLOrBase64Content(infoboxReadResponseChild, infoboxName, null, true)); - } - } - return infoboxTokenList; - } - - /** - * Unmarshales the <code><XMLContent></code> or - * <code><Base64Content></code> child of the given element to a list of - * infobox token. - * - * @param contentParent The elment including the <code><XMLContent></code> or - * <code><Base64Content></code> child to unmarshal the - * infobox token from. - * @param infoboxName The name of the infobox. - * @param key The key of an <code>AssocArrayData-Pair</code>. - * Maybe <code>null</code>. - * @param primary Specifies whether this token is the first (e.g. in an - * AssocArrayData) token. - * - * @return A infobox token list. - * - * @throws ParseException If the <code>contentParent</code> has no <code><XMLContent></code> - * or <code><Base64Content></code> child or the - * <code><XMLContent></code> is empty. - */ - public static List getTokenFromXMLOrBase64Content( - Element contentParent, - String infoboxName, - String key, - boolean primary) - throws ParseException - { - Vector tokenList = new Vector(); - // get the <XMLContent> or <Base64Content> - List content = DOMUtils.getChildElements(contentParent); - if (content.size() == 1) { - Element contentElem = (Element)content.get(0); - if (contentElem.getLocalName().equals("XMLContent")) { - List xmlContentChildren = DOMUtils.getChildElements(contentElem); - if (xmlContentChildren.size() == 0) { - throw new ParseException("parser.06", new Object[] {infoboxName, "Inhalt", "XMLContent"}); - } - int xmlCount = 0; - Iterator contentIt = xmlContentChildren.iterator(); - while (contentIt.hasNext()) { - Element xmlToken = (Element)contentIt.next(); - if (xmlCount > 0) { - primary = false; - } - InfoboxToken infoboxToken = new InfoboxTokenImpl(key, primary, xmlToken); - tokenList.add(infoboxToken); - xmlCount++; - } - } else { - String base64Token = contentElem.getFirstChild().getNodeValue(); - InfoboxToken infoboxToken = new InfoboxTokenImpl(key, primary, base64Token); - tokenList.add(infoboxToken); - } - } else { - throw new ParseException("parser.06", - new Object[] {infoboxName, "XMLContent oder Base64Content", contentParent.getLocalName()}); - } - return tokenList; - } - - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java deleted file mode 100644 index d8a57fd2f..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java +++ /dev/null @@ -1,319 +0,0 @@ -package at.gv.egovernment.moa.id.auth.parser; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.math.BigInteger; -import java.security.PublicKey; -import java.security.interfaces.RSAPublicKey; -import java.util.ArrayList; -import java.util.List; - -import org.w3c.dom.Element; -import org.w3c.dom.traversal.NodeIterator; - -import at.gv.egovernment.moa.id.ECDSAConverterException; -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.util.ECDSAKeyValueConverter; -import at.gv.egovernment.moa.util.Base64Utils; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * Parses an identity link <code><saml:Assertion></code> - * @author Paul Ivancsics - * @version $Id$ - */ -public class IdentityLinkAssertionParser { - - // - // XPath namespace prefix shortcuts - // - - /** Xpath prefix for reaching PersonData Namespaces */ - private static final String PDATA = Constants.PD_PREFIX + ":"; - /** Xpath prefix for reaching SAML Namespaces */ - private static final String SAML = Constants.SAML_PREFIX + ":"; - /** Xpath prefix for reaching XML-DSIG Namespaces */ - private static final String DSIG = Constants.DSIG_PREFIX + ":"; - /** Xpath prefix for reaching ECDS Namespaces */ - private static final String ECDSA = Constants.ECDSA_PREFIX + ":"; - /** Xpath expression to the root element */ - private static final String ROOT = ""; - /** Xpath expression to the SAMLSubjectConfirmationData element */ - private static final String SAML_SUBJECT_CONFIRMATION_DATA_XPATH = - ROOT - + SAML - + "AttributeStatement/" - + SAML - + "Subject/" - + SAML - + "SubjectConfirmation/" - + SAML - + "SubjectConfirmationData"; - /** Xpath expression to the PersonData element */ - private static final String