From 2e41e68813cab482713ba55a792fce74ddb4f094 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 20 Nov 2017 11:47:43 +0100 Subject: add scheme file --- .../resources/schemas/sstc-metadata-attr.xsd | 35 ++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 id/server/moa-id-commons/src/main/resources/resources/schemas/sstc-metadata-attr.xsd diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/sstc-metadata-attr.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/sstc-metadata-attr.xsd new file mode 100644 index 000000000..f23e462a5 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/sstc-metadata-attr.xsd @@ -0,0 +1,35 @@ + + + + + + Document title: SAML V2.0 Metadata Extention for Entity Attributes Schema + Document identifier: sstc-metadata-attr.xsd + Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security + Revision history: + V1.0 (November 2008): + Initial version. + + + + + + + + + + + + + + + -- cgit v1.2.3 From d82e0c848f7c82aa9edf28ca55a68de82b19c88c Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 21 Nov 2017 12:43:57 +0100 Subject: add eIDAS request validation regarding minimum data-set and SPType --- .../moa/id/auth/modules/eidas/Constants.java | 18 +++++++++ .../moa/id/protocols/eidas/EIDASProtocol.java | 47 +++++++++++++++------- 2 files changed, 51 insertions(+), 14 deletions(-) diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java index d975b6e0a..74cf665ca 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java @@ -22,10 +22,17 @@ */ package at.gv.egovernment.moa.id.auth.modules.eidas; +import java.net.URI; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + import org.apache.xml.security.signature.XMLSignature; import org.opensaml.xml.encryption.EncryptionConstants; import org.opensaml.xml.signature.SignatureConstants; +import at.gv.egovernment.moa.id.data.Trible; + /** * @author tlenz * @@ -119,4 +126,15 @@ public class Constants { EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128 + ";" + EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256; + public static final List NATURALPERSONMINIMUMDATASETLIST = Collections.unmodifiableList(new ArrayList() { + private static final long serialVersionUID = 1L; + { + add(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_FAMILY_NAME.getNameUri()); + add(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_GIVEN_NAME.getNameUri()); + add(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.DATE_OF_BIRTH.getNameUri()); + add(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.PERSON_IDENTIFIER.getNameUri()); + } + }); + + } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java index 1ce900ebb..8fb81082f 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java @@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.protocols.eidas; import java.io.IOException; import java.io.StringWriter; +import java.net.URI; import java.util.List; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -62,6 +63,7 @@ import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import eu.eidas.auth.commons.EidasStringUtil; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; import eu.eidas.auth.commons.protocol.IAuthenticationRequest; import eu.eidas.auth.commons.protocol.IResponseMessage; import eu.eidas.auth.commons.protocol.eidas.IEidasAuthenticationRequest; @@ -302,7 +304,37 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController { } - + //validate service-provider type from eIDAS request + String spType = null; + if (eIDASSamlReq.getSpType() != null) + spType = eIDASSamlReq.getSpType(); + + if (MiscUtil.isEmpty(spType)) + spType = MetadataUtil.getSPTypeFromMetadata(eIDASNodeEntityDesc); + + if (MiscUtil.isNotEmpty(spType)) + Logger.debug("eIDAS request has SPType:" + spType); + else { + Logger.warn("eIDAS request and eIDAS metadata contains NO 'SPType' element."); + throw new EIDASAuthnRequestProcessingException("eIDAS.06", + new Object[]{"eIDAS request and eIDAS metadata contains NO 'SPType' element."}); + + } + + //validate if minimal data-set if it is not fully requested + //TODO: must be tested!!!! + ImmutableAttributeMap reqAttrList = eIDASSamlReq.getRequestedAttributes(); + for (URI el : Constants.NATURALPERSONMINIMUMDATASETLIST) { + if(reqAttrList.getAttributeValuesByNameUri(el) == null) { + Logger.warn("Minimum data-set attribute: " + el + " is not requested."); + throw new EIDASAuthnRequestProcessingException("eIDAS.06", + new Object[]{"eIDAS request does not contain all attributes of minimum data-set for natural person"}); + + } + } + + + //************************************************* //***** store eIDAS request information ********* //************************************************* @@ -335,19 +367,6 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController { // - memorize OA config pendingReq.setOnlineApplicationConfiguration(oaConfig); - - // - memorize service-provider type from eIDAS request - String spType = null; - if (eIDASSamlReq.getSpType() != null) - spType = eIDASSamlReq.getSpType(); - - if (MiscUtil.isEmpty(spType)) - spType = MetadataUtil.getSPTypeFromMetadata(eIDASNodeEntityDesc); - - if (MiscUtil.isNotEmpty(spType)) - Logger.debug("eIDAS request has SPType:" + spType); - else - Logger.info("eIDAS request and eIDAS metadata contains NO 'SPType' element."); } catch (MOAIDException e) { Logger.info("eIDAS AuthnRequest preProcessing FAILED. Msg:" + e.getMessage()); -- cgit v1.2.3 From 7523477ce0884b45a992748a12ea824fa85ea14d Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sun, 26 Nov 2017 21:04:51 +0100 Subject: add String escaping on same methods --- .../moa/id/auth/servlet/AbstractController.java | 3 +- .../id/auth/servlet/IDPSingleLogOutServlet.java | 5 +- .../moa/id/auth/servlet/RedirectServlet.java | 2 +- .../moa/id/moduls/AuthenticationManager.java | 2 +- .../protocols/ProtocolFinalizationController.java | 5 +- .../moa/id/protocols/pvp2x/utils/Digester.java | 48 --- .../id/protocols/pvp2x/utils/PrettyPrinter.java | 323 --------------------- .../at/gv/egovernment/moa/id/util/XMLUtil.java | 143 --------- .../id/commons/config/MigrateConfiguration.java | 206 ++++++------- .../java/at/gv/egovernment/moa/util/FileUtils.java | 68 ++--- .../at/gv/egovernment/moa/util/KeyStoreUtils.java | 54 ++-- .../at/gv/egovernment/moa/util/OutputXML2File.java | 102 ------- .../gv/egovernment/moa/util/KeyStoreUtilsTest.java | 20 +- .../moa/id/auth/validator/parep/ParepUtils.java | 36 +-- .../oauth20/protocol/OAuth20AuthAction.java | 2 +- .../ssotransfer/servlet/SSOTransferServlet.java | 7 +- 16 files changed, 206 insertions(+), 820 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/Digester.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/PrettyPrinter.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/XMLUtil.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java index 5f74d8fdd..67611dd72 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java @@ -254,7 +254,8 @@ public abstract class AbstractController extends MOAIDAuthConstants { //add stacktrace if debug is enabled if (Logger.isTraceEnabled()) { - config.putCustomParameter("stacktrace", getStacktraceFromException(error)); + config.putCustomParameter("stacktrace", + StringEscapeUtils.escapeHtml(getStacktraceFromException(error))); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java index a146f778e..19f3fdc54 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java @@ -28,6 +28,7 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.commons.lang.StringEscapeUtils; import org.opensaml.saml2.core.LogoutResponse; import org.opensaml.saml2.metadata.SingleLogoutService; import org.springframework.beans.factory.annotation.Autowired; @@ -93,9 +94,9 @@ public class IDPSingleLogOutServlet extends AbstractController { String ssoid = ssoManager.getSSOSessionID(req); - Object restartProcessObj = req.getParameter(MOAIDAuthConstants.PARAM_SLORESTART); + Object restartProcessObj = StringEscapeUtils.escapeHtml(req.getParameter(MOAIDAuthConstants.PARAM_SLORESTART)); - Object tokkenObj = req.getParameter(MOAIDAuthConstants.PARAM_SLOSTATUS); + Object tokkenObj = StringEscapeUtils.escapeHtml(req.getParameter(MOAIDAuthConstants.PARAM_SLOSTATUS)); String tokken = null; String status = null; if (tokkenObj != null && tokkenObj instanceof String) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java index be511d888..a7f911845 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java @@ -65,7 +65,7 @@ public class RedirectServlet { Logger.debug("Receive " + RedirectServlet.class + " Request"); String url = req.getParameter(REDIRCT_PARAM_URL); - String target = req.getParameter(MOAIDAuthConstants.PARAM_TARGET); + String target = StringEscapeUtils.escapeHtml(req.getParameter(MOAIDAuthConstants.PARAM_TARGET)); String artifact = req.getParameter(MOAIDAuthConstants.PARAM_SAMLARTIFACT); String interIDP = req.getParameter(MOAIDAuthConstants.INTERFEDERATION_IDP); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index aff2c83ad..3770dad2f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -161,7 +161,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { Logger.info("Remove active user-session"); if(internalMOASsoSessionID == null) { - internalMOASsoSessionID = (String) request.getParameter(PARAM_SESSIONID); + internalMOASsoSessionID = StringEscapeUtils.escapeHtml((String) request.getParameter(PARAM_SESSIONID)); } if(internalMOASsoSessionID == null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java index 0f9b615a4..aebcf372e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java @@ -27,6 +27,7 @@ import java.io.IOException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.commons.lang.StringEscapeUtils; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -51,7 +52,7 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon public void finalizeAuthProtocol(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException { //read pendingRequest from http request - Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID); + Object idObject = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_TARGET_PENDINGREQUESTID)); IRequest pendingReq = null; String pendingRequestID = null; if (idObject != null && (idObject instanceof String)) { @@ -61,7 +62,7 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon } //receive an authentication error - String errorid = req.getParameter(ERROR_CODE_PARAM); + String errorid = StringEscapeUtils.escapeHtml(req.getParameter(ERROR_CODE_PARAM)); if (errorid != null) { try { //load stored exception from database diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/Digester.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/Digester.java deleted file mode 100644 index d715b8b7b..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/Digester.java +++ /dev/null @@ -1,48 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.pvp2x.utils; - -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -public class Digester { - public static String byteArrayToHexString(byte[] b) { - String result = ""; - for (int i=0; i < b.length; i++) { - result += - Integer.toString( ( b[i] & 0xff ) + 0x100, 16).substring( 1 ); - } - return result; - } - - public static String toSHA1(byte[] convertme) { - MessageDigest md = null; - try { - md = MessageDigest.getInstance("SHA-1"); - } - catch(NoSuchAlgorithmException e) { - e.printStackTrace(); - } - return byteArrayToHexString(md.digest(convertme)); - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/PrettyPrinter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/PrettyPrinter.java deleted file mode 100644 index c40731576..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/PrettyPrinter.java +++ /dev/null @@ -1,323 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.pvp2x.utils; - -import java.io.*; -import javax.xml.parsers.*; -import javax.xml.transform.*; -import javax.xml.transform.dom.*; -import javax.xml.transform.stream.*; - -import org.w3c.dom.Document; - -import org.xml.sax.*; -import org.xml.sax.helpers.*; - - -/** -This class "pretty prints" an XML stream to something more human-readable. -It duplicates the character content with some modifications to whitespace, -restoring line breaks and a simple pattern of indenting child elements. - -This version of the class acts as a SAX 2.0 DefaultHandler, -so to provide the unformatted XML just pass a new instance to a SAX parser. -Its output is via the {@link #toString toString} method. - -One major limitation: we gather character data for elements in a single -buffer, so mixed-content documents will lose a lot of data! This works -best with data-centric documents where elements either have single values -or child elements, but not both. - -@author Will Provost -*/ -/* -Copyright 2002-2003 by Will Provost. -All rights reserved. -*/ -public class PrettyPrinter - extends DefaultHandler -{ - /** - Convenience method to wrap pretty-printing SAX pass over existing content. - */ - public static String prettyPrint (byte[] content) - { - try - { - PrettyPrinter pretty = new PrettyPrinter (); - SAXParserFactory factory = SAXParserFactory.newInstance (); - factory.setFeature - ("http://xml.org/sax/features/namespace-prefixes", true); - factory.newSAXParser ().parse - (new ByteArrayInputStream (content), pretty); - return pretty.toString (); - } - catch (Exception ex) - { - ex.printStackTrace (); - return "EXCEPTION: " + ex.getClass ().getName () + " saying \"" + - ex.getMessage () + "\""; - } - } - - /** - Convenience method to wrap pretty-printing SAX pass over existing content. - */ - public static String prettyPrint (String content) - { - try - { - PrettyPrinter pretty = new PrettyPrinter (); - SAXParserFactory factory = SAXParserFactory.newInstance (); - factory.setFeature - ("http://xml.org/sax/features/namespace-prefixes", true); - factory.newSAXParser ().parse (content, pretty); - return pretty.toString (); - } - catch (Exception ex) - { - ex.printStackTrace (); - return "EXCEPTION: " + ex.getClass ().getName () + " saying \"" + - ex.getMessage () + "\""; - } - } - - /** - Convenience method to wrap pretty-printing SAX pass over existing content. - */ - public static String prettyPrint (InputStream content) - { - try - { - PrettyPrinter pretty = new PrettyPrinter (); - SAXParserFactory factory = SAXParserFactory.newInstance (); - factory.setFeature - ("http://xml.org/sax/features/namespace-prefixes", true); - factory.newSAXParser ().parse (content, pretty); - return pretty.toString (); - } - catch (Exception ex) - { - ex.printStackTrace (); - return "EXCEPTION: " + ex.getClass ().getName () + " saying \"" + - ex.getMessage () + "\""; - } - } - - /** - Convenience method to wrap pretty-printing SAX pass over existing content. - */ - public static String prettyPrint (Document doc) - throws TransformerException - { - try - { - ByteArrayOutputStream buffer = new ByteArrayOutputStream (); - TransformerFactory.newInstance ().newTransformer() - .transform (new DOMSource (doc), new StreamResult (buffer)); - byte[] rawResult = buffer.toByteArray (); - buffer.close (); - - return prettyPrint (rawResult); - } - catch (Exception ex) - { - ex.printStackTrace (); - return "EXCEPTION: " + ex.getClass ().getName () + " saying \"" + - ex.getMessage () + "\""; - } - } - - public static class StreamAdapter - extends OutputStream - { - public StreamAdapter (Writer finalDestination) - { - this.finalDestination = finalDestination; - } - - public void write (int b) - { - out.write (b); - } - - public void flushPretty () - throws IOException - { - PrintWriter finalPrinter = new PrintWriter (finalDestination); - finalPrinter.println - (PrettyPrinter.prettyPrint (out.toByteArray ())); - finalPrinter.close (); - out.close (); - } - - private ByteArrayOutputStream out = new ByteArrayOutputStream (); - Writer finalDestination; - } - - /** - Call this to get the formatted XML post-parsing. - */ - public String toString () - { - return output.toString (); - } - - /** - Prints the XML declaration. - */ - public void startDocument () - throws SAXException - { - output.append ("") - .append (endLine); - } - - /** - Prints a blank line at the end of the reformatted document. - */ - public void endDocument () throws SAXException - { - output.append (endLine); - } - - /** - Writes the start tag for the element. - Attributes are written out, one to a text line. Starts gathering - character data for the element. - */ - public void startElement - (String URI, String name, String qName, Attributes attributes) - throws SAXException - { - if (justHitStartTag) - output.append ('>'); - - output.append (endLine) - .append (indent) - .append ('<') - .append (qName); - - int length = attributes.getLength (); - for (int a = 0; a < length; ++a) - output.append (endLine) - .append (indent) - .append (standardIndent) - .append (attributes.getQName (a)) - .append ("=\"") - .append (attributes.getValue (a)) - .append ('\"'); - - if (length > 0) - output.append (endLine) - .append (indent); - - indent += standardIndent; - currentValue = new StringBuffer (); - justHitStartTag = true; - } - - /** - Checks the {@link #currentValue} buffer to gather element content. - Writes this out if it is available. Writes the element end tag. - */ - public void endElement (String URI, String name, String qName) - throws SAXException - { - indent = indent.substring - (0, indent.length () - standardIndent.length ()); - - if (currentValue == null) - output.append (endLine) - .append (indent) - .append ("'); - else if (currentValue.length () != 0) - output.append ('>') - .append (currentValue.toString ()) - .append ("'); - else - output.append ("/>"); - - currentValue = null; - justHitStartTag = false; - } - - /** - When the {@link #currentValue} buffer is enabled, appends character - data into it, to be gathered when the element end tag is encountered. - */ - public void characters (char[] chars, int start, int length) - throws SAXException - { - if (currentValue != null) - currentValue.append (escape (chars, start, length)); - } - - /** - Filter to pass strings to output, escaping < and & - characters to &lt; and &amp; respectively. - */ - private static String escape (char[] chars, int start, int length) - { - StringBuffer result = new StringBuffer (); - for (int c = start; c < start + length; ++c) - if (chars[c] == '<') - result.append ("<"); - else if (chars[c] == '&') - result.append ("&"); - else - result.append (chars[c]); - - return result.toString (); - } - - /** - This whitespace string is expanded and collapsed to manage the output - indenting. - */ - private String indent = ""; - - /** - A buffer for character data. It is "enabled" in - {@link #startElement startElement} by being initialized to a - new StringBuffer, and then read and reset to - null in {@link #endElement endElement}. - */ - private StringBuffer currentValue = null; - - /** - The primary buffer for accumulating the formatted XML. - */ - private StringBuffer output = new StringBuffer (); - - private boolean justHitStartTag; - - private static final String standardIndent = " "; - private static final String endLine = - System.getProperty ("line.separator"); -} - diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/XMLUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/XMLUtil.java deleted file mode 100644 index d87d510fa..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/XMLUtil.java +++ /dev/null @@ -1,143 +0,0 @@ -/** - * - */ -package at.gv.egovernment.moa.id.util; - -import java.io.File; -import java.io.IOException; -import java.io.Reader; -import java.io.StringReader; -import java.io.StringWriter; - -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.OutputKeys; -import javax.xml.transform.Result; -import javax.xml.transform.Source; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; - -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; - -/** - * Helper class for XML processing - * @author bzwattendorfer - * - */ -public class XMLUtil { - - /** - * Transforms a string representation to a DOM representation - * @param xmlString XML as string - * @return DOM representation of String - * @throws ParserConfigurationException - * @throws SAXException - * @throws IOException - */ - public static Element stringToDOM(String xmlString) throws ParserConfigurationException, SAXException, IOException { - DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); - dbf.setNamespaceAware(true); - - DocumentBuilder builder = dbf.newDocumentBuilder(); - - Reader reader = new StringReader(xmlString); - InputSource src = new InputSource(reader); - Document domDoc = builder.parse(src); - return domDoc.getDocumentElement(); - } - - /** - * Creates a new and empty XML document - * @return New XML document - * @throws ParserConfigurationException - */ - public static Document createNewDocument() throws ParserConfigurationException { - DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); - dbf.setNamespaceAware(true); - - DocumentBuilder builder = dbf.newDocumentBuilder(); - return builder.newDocument(); - } - - /** - * Transforms an XML to a String - * @param node XML node - * @return String represenation of XML - */ - public static String printXML(Node node) { - TransformerFactory tfactory = TransformerFactory.newInstance(); - Transformer serializer; - try { - serializer = tfactory.newTransformer(); - - serializer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); - serializer.setOutputProperty(OutputKeys.ENCODING,"UTF-8"); - - StringWriter output = new StringWriter(); - serializer.transform(new DOMSource(node), new StreamResult(output)); - return output.toString(); - } catch (TransformerException e) { - - throw new RuntimeException(e); - } - } - - /** - * Writes an XML element to a given file - * @param doc XML element - * @param filename Filename of the file where to write XML - */ - public static void writeXmlFile(Element doc, String filename) { - try { - - Source source = new DOMSource(doc); - File file = new File(filename); - Result result = new StreamResult(file); - - Transformer xformer = TransformerFactory.newInstance().newTransformer(); - xformer.transform(source, result); - } catch (Exception e) { - throw new RuntimeException(e); - } - } - - /** - * Gets the first text value of a NodeList - * @param nList NodeList - * @return first text value of a NodeList - */ - public static String getFirstTextValueFromNodeList(NodeList nList) { - if (nList != null && nList.getLength() != 0) { - return nList.item(0).getTextContent(); - } - return null; - } - - /** - * Gets the first element of a Node - * @param parent Node - * @return first element of a Node - */ - public static Element getFirstElement(Node parent) { - Node n = parent.getFirstChild(); - while (n != null && n.getNodeType() != Node.ELEMENT_NODE) { - n = n.getNextSibling(); - } - if (n == null) { - return null; - } - return (Element)n; - } - - - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java index 4e8c7dffd..32dd97148 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java @@ -1,103 +1,103 @@ -package at.gv.egovernment.moa.id.commons.config; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; - -import javax.xml.bind.JAXBException; - -import at.gv.egovernment.moa.id.commons.config.cli.MOAIDConfCLI; -import at.gv.egovernment.moa.id.commons.config.cli.MigrateConfigurationParams; - -/** - * CLI tool which is able to perform the following tasks: - *
    - *
  • transform a MoaID 2 XML configuration XML file to a MoaID 3 property file - *
  • - *
  • read a property file and transfer it's content to a database
  • - *
  • write the content of a database to a property file
  • - *
- */ -public class MigrateConfiguration { - - public static void main(String[] args) { - - MOAIDConfCLI cli = new MOAIDConfCLI(); - MigrateConfigurationParams parsedParameters = cli.parse(args); - - // consider settings of force switch - boolean isOverwriteData = parsedParameters.isOverwriteData(); - ConfigurationUtil configUtil = new ConfigurationUtil(isOverwriteData); - - if (!parsedParameters.isInputDB() && (parsedParameters.getInputTarget() != null)) { - // read input from file - workWithInputFromFile(parsedParameters.getInputTarget(), parsedParameters, configUtil); - - } else if (parsedParameters.getInputDBConfig() != null) { - // read input from database - workWithImputFromDB(parsedParameters, configUtil); - - } else { - System.exit(1); - } - } - - /** - * Handle the case where input from a file is read. - * - * @param inputFileUrl - * the url of the input file. - * @param parsedParameters - * the command line parameters. - * @param configUtil - * the class for working with the configuration. - */ - private static void workWithInputFromFile(String inputFileUrl, MigrateConfigurationParams parsedParameters, - ConfigurationUtil configUtil) { - File inFile = new File(inputFileUrl); - try (FileInputStream inStream = new FileInputStream(inFile);) { - - if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { - // input from file and output to a file is desired - File outFile = new File(parsedParameters.getOutputFile()); - configUtil.readFromXMLFileConvertToPropertyFile(inStream, outFile); - - } else if (parsedParameters.getOutputDBConfig() != null) { - // input from file and output to a database is desired - configUtil.readFromFileWriteToDB(inStream, parsedParameters.getOutputDBConfig()); - } - } catch (JAXBException e) { - System.out.println("MOA-ID XML configuration can not be loaded from given file."); - System.exit(1); - } catch (FileNotFoundException e) { - System.out.println("Could not find the input file."); - System.exit(1); - } catch (IOException e) { - System.out.println("Could not read from the input file."); - System.exit(1); - } - } - - /** - * Handle the case where input is read from a database. - * - * @param parsedParameters - * the command line parameters. - * @param configUtil - * the class for working with the configuration. - */ - private static void workWithImputFromDB(MigrateConfigurationParams parsedParameters, ConfigurationUtil configUtil) { - if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { - // input from database and output to a file is desired - File outFile = new File(parsedParameters.getOutputFile()); - String inputDBConfigFilePath = parsedParameters.getInputDBConfig(); - configUtil.readFromDBWriteToFile(inputDBConfigFilePath, outFile); - - } else if (parsedParameters.getOutputDBConfig() != null) { - // input from database and output to a database is desired - // configUtil.readFromDBWriteToDB(inDBConfigFilePath, - // outDBConfigFilePath); - } - } -} \ No newline at end of file +//package at.gv.egovernment.moa.id.commons.config; +// +//import java.io.File; +//import java.io.FileInputStream; +//import java.io.FileNotFoundException; +//import java.io.IOException; +// +//import javax.xml.bind.JAXBException; +// +//import at.gv.egovernment.moa.id.commons.config.cli.MOAIDConfCLI; +//import at.gv.egovernment.moa.id.commons.config.cli.MigrateConfigurationParams; +// +///** +// * CLI tool which is able to perform the following tasks: +// *
