aboutsummaryrefslogtreecommitdiff
path: root/id.server/src/at/gv/egovernment/moa/id/auth/validator
diff options
context:
space:
mode:
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/auth/validator')
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java38
1 files changed, 25 insertions, 13 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index c4c22fd02..5adbc5b3d 100644
--- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -2,6 +2,7 @@ package at.gv.egovernment.moa.id.auth.validator;
import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey;
+import iaik.security.ecc.ecdsa.ECPublicKey;
import iaik.asn1.structures.Name;
import iaik.utils.RFC2253NameParserException;
@@ -112,24 +113,35 @@ public class VerifyXMLSignatureResponseValidator {
X509Certificate x509Response = verifyXMLSignatureResponse.getX509certificate();
PublicKey[] pubKeysIdentityLink = (PublicKey[]) idl.getPublicKey();
- RSAPublicKey pubKeyResponse = (RSAPublicKey) x509Response.getPublicKey();
+ PublicKey pubKeySignature = x509Response.getPublicKey();
boolean found = false;
for (int i = 0; i < pubKeysIdentityLink.length; i++) {
- if (idl.getPublicKey()[i]
- instanceof java.security.interfaces.RSAPublicKey) {
- /* for (int j = 0;
- j < idl.getPublicKey()[i].getClass().getInterfaces().length;
- j++) {
- if (idl.getPublicKey()[i].getClass().getInterfaces()[j].getName()
- .equals("java.security.interfaces.RSAPublicKey")) {*/
- RSAPublicKey rsakey = (RSAPublicKey) pubKeysIdentityLink[i];
- if (rsakey.getModulus().equals(pubKeyResponse.getModulus())
- && rsakey.getPublicExponent().equals(
- pubKeyResponse.getPublicExponent()))
- found = true;
+
+ //compare RSAPublicKeys
+ if ((idl.getPublicKey()[i] instanceof java.security.interfaces.RSAPublicKey) &&
+ (pubKeySignature instanceof java.security.interfaces.RSAPublicKey)) {
+
+ RSAPublicKey rsaPubKeySignature = (RSAPublicKey) pubKeySignature;
+ RSAPublicKey rsakey = (RSAPublicKey) pubKeysIdentityLink[i];
+
+ //TODO check the usage of equals method
+ if (rsakey.getModulus().equals(rsaPubKeySignature.getModulus())
+ && rsakey.getPublicExponent().equals(rsaPubKeySignature.getPublicExponent()))
+ found = true;
}
+
+ //compare ECDSAPublicKeys
+ //TODO check implementation
+ if((idl.getPublicKey()[i] instanceof iaik.security.ecc.ecdsa.ECPublicKey) &&
+ (pubKeySignature instanceof iaik.security.ecc.ecdsa.ECPublicKey)) {
+ ECPublicKey ecdsaPubKeySignature = (ECPublicKey) pubKeySignature;
+ ECPublicKey ecdsakey = (ECPublicKey) pubKeysIdentityLink[i];
+
+ if(ecdsakey.equals(ecdsaPubKeySignature))
+ found = true;
+ }
}
if (!found)
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 04:35:40 +0000