PERSON_XPATH = - SAML_SUBJECT_CONFIRMATION_DATA_XPATH - + "/" - + PDATA - + "Person"; - /** Xpath expression to the PersonData GivenName element */ - private static final String PERSON_GIVEN_NAME_XPATH = - PERSON_XPATH - + "/" - + PDATA - + "Name/" - + PDATA - + "GivenName"; - /** Xpath expression to the PersonData FamilyName element */ - private static final String PERSON_FAMILY_NAME_XPATH = - PERSON_XPATH - + "/" - + PDATA - + "Name/" - + PDATA - + "FamilyName"; - /** Xpath expression to the PersonData DateOfBirth element */ - private static final String PERSON_DATE_OF_BIRTH_XPATH = - PERSON_XPATH - + "/" - + PDATA - + "DateOfBirth"; - /** Xpath expression to the Identification element */ - private static final String PERSON_IDENT_XPATH = - PERSON_XPATH - + "/" - + PDATA - + "Identification"; - - /** Xpath expression to the Identification Value element */ - public static final String PERSON_IDENT_VALUE_XPATH = - PERSON_XPATH - + "/" - + PDATA - + "Identification/" - + PDATA - + "Value"; - - /** Xpath expression to the Identification Value element */ - private static final String PERSON_IDENT_TYPE_XPATH = - PERSON_XPATH - + "/" - + PDATA - + "Identification/" - + PDATA - + "Type"; - - /** Xpath expression to the RSAKeyValue element */ - private static final String RSA_KEY_VALUE_XPATH = - ROOT - + SAML - + "AttributeStatement/" - + SAML - + "Attribute/" - + SAML - + "AttributeValue/" - + DSIG - + "RSAKeyValue"; - - /** Xpath expression to the ECKeyValue element */ - private static final String ECDSA_KEY_VALUE_XPATH = - ROOT - + SAML - + "AttributeStatement/" - + SAML - + "Attribute/" - + SAML - + "AttributeValue/" - + ECDSA - + "ECDSAKeyValue"; - - - /** Xpath expression to the RSA Modulus element */ - private static final String RSA_KEY_MODULUS_XPATH = DSIG + "Modulus"; - /** Xpath expression to the RSA Exponent element */ - private static final String RSA_KEY_EXPONENT_XPATH = DSIG + "Exponent"; - /** Xpath expression to the DSIG X509Certificate element */ - private static final String DSIG_CERTIFICATES_XPATH = - ROOT - + DSIG - + "Signature/" - + DSIG - + "KeyInfo/" - + DSIG - + "X509Data/" - + DSIG - + "X509Certificate"; - /** Xpath expression to the DSIG Transforms element */ - private static final String DSIG_REFERENCE_TRANSFORMATION_XPATH = - ROOT - + DSIG - + "Signature/" - + DSIG - + "SignedInfo/" - + DSIG - + "Reference/" - + DSIG - + "Transforms"; - - /** The IssueInstant attribute of the SAML assertion */ - private static final String ISSUE_INSTANT_ATTR = "IssueInstant"; - - /**This is the root element of the XML-Document provided by the Security Layer Card*/ - private Element assertionElem; - - /** - * Constructor for <code>IdentityLinkAssertionParser</code>. - * A DOM-representation of the incoming String will be created - * @param xmlAssertion <code><saml:Assertion></code> as String - * @throws ParseException on any parsing error - */ - public IdentityLinkAssertionParser(String xmlAssertion) throws ParseException { - try { - InputStream s = new ByteArrayInputStream(xmlAssertion.getBytes("UTF-8")); - assertionElem = DOMUtils.parseXmlValidating(s); - } - catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString()}, t); - } - } - - /** - * Sets the <@link assertionElem>. - * @param xmlAssertion the assertion element - * @throws ParseException on any parsing error - */ - public IdentityLinkAssertionParser(Element xmlAssertion) throws ParseException { - assertionElem = xmlAssertion; - } - - /** - * Constructor for <code>IdentityLinkAssertionParser</code>. - * A DOM-representation of the incoming Inputstream will be created - * @param xmlAssertion <code><saml:Assertion></code> as InputStream - * @throws ParseException on any parsing error - */ - public IdentityLinkAssertionParser(InputStream xmlAssertion) throws Exception { - try { - assertionElem = DOMUtils.parseXmlValidating(xmlAssertion); - } - catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString() }, t); - } - } - - /** - * Parses the identity link from the <code><saml:Assertion></code> - * @return Identity link - * @throws ParseException on any parsing error - */ - - public IdentityLink parseIdentityLink() throws ParseException { - IdentityLink identityLink; - try { - identityLink = new IdentityLink(); - identityLink.setSamlAssertion(assertionElem); - identityLink.setIssueInstant(assertionElem.getAttribute(ISSUE_INSTANT_ATTR)); - identityLink.setPrPerson((Element) - XPathUtils.selectSingleNode(assertionElem, PERSON_XPATH)); - identityLink.setIdentificationValue( - XPathUtils.getElementValue(assertionElem, PERSON_IDENT_VALUE_XPATH, "")); - identityLink.setIdentificationType( - XPathUtils.getElementValue(assertionElem, PERSON_IDENT_TYPE_XPATH, "")); - identityLink.setGivenName( - XPathUtils.getElementValue(assertionElem, PERSON_GIVEN_NAME_XPATH, "")); - identityLink.setFamilyName( - XPathUtils.getElementValue(assertionElem, PERSON_FAMILY_NAME_XPATH, "")); - identityLink.setDateOfBirth( - XPathUtils.getElementValue(assertionElem, PERSON_DATE_OF_BIRTH_XPATH, "")); - NodeIterator dsigRefTransforms = - XPathUtils.selectNodeIterator(assertionElem, DSIG_REFERENCE_TRANSFORMATION_XPATH); - List transElems = new ArrayList(); - Element transformsElem; - while ((transformsElem = (Element) dsigRefTransforms.nextNode()) != null) { - transElems.add(transformsElem); - } - Element[] result = new Element[transElems.size()]; - transElems.toArray(result); - identityLink.setDsigReferenceTransforms(result); - - identityLink.setPublicKey(getPublicKeys()); - - } - catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString() }, t); - } - - return identityLink; - } - - /** - * Parses an array of Public Keys from the <code><InfoboxReadResponse></code> - * @return RSAPublicKey[] - * @throws IOException can occur when decoding the base64 values of the modulus and exponent - */ - public PublicKey[] getPublicKeys() throws IOException, ECDSAConverterException{ - - - List pubKeys = new ArrayList(); - //Try to get RSA-Keys - NodeIterator rsaIter = - XPathUtils.selectNodeIterator(assertionElem, Constants.nSMap, RSA_KEY_VALUE_XPATH); - Element rsaElem; - - while ((rsaElem = (Element) rsaIter.nextNode()) != null) { - String modulus = - XPathUtils.getElementValue(rsaElem, RSA_KEY_MODULUS_XPATH, ""); - String exponent = - XPathUtils.getElementValue(rsaElem, RSA_KEY_EXPONENT_XPATH, ""); - - RSAPublicKey resPub = - new iaik.security.rsa.RSAPublicKey( - new BigInteger(1, Base64Utils.decode(modulus, true)), - new BigInteger(1, Base64Utils.decode(exponent, true))); - pubKeys.add(resPub); - } - - //Try to get ECDSA-Keys - NodeIterator ecdsaIter = - XPathUtils.selectNodeIterator(assertionElem, Constants.nSMap, ECDSA_KEY_VALUE_XPATH); - Element ecdsaElem; - PublicKey ecPubKey = null; - while ((ecdsaElem = (Element) ecdsaIter.nextNode()) != null) { - try { - ecPubKey = ECDSAKeyValueConverter.element2ECDSAPublicKey(ecdsaElem); - pubKeys.add(ecPubKey); - } - catch(Exception e) { - throw new ECDSAConverterException("parser.03", new Object[] { e.toString() }, e); - } - } - - PublicKey[] result = new PublicKey[pubKeys.size()]; - pubKeys.toArray(result); - return result; - - } - /** - * Parses a string array of decoded base64 certificates from - * the <code><InfoboxReadResponse></code> found in the dsig-signature - * @return String[] with raw-certificates from the dsig-signature keyinfo - * @throws Exception - */ - public String[] getCertificates() throws Exception { - List certs = new ArrayList(); - NodeIterator rsaIter = - XPathUtils.selectNodeIterator(assertionElem, DSIG_CERTIFICATES_XPATH); - Element certElem; - while ((certElem = (Element) rsaIter.nextNode()) != null) { - String content = DOMUtils.getText(certElem); - certs.add(new String(Base64Utils.decode(content, true))); - } - String[] result = new String[certs.size()]; - certs.toArray(result); - return result; - - } -} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java deleted file mode 100644 index e59c88ddc..