    +// *
  • transform a MoaID 2 XML configuration XML file to a MoaID 3 property file +// *
  • +// *
  • read a property file and transfer it's content to a database
  • +// *
  • write the content of a database to a property file
  • +// *
+// */ +//public class MigrateConfiguration { +// +// public static void main(String[] args) { +// +// MOAIDConfCLI cli = new MOAIDConfCLI(); +// MigrateConfigurationParams parsedParameters = cli.parse(args); +// +// // consider settings of force switch +// boolean isOverwriteData = parsedParameters.isOverwriteData(); +// ConfigurationUtil configUtil = new ConfigurationUtil(isOverwriteData); +// +// if (!parsedParameters.isInputDB() && (parsedParameters.getInputTarget() != null)) { +// // read input from file +// workWithInputFromFile(parsedParameters.getInputTarget(), parsedParameters, configUtil); +// +// } else if (parsedParameters.getInputDBConfig() != null) { +// // read input from database +// workWithImputFromDB(parsedParameters, configUtil); +// +// } else { +// System.exit(1); +// } +// } +// +// /** +// * Handle the case where input from a file is read. +// * +// * @param inputFileUrl +// * the url of the input file. +// * @param parsedParameters +// * the command line parameters. +// * @param configUtil +// * the class for working with the configuration. +// */ +// private static void workWithInputFromFile(String inputFileUrl, MigrateConfigurationParams parsedParameters, +// ConfigurationUtil configUtil) { +// File inFile = new File(inputFileUrl); +// try (FileInputStream inStream = new FileInputStream(inFile);) { +// +// if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { +// // input from file and output to a file is desired +// File outFile = new File(parsedParameters.getOutputFile()); +// configUtil.readFromXMLFileConvertToPropertyFile(inStream, outFile); +// +// } else if (parsedParameters.getOutputDBConfig() != null) { +// // input from file and output to a database is desired +// configUtil.readFromFileWriteToDB(inStream, parsedParameters.getOutputDBConfig()); +// } +// } catch (JAXBException e) { +// System.out.println("MOA-ID XML configuration can not be loaded from given file."); +// System.exit(1); +// } catch (FileNotFoundException e) { +// System.out.println("Could not find the input file."); +// System.exit(1); +// } catch (IOException e) { +// System.out.println("Could not read from the input file."); +// System.exit(1); +// } +// } +// +// /** +// * Handle the case where input is read from a database. +// * +// * @param parsedParameters +// * the command line parameters. +// * @param configUtil +// * the class for working with the configuration. +// */ +// private static void workWithImputFromDB(MigrateConfigurationParams parsedParameters, ConfigurationUtil configUtil) { +// if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { +// // input from database and output to a file is desired +// File outFile = new File(parsedParameters.getOutputFile()); +// String inputDBConfigFilePath = parsedParameters.getInputDBConfig(); +// configUtil.readFromDBWriteToFile(inputDBConfigFilePath, outFile); +// +// } else if (parsedParameters.getOutputDBConfig() != null) { +// // input from database and output to a database is desired +// // configUtil.readFromDBWriteToDB(inDBConfigFilePath, +// // outDBConfigFilePath); +// } +// } +//} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java index a70d62e1e..3291f8a15 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java @@ -53,40 +53,40 @@ public class FileUtils { in.close(); return content; } - /** - * Reads a file, given by URL, into a String. - * @param urlString file URL - * @param encoding character encoding - * @return file content - * @throws IOException on any exception thrown - */ - public static String readURL(String urlString, String encoding) throws IOException { - byte[] content = readURL(urlString); - return new String(content, encoding); - } - /** - * Reads a file, given by filename, into a byte array. - * @param filename filename - * @return file content - * @throws IOException on any exception thrown - */ - public static byte[] readFile(String filename) throws IOException { - BufferedInputStream in = new BufferedInputStream(new FileInputStream(filename)); - byte[] content = StreamUtils.readStream(in); - in.close(); - return content; - } - /** - * Reads a file, given by filename, into a String. - * @param filename filename - * @param encoding character encoding - * @return file content - * @throws IOException on any exception thrown - */ - public static String readFile(String filename, String encoding) throws IOException { - byte[] content = readFile(filename); - return new String(content, encoding); - } +// /** +// * Reads a file, given by URL, into a String. +// * @param urlString file URL +// * @param encoding character encoding +// * @return file content +// * @throws IOException on any exception thrown +// */ +// public static String readURL(String urlString, String encoding) throws IOException { +// byte[] content = readURL(urlString); +// return new String(content, encoding); +// } +// /** +// * Reads a file, given by filename, into a byte array. +// * @param filename filename +// * @return file content +// * @throws IOException on any exception thrown +// */ +// public static byte[] readFile(String filename) throws IOException { +// BufferedInputStream in = new BufferedInputStream(new FileInputStream(filename)); +// byte[] content = StreamUtils.readStream(in); +// in.close(); +// return content; +// } +// /** +// * Reads a file, given by filename, into a String. +// * @param filename filename +// * @param encoding character encoding +// * @return file content +// * @throws IOException on any exception thrown +// */ +// public static String readFile(String filename, String encoding) throws IOException { +// byte[] content = readFile(filename); +// return new String(content, encoding); +// } /** * Reads a file from a resource. * @param name resource name diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java index 3d28f4f2b..38dcafcc0 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java @@ -126,33 +126,33 @@ public class KeyStoreUtils { } return ks; } - /** - * Creates a key store from a directory containg X509 certificate files, - * aliasing them with the index in the String[], starting with "0". - * All the files in the directory are considered to be certificates. - * - * @param keyStoreType key store type - * @param certDirURLString file URL of directory containing certificate filenames - * @return key store created - * @throws IOException thrown while reading the certificates from file - * @throws GeneralSecurityException thrown while creating the key store - */ - public static KeyStore createKeyStoreFromCertificateDirectory( - String keyStoreType, - String certDirURLString) - throws IOException, GeneralSecurityException { - - URL certDirURL = new URL(certDirURLString); - String certDirname = certDirURL.getFile(); - File certDir = new File(certDirname); - String[] certFilenames = certDir.list(); - String separator = - (certDirname.endsWith(File.separator) ? "" : File.separator); - for (int i = 0; i < certFilenames.length; i++) { - certFilenames[i] = certDirname + separator + certFilenames[i]; - } - return createKeyStore(keyStoreType, certFilenames); - } +// /** +// * Creates a key store from a directory containg X509 certificate files, +// * aliasing them with the index in the String[], starting with "0". +// * All the files in the directory are considered to be certificates. +// * +// * @param keyStoreType key store type +// * @param certDirURLString file URL of directory containing certificate filenames +// * @return key store created +// * @throws IOException thrown while reading the certificates from file +// * @throws GeneralSecurityException thrown while creating the key store +// */ +// public static KeyStore createKeyStoreFromCertificateDirectory( +// String keyStoreType, +// String certDirURLString) +// throws IOException, GeneralSecurityException { +// +// URL certDirURL = new URL(certDirURLString); +// String certDirname = certDirURL.getFile(); +// File certDir = new File(certDirname); +// String[] certFilenames = certDir.list(); +// String separator = +// (certDirname.endsWith(File.separator) ? "" : File.separator); +// for (int i = 0; i < certFilenames.length; i++) { +// certFilenames[i] = certDirname + separator + certFilenames[i]; +// } +// return createKeyStore(keyStoreType, certFilenames); +// } /** * Loads an X509 certificate from file. diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java deleted file mode 100644 index e3f8f75a1..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -/* - * Created on 26.04.2004 - * - * @author rschamberger - * $ID$ - */ -package at.gv.egovernment.moa.util; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.logging.Logger; - -/** - * utility functions to write XML data to files - * @author rschamberger - * @version $Id$ - */ -public class OutputXML2File { - - /** - * writes an XML structure to file if debug is enabled in hierarchy (Encoding: UTF-8) - * - * @param filename file name - * @param rootElem root element in DOM tree - * @param hierarchy of the Logger - */ - public static void debugOutputXML2File(String filename, Element rootElem, String hierarchy) { - if (Logger.isDebugEnabled(hierarchy)) { - outputXML2File(filename, rootElem); - } - } - - /** - * writes an XML structure to file if debug is enabled in hierarchy (Encoding: UTF-8) - * - * @param filename file name - * @param xmlString XML string - * @param hierarchy of the Logger - */ - public static void debugOutputXML2File(String filename, String xmlString, String hierarchy) { - if (Logger.isDebugEnabled(hierarchy)) { - outputXML2File(filename, xmlString); - } - } - - /** - * writes an XML structure to file (Encoding: UTF-8) - * - * @param filename file name - * @param rootElem root element in DOM tree - */ - public static void outputXML2File(String filename, Element rootElem) { - try { - String xmlString = new String(DOMUtils.serializeNode(rootElem)); - outputXML2File(filename, xmlString); - } catch (Exception ex) { - ex.printStackTrace(); - } - } - - /** - * writes an XML structure to file (Encoding: UTF-8) - * - * @param filename file name - * @param xmlString XML string - */ - public static void outputXML2File(String filename, String xmlString) { - try { - java.io.OutputStream fout = new java.io.FileOutputStream(filename); - byte[] xmlData = xmlString.getBytes("UTF-8"); - fout.write(xmlData); - fout.close(); - } catch (Exception ex) { - ex.printStackTrace(); - } - } - -} diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java index 2433eca89..be5581139 100644 --- a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java @@ -75,16 +75,16 @@ public class KeyStoreUtilsTest extends TestCase { X509Certificate cert = (X509Certificate)ks.getCertificate("0"); assertEquals(3424, cert.getSerialNumber().intValue()); } - public void testCreateKeyStoreFromCertificateDirectory() throws Exception { - // copy certificate files to a temporary directory, - // omitting the "CVS" directory in the source directory - copyCertificates("data/test/security/server-certs", tmpDir); - KeyStore ks = KeyStoreUtils.createKeyStoreFromCertificateDirectory("jks", tmpDirURL); - assertEquals(2, ks.size()); - X509Certificate cert0 = (X509Certificate)ks.getCertificate("0"); - X509Certificate cert1 = (X509Certificate)ks.getCertificate("1"); - assertTrue(3424 == cert0.getSerialNumber().intValue() || 3424 == cert1.getSerialNumber().intValue()); - } +// public void testCreateKeyStoreFromCertificateDirectory() throws Exception { +// // copy certificate files to a temporary directory, +// // omitting the "CVS" directory in the source directory +// copyCertificates("data/test/security/server-certs", tmpDir); +// KeyStore ks = KeyStoreUtils.createKeyStoreFromCertificateDirectory("jks", tmpDirURL); +// assertEquals(2, ks.size()); +// X509Certificate cert0 = (X509Certificate)ks.getCertificate("0"); +// X509Certificate cert1 = (X509Certificate)ks.getCertificate("1"); +// assertTrue(3424 == cert0.getSerialNumber().intValue() || 3424 == cert1.getSerialNumber().intValue()); +// } private void copyCertificates(String from, String to) throws IOException { String[] fromList = new File(from).list(); for (int i = 0; i < fromList.length; i++) { diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java index 09c64c267..7bb07df74 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java @@ -94,24 +94,24 @@ public class ParepUtils { return str == null || "".equals(str); } - /** - * Reads a XML document from an input stream (namespace-aware). - * - * @param is - * the input stream to read from. - * @return the read XML document. - * @throws SZRGWClientException - * if an error occurs reading the document from the input stream. - */ - public static Document readDocFromIs(InputStream is) throws SZRGWClientException { - try { - DocumentBuilderFactory f = DocumentBuilderFactory.newInstance(); - f.setNamespaceAware(true); - return f.newDocumentBuilder().parse(is); - } catch (Exception e) { - throw new SZRGWClientException(e); - } - } +// /** +// * Reads a XML document from an input stream (namespace-aware). +// * +// * @param is +// * the input stream to read from. +// * @return the read XML document. +// * @throws SZRGWClientException +// * if an error occurs reading the document from the input stream. +// */ +// public static Document readDocFromIs(InputStream is) throws SZRGWClientException { +// try { +// DocumentBuilderFactory f = DocumentBuilderFactory.newInstance(); +// f.setNamespaceAware(true); +// return f.newDocumentBuilder().parse(is); +// } catch (Exception e) { +// throw new SZRGWClientException(e); +// } +// } // /* // * diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java index b2522ea33..b7c54203f 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java @@ -71,7 +71,7 @@ class OAuth20AuthAction implements IAction { revisionsLogger.logEvent(req, MOAIDEventConstants.AUTHPROTOCOL_OPENIDCONNECT_AUTHREQUEST); - String code = Random.nextRandom(); + String code = Random.nextHexRandom32(); try { diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java index 7d1bfd7b9..a37beac70 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java @@ -50,6 +50,7 @@ import javax.security.cert.X509Certificate; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.commons.lang.StringEscapeUtils; import org.bouncycastle.asn1.x500.X500Name; import org.bouncycastle.asn1.x509.BasicConstraints; import org.bouncycastle.asn1.x509.Extension; @@ -186,7 +187,7 @@ public class SSOTransferServlet{ Logger.debug("Receive " + this.getClass().getName() + " request"); Object tokenObj = req.getParameter(SSOTransferConstants.REQ_PARAM_TOKEN); if (tokenObj != null && tokenObj instanceof String) { - String token = (String)tokenObj; + String token = StringEscapeUtils.escapeHtml((String)tokenObj); try { Logger.debug("Load token:" + token + " from storage."); SSOTransferContainer container = transactionStorage.get(token, SSOTransferContainer.class, transmisionTimeOut * 1000); @@ -285,7 +286,7 @@ public class SSOTransferServlet{ Object tokenObj = req.getParameter(SSOTransferConstants.REQ_PARAM_TOKEN); if (tokenObj != null && tokenObj instanceof String) { - String token = (String)tokenObj; + String token = StringEscapeUtils.escapeHtml((String)tokenObj); try { SSOTransferContainer container = transactionStorage.get(token, SSOTransferContainer.class, transmisionTimeOut); if (container != null) { @@ -402,8 +403,6 @@ public class SSOTransferServlet{ null); if (ssomanager.isValidSSOSession(ssoid, null)) { - //Object createQRObj = req.getParameter(SSOTransferConstants.REQ_PARAM_GENERATE_QR); - //create first step of SSO Transfer GUI IAuthenticationSession authSession = authenticationSessionStorage.getInternalMOASessionWithSSOID(ssoid); -- cgit v1.2.3 From c635f245db55dbab616db3835087fbf33be832d0 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 27 Nov 2017 12:09:21 +0100 Subject: refactoring: rename method --- .../configuration/data/FormularCustomization.java | 4 +- .../id/configuration/data/oa/OABPKEncryption.java | 12 +++--- .../id/configuration/data/oa/OAGeneralConfig.java | 4 +- .../configuration/struts/action/IndexAction.java | 12 +++--- .../configuration/struts/action/ListOAsAction.java | 4 +- .../validation/FormularCustomizationValitator.java | 12 +++--- .../validation/UserDatabaseFormValidator.java | 22 +++++------ .../validation/moaconfig/MOAConfigValidator.java | 46 +++++++++++----------- .../validation/moaconfig/PVP2ContactValidator.java | 12 +++--- .../validation/moaconfig/StorkConfigValidator.java | 8 ++-- .../oa/OAAuthenticationDataValidation.java | 4 +- .../validation/oa/OAFileUploadValidation.java | 2 +- .../validation/oa/OATargetConfigValidation.java | 8 ++-- .../task/impl/GeneralMOAIDConfigurationTask.java | 36 ++++++++--------- .../task/impl/GeneralPVP2XConfigurationTask.java | 24 +++++------ .../task/impl/GeneralSTORKConfigurationTask.java | 8 ++-- .../ServicesAuthenticationInformationTask.java | 4 +- .../task/impl/ServicesBKUSelectionTask.java | 20 +++++----- .../task/impl/ServicesGeneralInformationTask.java | 4 +- .../validation/task/impl/ServicesTargetTask.java | 8 ++-- .../id/commons/validation/ValidationHelper.java | 13 +++--- 21 files changed, 133 insertions(+), 134 deletions(-) diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java index 5ee2ee6a7..b3f7c1f79 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java @@ -352,10 +352,10 @@ public class FormularCustomization implements IOnlineApplicationData { //validate aditionalAuthBlockText check = getAditionalAuthBlockText(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java index b2cd18c26..bac69cf34 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java @@ -203,10 +203,10 @@ public class OABPKEncryption implements IOnlineApplicationData { errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.empty", request)); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("bPK decryption keystore password contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -217,20 +217,20 @@ public class OABPKEncryption implements IOnlineApplicationData { errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.empty", request)); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("bPK decryption key alias contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } check = getKeyPassword(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("bPK decryption key password contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyPassword.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index 4cb7eba2d..c51513193 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -117,10 +117,10 @@ public class OAGeneralConfig implements IOnlineApplicationData{ //check OA FriendlyName check = getFriendlyName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("OAFriendlyName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.info("OA friendlyName is empty"); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index 4fecd89c1..df1786402 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -159,10 +159,10 @@ public class IndexAction extends BasicAction { String key = null; if (MiscUtil.isNotEmpty(username)) { - if (ValidationHelper.containsPotentialCSSCharacter(username, false)) { + if (ValidationHelper.containsNotValidCharacter(username, false)) { log.warn("Username contains potentail XSS characters: " + username); addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); return Constants.STRUTS_ERROR; } } else { @@ -614,10 +614,10 @@ public class IndexAction extends BasicAction { if (!sessionform.isIsmandateuser()) { check = user.getInstitut(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("Organisation contains potentail XSS characters: " + check); addActionError(LanguageHelper.getErrorString("validation.edituser.institut.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("Organisation is empty"); @@ -630,7 +630,7 @@ public class IndexAction extends BasicAction { if (!ValidationHelper.isEmailAddressFormat(check)) { log.warn("Mailaddress is not valid: " + check); addActionError(LanguageHelper.getErrorString("validation.edituser.mail.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("Mailaddress is empty"); @@ -642,7 +642,7 @@ public class IndexAction extends BasicAction { if (!ValidationHelper.validatePhoneNumber(check)) { log.warn("No valid Phone Number: " + check); addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("Phonenumber is empty"); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java index c6b0965fe..ca018d5b0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java @@ -132,10 +132,10 @@ public class ListOAsAction extends BasicAction { return Constants.STRUTS_SUCCESS; } else { - if (ValidationHelper.containsPotentialCSSCharacter(friendlyname, false)) { + if (ValidationHelper.containsNotValidCharacter(friendlyname, false)) { log.warn("SearchOA textfield contains potential XSS characters"); addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request)); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request)); return Constants.STRUTS_SUCCESS; } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java index c9a174813..4ef4bc762 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java @@ -94,10 +94,10 @@ public class FormularCustomizationValitator { check = form.getHeader_text(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("HeaderText contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.form.header.text", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -144,10 +144,10 @@ public class FormularCustomizationValitator { check = form.getFontType(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { log.warn("FontType contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.form.fonttype", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); } } @@ -156,7 +156,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.validateNumber(check)) { log.warn("Applet height "+ check + " is no valid number"); errors.add(LanguageHelper.getErrorString("validation.general.form.applet.height", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); } } @@ -165,7 +165,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.validateNumber(check)) { log.warn("Applet width "+ check + " is no valid number"); errors.add(LanguageHelper.getErrorString("validation.general.form.applet.width", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java index 44afd0599..f0594c38d 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java @@ -62,10 +62,10 @@ public class UserDatabaseFormValidator { if (!isPVP2Generated) { check = form.getGivenName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("GivenName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("GivenName is empty"); @@ -75,10 +75,10 @@ public class UserDatabaseFormValidator { check = form.getFamilyName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("FamilyName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("FamilyName is empty"); @@ -89,10 +89,10 @@ public class UserDatabaseFormValidator { if (!isMandateUser) { check = form.getInstitut(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("Organisation contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("Organisation is empty"); @@ -105,7 +105,7 @@ public class UserDatabaseFormValidator { if (!ValidationHelper.isEmailAddressFormat(check)) { log.warn("Mailaddress is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("Mailaddress is empty"); @@ -114,10 +114,10 @@ public class UserDatabaseFormValidator { check = form.getPhone(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("Phonenumber contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("Phonenumber is empty"); @@ -127,10 +127,10 @@ public class UserDatabaseFormValidator { if (form.isIsusernamepasswordallowed()) { check = form.getUsername(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("Username contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } else { UserDatabase dbuser = newConfigRead.getUserWithUserName(check); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index 70c43d9b4..717a0c827 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -55,10 +55,10 @@ public class MOAConfigValidator { String check = form.getSaml1SourceID(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("SAML1 SourceID contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.SAML1SourceID", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -217,10 +217,10 @@ public class MOAConfigValidator { log.info("Empty MOA-SP/SS Authblock TrustProfile"); errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty", request)); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("Authblock TrustProfile is not valid: " +check); errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -229,10 +229,10 @@ public class MOAConfigValidator { log.info("Empty MOA-SP/SS IdentityLink TrustProfile"); errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty", request)); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("IdentityLink TrustProfile is not valid: " +check); errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -241,10 +241,10 @@ public class MOAConfigValidator { log.info("Empty MOA-SP/SS Test-Authblock TrustProfile"); errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty", request)); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("Test-Authblock TrustProfile is not valid: " +check); errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -253,10 +253,10 @@ public class MOAConfigValidator { log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile"); errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty", request)); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("Test-IdentityLink TrustProfile is not valid: " +check); errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -271,28 +271,28 @@ public class MOAConfigValidator { check = form.getPvp2IssuerName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("PVP2 IssuerName is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } check = form.getPvp2OrgDisplayName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("PVP2 organisation display name is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } check = form.getPvp2OrgName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("PVP2 organisation name is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -347,10 +347,10 @@ public class MOAConfigValidator { check = form.getSsoFriendlyName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("SSO friendlyname is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -373,10 +373,10 @@ public class MOAConfigValidator { check = form.getSsoSpecialText(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { log.info("SSO SpecialText is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} , request)); + new Object[] {ValidationHelper.getNotValidCharacter(true)} , request)); } } @@ -388,10 +388,10 @@ public class MOAConfigValidator { } else { if (!ValidationHelper.isValidAdminTarget(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("IdentificationNumber contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } String num = check.replaceAll(" ", ""); @@ -440,7 +440,7 @@ public class MOAConfigValidator { String filename = form.getFileUploadFileName().get(i); if (MiscUtil.isNotEmpty(filename)) { - if (ValidationHelper.containsPotentialCSSCharacter(filename, false)) { + if (ValidationHelper.containsNotValidCharacter(filename, false)) { log.info("SL Transformation Filename is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.filename.valid", request)); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java index e4a091c7e..f7edbee71 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java @@ -52,28 +52,28 @@ public class PVP2ContactValidator { String check = contact.getCompany(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("PVP2 Contact: Company is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } check = contact.getGivenname(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("PVP2 Contact: GivenName is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } check = contact.getSurname(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("PVP2 Contact: SureName is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java index fbd2f3bb3..41fce8e60 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java @@ -38,10 +38,10 @@ public class StorkConfigValidator { // check country code String check = current.getCountryCode(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("CPEPS config countrycode contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } if(!check.toLowerCase().matches("(^[a-z][a-z]$)|(^[a-z][a-z]-[a-z,0-9]*)")) { log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check); @@ -95,10 +95,10 @@ public class StorkConfigValidator { for(StorkAttribute check : form.getAttributes()) { if (check != null && MiscUtil.isNotEmpty(check.getName())) { String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI? - if (ValidationHelper.containsPotentialCSSCharacter(tmp, true)) { + if (ValidationHelper.containsNotValidCharacter(tmp, true)) { log.warn("default attributes contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); } if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) { log.warn("default attributes do not match the requested format : " + check); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java index 7e6396b75..a758088b1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java @@ -140,10 +140,10 @@ public class OAAuthenticationDataValidation { errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate", request)); } - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { log.warn("MandateProfiles contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java index d2dac3b28..2011a07f1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java @@ -66,7 +66,7 @@ public class OAFileUploadValidation { String filename = fileName.get(i); if (MiscUtil.isNotEmpty(filename)) { - if (ValidationHelper.containsPotentialCSSCharacter(filename, false)) { + if (ValidationHelper.containsNotValidCharacter(filename, false)) { log.info("Filename is not valid"); errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".filename.valid", request)); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java index 0062beb96..ca0231577 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java @@ -64,10 +64,10 @@ public class OATargetConfigValidation { errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request)); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("IdentificationNumber contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) { @@ -129,10 +129,10 @@ public class OATargetConfigValidation { //check targetFrindlyName(); check = form.getTargetFriendlyName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("TargetFriendlyName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java index e229b6ef4..c9ad63121 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java @@ -106,13 +106,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme String check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID, getKeyPrefix())); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("SAML1 SourceID contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID, "SAML1 - SourceID", LanguageHelper.getErrorString("validation.general.SAML1SourceID", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } @@ -293,13 +293,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "MOA-SP - AuthBlocktransformation", LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty"))); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("IdentityLinkSigners is not valid: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_AUTHBLOCK_TRANSFORM, "MOA-SP - AuthBlocktransformationx", LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ))); + new Object[] {ValidationHelper.getNotValidCharacter(false)} ))); } } @@ -312,13 +312,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "MOA-SP - TrustProfile AuthBlock", LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty"))); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("Authblock TrustProfile is not valid: " +check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD, "MOA-SP - TrustProfile AuthBlock", LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } @@ -330,13 +330,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "MOA-SP - TrustProfile IdL", LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty"))); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("IdentityLink TrustProfile is not valid: " +check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD, "MOA-SP - TrustProfile IdL", LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } @@ -348,13 +348,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "MOA-SP - Test-TrustProfile AuthBlock", LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty"))); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("Authblock Test-TrustProfile is not valid: " +check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD, "MOA-SP - Test-TrustProfile AuthBlock", LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } @@ -366,13 +366,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "MOA-SP - Test-TrustProfile IdL", LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty"))); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("IdentityLink Test-TrustProfile is not valid: " +check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD, "MOA-SP - Test-TrustProfile IdL", LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } @@ -430,25 +430,25 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_SERVICENAME, getKeyPrefix())); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("SSO friendlyname is not valid: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_SSO_SERVICENAME, "SSO - Servicename", LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT, getKeyPrefix())); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { log.info("SSO SpecialText is not valid: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT, "SSO - AuthBlocktext", LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} ))); + new Object[] {ValidationHelper.getNotValidCharacter(true)} ))); } } @@ -465,13 +465,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme //TODO: maybe store full bPK target (incl. prefix) if (!ValidationHelper.isValidAdminTarget(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("IdentificationNumber contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, "SSO - Target", LanguageHelper.getErrorString("validation.general.sso.target.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } String num = check.replaceAll(" ", ""); diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java index a593b5461..cdd2a7ce2 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java @@ -90,35 +90,35 @@ public class GeneralPVP2XConfigurationTask extends AbstractTaskValidator impleme String check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { logger.info("PVP2 IssuerName is not valid: " + check); errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME, "Service Name", LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { logger.info("PVP2 organisation display name is not valid: " + check); errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME, "Organisation - Full name", LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { logger.info("PVP2 organisation name is not valid: " + check); errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME, "Organisation - Short name", LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } @@ -135,34 +135,34 @@ public class GeneralPVP2XConfigurationTask extends AbstractTaskValidator impleme check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { logger.info("PVP2 Contact: Company is not valid: " + check); errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY, "Contact - Company", LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { logger.info("PVP2 Contact: GivenName is not valid: " + check); errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME, "Contact - GivenName", LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_FAMLIYNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { logger.info("PVP2 Contact: SureName is not valid: " + check); errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_FAMLIYNAME, "Contact - FamilyName", LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java index df67ca2f1..309e0745b 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java @@ -116,14 +116,14 @@ public static final List KEYWHITELIST; log.trace("Extract C-PEPS for country: " + cc + " with URL:" + url); if (!validatedCPeps.containsKey(cc)) { if (MiscUtil.isNotEmpty(cc)) { - if (ValidationHelper.containsPotentialCSSCharacter(cc, false)) { + if (ValidationHelper.containsNotValidCharacter(cc, false)) { log.warn("CPEPS config countrycode contains potentail XSS characters: " + cc); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + "." + cpepsKey, "STORK - CPEPS Country", LanguageHelper.getErrorString("validation.stork.cpeps.cc", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } if(!cc.toLowerCase().matches("(^[a-z][a-z]$)|(^[a-z][a-z]-[a-z,0-9]*)")) { log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + cc); @@ -215,13 +215,13 @@ public static final List KEYWHITELIST; String value = attributeList.get(key); value = value.replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI? if (!validatedAttributes.contains(value)) { - if (ValidationHelper.containsPotentialCSSCharacter(value, true)) { + if (ValidationHelper.containsNotValidCharacter(value, true)) { log.warn("default attributes contains potentail XSS characters: " + value); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, "STORK - Attributes", LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}))); + new Object[] {ValidationHelper.getNotValidCharacter(true)}))); } if(!value.toLowerCase().matches("^[A-Za-z]*$")) { log.warn("default attributes do not match the requested format : " + value); diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java index 05467c3bc..25855dcb6 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java @@ -220,13 +220,13 @@ public class ServicesAuthenticationInformationTask extends AbstractTaskValidator String checkUseMandate = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_USE); if (MiscUtil.isNotEmpty(checkUseMandate) && Boolean.parseBoolean(checkUseMandate)) { check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES); - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { log.warn("MandateProfiles contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES, "Mandates - Profiles", LanguageHelper.getErrorString("validation.general.mandate.profiles", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}) )); } } diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java index f8ce21c99..83e6cb234 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java @@ -153,13 +153,13 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I //validate aditionalAuthBlockText String check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT, "AuthBlock - Addition AuthBlocktext", LanguageHelper.getErrorString("validation.general.aditionalauthblocktext", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } @@ -172,7 +172,7 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I try { String bkuSelectTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME); if (MiscUtil.isNotEmpty(bkuSelectTemplateUploadedFileName)) { - if (ValidationHelper.containsPotentialCSSCharacter(bkuSelectTemplateUploadedFileName, false)) { + if (ValidationHelper.containsNotValidCharacter(bkuSelectTemplateUploadedFileName, false)) { log.info("BKU Selection Filename is not valid"); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME, @@ -221,7 +221,7 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I try { String sendAssertionTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME); if (MiscUtil.isNotEmpty(sendAssertionTemplateUploadedFileName)) { - if (ValidationHelper.containsPotentialCSSCharacter(sendAssertionTemplateUploadedFileName, false)) { + if (ValidationHelper.containsNotValidCharacter(sendAssertionTemplateUploadedFileName, false)) { log.info("Send Assertion Filename is not valid"); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME, @@ -342,13 +342,13 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("HeaderText contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT, "Templates - Header Text", LanguageHelper.getErrorString("validation.general.form.header.text", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } @@ -407,13 +407,13 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { log.warn("FontType contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE, "Templates - Font Type", LanguageHelper.getErrorString("validation.general.form.fonttype", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}) )); } } @@ -425,7 +425,7 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT, "Templates - Applet Height", LanguageHelper.getErrorString("validation.general.form.applet.height", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}) )); } } @@ -437,7 +437,7 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH, "Templates - Applet Width", LanguageHelper.getErrorString("validation.general.form.applet.width", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}) )); } } diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java index 86d047c74..5ff157b3b 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java @@ -107,13 +107,13 @@ public class ServicesGeneralInformationTask extends AbstractTaskValidator implem String check = input.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("OAFriendlyName contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, "FriendlyName", LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } else { log.info("OA friendlyName is empty"); diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java index 5d23a60f6..e8d49a391 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java @@ -113,13 +113,13 @@ public class ServicesTargetTask extends AbstractTaskValidator implements ITaskVa LanguageHelper.getErrorString("validation.general.identificationnumber.empty"))); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("IdentificationNumber contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, "BusinessService - Value", LanguageHelper.getErrorString("validation.general.identificationnumber.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } if (input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE) @@ -142,13 +142,13 @@ public class ServicesTargetTask extends AbstractTaskValidator implements ITaskVa if (MiscUtil.isNotEmpty(useOwnTarget) && Boolean.parseBoolean(useOwnTarget)) { check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("TargetFriendlyName contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME, "Own Target - FriendlyName", LanguageHelper.getErrorString("validation.general.targetfriendlyname", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java index 01ae2a354..0a0c4b06d 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java @@ -22,11 +22,6 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.commons.validation; -import iaik.asn1.ObjectID; -import iaik.utils.Util; -import iaik.x509.X509Certificate; -import iaik.x509.X509ExtensionInitException; - import java.io.IOException; import java.net.MalformedURLException; import java.net.URL; @@ -45,6 +40,10 @@ import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; import at.gv.egovernment.moa.logging.Logger; +import iaik.asn1.ObjectID; +import iaik.utils.Util; +import iaik.x509.X509Certificate; +import iaik.x509.X509ExtensionInitException; public class ValidationHelper { @@ -322,7 +321,7 @@ public class ValidationHelper { return "; % \" ' ` , < > \\"; } - public static boolean containsPotentialCSSCharacter(String param, boolean commaallowed) { + public static boolean containsNotValidCharacter(String param, boolean commaallowed) { if (param == null) { return false; @@ -340,7 +339,7 @@ public class ValidationHelper { param.indexOf("/") != -1; } - public static String getPotentialCSSCharacter(boolean commaallowed) { + public static String getNotValidCharacter(boolean commaallowed) { if (commaallowed) return "; % \" ' ` < > \\ /"; -- cgit v1.2.3 From 868d6e587cb262683a658fdbd56bb752913638b4 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 27 Nov 2017 12:10:05 +0100 Subject: delete old and unused jar's from local repository --- .../MOA/spss/common/3.0.0-RC1/common-3.0.0-RC1.jar | Bin 192309 -> 0 bytes .../MOA/spss/common/3.0.0-RC5/common-3.0.0-RC5.jar | Bin 193264 -> 0 bytes repository/MOA/spss/common/3.0.0/common-3.0.0.jar | Bin 193336 -> 0 bytes .../3.0.0-RC1/moa-sig-lib-3.0.0-RC1.jar | Bin 384648 -> 0 bytes .../3.0.0-RC5/moa-sig-lib-3.0.0-RC5.jar | Bin 392883 -> 0 bytes .../server/moa-sig-lib/3.0.0/moa-sig-lib-3.0.0.jar | Bin 393827 -> 0 bytes .../server/moa-sig-lib/3.0.1/moa-sig-lib-3.0.1.jar | Bin 396504 -> 0 bytes .../2.0.5-RC1/moa-spss-lib-2.0.5-RC1-javadoc.jar | Bin 978350 -> 0 bytes .../2.0.5-RC1/moa-spss-lib-2.0.5-RC1.jar | Bin 371794 -> 0 bytes .../2.0.5/moa-spss-lib-2.0.5-javadoc.jar | Bin 976947 -> 0 bytes .../moa-spss-lib/2.0.5/moa-spss-lib-2.0.5.jar | Bin 381412 -> 0 bytes .../at/gv/util/egovutils/1.0.7/egovutils-1.0.7.jar | Bin 3123386 -> 0 bytes .../at/gv/util/egovutils/1.0.7/egovutils-1.0.7.pom | 85 ------- repository/axis/axis/1.0_IAIK/axis-1.0_IAIK.jar | Bin 1025987 -> 0 bytes repository/axis/axis/1.0_IAIK/axis-1.0_IAIK.pom | 7 - .../axis/axis/1.0_IAIK_1.1/axis-1.0_IAIK_1.1.jar | Bin 1095327 -> 0 bytes .../axis/axis/1.0_IAIK_1.1/axis-1.0_IAIK_1.1.pom | 7 - .../webservices-rt/2.0.1/webservices-rt-2.0.1.jar | Bin 13098832 -> 0 bytes .../webservices-rt/2.0.1/webservices-rt-2.0.1.pom | 9 - .../2.0.1/webservices-tools-2.0.1.jar | Bin 3620372 -> 0 bytes .../2.0.1/webservices-tools-2.0.1.pom | 9 - .../0.2/iaik_X509TrustManager-0.2.jar | Bin 3635 -> 0 bytes .../0.2/iaik_X509TrustManager-0.2.jar.md5 | 1 - .../0.2/iaik_X509TrustManager-0.2.jar.sha1 | 1 - .../0.2/iaik_X509TrustManager-0.2.pom | 7 - .../0.2/iaik_X509TrustManager-0.2.pom.md5 | 1 - .../0.2/iaik_X509TrustManager-0.2.pom.sha1 | 1 - .../prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar | Bin 340782 -> 0 bytes .../iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar.md5 | 1 - .../iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar.sha1 | 1 - .../prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom | 6 - .../iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom.md5 | 1 - .../iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom.sha1 | 1 - .../iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar | Bin 365565 -> 0 bytes .../4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar.md5 | 1 - .../4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar.sha1 | 1 - .../iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom | 6 - .../4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom.md5 | 1 - .../4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom.sha1 | 1 - .../prod/iaik_cms/4.1_MOA/iaik_cms-4.1_MOA.jar | Bin 364606 -> 0 bytes .../prod/iaik_cms/4.1_MOA/iaik_cms-4.1_MOA.pom | 6 - .../2.2b3_tmp/iaik_cpades-2.2b3_tmp.jar | Bin 120778 -> 0 bytes .../3.1_eval/iaik_eccelerate-3.1_eval.jar | Bin 359608 -> 0 bytes .../3.01_eval/iaik_eccelerate_addon-3.01_eval.jar | Bin 77097 -> 0 bytes .../3.01/iaik_eccelerate_cms-3.01.jar | Bin 4501 -> 0 bytes .../3.16_MOA/iaik_jce_full-3.16_MOA.jar | Bin 854872 -> 0 bytes .../3.16_MOA/iaik_jce_full-3.16_MOA.jar.md5 | 1 - .../3.16_MOA/iaik_jce_full-3.16_MOA.jar.sha1 | 1 - .../3.16_MOA/iaik_jce_full-3.16_MOA.pom | 6 - .../3.16_MOA/iaik_jce_full-3.16_MOA.pom.md5 | 1 - .../3.16_MOA/iaik_jce_full-3.16_MOA.pom.sha1 | 1 - .../3.18_MOA/iaik_jce_full-3.18_MOA.jar | Bin 919238 -> 0 bytes .../3.18_MOA/iaik_jce_full-3.18_MOA.jar.md5 | 1 - .../3.18_MOA/iaik_jce_full-3.18_MOA.jar.sha1 | 1 - .../3.18_MOA/iaik_jce_full-3.18_MOA.pom | 6 - .../3.18_MOA/iaik_jce_full-3.18_MOA.pom.md5 | 1 - .../3.18_MOA/iaik_jce_full-3.18_MOA.pom.sha1 | 1 - .../4.0_MOA/iaik_jce_full-4.0_MOA.jar | Bin 999669 -> 0 bytes .../4.0_MOA/iaik_jce_full-4.0_MOA.jar.sha1 | 1 - .../4.0_MOA/iaik_jce_full-4.0_MOA.pom | 6 - .../4.0_MOA/iaik_jce_full-4.0_MOA.pom.sha1 | 1 - .../iaik_jce_full/5.101/iaik_jce_full-5.101.jar | Bin 1115849 -> 0 bytes .../5.101/iaik_jce_full-5.101.jar.md5 | 1 - .../5.101/iaik_jce_full-5.101.jar.sha1 | 1 - .../iaik_jce_full/5.101/iaik_jce_full-5.101.pom | 9 - .../5.101/iaik_jce_full-5.101.pom.md5 | 1 - .../5.101/iaik_jce_full-5.101.pom.sha1 | 1 - .../prod/iaik_jce_full/5.2/iaik_jce_full-5.2.jar | Bin 1123926 -> 0 bytes .../prod/iaik_jce_full/5.2/iaik_jce_full-5.2.pom | 9 - .../5.3_MOA/iaik_jce_full-5.3_MOA.jar | Bin 1160539 -> 0 bytes .../prod/iaik_jce_full/iaik_jce_full-4.0_MOA.jar | Bin 999669 -> 0 bytes .../iaik_jce_full/iaik_jce_full-4.0_MOA.jar.sha1 | 1 - .../prod/iaik_jce_full/iaik_jce_full-4.0_MOA.pom | 6 - .../iaik_jce_full/iaik_jce_full-4.0_MOA.pom.sha1 | 1 - .../iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar | Bin 696910 -> 0 bytes .../iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar.md5 | 1 - .../iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar.sha1 | 1 - .../iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom | 6 - .../iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom.md5 | 1 - .../iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom.sha1 | 1 - .../iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar | Bin 697496 -> 0 bytes .../iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar.md5 | 1 - .../iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar.sha1 | 1 - .../iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom | 7 - .../iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom.md5 | 1 - .../iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom.sha1 | 1 - .../iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar | Bin 710601 -> 0 bytes .../iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar.md5 | 1 - .../iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar.sha1 | 1 - .../iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom | 7 - .../iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom.md5 | 1 - .../iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom.sha1 | 1 - .../iaik/prod/iaik_moa/1.27/iaik_moa-1.27.jar | Bin 711034 -> 0 bytes .../iaik/prod/iaik_moa/1.28/iaik_moa-1.28.jar | Bin 711652 -> 0 bytes .../iaik/prod/iaik_moa/1.28/iaik_moa-1.28.pom | 6 - .../iaik/prod/iaik_moa/1.29/iaik_moa-1.29.jar | Bin 711857 -> 0 bytes .../iaik/prod/iaik_moa/1.29/iaik_moa-1.29.pom | 6 - .../iaik/prod/iaik_moa/1.31/iaik_moa-1.31.jar | Bin 725273 -> 0 bytes .../iaik/prod/iaik_moa/1.31/iaik_moa-1.31.pom | 6 - .../iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar | Bin 729484 -> 0 bytes .../iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar.md5 | 1 - .../iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar.sha1 | 1 - .../iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom | 9 - .../iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom.md5 | 1 - .../iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom.sha1 | 1 - .../prod/iaik_moa/1.32/m2e-lastUpdated.properties | 10 - repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar | Bin 767868 -> 0 bytes .../iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar.md5 | 1 - .../iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar.sha1 | 1 - repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom | 9 - .../iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom.md5 | 1 - .../iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom.sha1 | 1 - .../prod/iaik_moa/1.5/m2e-lastUpdated.properties | 9 - .../iaik/prod/iaik_moa/1.51/iaik_moa-1.51.jar | Bin 768699 -> 0 bytes .../iaik/prod/iaik_moa/1.51/iaik_moa-1.51.pom | 9 - .../iaik/prod/iaik_moa/2.00/iaik_moa-2.00.jar | Bin 513660 -> 0 bytes .../iaik/prod/iaik_moa/2.01/iaik_moa-2.01.jar | Bin 518680 -> 0 bytes .../1.00_moa/iaik_pki_module-1.00_moa.jar | Bin 587551 -> 0 bytes .../1.01_moa/iaik_pki_module-1.01_moa.jar | Bin 587665 -> 0 bytes .../1.02_moa/iaik_pki_module-1.02_moa.jar | Bin 598025 -> 0 bytes .../0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar | Bin 543360 -> 0 bytes .../0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar.md5 | 1 - .../iaik_tsl-0.0.2-SNAPSHOT.jar.sha1 | 1 - .../0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom | 9 - .../0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom.md5 | 1 - .../iaik_tsl-0.0.2-SNAPSHOT.pom.sha1 | 1 - .../0.0.2-SNAPSHOT/maven-metadata-local.xml | 12 - .../0.0.2-SNAPSHOT/resolver-status.properties | 3 - repository/iaik/prod/iaik_tsl/1.0/iaik_tsl-1.0.jar | Bin 558131 -> 0 bytes repository/iaik/prod/iaik_tsl/1.0/iaik_tsl-1.0.pom | 251 --------------------- .../prod/iaik_tsl/1.1_moa/iaik_tsl-1.1_moa.jar | Bin 558558 -> 0 bytes .../iaik/prod/iaik_tsl/maven-metadata-local.xml | 12 - .../20160408_eval/iaik_xades-20160408_eval.jar | Bin 312190 -> 0 bytes .../iaik_xsect-2.10_20160408_eval.jar | Bin 422263 -> 0 bytes .../3.7.8-SNAPSHOT/maven-metadata-local.xml | 12 - .../3.7.8-SNAPSHOT/resolver-status.properties | 3 - .../3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar | Bin 3516830 -> 0 bytes .../sqlite-jdbc-3.7.8-SNAPSHOT.jar.md5 | 1 - .../sqlite-jdbc-3.7.8-SNAPSHOT.jar.sha1 | 1 - .../3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom | 9 - .../sqlite-jdbc-3.7.8-SNAPSHOT.pom.md5 | 1 - .../sqlite-jdbc-3.7.8-SNAPSHOT.pom.sha1 | 1 - .../xerial/sqlite-jdbc/maven-metadata-local.xml | 12 - 143 files changed, 647 deletions(-) delete mode 100644 repository/MOA/spss/common/3.0.0-RC1/common-3.0.0-RC1.jar delete mode 100644 repository/MOA/spss/common/3.0.0-RC5/common-3.0.0-RC5.jar delete mode 100644 repository/MOA/spss/common/3.0.0/common-3.0.0.jar delete mode 100644 repository/MOA/spss/server/moa-sig-lib/3.0.0-RC1/moa-sig-lib-3.0.0-RC1.jar delete mode 100644 repository/MOA/spss/server/moa-sig-lib/3.0.0-RC5/moa-sig-lib-3.0.0-RC5.jar delete mode 100644 repository/MOA/spss/server/moa-sig-lib/3.0.0/moa-sig-lib-3.0.0.jar delete mode 100644 repository/MOA/spss/server/moa-sig-lib/3.0.1/moa-sig-lib-3.0.1.jar delete mode 100644 repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1-javadoc.jar delete mode 100644 repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1.jar delete mode 100644 repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5-javadoc.jar delete mode 100644 repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5.jar delete mode 100644 repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.jar delete mode 100644 repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.pom delete mode 100644 repository/axis/axis/1.0_IAIK/axis-1.0_IAIK.jar delete mode 100644 repository/axis/axis/1.0_IAIK/axis-1.0_IAIK.pom delete mode 100644 repository/axis/axis/1.0_IAIK_1.1/axis-1.0_IAIK_1.1.jar delete mode 100644 repository/axis/axis/1.0_IAIK_1.1/axis-1.0_IAIK_1.1.pom delete mode 100644 repository/com/sun/webservices-rt/2.0.1/webservices-rt-2.0.1.jar delete mode 100644 repository/com/sun/webservices-rt/2.0.1/webservices-rt-2.0.1.pom delete mode 100644 repository/com/sun/webservices-tools/2.0.1/webservices-tools-2.0.1.jar delete mode 100644 repository/com/sun/webservices-tools/2.0.1/webservices-tools-2.0.1.pom delete mode 100644 repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.jar delete mode 100644 repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.jar.md5 delete mode 100644 repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.pom delete mode 100644 repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.pom.md5 delete mode 100644 repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar delete mode 100644 repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar.md5 delete mode 100644 repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom delete mode 100644 repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom.md5 delete mode 100644 repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar delete mode 100644 repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar.md5 delete mode 100644 repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom delete mode 100644 repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom.md5 delete mode 100644 repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_cms/4.1_MOA/iaik_cms-4.1_MOA.jar delete mode 100644 repository/iaik/prod/iaik_cms/4.1_MOA/iaik_cms-4.1_MOA.pom delete mode 100644 repository/iaik/prod/iaik_cpades/2.2b3_tmp/iaik_cpades-2.2b3_tmp.jar delete mode 100644 repository/iaik/prod/iaik_eccelerate/3.1_eval/iaik_eccelerate-3.1_eval.jar delete mode 100644 repository/iaik/prod/iaik_eccelerate_addon/3.01_eval/iaik_eccelerate_addon-3.01_eval.jar delete mode 100644 repository/iaik/prod/iaik_eccelerate_cms/3.01/iaik_eccelerate_cms-3.01.jar delete mode 100644 repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.jar delete mode 100644 repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.jar.md5 delete mode 100644 repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.pom delete mode 100644 repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.pom.md5 delete mode 100644 repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.jar delete mode 100644 repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.jar.md5 delete mode 100644 repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.pom delete mode 100644 repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.pom.md5 delete mode 100644 repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.jar delete mode 100644 repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.pom delete mode 100644 repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.jar delete mode 100644 repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.jar.md5 delete mode 100644 repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.pom delete mode 100644 repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.pom.md5 delete mode 100644 repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_jce_full/5.2/iaik_jce_full-5.2.jar delete mode 100644 repository/iaik/prod/iaik_jce_full/5.2/iaik_jce_full-5.2.pom delete mode 100644 repository/iaik/prod/iaik_jce_full/5.3_MOA/iaik_jce_full-5.3_MOA.jar delete mode 100644 repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.jar delete mode 100644 repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.pom delete mode 100644 repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar delete mode 100644 repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar.md5 delete mode 100644 repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom delete mode 100644 repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom.md5 delete mode 100644 repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar delete mode 100644 repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar.md5 delete mode 100644 repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom delete mode 100644 repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom.md5 delete mode 100644 repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar delete mode 100644 repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar.md5 delete mode 100644 repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom delete mode 100644 repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom.md5 delete mode 100644 repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_moa/1.27/iaik_moa-1.27.jar delete mode 100644 repository/iaik/prod/iaik_moa/1.28/iaik_moa-1.28.jar delete mode 100644 repository/iaik/prod/iaik_moa/1.28/iaik_moa-1.28.pom delete mode 100644 repository/iaik/prod/iaik_moa/1.29/iaik_moa-1.29.jar delete mode 100644 repository/iaik/prod/iaik_moa/1.29/iaik_moa-1.29.pom delete mode 100644 repository/iaik/prod/iaik_moa/1.31/iaik_moa-1.31.jar delete mode 100644 repository/iaik/prod/iaik_moa/1.31/iaik_moa-1.31.pom delete mode 100644 repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar delete mode 100644 repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar.md5 delete mode 100644 repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom delete mode 100644 repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom.md5 delete mode 100644 repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_moa/1.32/m2e-lastUpdated.properties delete mode 100644 repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar delete mode 100644 repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar.md5 delete mode 100644 repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom delete mode 100644 repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom.md5 delete mode 100644 repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_moa/1.5/m2e-lastUpdated.properties delete mode 100644 repository/iaik/prod/iaik_moa/1.51/iaik_moa-1.51.jar delete mode 100644 repository/iaik/prod/iaik_moa/1.51/iaik_moa-1.51.pom delete mode 100644 repository/iaik/prod/iaik_moa/2.00/iaik_moa-2.00.jar delete mode 100644 repository/iaik/prod/iaik_moa/2.01/iaik_moa-2.01.jar delete mode 100644 repository/iaik/prod/iaik_pki_module/1.00_moa/iaik_pki_module-1.00_moa.jar delete mode 100644 repository/iaik/prod/iaik_pki_module/1.01_moa/iaik_pki_module-1.01_moa.jar delete mode 100644 repository/iaik/prod/iaik_pki_module/1.02_moa/iaik_pki_module-1.02_moa.jar delete mode 100644 repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar delete mode 100644 repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar.md5 delete mode 100644 repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar.sha1 delete mode 100644 repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom delete mode 100644 repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom.md5 delete mode 100644 repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom.sha1 delete mode 100644 repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/maven-metadata-local.xml delete mode 100644 repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/resolver-status.properties delete mode 100644 repository/iaik/prod/iaik_tsl/1.0/iaik_tsl-1.0.jar delete mode 100644 repository/iaik/prod/iaik_tsl/1.0/iaik_tsl-1.0.pom delete mode 100644 repository/iaik/prod/iaik_tsl/1.1_moa/iaik_tsl-1.1_moa.jar delete mode 100644 repository/iaik/prod/iaik_tsl/maven-metadata-local.xml delete mode 100644 repository/iaik/prod/iaik_xades/20160408_eval/iaik_xades-20160408_eval.jar delete mode 100644 repository/iaik/prod/iaik_xsect/2.10_20160408_eval/iaik_xsect-2.10_20160408_eval.jar delete mode 100644 repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/maven-metadata-local.xml delete mode 100644 repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/resolver-status.properties delete mode 100644 repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar delete mode 100644 repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar.md5 delete mode 100644 repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar.sha1 delete mode 100644 repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom delete mode 100644 repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom.md5 delete mode 100644 repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom.sha1 delete mode 100644 repository/org/xerial/sqlite-jdbc/maven-metadata-local.xml diff --git a/repository/MOA/spss/common/3.0.0-RC1/common-3.0.0-RC1.jar b/repository/MOA/spss/common/3.0.0-RC1/common-3.0.0-RC1.jar deleted file mode 100644 index 46b4118cd..000000000 Binary files a/repository/MOA/spss/common/3.0.0-RC1/common-3.0.0-RC1.jar and /dev/null differ diff --git a/repository/MOA/spss/common/3.0.0-RC5/common-3.0.0-RC5.jar b/repository/MOA/spss/common/3.0.0-RC5/common-3.0.0-RC5.jar deleted file mode 100644 index 07f59e006..000000000 Binary files a/repository/MOA/spss/common/3.0.0-RC5/common-3.0.0-RC5.jar and /dev/null differ diff --git a/repository/MOA/spss/common/3.0.0/common-3.0.0.jar b/repository/MOA/spss/common/3.0.0/common-3.0.0.jar deleted file mode 100644 index dafb5aef7..000000000 Binary files a/repository/MOA/spss/common/3.0.0/common-3.0.0.jar and /dev/null differ diff --git a/repository/MOA/spss/server/moa-sig-lib/3.0.0-RC1/moa-sig-lib-3.0.0-RC1.jar b/repository/MOA/spss/server/moa-sig-lib/3.0.0-RC1/moa-sig-lib-3.0.0-RC1.jar deleted file mode 100644 index 6ed6a8c44..000000000 Binary files a/repository/MOA/spss/server/moa-sig-lib/3.0.0-RC1/moa-sig-lib-3.0.0-RC1.jar and /dev/null differ diff --git a/repository/MOA/spss/server/moa-sig-lib/3.0.0-RC5/moa-sig-lib-3.0.0-RC5.jar b/repository/MOA/spss/server/moa-sig-lib/3.0.0-RC5/moa-sig-lib-3.0.0-RC5.jar deleted file mode 100644 index 16112cd27..000000000 Binary files a/repository/MOA/spss/server/moa-sig-lib/3.0.0-RC5/moa-sig-lib-3.0.0-RC5.jar and /dev/null differ diff --git a/repository/MOA/spss/server/moa-sig-lib/3.0.0/moa-sig-lib-3.0.0.jar b/repository/MOA/spss/server/moa-sig-lib/3.0.0/moa-sig-lib-3.0.0.jar deleted file mode 100644 index d89f547aa..000000000 Binary files a/repository/MOA/spss/server/moa-sig-lib/3.0.0/moa-sig-lib-3.0.0.jar and /dev/null differ diff --git a/repository/MOA/spss/server/moa-sig-lib/3.0.1/moa-sig-lib-3.0.1.jar b/repository/MOA/spss/server/moa-sig-lib/3.0.1/moa-sig-lib-3.0.1.jar deleted file mode 100644 index 7cae9b26d..000000000 Binary files a/repository/MOA/spss/server/moa-sig-lib/3.0.1/moa-sig-lib-3.0.1.jar and /dev/null differ diff --git a/repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1-javadoc.jar b/repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1-javadoc.jar deleted file mode 100644 index 27f46cda4..000000000 Binary files a/repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1-javadoc.jar and /dev/null differ diff --git a/repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1.jar b/repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1.jar deleted file mode 100644 index aa3999f19..000000000 Binary files a/repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1.jar and /dev/null differ diff --git a/repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5-javadoc.jar b/repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5-javadoc.jar deleted file mode 100644 index f166efece..000000000 Binary files a/repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5-javadoc.jar and /dev/null differ diff --git a/repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5.jar b/repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5.jar deleted file mode 100644 index f57276444..000000000 Binary files a/repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5.jar and /dev/null differ diff --git a/repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.jar b/repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.jar deleted file mode 100644 index 1ed9e413f..000000000 Binary files a/repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.jar and /dev/null differ diff --git a/repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.pom b/repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.pom deleted file mode 100644 index ffad37237..000000000 --- a/repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.pom +++ /dev/null @@ -1,85 +0,0 @@ - - - 4.0.0 - at.gv.util - egovutils - 1.0.7 - zuseutil - http://maven.apache.org - - UTF-8 - - - - xerces - xercesImpl - 2.11.0 - - - xalan - xalan - 2.7.1 - - - com.sun - webservices-tools - 2.0.1 - - - com.sun - webservices-rt - 2.0.1 - - - commons-validator - commons-validator - 1.4.0 - - - commons-beanutils - commons-beanutils - 1.9.2 - - - bouncycastle - bcprov-jdk16 - 140 - - - org.slf4j - slf4j-api - 1.7.7 - - - org.slf4j - slf4j-log4j12 - 1.7.7 - - - javax.servlet - servlet-api - 2.5 - provided - - - commons-codec - commons-codec - 1.9 - - - commons-lang - commons-lang - 2.6 - jar - compile - - - commons-httpclient - commons-httpclient - 3.1 - - - - diff --git a/repository/axis/axis/1.0_IAIK/axis-1.0_IAIK.jar b/repository/axis/axis/1.0_IAIK/axis-1.0_IAIK.jar deleted file mode 100644 index a354bf718..000000000 Binary files a/repository/axis/axis/1.0_IAIK/axis-1.0_IAIK.jar and /dev/null differ diff --git a/repository/axis/axis/1.0_IAIK/axis-1.0_IAIK.pom b/repository/axis/axis/1.0_IAIK/axis-1.0_IAIK.pom deleted file mode 100644 index 51dd78d1e..000000000 --- a/repository/axis/axis/1.0_IAIK/axis-1.0_IAIK.pom +++ /dev/null @@ -1,7 +0,0 @@ - - 4.0.0 - axis - axis - 1.0_IAIK - AXIS 1.0 patched - diff --git a/repository/axis/axis/1.0_IAIK_1.1/axis-1.0_IAIK_1.1.jar b/repository/axis/axis/1.0_IAIK_1.1/axis-1.0_IAIK_1.1.jar deleted file mode 100644 index 7aefe85c1..000000000 Binary files a/repository/axis/axis/1.0_IAIK_1.1/axis-1.0_IAIK_1.1.jar and /dev/null differ diff --git a/repository/axis/axis/1.0_IAIK_1.1/axis-1.0_IAIK_1.1.pom b/repository/axis/axis/1.0_IAIK_1.1/axis-1.0_IAIK_1.1.pom deleted file mode 100644 index 5aa7bc508..000000000 --- a/repository/axis/axis/1.0_IAIK_1.1/axis-1.0_IAIK_1.1.pom +++ /dev/null @@ -1,7 +0,0 @@ - - 4.0.0 - axis - axis - 1.0_IAIK_1.1 - AXIS 1.0 patched(1.1) (XXE attacks) - diff --git a/repository/com/sun/webservices-rt/2.0.1/webservices-rt-2.0.1.jar b/repository/com/sun/webservices-rt/2.0.1/webservices-rt-2.0.1.jar deleted file mode 100644 index c7b70869f..000000000 Binary files a/repository/com/sun/webservices-rt/2.0.1/webservices-rt-2.0.1.jar and /dev/null differ diff --git a/repository/com/sun/webservices-rt/2.0.1/webservices-rt-2.0.1.pom b/repository/com/sun/webservices-rt/2.0.1/webservices-rt-2.0.1.pom deleted file mode 100644 index 22fe5d78e..000000000 --- a/repository/com/sun/webservices-rt/2.0.1/webservices-rt-2.0.1.pom +++ /dev/null @@ -1,9 +0,0 @@ - - - 4.0.0 - com.sun - webservices-rt - 2.0.1 - POM was created by Sonatype Nexus - diff --git a/repository/com/sun/webservices-tools/2.0.1/webservices-tools-2.0.1.jar b/repository/com/sun/webservices-tools/2.0.1/webservices-tools-2.0.1.jar deleted file mode 100644 index 651722d87..000000000 Binary files a/repository/com/sun/webservices-tools/2.0.1/webservices-tools-2.0.1.jar and /dev/null differ diff --git a/repository/com/sun/webservices-tools/2.0.1/webservices-tools-2.0.1.pom b/repository/com/sun/webservices-tools/2.0.1/webservices-tools-2.0.1.pom deleted file mode 100644 index a7db1c6b2..000000000 --- a/repository/com/sun/webservices-tools/2.0.1/webservices-tools-2.0.1.pom +++ /dev/null @@ -1,9 +0,0 @@ - - - 4.0.0 - com.sun - webservices-tools - 2.0.1 - POM was created by Sonatype Nexus - diff --git a/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.jar b/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.jar deleted file mode 100644 index 0c2d98400..000000000 Binary files a/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.jar.md5 b/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.jar.md5 deleted file mode 100644 index 03de5944e..000000000 --- a/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -2def897df8ea889bd1160cd311b61a42 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.jar.sha1 b/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.jar.sha1 deleted file mode 100644 index 80aa2ea09..000000000 --- a/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -39bfb3145140f6b53f3a15f9236b3c507049d2f5 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.pom b/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.pom deleted file mode 100644 index f4c3c25cd..000000000 --- a/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.pom +++ /dev/null @@ -1,7 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_X509TrustManager - 0.2 - POM was created from install:install-file - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.pom.md5 b/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.pom.md5 deleted file mode 100644 index 4ad6445ba..000000000 --- a/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -aaaaff7a5d6a29d0a4256527a8616ef4 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.pom.sha1 b/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.pom.sha1 deleted file mode 100644 index a51e29ffa..000000000 --- a/repository/iaik/prod/iaik_X509TrustManager/0.2/iaik_X509TrustManager-0.2.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -4252e14194fb7fc66b91331015cebc9a9e1b2e9b \ No newline at end of file diff --git a/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar b/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar deleted file mode 100644 index cc5b36c98..000000000 Binary files a/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar.md5 b/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar.md5 deleted file mode 100644 index 81c1a3bc7..000000000 --- a/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -3e2a79017366f887b3bbe4483d44f954 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar.sha1 b/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar.sha1 deleted file mode 100644 index 687c5d2b5..000000000 --- a/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -55005815b937cb6951bec229ae07ec5add519832 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom b/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom deleted file mode 100644 index c4920ae4a..000000000 --- a/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom +++ /dev/null @@ -1,6 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_cms - 4.01_MOA - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom.md5 b/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom.md5 deleted file mode 100644 index 3894d9d06..000000000 --- a/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -1bb62e794f864f86e5d97e563d1800bf \ No newline at end of file diff --git a/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom.sha1 b/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom.sha1 deleted file mode 100644 index 189f21722..000000000 --- a/repository/iaik/prod/iaik_cms/4.01_MOA/iaik_cms-4.01_MOA.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -fc1b35563e2fa452a82e5f9c5b474cad7f1dc397 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar b/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar deleted file mode 100644 index 91ad9505d..000000000 Binary files a/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar.md5 b/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar.md5 deleted file mode 100644 index 9ca556e54..000000000 --- a/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -89895bd5cf39659b32a5eaa23ab7a241 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar.sha1 b/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar.sha1 deleted file mode 100644 index 29d414fd9..000000000 --- a/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -7796f42059f77249baa7cfe75326a7f5f1742821 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom b/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom deleted file mode 100644 index 29b57342a..000000000 --- a/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom +++ /dev/null @@ -1,6 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_cms - 4.01_MOA_SV - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom.md5 b/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom.md5 deleted file mode 100644 index 8ed1e29bd..000000000 --- a/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -b2746e061aa5cf7c05b1504d8d80c0db \ No newline at end of file diff --git a/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom.sha1 b/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom.sha1 deleted file mode 100644 index 5a2f4a10e..000000000 --- a/repository/iaik/prod/iaik_cms/4.01_MOA_SV/iaik_cms-4.01_MOA_SV.