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java +++ /dev/null @@ -1,165 +0,0 @@ -package at.gv.egovernment.moa.id.auth.parser; - -import java.io.ByteArrayInputStream; -import java.io.InputStream; -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * Parses an <code><InfoboxReadResponse></code>. - * - * @author Stefan Knirsch - * @version $Id$ - */ - -public class InfoboxReadResponseParser { - - /** This is the root element of the XML-Document provided by the Security Layer Card*/ - private Element infoBoxElem_; - - /** - * Parses and validates the document given as string and extracts the - * root element. - * - * @param xmlResponse <code><InfoboxReadResponse></code> as String - * @throws ParseException If an element cannot be parsed - * @throws AuthenticationException If any authentication error occurs - */ - public InfoboxReadResponseParser(String xmlResponse) throws ParseException, AuthenticationException { - - try { - InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8")); - init(s); - } - catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString()}, t); - } - } - - /** - * Parses and validates the document given as stream and extracts the - * root element. - * - * @param is <code><InfoboxReadResponse></code> as InputStream - * @throws ParseException If an element cannot be parsed - * @throws AuthenticationException If any authentication error occurs - */ - public InfoboxReadResponseParser(InputStream is) throws ParseException, AuthenticationException { - init(is); - } - - /** - * Initializes the parser. - * Parses and validates the document given as stream and extracts the - * root element. - * - * @param is The InfoBoxReadResponse as stream. - * @throws AuthenticationException If an authentication error occurs. - * @throws ParseException If an error occurs on parsing the the document. - */ - private void init(InputStream is) throws AuthenticationException, ParseException { - try { - - Element responseElem = DOMUtils.parseXmlValidating(is); - - if ("InfoboxReadResponse".equals(responseElem.getLocalName())) { - infoBoxElem_ = responseElem; - } else { - ErrorResponseParser erp = new ErrorResponseParser(responseElem); - throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()}); - } - - } catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString()}, t); - } - } - - - - /** - * Parses the embedded <code><saml:Assertion></code> element from <code><InfoboxReadResponse></code> - * @return <code><saml:Assertion></code> as String - * @throws ParseException on any parsing error - */ -// public String parseSAMLAssertion() throws ParseException { -// try { -// -// String slPrefix = XPathUtils.getSlPrefix(infoBoxElem_); -// StringBuffer sb = new StringBuffer("/"); -// sb.append(slPrefix); -// sb.append(":InfoboxReadResponse/"); -// sb.append(slPrefix); -// sb.append(":BinaryFileData/"); -// sb.append(slPrefix); -// sb.append(":XMLContent/"); -// sb.append(Constants.SAML_PREFIX); -// sb.append(":Assertion"); -// String samlAssertionXPath = sb.toString(); -// Element samlAssertion = (Element) XPathUtils.selectSingleNode(infoBoxElem_, samlAssertionXPath); -// return DOMUtils.serializeNode(samlAssertion); -// -// } -// catch (Throwable t) { -// throw new ParseException("parser.01", new Object[] { t.toString()}, t); -// } -// } - - /** - * Parses the embedded <code><saml:Assertion></code> element from <code><InfoboxReadResponse></code> - * @return <code><saml:Assertion></code> as String - * @throws ParseException on any parsing error - */ - public Element parseSAMLAssertion() throws ParseException { - try { - - String slPrefix = XPathUtils.getSlPrefix(infoBoxElem_); - StringBuffer sb = new StringBuffer("/"); - sb.append(slPrefix); - sb.append(":InfoboxReadResponse/"); - sb.append(slPrefix); - sb.append(":BinaryFileData/"); - sb.append(slPrefix); - sb.append(":XMLContent/"); - sb.append(Constants.SAML_PREFIX); - sb.append(":Assertion"); - String samlAssertionXPath = sb.toString(); - Element samlAssertion = (Element) XPathUtils.selectSingleNode(infoBoxElem_, samlAssertionXPath); - return samlAssertion; - - } - catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString()}, t); - } - } - - /** - * Parses the identity link from the <code><saml:Assertion></code> - * @return Identity link - * @throws ParseException on any parsing error - */ - -// public IdentityLink parseIdentityLink() throws