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -5b4a31ca81d6880390d2e6a3f9131410dad9cfbb \ No newline at end of file diff --git a/repository/iaik/prod/iaik_cms/4.1_MOA/iaik_cms-4.1_MOA.jar b/repository/iaik/prod/iaik_cms/4.1_MOA/iaik_cms-4.1_MOA.jar deleted file mode 100644 index 8d41ba860..000000000 Binary files a/repository/iaik/prod/iaik_cms/4.1_MOA/iaik_cms-4.1_MOA.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_cms/4.1_MOA/iaik_cms-4.1_MOA.pom b/repository/iaik/prod/iaik_cms/4.1_MOA/iaik_cms-4.1_MOA.pom deleted file mode 100644 index 19c21e912..000000000 --- a/repository/iaik/prod/iaik_cms/4.1_MOA/iaik_cms-4.1_MOA.pom +++ /dev/null @@ -1,6 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_cms - 4.1_MOA - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_cpades/2.2b3_tmp/iaik_cpades-2.2b3_tmp.jar b/repository/iaik/prod/iaik_cpades/2.2b3_tmp/iaik_cpades-2.2b3_tmp.jar deleted file mode 100644 index 914bc5426..000000000 Binary files a/repository/iaik/prod/iaik_cpades/2.2b3_tmp/iaik_cpades-2.2b3_tmp.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_eccelerate/3.1_eval/iaik_eccelerate-3.1_eval.jar b/repository/iaik/prod/iaik_eccelerate/3.1_eval/iaik_eccelerate-3.1_eval.jar deleted file mode 100644 index 0ec311030..000000000 Binary files a/repository/iaik/prod/iaik_eccelerate/3.1_eval/iaik_eccelerate-3.1_eval.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_eccelerate_addon/3.01_eval/iaik_eccelerate_addon-3.01_eval.jar b/repository/iaik/prod/iaik_eccelerate_addon/3.01_eval/iaik_eccelerate_addon-3.01_eval.jar deleted file mode 100644 index bd57ff24c..000000000 Binary files a/repository/iaik/prod/iaik_eccelerate_addon/3.01_eval/iaik_eccelerate_addon-3.01_eval.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_eccelerate_cms/3.01/iaik_eccelerate_cms-3.01.jar b/repository/iaik/prod/iaik_eccelerate_cms/3.01/iaik_eccelerate_cms-3.01.jar deleted file mode 100644 index 3c9ac8325..000000000 Binary files a/repository/iaik/prod/iaik_eccelerate_cms/3.01/iaik_eccelerate_cms-3.01.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.jar b/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.jar deleted file mode 100644 index 4cb8ce274..000000000 Binary files a/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.jar.md5 b/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.jar.md5 deleted file mode 100644 index 16c49ae10..000000000 --- a/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -eb3456b843ffe6a7f6bb0a96579fbc56 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.jar.sha1 b/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.jar.sha1 deleted file mode 100644 index f001288ea..000000000 --- a/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -9d6ed37423e93765e38fa8791278ba43d3e6c320 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.pom b/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.pom deleted file mode 100644 index ae3f8e03a..000000000 --- a/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.pom +++ /dev/null @@ -1,6 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_jce_full - 3.16_MOA - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.pom.md5 b/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.pom.md5 deleted file mode 100644 index dacc772d7..000000000 --- a/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -c4474c1a43d0b50ebdafaebebb190c06 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.pom.sha1 b/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.pom.sha1 deleted file mode 100644 index 4f3bdee9b..000000000 --- a/repository/iaik/prod/iaik_jce_full/3.16_MOA/iaik_jce_full-3.16_MOA.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -ba6cad038de86b5a0a726df0f7c95e1d99d7f5e7 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.jar b/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.jar deleted file mode 100644 index 4a0aa89c7..000000000 Binary files a/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.jar.md5 b/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.jar.md5 deleted file mode 100644 index 656260f63..000000000 --- a/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -B8CD86C18E600501E61BF894541B7586 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.jar.sha1 b/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.jar.sha1 deleted file mode 100644 index 594674c0e..000000000 --- a/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -EC96520B6269A0D38788DF0A259B9C09E3FCC9E3 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.pom b/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.pom deleted file mode 100644 index 5fef87d52..000000000 --- a/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.pom +++ /dev/null @@ -1,6 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_jce_full - 3.18_MOA - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.pom.md5 b/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.pom.md5 deleted file mode 100644 index 3520099ae..000000000 --- a/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -98B885777FB5879B69DA1237B4D8FA27 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.pom.sha1 b/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.pom.sha1 deleted file mode 100644 index d18c1dcce..000000000 --- a/repository/iaik/prod/iaik_jce_full/3.18_MOA/iaik_jce_full-3.18_MOA.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -3B91CD08B81AEBF56AE12E440B8D339C2B8C4D0A \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.jar b/repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.jar deleted file mode 100644 index bacb70edc..000000000 Binary files a/repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.jar.sha1 b/repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.jar.sha1 deleted file mode 100644 index 0248d3cbe..000000000 --- a/repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -4a893ba4503786d33bbca85b82d16927adc6d6a6 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.pom b/repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.pom deleted file mode 100644 index 9610b3951..000000000 --- a/repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.pom +++ /dev/null @@ -1,6 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_jce_full - 4.0_MOA - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.pom.sha1 b/repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.pom.sha1 deleted file mode 100644 index 33eae7f2e..000000000 --- a/repository/iaik/prod/iaik_jce_full/4.0_MOA/iaik_jce_full-4.0_MOA.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -567fb4bf4a266d5b4eafbbc582972dbc2fad7195 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.jar b/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.jar deleted file mode 100644 index fd0457332..000000000 Binary files a/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.jar.md5 b/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.jar.md5 deleted file mode 100644 index 9c56fb171..000000000 --- a/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -af60ce7b632e2f9871e0a66caf61d6f5 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.jar.sha1 b/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.jar.sha1 deleted file mode 100644 index 9f9892687..000000000 --- a/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -219988809f988c415491cecf007663c838cba88e \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.pom b/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.pom deleted file mode 100644 index 7ca126e32..000000000 --- a/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.pom +++ /dev/null @@ -1,9 +0,0 @@ - - - 4.0.0 - iaik.prod - iaik_jce_full - 5.101 - POM was created from install:install-file - diff --git a/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.pom.md5 b/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.pom.md5 deleted file mode 100644 index 554ae2add..000000000 --- a/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -85210f5905c1b5b256c49ef421135393 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.pom.sha1 b/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.pom.sha1 deleted file mode 100644 index ba732463f..000000000 --- a/repository/iaik/prod/iaik_jce_full/5.101/iaik_jce_full-5.101.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -e40fc538b46ef614833d2cc38349b32e3ee691c3 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/5.2/iaik_jce_full-5.2.jar b/repository/iaik/prod/iaik_jce_full/5.2/iaik_jce_full-5.2.jar deleted file mode 100644 index c10f494ff..000000000 Binary files a/repository/iaik/prod/iaik_jce_full/5.2/iaik_jce_full-5.2.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_jce_full/5.2/iaik_jce_full-5.2.pom b/repository/iaik/prod/iaik_jce_full/5.2/iaik_jce_full-5.2.pom deleted file mode 100644 index f12cc5542..000000000 --- a/repository/iaik/prod/iaik_jce_full/5.2/iaik_jce_full-5.2.pom +++ /dev/null @@ -1,9 +0,0 @@ - - - 4.0.0 - iaik.prod - iaik_jce_full - 5.2 - POM was created from install:install-file - diff --git a/repository/iaik/prod/iaik_jce_full/5.3_MOA/iaik_jce_full-5.3_MOA.jar b/repository/iaik/prod/iaik_jce_full/5.3_MOA/iaik_jce_full-5.3_MOA.jar deleted file mode 100644 index 736981acc..000000000 Binary files a/repository/iaik/prod/iaik_jce_full/5.3_MOA/iaik_jce_full-5.3_MOA.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.jar b/repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.jar deleted file mode 100644 index bacb70edc..000000000 Binary files a/repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.jar.sha1 b/repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.jar.sha1 deleted file mode 100644 index 0248d3cbe..000000000 --- a/repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -4a893ba4503786d33bbca85b82d16927adc6d6a6 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.pom b/repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.pom deleted file mode 100644 index 4e0b27a6c..000000000 --- a/repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.pom +++ /dev/null @@ -1,6 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_jce_full - 4.0_MOA - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.pom.sha1 b/repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.pom.sha1 deleted file mode 100644 index 33eae7f2e..000000000 --- a/repository/iaik/prod/iaik_jce_full/iaik_jce_full-4.0_MOA.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -567fb4bf4a266d5b4eafbbc582972dbc2fad7195 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar b/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar deleted file mode 100644 index fba7fde77..000000000 Binary files a/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar.md5 b/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar.md5 deleted file mode 100644 index 2355476d5..000000000 --- a/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -a947a334136d608e7b519b4214333c27 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar.sha1 b/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar.sha1 deleted file mode 100644 index 04a4e73d8..000000000 --- a/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -9212660edcd77ad844069b9e334074f8af5cada2 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom b/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom deleted file mode 100644 index 1230c7915..000000000 --- a/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom +++ /dev/null @@ -1,6 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_moa - 1.23 - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom.md5 b/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom.md5 deleted file mode 100644 index 922df4439..000000000 --- a/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -3a1ed73f234e7cce43769eb35ef3a3d6 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom.sha1 b/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom.sha1 deleted file mode 100644 index cf6a691bb..000000000 --- a/repository/iaik/prod/iaik_moa/1.23/iaik_moa-1.23.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -a8d15530dbfea7443f2f8e1eea07388cc7b98d97 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar b/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar deleted file mode 100644 index afc65d15d..000000000 Binary files a/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar.md5 b/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar.md5 deleted file mode 100644 index 6635b65a9..000000000 --- a/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -b650ef016f467c14c9eb324426da1bb0 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar.sha1 b/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar.sha1 deleted file mode 100644 index 951fd3373..000000000 --- a/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -bb5b1e76f8f15890daa92268d870b9a479771d6d \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom b/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom deleted file mode 100644 index 5b274e9c9..000000000 --- a/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom +++ /dev/null @@ -1,7 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_moa - 1.24 - POM was created from install:install-file - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom.md5 b/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom.md5 deleted file mode 100644 index 4a8e46e2b..000000000 --- a/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -70403182e82cbed8ba878db087813cbc \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom.sha1 b/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom.sha1 deleted file mode 100644 index d17b6a43d..000000000 --- a/repository/iaik/prod/iaik_moa/1.24/iaik_moa-1.24.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -5d8db6c590778d2a4d277a9f802c05ed1ab12e07 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar b/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar deleted file mode 100644 index 081b1de49..000000000 Binary files a/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar.md5 b/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar.md5 deleted file mode 100644 index 733571ded..000000000 --- a/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -2DAE775314F1B40FA0FCEA54D8768280 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar.sha1 b/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar.sha1 deleted file mode 100644 index a5afe4d9c..000000000 --- a/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -BCA16470663CD25252BAF084FCE63BA6CC82A6F7 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom b/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom deleted file mode 100644 index e6d1c2263..000000000 --- a/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom +++ /dev/null @@ -1,7 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_moa - 1.26 - POM was created from install:install-file - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom.md5 b/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom.md5 deleted file mode 100644 index 733571ded..000000000 --- a/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -2DAE775314F1B40FA0FCEA54D8768280 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom.sha1 b/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom.sha1 deleted file mode 100644 index a5afe4d9c..000000000 --- a/repository/iaik/prod/iaik_moa/1.26/iaik_moa-1.26.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -BCA16470663CD25252BAF084FCE63BA6CC82A6F7 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.27/iaik_moa-1.27.jar b/repository/iaik/prod/iaik_moa/1.27/iaik_moa-1.27.jar deleted file mode 100644 index 0f4f153e1..000000000 Binary files a/repository/iaik/prod/iaik_moa/1.27/iaik_moa-1.27.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_moa/1.28/iaik_moa-1.28.jar b/repository/iaik/prod/iaik_moa/1.28/iaik_moa-1.28.jar deleted file mode 100644 index 15d117873..000000000 Binary files a/repository/iaik/prod/iaik_moa/1.28/iaik_moa-1.28.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_moa/1.28/iaik_moa-1.28.pom b/repository/iaik/prod/iaik_moa/1.28/iaik_moa-1.28.pom deleted file mode 100644 index 51b55a52f..000000000 --- a/repository/iaik/prod/iaik_moa/1.28/iaik_moa-1.28.pom +++ /dev/null @@ -1,6 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_moa - 1.28 - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.29/iaik_moa-1.29.jar b/repository/iaik/prod/iaik_moa/1.29/iaik_moa-1.29.jar deleted file mode 100644 index 95a6773a6..000000000 Binary files a/repository/iaik/prod/iaik_moa/1.29/iaik_moa-1.29.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_moa/1.29/iaik_moa-1.29.pom b/repository/iaik/prod/iaik_moa/1.29/iaik_moa-1.29.pom deleted file mode 100644 index e94fe3f49..000000000 --- a/repository/iaik/prod/iaik_moa/1.29/iaik_moa-1.29.pom +++ /dev/null @@ -1,6 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_moa - 1.29 - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.31/iaik_moa-1.31.jar b/repository/iaik/prod/iaik_moa/1.31/iaik_moa-1.31.jar deleted file mode 100644 index 07aa937c3..000000000 Binary files a/repository/iaik/prod/iaik_moa/1.31/iaik_moa-1.31.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_moa/1.31/iaik_moa-1.31.pom b/repository/iaik/prod/iaik_moa/1.31/iaik_moa-1.31.pom deleted file mode 100644 index baa924c02..000000000 --- a/repository/iaik/prod/iaik_moa/1.31/iaik_moa-1.31.pom +++ /dev/null @@ -1,6 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_moa - 1.31 - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar deleted file mode 100644 index 32e60a6fa..000000000 Binary files a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar.md5 b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar.md5 deleted file mode 100644 index 8419ad45f..000000000 --- a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -2ba4953b48519859c12f592e20d1170f \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar.sha1 b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar.sha1 deleted file mode 100644 index 42c556093..000000000 --- a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -1ea3dfb5cf7980bef810599668b908f4e35faff8 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom deleted file mode 100644 index 97393614f..000000000 --- a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom +++ /dev/null @@ -1,9 +0,0 @@ - - - 4.0.0 - iaik.prod - iaik_moa - 1.32 - POM was created from install:install-file - diff --git a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom.md5 b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom.md5 deleted file mode 100644 index e3a68c7fd..000000000 --- a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -a03dd95996a14f07b1f1e1b7fd98912b \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom.sha1 b/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom.sha1 deleted file mode 100644 index e00945b47..000000000 --- a/repository/iaik/prod/iaik_moa/1.32/iaik_moa-1.32.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -d8b9485e65e2a84aa7edf5243de6aaf41a2e7618 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.32/m2e-lastUpdated.properties b/repository/iaik/prod/iaik_moa/1.32/m2e-lastUpdated.properties deleted file mode 100644 index 0bc0b0a6c..000000000 --- a/repository/iaik/prod/iaik_moa/1.32/m2e-lastUpdated.properties +++ /dev/null @@ -1,10 +0,0 @@ -#Thu Jul 18 07:34:24 CEST 2013 -iaikInternal|tlenz|http\://nexus.iaik.tugraz.at/nexus/content/groups/internal|sources=1374125664765 -central|http\://repo1.maven.org/maven2/|sources=1374125664765 -MOA|file\://D\:\\Projekte\\svn\\moa-id\\moa-idspss\\common/../repository|sources=1374125664765 -shibboleth.internet2.edu|https\://build.shibboleth.net/nexus/content/groups/public/|sources=1374125664765 -iaik3rd\ Party|tlenz|http\://nexus/nexus/content/repositories/thirdparty|sources=1374125664765 -iaikPublic|tlenz|http\://nexus.iaik.tugraz.at/nexus/content/groups/public|sources=1374125664765 -java.net-Public|https\://maven.java.net/content/groups/public/|sources=1374125664765 -hyberjaxb|http\://repository.highsource.org/maven2/releases/|sources=1374125664765 -iaikLibs|tlenz|http\://nexus/nexus/content/repositories/iaik|sources=1374125664765 diff --git a/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar b/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar deleted file mode 100644 index f6864c9c2..000000000 Binary files a/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar.md5 b/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar.md5 deleted file mode 100644 index 83d2687ab..000000000 --- a/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -991b90b2e379270abd9a7fbeb7820ac8 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar.sha1 b/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar.sha1 deleted file mode 100644 index e8fb9d47f..000000000 --- a/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -dc87fadbd50c9549f96b238830526bf470a89201 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom b/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom deleted file mode 100644 index 5661eeda3..000000000 --- a/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom +++ /dev/null @@ -1,9 +0,0 @@ - - - 4.0.0 - iaik.prod - iaik_moa - 1.5 - POM was created from install:install-file - diff --git a/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom.md5 b/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom.md5 deleted file mode 100644 index 5c3ab00ad..000000000 --- a/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -21650af41d52222d315568a424266fb6 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom.sha1 b/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom.sha1 deleted file mode 100644 index 3435065de..000000000 --- a/repository/iaik/prod/iaik_moa/1.5/iaik_moa-1.5.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -b24c98f538e82790db37b83e784919b68f652a82 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_moa/1.5/m2e-lastUpdated.properties b/repository/iaik/prod/iaik_moa/1.5/m2e-lastUpdated.properties deleted file mode 100644 index 1c0e7bd32..000000000 --- a/repository/iaik/prod/iaik_moa/1.5/m2e-lastUpdated.properties +++ /dev/null @@ -1,9 +0,0 @@ -#Wed Sep 04 11:14:45 CEST 2013 -java.net-Public|https\://maven.java.net/content/groups/public/|sources=1378286085859 -iaikLibs|tlenz|http\://nexus/nexus/content/repositories/iaik|sources=1378286085859 -iaik3rd\ Party|tlenz|http\://nexus/nexus/content/repositories/thirdparty|sources=1378286085859 -iaikPublic|tlenz|http\://nexus.iaik.tugraz.at/nexus/content/groups/public|sources=1378286085859 -shibboleth.internet2.edu|https\://build.shibboleth.net/nexus/content/groups/public/|sources=1378286085859 -central|http\://repo1.maven.org/maven2/|sources=1378286085859 -hyberjaxb|http\://repository.highsource.org/maven2/releases/|sources=1378286085859 -iaikInternal|tlenz|http\://nexus.iaik.tugraz.at/nexus/content/groups/internal|sources=1378286085859 diff --git a/repository/iaik/prod/iaik_moa/1.51/iaik_moa-1.51.jar b/repository/iaik/prod/iaik_moa/1.51/iaik_moa-1.51.jar deleted file mode 100644 index 3e94e44a5..000000000 Binary files a/repository/iaik/prod/iaik_moa/1.51/iaik_moa-1.51.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_moa/1.51/iaik_moa-1.51.pom b/repository/iaik/prod/iaik_moa/1.51/iaik_moa-1.51.pom deleted file mode 100644 index ccfb5558c..000000000 --- a/repository/iaik/prod/iaik_moa/1.51/iaik_moa-1.51.pom +++ /dev/null @@ -1,9 +0,0 @@ - - - 4.0.0 - iaik.prod - iaik_moa - 1.51 - POM was created from install:install-file - diff --git a/repository/iaik/prod/iaik_moa/2.00/iaik_moa-2.00.jar b/repository/iaik/prod/iaik_moa/2.00/iaik_moa-2.00.jar deleted file mode 100644 index 7cd630564..000000000 Binary files a/repository/iaik/prod/iaik_moa/2.00/iaik_moa-2.00.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_moa/2.01/iaik_moa-2.01.jar b/repository/iaik/prod/iaik_moa/2.01/iaik_moa-2.01.jar deleted file mode 100644 index 52b3b850a..000000000 Binary files a/repository/iaik/prod/iaik_moa/2.01/iaik_moa-2.01.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_pki_module/1.00_moa/iaik_pki_module-1.00_moa.jar b/repository/iaik/prod/iaik_pki_module/1.00_moa/iaik_pki_module-1.00_moa.jar deleted file mode 100644 index 6e13efa81..000000000 Binary files a/repository/iaik/prod/iaik_pki_module/1.00_moa/iaik_pki_module-1.00_moa.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_pki_module/1.01_moa/iaik_pki_module-1.01_moa.jar b/repository/iaik/prod/iaik_pki_module/1.01_moa/iaik_pki_module-1.01_moa.jar deleted file mode 100644 index cc0705915..000000000 Binary files a/repository/iaik/prod/iaik_pki_module/1.01_moa/iaik_pki_module-1.01_moa.