ParseException { -// String samlAssertionString = parseSAMLAssertion(); -// IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(samlAssertionString); -// return ilParser.parseIdentityLink(); -// } - - /** - * Parses the identity link from the <code><saml:Assertion></code> - * @return Identity link - * @throws ParseException on any parsing error - */ - public IdentityLink parseIdentityLink() throws ParseException { - Element samlAssertion = parseSAMLAssertion(); - IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(samlAssertion); - return ilParser.parseIdentityLink(); - } - - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java deleted file mode 100644 index 7c4c01abe..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java +++ /dev/null @@ -1,58 +0,0 @@ -package at.gv.egovernment.moa.id.auth.parser; - -import java.io.IOException; - -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.util.Base64Utils; - -/** - * Parser for a SAML artifact. - * @author Paul Ivancsics - * @version $Id$ - */ -public class SAMLArtifactParser { - /** byte array containing the SamlArtifact bytes */ - private byte[] samlArtifactBytes; - - /** - * Constructor - * @param samlArtifact as String - * @throws ParseException on any parsing error - */ - public SAMLArtifactParser(String samlArtifact) throws ParseException { - try { - samlArtifactBytes = Base64Utils.decode(samlArtifact, false); - } - catch (IOException ex) { - throw new ParseException("parser.02", new Object[] {ex.toString()}, ex); - } - } - /** - * Parses the type code. - * @return type code - * @throws ParseException when SAML artifact is invalid - */ - public byte[] parseTypeCode() throws ParseException { - try { - byte[] typeCode = new byte[] {samlArtifactBytes[0], samlArtifactBytes[1]}; - return typeCode; - } - catch (Throwable ex) { - throw new ParseException("parser.02", new Object[] {ex.toString()}, ex); - } - } - /** - * Parses the assertion handle. - * @return assertion handle - * @throws ParseException when SAML artifact is invalid - */ - public String parseAssertionHandle() throws ParseException { - try { - return new String(samlArtifactBytes, 22, 20); - } - catch (Throwable ex) { - throw new ParseException("parser.02", new Object[] {ex.toString()}, ex); - } - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java deleted file mode 100644 index 4c49afb76..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java +++ /dev/null @@ -1,156 +0,0 @@ -package at.gv.egovernment.moa.id.auth.parser; - -import iaik.utils.Base64InputStream; -import iaik.x509.X509Certificate; -import java.io.ByteArrayInputStream; -import java.io.InputStream; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.*; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * Parses a <code><VerifyXMLSignatureResponse></code> returned by - * MOA-SPSS. - * This class implements the Singleton pattern - * - * @author Stefan Knirsch - * @version $Id$ - */ - - -public class VerifyXMLSignatureResponseParser { - // - // XPath namespace prefix shortcuts - // - /** Xpath prefix for reaching MOA Namespaces */ - private static final String MOA = Constants.MOA_PREFIX + ":"; - /** Xpath prefix for reaching DSIG Namespaces */ - private static final String DSIG = Constants.DSIG_PREFIX + ":"; - /** Xpath expression to the root element */ - private static final String ROOT = "/" + MOA + "VerifyXMLSignatureResponse/"; - - /** Xpath expression to the X509SubjectName element */ - private static final String DSIG_SUBJECT_NAME_XPATH = - ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + - DSIG + "X509SubjectName"; - /** Xpath expression to the X509Certificate element */ - private static final String DSIG_X509_CERTIFICATE_XPATH = - ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + - DSIG + "X509Certificate"; - /** Xpath expression to the PublicAuthority element */ - private static final String PUBLIC_AUTHORITY_XPATH = - ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + - MOA + "PublicAuthority"; - /** Xpath expression to the PublicAuthorityCode element */ - private static final String PUBLIC_AUTHORITY_CODE_XPATH = - PUBLIC_AUTHORITY_XPATH + "/" + MOA + "Code"; - /** Xpath expression to the QualifiedCertificate element */ - private static final String QUALIFIED_CERTIFICATE_XPATH = - ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + - MOA + "QualifiedCertificate"; - - /** Xpath expression to the SignatureCheckCode element */ - private static final String SIGNATURE_CHECK_CODE_XPATH = - ROOT + MOA + "SignatureCheck/" + MOA + "Code"; - /** Xpath expression to the XMLDSIGManifestCheckCode element */ - private static final String XMLDSIG_MANIFEST_CHECK_CODE_XPATH = - ROOT + MOA + "XMLDSIGManifestCheck/" + MOA + "Code"; - /** Xpath expression to the CertificateCheckCode element */ - private static final String CERTIFICATE_CHECK_CODE_XPATH = - ROOT + MOA + "CertificateCheck/" + MOA + "Code"; - - - /** This is the root element of the XML-Document provided by the Security Layer Card*/ - private Element verifyXMLSignatureResponse; - - /** - * Constructor for VerifyXMLSignatureResponseParser. - * A DOM-representation of the incoming String will be created - * @param xmlResponse <code><InfoboxReadResponse></code> as String - * @throws ParseException on any parsing error - */ - public VerifyXMLSignatureResponseParser(String xmlResponse) throws ParseException{ - try { - InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8")); - - verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(s); - } - catch (Throwable t) { - throw new ParseException("parser.01", new Object[] { t.toString() }, t); - } - } - - /** - * Constructor for VerifyXMLSignatureResponseParser. - * A DOM-representation of the incoming Inputstream will be created - * @param xmlResponse <code><InfoboxReadResponse></code> as InputStream - * @throws Exception on any parsing error - */ - public VerifyXMLSignatureResponseParser(InputStream xmlResponse) throws Exception - { - try { - verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(xmlResponse); - } - catch (Throwable t) { - throw new ParseException("parser.01", null, t); - } - } - - /** - * Constructor for VerifyXMLSignatureResponseParser. - * The incoming Element will be used for further operations - * @param xmlResponse <code><InfoboxReadResponse></code> as Element - */ - public VerifyXMLSignatureResponseParser(Element xmlResponse) - { - verifyXMLSignatureResponse =xmlResponse; - - } - - /** - * Parse identity link from <code><InfoboxReadResponse></code> - * @return Identity link - * @throws ParseException on any parsing error - */ - - public VerifyXMLSignatureResponse parseData() throws ParseException { - - VerifyXMLSignatureResponse respData=new VerifyXMLSignatureResponse(); - - try { - respData.setXmlDsigSubjectName(XPathUtils.getElementValue(verifyXMLSignatureResponse,DSIG_SUBJECT_NAME_XPATH,"")); - Element e = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,QUALIFIED_CERTIFICATE_XPATH); - respData.setQualifiedCertificate(e!=null); - - Base64InputStream in = new Base64InputStream(new ByteArrayInputStream(XPathUtils.getElementValue( - verifyXMLSignatureResponse,DSIG_X509_CERTIFICATE_XPATH,"").getBytes("UTF-8")),true); - - respData.setX509certificate(new X509Certificate(in)); - Element publicAuthority = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_XPATH); - respData.setPublicAuthority(publicAuthority != null); - respData.setPublicAuthorityCode(XPathUtils.getElementValue(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_CODE_XPATH,"")); - respData.setSignatureCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNATURE_CHECK_CODE_XPATH,"")).intValue()); - - String xmlDsigCheckCode = XPathUtils.getElementValue(verifyXMLSignatureResponse,XMLDSIG_MANIFEST_CHECK_CODE_XPATH,null); - if (xmlDsigCheckCode!=null) - { - respData.setXmlDSIGManigest(true); - respData.setXmlDSIGManifestCheckCode(new Integer(xmlDsigCheckCode).intValue()); - } - else - respData.setXmlDSIGManigest(false); - respData.setCertificateCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,CERTIFICATE_CHECK_CODE_XPATH,"")).intValue()); - } - catch (Throwable t) { - throw new ParseException("parser.01", null, t); - } - return respData; - } - - -} |