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_pki_module/1.02_moa/iaik_pki_module-1.02_moa.jar b/repository/iaik/prod/iaik_pki_module/1.02_moa/iaik_pki_module-1.02_moa.jar deleted file mode 100644 index cc32a7470..000000000 Binary files a/repository/iaik/prod/iaik_pki_module/1.02_moa/iaik_pki_module-1.02_moa.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar b/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar deleted file mode 100644 index 241dbff7f..000000000 Binary files a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar.md5 b/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar.md5 deleted file mode 100644 index e89eb733d..000000000 --- a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -d61e17cfab195ace55d6aab4134057cc \ No newline at end of file diff --git a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar.sha1 b/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar.sha1 deleted file mode 100644 index c07abd7e7..000000000 --- a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -ba408f6a16ddf375c6dc8c5925bee66a2fef0bf9 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom b/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom deleted file mode 100644 index 6e923d489..000000000 --- a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom +++ /dev/null @@ -1,9 +0,0 @@ - - - 4.0.0 - iaik.prod - iaik_tsl - 0.0.2-SNAPSHOT - POM was created from install:install-file - diff --git a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom.md5 b/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom.md5 deleted file mode 100644 index c33b19dcf..000000000 --- a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -e045e46303c2c1bb348b5137489b209e \ No newline at end of file diff --git a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom.sha1 b/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom.sha1 deleted file mode 100644 index 2f3293a26..000000000 --- a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/iaik_tsl-0.0.2-SNAPSHOT.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -31236933e6104b6165e39b1184c04c41132b6c24 \ No newline at end of file diff --git a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/maven-metadata-local.xml b/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/maven-metadata-local.xml deleted file mode 100644 index 3e04f192d..000000000 --- a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/maven-metadata-local.xml +++ /dev/null @@ -1,12 +0,0 @@ - - - iaik.prod - iaik_tsl - 0.0.2-SNAPSHOT - - - true - - 20121227131129 - - diff --git a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/resolver-status.properties b/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/resolver-status.properties deleted file mode 100644 index acb8f4807..000000000 --- a/repository/iaik/prod/iaik_tsl/0.0.2-SNAPSHOT/resolver-status.properties +++ /dev/null @@ -1,3 +0,0 @@ -#Last modified on: Thu Dec 27 14:05:37 CET 2012 -#Thu Dec 27 14:05:37 CET 2012 -MOA.maven-metadata-MOA.xml.lastUpdated=1356613537913 diff --git a/repository/iaik/prod/iaik_tsl/1.0/iaik_tsl-1.0.jar b/repository/iaik/prod/iaik_tsl/1.0/iaik_tsl-1.0.jar deleted file mode 100644 index 2d661e8d6..000000000 Binary files a/repository/iaik/prod/iaik_tsl/1.0/iaik_tsl-1.0.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_tsl/1.0/iaik_tsl-1.0.pom b/repository/iaik/prod/iaik_tsl/1.0/iaik_tsl-1.0.pom deleted file mode 100644 index e7cd54c8d..000000000 --- a/repository/iaik/prod/iaik_tsl/1.0/iaik_tsl-1.0.pom +++ /dev/null @@ -1,251 +0,0 @@ - - 4.0.0 - iaik.prod - iaik_tsl - jar - 1.0 - TSL_library - - - UTF-8 - UTF-8 - ${project.build.directory}/endorsed - - - - - - - true - src/main/resources - - - - ${project.artifactId} - - - - maven-dependency-plugin - - - copy-dependencies - validate - - copy-dependencies - - - ${endorsed.dir} - true - jaxb-api,jaxb-impl - - - - - - - maven-resources-plugin - 2.5 - - UTF-8 - - - - org.apache.maven.plugins - maven-compiler-plugin - 3.0 - - - - ${endorsed.dir} - - ${java.version} - ${java.version} - true - ${java.version} - ${project.build.sourceEncoding} - - - - - org.apache.maven.plugins - maven-enforcer-plugin - 1.2 - - - enforce-versions - - enforce - - - - - 1.5 - - - - - - - - - - - org.eclipse.m2e - lifecycle-mapping - 1.0.0 - - - - - - org.apache.maven.plugins - maven-dependency-plugin - [2.0,) - - copy-dependencies - - - - - - - - - - - - - - - - - profile-for-jdk1.6 - - false - [1.6,) - - - 1.6 - jdk${java.version} - - - ${project.artifactId}-${project.version}-${envClassifier} - - - - - javax.xml.bind - jaxb-api - 2.2.6 - - - com.sun.xml.bind - jaxb-impl - 2.2.6 - - - - - - profile-for-jdk1.5 - - true - (,1.5] - - - 1.5 - jdk${java.version} - - - ${project.artifactId}-${project.version}-${envClassifier} - - - - - javax.xml.bind - jaxb-api - 2.2.4 - - - com.sun.xml.bind - jaxb-impl - 2.2.4-1 - - - - - - - - - iaik - iaik_xsect_eval - 1.1709142 - - - iaik - iaik_ecc_signed - 2.19 - - - iaik - iaik_jce_eval_signed - 3.181 - - - iaik - iaik_pki_module - 1.0 - - - iaik - iaik_javax_crypto - 1.0 - - - iaik - iaik_util - - 0.23 - - - iaik - iaik_jsse - 4.4 - - - iaik - iaik_ssl - 4.4 - - - iaik - w3c_http - 1.0 - - - org.xerial - sqlite-jdbc - 3.7.2 - - - - - javax.activation - activation - 1.1.1 - - - stax - stax-api - 1.0.1 - - - xerces - xercesImpl - 2.7.1 - - - - \ No newline at end of file diff --git a/repository/iaik/prod/iaik_tsl/1.1_moa/iaik_tsl-1.1_moa.jar b/repository/iaik/prod/iaik_tsl/1.1_moa/iaik_tsl-1.1_moa.jar deleted file mode 100644 index b4eb067cf..000000000 Binary files a/repository/iaik/prod/iaik_tsl/1.1_moa/iaik_tsl-1.1_moa.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_tsl/maven-metadata-local.xml b/repository/iaik/prod/iaik_tsl/maven-metadata-local.xml deleted file mode 100644 index ba442c16e..000000000 --- a/repository/iaik/prod/iaik_tsl/maven-metadata-local.xml +++ /dev/null @@ -1,12 +0,0 @@ - - - iaik.prod - iaik_tsl - 0.0.2-SNAPSHOT - - - 0.0.2-SNAPSHOT - - 20121227131129 - - diff --git a/repository/iaik/prod/iaik_xades/20160408_eval/iaik_xades-20160408_eval.jar b/repository/iaik/prod/iaik_xades/20160408_eval/iaik_xades-20160408_eval.jar deleted file mode 100644 index 2ac459ce1..000000000 Binary files a/repository/iaik/prod/iaik_xades/20160408_eval/iaik_xades-20160408_eval.jar and /dev/null differ diff --git a/repository/iaik/prod/iaik_xsect/2.10_20160408_eval/iaik_xsect-2.10_20160408_eval.jar b/repository/iaik/prod/iaik_xsect/2.10_20160408_eval/iaik_xsect-2.10_20160408_eval.jar deleted file mode 100644 index 1f93b7c2d..000000000 Binary files a/repository/iaik/prod/iaik_xsect/2.10_20160408_eval/iaik_xsect-2.10_20160408_eval.jar and /dev/null differ diff --git a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/maven-metadata-local.xml b/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/maven-metadata-local.xml deleted file mode 100644 index 1a07edf04..000000000 --- a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/maven-metadata-local.xml +++ /dev/null @@ -1,12 +0,0 @@ - - - org.xerial - sqlite-jdbc - 3.7.8-SNAPSHOT - - - true - - 20121227132151 - - diff --git a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/resolver-status.properties b/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/resolver-status.properties deleted file mode 100644 index bf40cd793..000000000 --- a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/resolver-status.properties +++ /dev/null @@ -1,3 +0,0 @@ -#Last modified on: Thu Dec 27 12:24:22 CET 2012 -#Thu Dec 27 12:24:22 CET 2012 -MOA.maven-metadata-MOA.xml.lastUpdated=1356607462439 diff --git a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar b/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar deleted file mode 100644 index bcea83745..000000000 Binary files a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar and /dev/null differ diff --git a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar.md5 b/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar.md5 deleted file mode 100644 index 78dcc204f..000000000 --- a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar.md5 +++ /dev/null @@ -1 +0,0 @@ -73e977c31630c2bebb4a476665bbf7fb \ No newline at end of file diff --git a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar.sha1 b/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar.sha1 deleted file mode 100644 index 59e8f1e98..000000000 --- a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -7193374401097a37e24bc30a961c19e1af732493 \ No newline at end of file diff --git a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom b/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom deleted file mode 100644 index 3f3f3b91b..000000000 --- a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom +++ /dev/null @@ -1,9 +0,0 @@ - - - 4.0.0 - org.xerial - sqlite-jdbc - 3.7.8-SNAPSHOT - POM was created from install:install-file - diff --git a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom.md5 b/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom.md5 deleted file mode 100644 index 219a81671..000000000 --- a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom.md5 +++ /dev/null @@ -1 +0,0 @@ -2f52b7cb16e62c757bd1db86a2f8e407 \ No newline at end of file diff --git a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom.sha1 b/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom.sha1 deleted file mode 100644 index 5580b6c42..000000000 --- a/repository/org/xerial/sqlite-jdbc/3.7.8-SNAPSHOT/sqlite-jdbc-3.7.8-SNAPSHOT.pom.sha1 +++ /dev/null @@ -1 +0,0 @@ -8d25a1093d4bb59daac35b0355851e162ce4c8c2 \ No newline at end of file diff --git a/repository/org/xerial/sqlite-jdbc/maven-metadata-local.xml b/repository/org/xerial/sqlite-jdbc/maven-metadata-local.xml deleted file mode 100644 index ed1392d3a..000000000 --- a/repository/org/xerial/sqlite-jdbc/maven-metadata-local.xml +++ /dev/null @@ -1,12 +0,0 @@ - - - org.xerial - sqlite-jdbc - 3.7.8-SNAPSHOT - - - 3.7.8-SNAPSHOT - - 20121227132151 - - -- cgit v1.2.3 From 366c463274f3ca06d500c59c0839feb225b4e0b5 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 27 Nov 2017 12:11:45 +0100 Subject: add escaping on some places --- .../auth/pvp2/servlets/SLOBackChannelServlet.java | 9 ++-- .../moa/id/auth/servlet/AbstractController.java | 4 +- .../WebFrontEndSecurityInterceptor.java | 3 +- .../AbstractGUIFormBuilderConfiguration.java | 3 +- ...roviderSpecificGUIFormBuilderConfiguration.java | 27 +++++++++- .../DefaultGUIFormBuilderConfiguration.java | 20 +++++++- ...PSpecificGUIBuilderConfigurationWithDBLoad.java | 2 +- .../main/resources/mainGUI/iframeLBKUdetect.html | 3 +- .../ssotransfer/servlet/SSOTransferServlet.java | 58 +++++++++++----------- .../auth/modules/ssotransfer/utils/GUIUtils.java | 2 +- 10 files changed, 87 insertions(+), 44 deletions(-) diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java index 17d3d9e50..f2c95f391 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java @@ -33,6 +33,7 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.commons.lang.StringEscapeUtils; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.saml2.binding.encoding.HTTPSOAP11Encoder; @@ -144,19 +145,19 @@ public class SLOBackChannelServlet extends SLOBasicServlet { } catch (MessageDecodingException | SecurityException | NoSuchAlgorithmException | ConfigurationException | ValidationException e) { log.error("SLO message processing FAILED." , e); - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (CertificateException e) { log.error("SLO message processing FAILED." , e); - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (KeyStoreException e) { log.error("SLO message processing FAILED." , e); - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (MessageEncodingException e) { log.error("SLO message processing FAILED." , e); - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e.getMessage())); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java index 67611dd72..dcf337213 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java @@ -91,7 +91,7 @@ public abstract class AbstractController extends MOAIDAuthConstants { resp.setContentType(MediaType.HTML_UTF_8.toString()); resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Internal Server Error!" + "(Errorcode=9199" - +" | Description="+ exception.getMessage() + ")"); + +" | Description="+ StringEscapeUtils.escapeHtml(exception.getMessage()) + ")"); return; } @@ -318,7 +318,7 @@ public abstract class AbstractController extends MOAIDAuthConstants { if (e instanceof ProtocolNotActiveException) { resp.getWriter().write(e.getMessage()); resp.setContentType(MediaType.HTML_UTF_8.toString()); - resp.sendError(HttpServletResponse.SC_FORBIDDEN, e.getMessage()); + resp.sendError(HttpServletResponse.SC_FORBIDDEN, StringEscapeUtils.escapeHtml(e.getMessage())); } else if (e instanceof AuthnRequestValidatorException) { AuthnRequestValidatorException ex = (AuthnRequestValidatorException)e; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/WebFrontEndSecurityInterceptor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/WebFrontEndSecurityInterceptor.java index 2976dc420..c8c6c1fb5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/WebFrontEndSecurityInterceptor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/WebFrontEndSecurityInterceptor.java @@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.auth.servlet.interceptor; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.commons.lang.StringEscapeUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; @@ -76,7 +77,7 @@ public class WebFrontEndSecurityInterceptor implements HandlerInterceptor { Logger.info(errorMsg); response.sendError( HttpServletResponse.SC_FORBIDDEN, - errorMsg); + StringEscapeUtils.escapeHtml(errorMsg)); return false; } else { diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractGUIFormBuilderConfiguration.java index 52c1f0f97..d57834192 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractGUIFormBuilderConfiguration.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractGUIFormBuilderConfiguration.java @@ -70,7 +70,8 @@ public abstract class AbstractGUIFormBuilderConfiguration implements IGUIBuilder /** - * Define the parameters, which should be evaluated in the template + * Define the parameters, which should be evaluated in the template
+ * IMPORTANT: external HTML escapetion is required, because it is NOT done internally during the building process * * @return Map of parameters, which should be added to template */ diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java index 15bc92a54..ad068ac49 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java @@ -65,6 +65,7 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration protected IRequest pendingReq = null; protected String templateClasspahtDir = null; + private Map customParameters = null; /** * @param authURL PublicURLPrefix of the IDP but never null @@ -91,11 +92,29 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration } + /** + * Add a key/value pair into Velocity context.
+ * Parameter values get escaped internally + * + * @param key velocity context key + * @param value of this key + */ + public void putCustomParameter(String key, Object value) { + if (customParameters == null) + customParameters = new HashMap(); + + if (value instanceof String) + customParameters.put(key, StringEscapeUtils.escapeHtml((String)value)); + else + customParameters.put(key, StringEscapeUtils.escapeHtml(value.toString())); + + } + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration#getViewParameters() */ @Override - public Map getSpecificViewParameters() { + public final Map getSpecificViewParameters() { Map params = new HashMap(); params.put(PARAM_BKU_ONLINE, IOAAuthParameters.THIRDBKU); params.put(PARAM_BKU_HANDY, IOAAuthParameters.HANDYBKU); @@ -107,7 +126,7 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration //add service-provider specific GUI parameters IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); if (oaParam != null) { - params.put(PARAM_OANAME, oaParam.getFriendlyName()); + params.put(PARAM_OANAME, StringEscapeUtils.escapeHtml(oaParam.getFriendlyName())); //set BKU URLs if (MiscUtil.isNotEmpty(oaParam.getBKUURL(IOAAuthParameters.LOCALBKU))) @@ -138,6 +157,10 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration } + //add additional custom parameters + if (customParameters != null) + params.putAll(customParameters); + return params; } diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java index 0c07ad3fb..901dbae53 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java @@ -77,13 +77,31 @@ public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderCo * @param key velocity context key * @param value of this key */ - public void putCustomParameter(String key, Object value) { + public void putCustomParameterWithOutEscaption(String key, Object value) { if (customParameters == null) customParameters = new HashMap(); customParameters.put(key, value); } + /** + * Add a key/value pair into Velocity context.
+ * All parameters get escaped internally + * + * @param key velocity context key + * @param value of this key + */ + public void putCustomParameter(String key, Object value) { + if (customParameters == null) + customParameters = new HashMap(); + + if (value instanceof String) + customParameters.put(key, StringEscapeUtils.escapeHtml((String)value)); + else + customParameters.put(key, StringEscapeUtils.escapeHtml(value.toString())); + + } + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration#getViewParameters() */ diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/SPSpecificGUIBuilderConfigurationWithDBLoad.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/SPSpecificGUIBuilderConfigurationWithDBLoad.java index 13d8d3bb7..0215afc41 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/SPSpecificGUIBuilderConfigurationWithDBLoad.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/SPSpecificGUIBuilderConfigurationWithDBLoad.java @@ -56,7 +56,7 @@ public class SPSpecificGUIBuilderConfigurationWithDBLoad extends AbstractService super(pendingReq, viewName, formSubmitEndpoint); } - + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.auth.frontend.AbstractGUIFormBuilder#getTemplate(java.lang.String) */ diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/iframeLBKUdetect.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/iframeLBKUdetect.html index 261e19a33..f54484307 100644 --- a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/iframeLBKUdetect.html +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/iframeLBKUdetect.html @@ -9,7 +9,6 @@ bkuport = (bkuprot == "https:" ? 3496 : 3495); bkupath = "https-security-layer-request"; bkuurl = bkuprot + "//" + bkuhost + ":" + bkuport + "/" + bkupath; - baseurl = location.href.substr(0, location.href.lastIndexOf("/")); //--> @@ -20,7 +19,7 @@ parent.setBKUAvailable(false); document.write('
'); document.write(''); - document.write(''); + document.write(''); document.write('
'); try { document.bkudetectform.submit(); diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java index a37beac70..dc55df05b 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java @@ -160,15 +160,15 @@ public class SSOTransferServlet{ } catch (MOAIDException | MOADatabaseException e) { e.printStackTrace(); - resp.sendError(500, e.getMessage()); + resp.sendError(500, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (NoSuchAlgorithmException | InvalidParameterSpecException e) { e.printStackTrace(); - resp.sendError(500, e.getMessage()); + resp.sendError(500, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (Exception e) { e.printStackTrace(); - resp.sendError(500, e.getMessage()); + resp.sendError(500, StringEscapeUtils.escapeHtml(e.getMessage())); } } @@ -221,51 +221,51 @@ public class SSOTransferServlet{ } catch (OperatorCreationException e) { Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (CredentialsNotAvailableException e) { Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (PKCSException e) { Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (CertificateException e) { Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (InvalidKeyException e) { Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (NoSuchAlgorithmException e) { Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (InvalidKeySpecException e) { Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (SessionDataStorageException e) { Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (ParseException e) { Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (IllegalBlockSizeException e) { Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (BadPaddingException e) { Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (NoSuchPaddingException e) { Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } @@ -323,50 +323,50 @@ public class SSOTransferServlet{ } catch (OperatorCreationException e) { // TODO Auto-generated catch block e.printStackTrace(); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (CredentialsNotAvailableException e) { // TODO Auto-generated catch block e.printStackTrace(); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (PKCSException e) { // TODO Auto-generated catch block e.printStackTrace(); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (CertificateException e) { // TODO Auto-generated catch block e.printStackTrace(); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (InvalidKeyException e) { // TODO Auto-generated catch block e.printStackTrace(); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace(); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (InvalidKeySpecException e) { // TODO Auto-generated catch block e.printStackTrace(); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (SessionDataStorageException e) { e.printStackTrace(); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (IllegalBlockSizeException e) { e.printStackTrace(); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (BadPaddingException e) { e.printStackTrace(); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (NoSuchPaddingException e) { e.printStackTrace(); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage())); } @@ -423,15 +423,15 @@ public class SSOTransferServlet{ } catch (MOAIDException | MOADatabaseException e) { e.printStackTrace(); - resp.sendError(500, e.getMessage()); + resp.sendError(500, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (NoSuchAlgorithmException | InvalidParameterSpecException e) { e.printStackTrace(); - resp.sendError(500, e.getMessage()); + resp.sendError(500, StringEscapeUtils.escapeHtml(e.getMessage())); } catch (Exception e) { e.printStackTrace(); - resp.sendError(500, e.getMessage()); + resp.sendError(500, StringEscapeUtils.escapeHtml(e.getMessage())); } } diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java index 13a278d1d..fe164c514 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java @@ -105,7 +105,7 @@ public class GUIUtils { config.putCustomParameter("QRImage", base64EncodedImage); config.putCustomParameter("successMsg", "Select the SSO Session in your SSO-Transfer App and scan the QR-Code to start the process."); - config.putCustomParameter("timeoutURL", containerURL); + config.putCustomParameterWithOutEscaption("timeoutURL", containerURL); config.putCustomParameter("timeout", REFESH_TIMEOUT); guiBuilder.build(response, config, "SSO-Transfer-Module"); -- cgit v1.2.3 From 75c7ab602fe14d56217f268ea80e787a5316288a Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 27 Nov 2017 15:30:31 +0100 Subject: fix nullpointer in MandateNaturalPersonBPKAttributeBuilder.java --- .../MandateNaturalPersonBPKAttributeBuilder.java | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java index 6ac517e19..ad469921c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java @@ -57,15 +57,21 @@ public class MandateNaturalPersonBPKAttributeBuilder implements IPVPAttributeBui if (MiscUtil.isEmpty(bpk)) throw new UnavailableAttributeException(BPK_NAME); - - if (type.startsWith(Constants.URN_PREFIX_WBPK)) - type = type.substring((Constants.URN_PREFIX_WBPK + "+").length()); - else if (type.startsWith(Constants.URN_PREFIX_CDID)) - type = type.substring((Constants.URN_PREFIX_CDID + "+").length()); + if (type != null) { + if (type.startsWith(Constants.URN_PREFIX_WBPK)) + type = type.substring((Constants.URN_PREFIX_WBPK + "+").length()); + + else if (type.startsWith(Constants.URN_PREFIX_CDID)) + type = type.substring((Constants.URN_PREFIX_CDID + "+").length()); - else if (type.startsWith(Constants.URN_PREFIX_EIDAS)) - type = type.substring((Constants.URN_PREFIX_EIDAS + "+").length()); + else if (type.startsWith(Constants.URN_PREFIX_EIDAS)) + type = type.substring((Constants.URN_PREFIX_EIDAS + "+").length()); + + } else { + Logger.debug("bPK type is 'null' --> use it as it is"); + + } if (bpk.length() > BPK_MAX_LENGTH) { bpk = bpk.substring(0, BPK_MAX_LENGTH); -- cgit v1.2.3 From f6ef9b2e21af5a55b9f2b360de3cff38c56904d6 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 27 Nov 2017 15:33:37 +0100 Subject: add some more escaptions --- .../configuration/struts/action/IndexAction.java | 32 ++---- .../id/auth/builder/AuthenticationDataBuilder.java | 1 + .../id/auth/servlet/IDPSingleLogOutServlet.java | 4 +- .../gv/egovernment/moa/id/data/EncryptedData.java | 9 +- .../moa/id/moduls/AuthenticationManager.java | 4 +- .../moa/id/storage/DBTransactionStorage.java | 112 +++++++++++++++------ .../moa/id/storage/ITransactionStorage.java | 4 + .../moa/id/util/AbstractEncrytionUtil.java | 25 +++-- .../java/at/gv/egovernment/moa/id/util/Random.java | 12 ++- .../src/test/java/test/MOAIDTestCase.java | 3 +- .../java/at/gv/egovernment/moa/logging/Logger.java | 5 +- .../java/at/gv/egovernment/moa/util/FileUtils.java | 35 +------ .../test/at/gv/egovernment/moa/util/FileUtils.java | 72 +++++++++++++ .../at/gv/egovernment/moa/util/URLDecoderTest.java | 2 - .../at/gv/egovernment/moa/util/URLEncoderTest.java | 1 - .../main/resources/mainGUI/iframeLBKUdetect.html | 2 +- .../moa/id/auth/AuthenticationServer.java | 11 +- .../ssotransfer/servlet/SSOTransferServlet.java | 2 +- .../auth/modules/ssotransfer/utils/GUIUtils.java | 2 +- 19 files changed, 225 insertions(+), 113 deletions(-) create mode 100644 id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/FileUtils.java diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index df1786402..bf75a3068 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -39,7 +39,6 @@ import org.apache.log4j.Logger; import org.joda.time.DateTime; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; -import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; import org.opensaml.saml2.core.Attribute; import org.opensaml.saml2.core.AttributeStatement; @@ -51,34 +50,18 @@ import org.opensaml.saml2.core.StatusCode; import org.opensaml.saml2.core.Subject; import org.opensaml.saml2.encryption.Decrypter; import org.opensaml.saml2.encryption.EncryptedElementTypeEncryptedKeyResolver; -import org.opensaml.saml2.metadata.IDPSSODescriptor; -import org.opensaml.security.MetadataCredentialResolver; -import org.opensaml.security.MetadataCredentialResolverFactory; -import org.opensaml.security.MetadataCriteria; -import org.opensaml.security.SAMLSignatureProfileValidator; import org.opensaml.ws.transport.http.HttpServletRequestAdapter; import org.opensaml.xml.encryption.ChainingEncryptedKeyResolver; import org.opensaml.xml.encryption.InlineEncryptedKeyResolver; import org.opensaml.xml.encryption.SimpleRetrievalMethodEncryptedKeyResolver; import org.opensaml.xml.parse.BasicParserPool; -import org.opensaml.xml.security.CriteriaSet; -import org.opensaml.xml.security.credential.UsageType; -import org.opensaml.xml.security.criteria.EntityIDCriteria; -import org.opensaml.xml.security.criteria.UsageCriteria; -import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver; -import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver; -import org.opensaml.xml.security.keyinfo.KeyInfoProvider; import org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver; -import org.opensaml.xml.security.keyinfo.provider.DSAKeyValueProvider; -import org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider; -import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider; import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter; import org.opensaml.xml.security.x509.X509Credential; import org.opensaml.xml.signature.Signature; -import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine; -import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; @@ -86,7 +69,6 @@ import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.auth.AuthenticationManager; import at.gv.egovernment.moa.id.configuration.auth.pvp2.PVP2Utils; -import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper; @@ -160,7 +142,7 @@ public class IndexAction extends BasicAction { if (MiscUtil.isNotEmpty(username)) { if (ValidationHelper.containsNotValidCharacter(username, false)) { - log.warn("Username contains potentail XSS characters: " + username); + log.warn("Username contains potentail XSS characters: " + StringEscapeUtils.escapeHtml(username)); addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid", new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); return Constants.STRUTS_ERROR; @@ -197,13 +179,13 @@ public class IndexAction extends BasicAction { dbuser.setIsUsernamePasswordAllowed(true); if (!dbuser.isIsActive() || !dbuser.isIsUsernamePasswordAllowed()) { - log.warn("Username " + dbuser.getUsername() + " is not active or Username/Password login is not allowed"); + log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + " is not active or Username/Password login is not allowed"); addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); return Constants.STRUTS_ERROR; } if (!dbuser.getPassword().equals(key)) { - log.warn("Username " + dbuser.getUsername() + " use a false password"); + log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + " use a false password"); addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); return Constants.STRUTS_ERROR; } @@ -615,7 +597,7 @@ public class IndexAction extends BasicAction { check = user.getInstitut(); if (MiscUtil.isNotEmpty(check)) { if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("Organisation contains potentail XSS characters: " + check); + log.warn("Organisation contains potentail XSS characters: " + StringEscapeUtils.escapeHtml(check)); addActionError(LanguageHelper.getErrorString("validation.edituser.institut.valid", new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } @@ -628,7 +610,7 @@ public class IndexAction extends BasicAction { check = user.getMail(); if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.isEmailAddressFormat(check)) { - log.warn("Mailaddress is not valid: " + check); + log.warn("Mailaddress is not valid: " + StringEscapeUtils.escapeHtml(check)); addActionError(LanguageHelper.getErrorString("validation.edituser.mail.valid", new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } @@ -640,7 +622,7 @@ public class IndexAction extends BasicAction { check = user.getPhone(); if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validatePhoneNumber(check)) { - log.warn("No valid Phone Number: " + check); + log.warn("No valid Phone Number: " + StringEscapeUtils.escapeHtml(check)); addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid", new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 5a5d0bcf6..cc716f9f8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -352,6 +352,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { authData.setBkuURL(session.getGenericDataFromSession(PVPConstants.EID_CCS_URL_NAME, String.class)); + //TODO: fully switch from STORK QAA to eIDAS LoA //#################################################### //set QAA level includedToGenericAuthData.remove(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java index 19f3fdc54..0397bd501 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java @@ -117,7 +117,7 @@ public class IDPSingleLogOutServlet extends AbstractController { config.putCustomParameter("successMsg", MOAIDMessageProvider.getInstance().getMessage("slo.00", null)); else - config.putCustomParameter("errorMsg", + config.putCustomParameterWithOutEscaption("errorMsg", MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); guiBuilder.build(resp, config, "Single-LogOut GUI"); @@ -213,7 +213,7 @@ public class IDPSingleLogOutServlet extends AbstractController { DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, null); - config.putCustomParameter("errorMsg", + config.putCustomParameterWithOutEscaption("errorMsg", MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); guiBuilder.build(resp, config, "Single-LogOut GUI"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/EncryptedData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/EncryptedData.java index e0484eb1b..4e7a72da6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/EncryptedData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/EncryptedData.java @@ -22,12 +22,19 @@ */ package at.gv.egovernment.moa.id.data; +import java.io.Serializable; + /** * @author tlenz * */ -public class EncryptedData { +public class EncryptedData implements Serializable{ + /** + * + */ + private static final long serialVersionUID = 1L; + private byte[] encData = null; private byte[] iv = null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index 3770dad2f..bb849a8d0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -659,7 +659,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { } else { revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID); - config.putCustomParameter("errorMsg", + config.putCustomParameterWithOutEscaption("errorMsg", MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); } @@ -690,7 +690,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { null); revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID); - config.putCustomParameter("errorMsg", + config.putCustomParameterWithOutEscaption("errorMsg", MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java index f17e4a99a..2395b913d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java @@ -38,8 +38,11 @@ import org.springframework.stereotype.Repository; import org.springframework.transaction.annotation.Transactional; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.data.EncryptedData; +import at.gv.egovernment.moa.id.util.SessionEncrytionUtil; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -106,18 +109,36 @@ public class DBTransactionStorage implements ITransactionStorage { } } - - public Object getAssertionStore(String key) throws MOADatabaseException{ - return searchInDatabase(key); - } - + public Object get(String key) throws MOADatabaseException { AssertionStore element = searchInDatabase(key); if (element == null) return null; + + Object data = SerializationUtils.deserialize(element.getAssertion()); - return SerializationUtils.deserialize(element.getAssertion()); + //decrypt data if required + Object resultData = null; + if (data instanceof EncryptedData) { + Logger.trace("Find encrypted data. --> Starting decryption process ..."); + try { + byte[] decData = decryptData((EncryptedData)data); + resultData = SerializationUtils.deserialize(decData); + + } catch (BuildException e) { + Logger.warn("Transaction information decryption FAILED.", e); + throw new MOADatabaseException("Transaction information decryption FAILED.", e); + + } + + } else { + Logger.trace("Find unencrypted data. --> Use it as is"); + resultData = data; + + } + + return resultData; } @@ -141,13 +162,34 @@ public class DBTransactionStorage implements ITransactionStorage { } - //Deserialize Assertion + //Deserialize Assertion Object data = SerializationUtils.deserialize(element.getAssertion()); + //decrypt data if required + Object resultData = null; + if (data instanceof EncryptedData) { + Logger.trace("Find encrypted data. --> Starting decryption process ..."); + try { + byte[] decData = decryptData((EncryptedData)data); + resultData = SerializationUtils.deserialize(decData); + + } catch (BuildException e) { + Logger.warn("Transaction information decryption FAILED.", e); + throw new MOADatabaseException("Transaction information decryption FAILED.", e); + + } + + } else { + Logger.trace("Find unencrypted data. --> Use it as is"); + resultData = data; + + } + + //check if assertion has the correct class type try { @SuppressWarnings("unchecked") - T test = (T) Class.forName(element.getType()).cast(data); + T test = (T) Class.forName(element.getType()).cast(resultData); return test; } catch (Exception e) { @@ -198,6 +240,17 @@ public class DBTransactionStorage implements ITransactionStorage { } } + public Object getAssertionStore(String key) throws MOADatabaseException{ + return searchInDatabase(key); + + } + + @Override + public void putAssertionStore(Object element) throws MOADatabaseException{ + entityManager.merge(element); + + } + private void cleanDelete(AssertionStore element) { @@ -245,30 +298,33 @@ public class DBTransactionStorage implements ITransactionStorage { throw new MOADatabaseException("Transaction-Storage can only store objects which implements the 'Seralizable' interface", null); } - - //serialize the Assertion for Database storage - byte[] data = SerializationUtils.serialize((Serializable) value); - element.setAssertion(data); - - //store AssertionStore element to Database - //try { + + try { + //serialize the Assertion for Database storage + byte[] data = SerializationUtils.serialize((Serializable) value); + element.setAssertion(encryptData(data)); + + //store AssertionStore element to Database entityManager.persist(element); - //MOASessionDBUtils.saveOrUpdate(element); - Logger.debug(value.getClass().getName() + " with ID: " + key + " is stored in Database"); -// -// } catch (MOADatabaseException e) { -// Logger.warn("Sessioninformation could not be stored."); -// throw new MOADatabaseException(e); -// -// } + Logger.debug(value.getClass().getName() + " with ID: " + key + " is stored in Database"); + + } catch (BuildException e) { + Logger.warn("Sessioninformation could not be stored."); + throw new MOADatabaseException(e); + + } } + + private static byte[] encryptData(byte[] data) throws BuildException { + EncryptedData encdata = SessionEncrytionUtil.getInstance().encrypt(data); + return SerializationUtils.serialize(encdata); - @Override - public void putAssertionStore(Object element) throws MOADatabaseException{ - // TODO Auto-generated method stub - entityManager.merge(element); - + } + + private static byte[] decryptData(EncryptedData encdata) throws BuildException { + return SessionEncrytionUtil.getInstance().decrypt(encdata); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java index 53a7f4f5e..51a36d426 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java @@ -114,6 +114,8 @@ public interface ITransactionStorage { /** * Get whole AssertionStoreObject, required for SLO + *
+ * IMPORTANT: This method does NOT decrypt information before storage * * @param key key Id which identifiers the data object * @return The transaction-data object, or null @@ -123,6 +125,8 @@ public interface ITransactionStorage { /** * Put whole AssertionStoreObject to db, required for SLO + *
+ * IMPORTANT: This method does NOT encrypt information before storage * * @param element assertion store object */ diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java index b0d166951..84d40f619 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java @@ -22,9 +22,6 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.util; -import iaik.security.cipher.PBEKey; -import iaik.security.spec.PBEKeyAndParameterSpec; - import java.security.InvalidAlgorithmParameterException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; @@ -35,19 +32,26 @@ import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.GCMParameterSpec; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.SecretKeySpec; - import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.DatabaseEncryptionException; import at.gv.egovernment.moa.id.data.EncryptedData; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; +import iaik.security.cipher.PBEKey; +import iaik.security.spec.PBEKeyAndParameterSpec; public abstract class AbstractEncrytionUtil { - protected static final String CIPHER_MODE = "AES/CBC/PKCS5Padding"; + //protected static final String CIPHER_MODE = "AES/CBC/PKCS5Padding"; + + protected static final String CIPHER_MODE = "AES/GCM/NoPadding"; + public static final int GCM_NONCE_LENGTH = 12; // in bytes + public static final int GCM_TAG_LENGTH = 16; // in bytes + protected static final String KEYNAME = "AES"; private SecretKey secret = null; @@ -114,8 +118,15 @@ public abstract class AbstractEncrytionUtil { if (secret != null) { try { - cipher = Cipher.getInstance(CIPHER_MODE, "IAIK"); - cipher.init(Cipher.ENCRYPT_MODE, secret); + final byte[] nonce = Random.nextBytes(GCM_NONCE_LENGTH); + +// final byte[] nonce = new byte[GCM_NONCE_LENGTH]; +// SecureRandom.getInstanceStrong().nextBytes(nonce); + + GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_LENGTH * 8, nonce); + + cipher = Cipher.getInstance(CIPHER_MODE, "IAIK"); + cipher.init(Cipher.ENCRYPT_MODE, secret, spec); Logger.debug("Encrypt MOASession"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java index ac2b3c415..38c384c3a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java @@ -151,6 +151,16 @@ public class Random { } +/** + * Creates a new random byte[] + * + * @param size Size of random number in byte + * @return + */ +public static byte[] nextBytes(int size) { + return nextByteRandom(size); + +} public static void seedRandom() { @@ -165,7 +175,7 @@ public class Random { /** * Generate a new random number * - * @param size Size of random number in bits + * @param size Size of random number in byte * @return */ private static synchronized byte[] nextByteRandom(int size) { diff --git a/id/server/idserverlib/src/test/java/test/MOAIDTestCase.java b/id/server/idserverlib/src/test/java/test/MOAIDTestCase.java index e28b154f4..b3a9d367f 100644 --- a/id/server/idserverlib/src/test/java/test/MOAIDTestCase.java +++ b/id/server/idserverlib/src/test/java/test/MOAIDTestCase.java @@ -56,10 +56,8 @@ import org.w3c.dom.Element; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.StreamUtils; import at.gv.egovernment.moa.util.XPathUtils; - import iaik.ixsil.algorithms.Transform; import iaik.ixsil.algorithms.TransformImplExclusiveCanonicalXML; import iaik.ixsil.exceptions.AlgorithmException; @@ -68,6 +66,7 @@ import iaik.ixsil.exceptions.URIException; import iaik.ixsil.init.IXSILInit; import iaik.ixsil.util.URI; import test.at.gv.egovernment.moa.MOATestCase; +import test.at.gv.egovernment.moa.util.FileUtils; /* * @author Paul Ivancsics diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/Logger.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/Logger.java index 3730b36ce..9152f2549 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/Logger.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/Logger.java @@ -27,6 +27,9 @@ package at.gv.egovernment.moa.logging; import java.util.HashMap; import java.util.Map; +import org.apache.commons.lang3.StringEscapeUtils; + + /** * A utility class acting as a facade to the logging subsystem. * @@ -88,7 +91,7 @@ public class Logger { private static String prepareMessage(Object message) { if(null == message) return "no message given"; - return message.toString(); + return StringEscapeUtils.escapeHtml4(message.toString()); } /** diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java index 3291f8a15..8d6aea164 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java @@ -53,40 +53,7 @@ public class FileUtils { in.close(); return content; } -// /** -// * Reads a file, given by URL, into a String. -// * @param urlString file URL -// * @param encoding character encoding -// * @return file content -// * @throws IOException on any exception thrown -// */ -// public static String readURL(String urlString, String encoding) throws IOException { -// byte[] content = readURL(urlString); -// return new String(content, encoding); -// } -// /** -// * Reads a file, given by filename, into a byte array. -// * @param filename filename -// * @return file content -// * @throws IOException on any exception thrown -// */ -// public static byte[] readFile(String filename) throws IOException { -// BufferedInputStream in = new BufferedInputStream(new FileInputStream(filename)); -// byte[] content = StreamUtils.readStream(in); -// in.close(); -// return content; -// } -// /** -// * Reads a file, given by filename, into a String. -// * @param filename filename -// * @param encoding character encoding -// * @return file content -// * @throws IOException on any exception thrown -// */ -// public static String readFile(String filename, String encoding) throws IOException { -// byte[] content = readFile(filename); -// return new String(content, encoding); -// } + /** * Reads a file from a resource. * @param name resource name diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/FileUtils.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/FileUtils.java new file mode 100644 index 000000000..8941ab4cf --- /dev/null +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/FileUtils.java @@ -0,0 +1,72 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package test.at.gv.egovernment.moa.util; + +import java.io.BufferedInputStream; +import java.io.FileInputStream; +import java.io.IOException; + +import at.gv.egovernment.moa.util.StreamUtils; + +/** + * @author tlenz + * + */ +public class FileUtils extends at.gv.egovernment.moa.util.FileUtils { + + /** + * Reads a file, given by URL, into a String. + * @param urlString file URL + * @param encoding character encoding + * @return file content + * @throws IOException on any exception thrown + */ + public static String readURL(String urlString, String encoding) throws IOException { + byte[] content = readURL(urlString); + return new String(content, encoding); + } + /** + * Reads a file, given by filename, into a byte array. + * @param filename filename + * @return file content + * @throws IOException on any exception thrown + */ + public static byte[] readFile(String filename) throws IOException { + BufferedInputStream in = new BufferedInputStream(new FileInputStream(filename)); + byte[] content = StreamUtils.readStream(in); + in.close(); + return content; + } + /** + * Reads a file, given by filename, into a String. + * @param filename filename + * @param encoding character encoding + * @return file content + * @throws IOException on any exception thrown + */ + public static String readFile(String filename, String encoding) throws IOException { + byte[] content = readFile(filename); + return new String(content, encoding); + } + +} diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java index 2ded896d0..9196a8718 100644 --- a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java @@ -26,9 +26,7 @@ package test.at.gv.egovernment.moa.util; import java.net.URLEncoder; -import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.URLDecoder; - import junit.framework.TestCase; /* diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java index 5f72c8aad..d89e9f21f 100644 --- a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java @@ -24,7 +24,6 @@ package test.at.gv.egovernment.moa.util; -import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.URLDecoder; import at.gv.egovernment.moa.util.URLEncoder; import junit.framework.TestCase; diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/iframeLBKUdetect.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/iframeLBKUdetect.html index f54484307..cbc16cb38 100644 --- a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/iframeLBKUdetect.html +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/iframeLBKUdetect.html @@ -19,7 +19,7 @@ parent.setBKUAvailable(false); document.write('
'); document.write(''); - document.write(''); + document.write(''); document.write('
'); try { document.bkudetectform.submit(); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index c9bc31f6c..faeb0158b 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -67,7 +67,6 @@ import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.data.Pair; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.util.XMLUtil; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; @@ -1203,9 +1202,13 @@ public class AuthenticationServer extends BaseAuthenticationServer { public static X509Certificate getCertificateFromXML(Element signedXML) throws CertificateException { NodeList nList = signedXML.getElementsByTagNameNS(Constants.DSIG_NS_URI, "X509Certificate"); - - String base64CertString = XMLUtil.getFirstTextValueFromNodeList(nList); - + + String base64CertString = null; + if (nList != null && nList.getLength() != 0) { + base64CertString = nList.item(0).getTextContent(); + + } + if (StringUtils.isEmpty(base64CertString)) { String msg = "XML does not contain a X509Certificate element."; Logger.error(msg); diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java index dc55df05b..af64e745e 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java @@ -558,7 +558,7 @@ public class SSOTransferServlet{ String base64EncodedImage = Base64Utils.encode(qrStream.toByteArray()); config.putCustomParameter("QRImage", base64EncodedImage); - config.putCustomParameter("successMsg", "Scan the QR-Code with your SSO-Transfer App to start the transfer operation."); + config.putCustomParameterWithOutEscaption("successMsg", "Scan the QR-Code with your SSO-Transfer App to start the transfer operation."); guiBuilder.build(resp, config, "SSO-Session Transfer-Module"); diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java index fe164c514..5c66f257d 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java @@ -104,7 +104,7 @@ public class GUIUtils { null); config.putCustomParameter("QRImage", base64EncodedImage); - config.putCustomParameter("successMsg", "Select the SSO Session in your SSO-Transfer App and scan the QR-Code to start the process."); + config.putCustomParameterWithOutEscaption("successMsg", "Select the SSO Session in your SSO-Transfer App and scan the QR-Code to start the process."); config.putCustomParameterWithOutEscaption("timeoutURL", containerURL); config.putCustomParameter("timeout", REFESH_TIMEOUT); -- cgit v1.2.3 From ee5d22920aec815371b1b2ca16bc0a2bb61fd987 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 27 Nov 2017 15:34:27 +0100 Subject: add PVP attribute for eIDAS QAA level --- .../at/gv/egovernment/moa/id/data/IAuthData.java | 12 ++++++ .../EIDCitizenQAALevelAttributeBuilder.java | 2 +- .../builder/attributes/EIDSTORKTOKEN.java | 2 +- .../EIDeIDASQAALevelAttributeBuilder.java | 48 ++++++++++++++++++++++ ....protocols.builder.attributes.IAttributeBuilder | 1 + 5 files changed, 63 insertions(+), 2 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDeIDASQAALevelAttributeBuilder.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java index e9fef4676..cb3def678 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java @@ -79,7 +79,19 @@ public interface IAuthData { Element getMandate(); String getMandateReferenceValue(); + @Deprecated + /** + * Return STORK QAA level + * + * @return + */ String getQAALevel(); + + /** + * Return authentication QAA level from eIDAS + * + * @return + */ public String getEIDASQAALevel(); String getSessionIndex(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDCitizenQAALevelAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDCitizenQAALevelAttributeBuilder.java index cfc6b102c..b254bc305 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDCitizenQAALevelAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDCitizenQAALevelAttributeBuilder.java @@ -23,10 +23,10 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; +@Deprecated public class EIDCitizenQAALevelAttributeBuilder implements IPVPAttributeBuilder { public String getName() { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSTORKTOKEN.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSTORKTOKEN.java index b1474acda..0978cfe90 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSTORKTOKEN.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSTORKTOKEN.java @@ -26,7 +26,6 @@ import java.io.IOException; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException; @@ -34,6 +33,7 @@ import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; +@Deprecated public class EIDSTORKTOKEN implements IPVPAttributeBuilder { public String getName() { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDeIDASQAALevelAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDeIDASQAALevelAttributeBuilder.java new file mode 100644 index 000000000..ca3dfa765 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDeIDASQAALevelAttributeBuilder.java @@ -0,0 +1,48 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.protocols.builder.attributes; + +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; + +public class EIDeIDASQAALevelAttributeBuilder implements IPVPAttributeBuilder { + + public String getName() { + return EID_CITIZEN_EIDAS_QAA_LEVEL_NAME; + } + + public ATT build(IOAAuthParameters oaParam, IAuthData authData, + IAttributeGenerator g) throws AttributeException { + + return g.buildStringAttribute(EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME, + EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, authData.getEIDASQAALevel()); + } + + + public ATT buildEmpty(IAttributeGenerator g) { + return g.buildEmptyAttribute(EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME, + EID_CITIZEN_EIDAS_QAA_LEVEL_NAME); + } + +} diff --git a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder index d40be32f5..6a5ce2171 100644 --- a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder +++ b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder @@ -30,3 +30,4 @@ at.gv.egovernment.moa.id.protocols.builder.attributes.MandateTypeOIDAttributeBui at.gv.egovernment.moa.id.protocols.builder.attributes.PrincipalNameAttributeBuilder at.gv.egovernment.moa.id.protocols.builder.attributes.PVPVersionAttributeBuilder at.gv.egovernment.moa.id.protocols.builder.attributes.HolderOfKey +at.gv.egovernment.moa.id.protocols.builder.attributes.EIDeIDASQAALevelAttributeBuilder -- cgit v1.2.3 From c114cbf86bc483b6cb39232c65d0bed98cafa855 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 27 Nov 2017 15:41:23 +0100 Subject: update history.txt --- id/history.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/id/history.txt b/id/history.txt index cffdd6ae3..c0b12dd1c 100644 --- a/id/history.txt +++ b/id/history.txt @@ -9,6 +9,8 @@ Version MOA-ID Release 3.3.0: - Anpassungen der Konfigurationsoberfläche (OnlineBKU entfernt) - Bugfix - Problem mit openSAML welches unsignierte SAML2 AuthnRequests bei Redirect Binding ermöglicht - Bugfix - Ungültig kodierter PVP2 Attributwert 'MANDATOR-NATURAL-PERSON-BPK' + - Bugfix - Updates an Endpunten um Cross-Site-Scripting (XSS) zu verhindern + - Code-Cleaning von unbenutzen Methoden und Klassen - Update von Libraries > org.springframework 4.3.11.RELEASE > org.springframework.data.spring-data-jpa 1.11.7.RELEASE -- cgit v1.2.3 From d5e50b587485a778d6fdd8b52958318204000d00 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 27 Nov 2017 15:42:22 +0100 Subject: switch version to 3.3.0 --- pom.xml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pom.xml b/pom.xml index b19b8cd98..c54907550 100644 --- a/pom.xml +++ b/pom.xml @@ -22,14 +22,14 @@ --> - 3.3.0-RC1 + 3.3.0 - 3.3.0-RC1 - 3.3.0-RC1 + 3.3.0 + 3.3.0 2.0.1 - 2.4.0-RC1 + 2.4.0 2.0.6 1.3 -- cgit v1.2.3 From bbc999c5d7912d0658216e7a8f59619135731ebf Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 20 Nov 2017 11:47:29 +0100 Subject: Add PVP metadata SAML2 EntityAttribute resolver filter --- .../pvp2x/metadata/MOAMetadataProvider.java | 2 + .../metadata/PVPEntityCategoryFilter.java | 207 +++++++++++++++++++++ 2 files changed, 209 insertions(+) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java index ab355646c..585aac805 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java @@ -55,6 +55,7 @@ import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.InterfederatedIDPPublicServiceFilter; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.PVPEntityCategoryFilter; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.PVPMetadataFilterChain; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.SchemaValidationFilter; import at.gv.egovernment.moa.logging.Logger; @@ -490,6 +491,7 @@ public class MOAMetadataProvider extends SimpleMOAMetadataProvider private PVPMetadataFilterChain buildMetadataFilterChain(IOAAuthParameters oaParam, String metadataURL, byte[] certificate) throws CertificateException, ConfigurationException { PVPMetadataFilterChain filterChain = new PVPMetadataFilterChain(metadataURL, certificate); filterChain.getFilters().add(new SchemaValidationFilter()); + filterChain.getFilters().add(new PVPEntityCategoryFilter()); if (oaParam.isInderfederationIDP()) { Logger.info("Online-Application is an interfederated IDP. Add addional Metadata policies"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java new file mode 100644 index 000000000..95d30db49 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java @@ -0,0 +1,207 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata; + +import java.util.ArrayList; +import java.util.List; + +import org.opensaml.common.xml.SAMLConstants; +import org.opensaml.saml2.common.Extensions; +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.metadata.AttributeConsumingService; +import org.opensaml.saml2.metadata.EntitiesDescriptor; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.LocalizedString; +import org.opensaml.saml2.metadata.RequestedAttribute; +import org.opensaml.saml2.metadata.SPSSODescriptor; +import org.opensaml.saml2.metadata.ServiceName; +import org.opensaml.saml2.metadata.provider.FilterException; +import org.opensaml.saml2.metadata.provider.MetadataFilter; +import org.opensaml.samlext.saml2mdattr.EntityAttributes; +import org.opensaml.xml.XMLObject; + +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.data.Trible; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moaspss.logging.Logger; + +/** + * @author tlenz + * + */ +public class PVPEntityCategoryFilter implements MetadataFilter { + + + + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) + */ + @Override + public void doFilter(XMLObject metadata) throws FilterException { + String entityId = null; + try { + if (metadata instanceof EntitiesDescriptor) { + Logger.trace("Find EnitiesDescriptor ... "); + EntitiesDescriptor entitiesDesc = (EntitiesDescriptor) metadata; + if (entitiesDesc.getEntityDescriptors() != null) { + for (EntityDescriptor el : entitiesDesc.getEntityDescriptors()) + resolveEntityCategoriesToAttributes(el); + + } + + } else if (metadata instanceof EntityDescriptor) { + Logger.trace("Find EntityDescriptor"); + resolveEntityCategoriesToAttributes((EntityDescriptor)metadata); + + + } else + throw new MOAIDException("Invalid Metadata file Root element is no Entities- or EntityDescriptor", null); + + + + } catch (Exception e) { + Logger.warn("SAML2 Metadata processing FAILED: Can not resolve EntityCategories for metadata: " + entityId, e); + + } + } + + private void resolveEntityCategoriesToAttributes(EntityDescriptor metadata) { + Logger.debug("Resolving EntityCategorie for Entity: " + metadata.getEntityID() + " ..."); + Extensions extensions = metadata.getExtensions(); + if (extensions != null) { + List listOfExt = extensions.getUnknownXMLObjects(); + if (listOfExt != null && !listOfExt.isEmpty()) { + for (XMLObject el : listOfExt) { + Logger.trace("Find ExtensionElement: " + el.getElementQName().toString()); + if (el instanceof EntityAttributes) { + EntityAttributes entityAttrElem = (EntityAttributes)el; + if (entityAttrElem.getAttributes() != null) { + Logger.trace("Find EntityAttributes. Start attribute processing ..."); + for (Attribute entityAttr : entityAttrElem.getAttributes()) { + if (entityAttr.getName().equals(PVPConstants.ENTITY_CATEGORY_ATTRIBITE)) { + if (!entityAttr.getAttributeValues().isEmpty()) { + String entityAttrValue = entityAttr.getAttributeValues().get(0).getDOM().getTextContent(); + if (PVPConstants.EGOVTOKEN.equals(entityAttrValue)) { + Logger.debug("Find 'EGOVTOKEN' EntityAttribute. Adding single pvp attributes ... "); + addAttributesToEntityDescriptor(metadata, + buildAttributeList(PVPConstants.EGOVTOKEN_PVP_ATTRIBUTES), + entityAttrValue); + + + } else if (PVPConstants.CITIZENTOKEN.equals(entityAttrValue)) { + Logger.debug("Find 'CITIZENTOKEN' EntityAttribute. Adding single pvp attributes ... "); + addAttributesToEntityDescriptor(metadata, + buildAttributeList(PVPConstants.CITIZENTOKEN_PVP_ATTRIBUTES), + entityAttrValue); + + } else + Logger.info("EntityAttributeValue: " + entityAttrValue + " is UNKNOWN!"); + + } else + Logger.info("EntityAttribute: No attribute value"); + + } else + Logger.info("EntityAttribute: " + entityAttr.getName() + " is NOT supported"); + + } + + } else + Logger.info("Can NOT resolve EntityAttributes! Reason: Only EntityAttributes are supported!"); + + } + } + } + } + + } + + /** + * @param metadata + * @param attrList + */ + private void addAttributesToEntityDescriptor(EntityDescriptor metadata, List attrList, String entityAttr) { + SPSSODescriptor spSSODesc = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS); + if (spSSODesc != null) { + if (spSSODesc.getAttributeConsumingServices() == null || + spSSODesc.getAttributeConsumingServices().isEmpty()) { + Logger.trace("No 'AttributeConsumingServices' found. Added it ..."); + + AttributeConsumingService attributeService = SAML2Utils.createSAMLObject(AttributeConsumingService.class); + attributeService.setIndex(0); + attributeService.setIsDefault(true); + ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class); + serviceName.setName(new LocalizedString("Default Service", "en")); + attributeService.getNames().add(serviceName); + + if (attrList != null && !attrList.isEmpty()) { + attributeService.getRequestAttributes().addAll(attrList); + Logger.info("Add " + attrList.size() + " attributes for 'EntityAttribute': " + entityAttr); + + } + + spSSODesc.getAttributeConsumingServices().add(attributeService); + + } else { + Logger.debug("Find 'AttributeConsumingServices'. Starting updating process ... "); + for (AttributeConsumingService el : spSSODesc.getAttributeConsumingServices()) { + Logger.debug("Update 'AttributeConsumingService' with Index: " + el.getIndex()); + + //load currently requested attributes + List currentlyReqAttr = new ArrayList(); + for (RequestedAttribute reqAttr : el.getRequestAttributes()) + currentlyReqAttr.add(reqAttr.getName()); + + + //check against EntityAttribute List + for (RequestedAttribute entityAttrListEl : attrList) { + if (!currentlyReqAttr.contains(entityAttrListEl.getName())) { + el.getRequestAttributes().add(entityAttrListEl); + + } else + Logger.debug("'AttributeConsumingService' already contains attr: " + entityAttrListEl.getName()); + + } + + } + + } + + } else + Logger.info("Can ONLY add 'EntityAttributes' to 'SPSSODescriptor'"); + + } + + private List buildAttributeList(List> attrSet) { + List requestedAttributes = new ArrayList(); + for (Trible el : attrSet) + requestedAttributes.add(PVPAttributeBuilder.buildReqAttribute(el.getFirst(), el.getSecond(), el.getThird())); + + return requestedAttributes; + + + } + +} -- cgit v1.2.3 From 91b54c413aca1f214de482e7ea899bdec114880d Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 28 Nov 2017 10:54:34 +0100 Subject: deactivated PVP EntityCategory mapper as default --- .../data/deploy/conf/moa-id/moa-id.properties | 7 +-- id/server/doc/handbook/config/config.html | 5 ++ .../PropertyBasedAuthConfigurationProvider.java | 2 +- .../pvp2x/metadata/MOAMetadataProvider.java | 6 ++- .../metadata/PVPEntityCategoryFilter.java | 60 ++++++++++++++-------- .../moa/id/commons/api/AuthConfiguration.java | 1 + 6 files changed, 52 insertions(+), 29 deletions(-) diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties index 15084b387..4228b0d3a 100644 --- a/id/server/data/deploy/conf/moa-id/moa-id.properties +++ b/id/server/data/deploy/conf/moa-id/moa-id.properties @@ -43,12 +43,6 @@ service.foreignidentities.acceptedServerCertificates= service.foreignidentities.clientKeyStore=keys/.... service.foreignidentities.clientKeyStorePassword= -##STORK 2 -stork.fakeIdL.active=false -stork.fakeIdL.countries= -stork.fakeIdL.keygroup= -stork.documentservice.url= - ##Protocol configuration## #PVP2 protocols.pvp2.idp.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12 @@ -59,6 +53,7 @@ protocols.pvp2.idp.ks.assertion.sign.alias=pvp_assertion protocols.pvp2.idp.ks.assertion.sign.keypassword=password protocols.pvp2.idp.ks.assertion.encryption.alias=pvp_assertion protocols.pvp2.idp.ks.assertion.encryption.keypassword=password +protocols.pvp2.metadata.entitycategories.active=false #OpenID connect (OAuth) protocols.oauth20.jwt.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12 diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html index e6b86204a..1972d2150 100644 --- a/id/server/doc/handbook/config/config.html +++ b/id/server/doc/handbook/config/config.html @@ -576,6 +576,11 @@ https://<host>:<port>/moa-id-auth/MonitoringServlet password Passwort des Schlüssels mit dem PVP 2.1 Assertion für MOA-ID-Auth als Service Provider durch einen weiteren IDP Verschlüsselt werden sollen (siehe Kapitel Interfederation) + + protocols.pvp2.metadata.entitycategories.active + true / false + Funktion zum Mappen einer in den Metadaten enthaltenen PVP EntityCategory auf ein Set von PVP Attributen, welche von MOA-ID returniert werden sollen. +

 

2.2.2.3.2 OpenID Connect
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index 332604257..d3e340a90 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -1311,7 +1311,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide String value = properties.getProperty(key); if (MiscUtil.isNotEmpty(value)) - return Boolean.valueOf(value); + return Boolean.valueOf(value.trim()); return defaultValue; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java index 585aac805..7f6f9b88c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java @@ -51,6 +51,7 @@ import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.auth.IDestroyableObject; import at.gv.egovernment.moa.id.auth.IGarbageCollectorProcessing; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; @@ -491,7 +492,10 @@ public class MOAMetadataProvider extends SimpleMOAMetadataProvider private PVPMetadataFilterChain buildMetadataFilterChain(IOAAuthParameters oaParam, String metadataURL, byte[] certificate) throws CertificateException, ConfigurationException { PVPMetadataFilterChain filterChain = new PVPMetadataFilterChain(metadataURL, certificate); filterChain.getFilters().add(new SchemaValidationFilter()); - filterChain.getFilters().add(new PVPEntityCategoryFilter()); + filterChain.getFilters().add( + new PVPEntityCategoryFilter(authConfig.getBasicMOAIDConfigurationBoolean( + AuthConfiguration.PROP_KEY_PROTOCOL_PVP_METADATA_ENTITYCATEGORY_RESOLVER, + false))); if (oaParam.isInderfederationIDP()) { Logger.info("Online-Application is an interfederated IDP. Add addional Metadata policies"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java index 95d30db49..ed96f1962 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java @@ -54,6 +54,17 @@ import at.gv.egovernment.moaspss.logging.Logger; public class PVPEntityCategoryFilter implements MetadataFilter { + private boolean isUsed = false; + + /** + * Filter to map PVP EntityCategories into a set of single PVP attributes + * + * @param isUsed if true PVP EntityCategories are mapped, otherwise they are ignored + * + */ + public PVPEntityCategoryFilter(boolean isUsed) { + this.isUsed = isUsed; + } /* (non-Javadoc) @@ -61,31 +72,38 @@ public class PVPEntityCategoryFilter implements MetadataFilter { */ @Override public void doFilter(XMLObject metadata) throws FilterException { - String entityId = null; - try { - if (metadata instanceof EntitiesDescriptor) { - Logger.trace("Find EnitiesDescriptor ... "); - EntitiesDescriptor entitiesDesc = (EntitiesDescriptor) metadata; - if (entitiesDesc.getEntityDescriptors() != null) { - for (EntityDescriptor el : entitiesDesc.getEntityDescriptors()) - resolveEntityCategoriesToAttributes(el); + + if (isUsed) { + Logger.trace("Map PVP EntityCategory to single PVP Attributes ... "); + String entityId = null; + try { + if (metadata instanceof EntitiesDescriptor) { + Logger.trace("Find EnitiesDescriptor ... "); + EntitiesDescriptor entitiesDesc = (EntitiesDescriptor) metadata; + if (entitiesDesc.getEntityDescriptors() != null) { + for (EntityDescriptor el : entitiesDesc.getEntityDescriptors()) + resolveEntityCategoriesToAttributes(el); + + } + + } else if (metadata instanceof EntityDescriptor) { + Logger.trace("Find EntityDescriptor"); + resolveEntityCategoriesToAttributes((EntityDescriptor)metadata); - } - - } else if (metadata instanceof EntityDescriptor) { - Logger.trace("Find EntityDescriptor"); - resolveEntityCategoriesToAttributes((EntityDescriptor)metadata); + + } else + throw new MOAIDException("Invalid Metadata file Root element is no Entities- or EntityDescriptor", null); - } else - throw new MOAIDException("Invalid Metadata file Root element is no Entities- or EntityDescriptor", null); - - - - } catch (Exception e) { - Logger.warn("SAML2 Metadata processing FAILED: Can not resolve EntityCategories for metadata: " + entityId, e); + + } catch (Exception e) { + Logger.warn("SAML2 Metadata processing FAILED: Can not resolve EntityCategories for metadata: " + entityId, e); + + } - } + } else + Logger.trace("Filter to map PVP EntityCategory to single PVP Attributes is deactivated"); + } private void resolveEntityCategoriesToAttributes(EntityDescriptor metadata) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java index 07b07d980..4dda4c736 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java @@ -13,6 +13,7 @@ public interface AuthConfiguration extends ConfigurationProvider{ public static final String PROP_KEY_SSL_HOSTNAME_VALIDATION = "configuration.ssl.validation.hostname"; public static final String PROP_KEY_OVS_SSL_HOSTNAME_VALIDATION = "service.onlinemandates.ssl.validation.hostname"; + public static final String PROP_KEY_PROTOCOL_PVP_METADATA_ENTITYCATEGORY_RESOLVER = "protocols.pvp2.metadata.entitycategories.active"; public static final String DEFAULT_X509_CHAININGMODE = "pkix"; -- cgit v1.2.3 From 7e853bf1c8e738e05544795fc7200a2c5d213a00 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 28 Nov 2017 10:54:59 +0100 Subject: Remove unused configuration values --- .../deploy/conf/moa-id/oa/BasicOAConfiguration.xml | 9 -- .../conf/moa-id/oa/HeaderOAConfiguration.xml | 10 -- .../deploy/conf/moa-id/oa/ParamOAConfiguration.xml | 10 -- .../conf/moa-id/oa/SampleOAConfiguration.xml | 9 -- .../conf/moa-id/oa/SamplewbPKOAConfiguration.xml | 9 -- .../data/deploy/conf/moa-id/stork/SamlEngine.xml | 70 ----------- .../conf/moa-id/stork/SignModule_incoming.xml | 12 -- .../conf/moa-id/stork/SignModule_incoming_attr.xml | 12 -- .../conf/moa-id/stork/SignModule_outgoing.xml | 12 -- .../conf/moa-id/stork/StorkSamlEngine_VIDP.xml | 127 -------------------- .../conf/moa-id/stork/StorkSamlEngine_incoming.xml | 100 ---------------- .../moa-id/stork/StorkSamlEngine_incoming_attr.xml | 98 ---------------- .../conf/moa-id/stork/StorkSamlEngine_outgoing.xml | 130 --------------------- .../deploy/conf/moa-id/stork/storkDemoKeysPT.jks | Bin 3013 -> 0 bytes .../moa-id/stork/storkDemoKeys_minividp_old.jks | Bin 4592 -> 0 bytes 15 files changed, 608 deletions(-) delete mode 100644 id/server/data/deploy/conf/moa-id/oa/BasicOAConfiguration.xml delete mode 100644 id/server/data/deploy/conf/moa-id/oa/HeaderOAConfiguration.xml delete mode 100644 id/server/data/deploy/conf/moa-id/oa/ParamOAConfiguration.xml delete mode 100644 id/server/data/deploy/conf/moa-id/oa/SampleOAConfiguration.xml delete mode 100644 id/server/data/deploy/conf/moa-id/oa/SamplewbPKOAConfiguration.xml delete mode 100644 id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml delete mode 100644 id/server/data/deploy/conf/moa-id/stork/SignModule_incoming.xml delete mode 100644 id/server/data/deploy/conf/moa-id/stork/SignModule_incoming_attr.xml delete mode 100644 id/server/data/deploy/conf/moa-id/stork/SignModule_outgoing.xml delete mode 100644 id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml delete mode 100644 id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming.xml delete mode 100644 id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml delete mode 100644 id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_outgoing.xml delete mode 100644 id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks delete mode 100644 id/server/data/deploy/conf/moa-id/stork/storkDemoKeys_minividp_old.jks diff --git a/id/server/data/deploy/conf/moa-id/oa/BasicOAConfiguration.xml b/id/server/data/deploy/conf/moa-id/oa/BasicOAConfiguration.xml deleted file mode 100644 index fc99cea79..000000000 --- a/id/server/data/deploy/conf/moa-id/oa/BasicOAConfiguration.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - stateless - - MOAFamilyName - MOAGivenName - - diff --git a/id/server/data/deploy/conf/moa-id/oa/HeaderOAConfiguration.xml b/id/server/data/deploy/conf/moa-id/oa/HeaderOAConfiguration.xml deleted file mode 100644 index 4d34c3646..000000000 --- a/id/server/data/deploy/conf/moa-id/oa/HeaderOAConfiguration.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - stateless - - -
-
-
-
diff --git a/id/server/data/deploy/conf/moa-id/oa/ParamOAConfiguration.xml b/id/server/data/deploy/conf/moa-id/oa/ParamOAConfiguration.xml deleted file mode 100644 index 979faca95..000000000 --- a/id/server/data/deploy/conf/moa-id/oa/ParamOAConfiguration.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - stateless - - - - - - diff --git a/id/server/data/deploy/conf/moa-id/oa/SampleOAConfiguration.xml b/id/server/data/deploy/conf/moa-id/oa/SampleOAConfiguration.xml deleted file mode 100644 index edbfe7aa5..000000000 --- a/id/server/data/deploy/conf/moa-id/oa/SampleOAConfiguration.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - stateless - - MOAFamilyName - MOAGivenName - - diff --git a/id/server/data/deploy/conf/moa-id/oa/SamplewbPKOAConfiguration.xml b/id/server/data/deploy/conf/moa-id/oa/SamplewbPKOAConfiguration.xml deleted file mode 100644 index 2cff3bd67..000000000 --- a/id/server/data/deploy/conf/moa-id/oa/SamplewbPKOAConfiguration.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - stateless - - MOAWBPK - MOAGivenName - - diff --git a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml deleted file mode 100644 index eca38ec8c..000000000 --- a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml +++ /dev/null @@ -1,70 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/id/server/data/deploy/conf/moa-id/stork/SignModule_incoming.xml b/id/server/data/deploy/conf/moa-id/stork/SignModule_incoming.xml deleted file mode 100644 index 68b15e667..000000000 --- a/id/server/data/deploy/conf/moa-id/stork/SignModule_incoming.xml +++ /dev/null @@ -1,12 +0,0 @@ - - - - - SWModule sign with JKS. - /home/stork/repos/moa-idspss/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks - local-demo - local-demo - CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES - 4BA89DB2 - JKS - diff --git a/id/server/data/deploy/conf/moa-id/stork/SignModule_incoming_attr.xml b/id/server/data/deploy/conf/moa-id/stork/SignModule_incoming_attr.xml deleted file mode 100644 index 68b15e667..000000000 --- a/id/server/data/deploy/conf/moa-id/stork/SignModule_incoming_attr.xml +++ /dev/null @@ -1,12 +0,0 @@ - - - - - SWModule sign with JKS. - /home/stork/repos/moa-idspss/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks - local-demo - local-demo - CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES - 4BA89DB2 - JKS - diff --git a/id/server/data/deploy/conf/moa-id/stork/SignModule_outgoing.xml b/id/server/data/deploy/conf/moa-id/stork/SignModule_outgoing.xml deleted file mode 100644 index 7139c5a41..000000000 --- a/id/server/data/deploy/conf/moa-id/stork/SignModule_outgoing.xml +++ /dev/null @@ -1,12 +0,0 @@ - - - - - SWModule sign with JKS. - projects/stork2/code/moa-idspss/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks - local-demo - local-demo - CN=local-demo-cert, O=Indra, L=Madrid, ST=Spain, C=ES - 4BA89DB2 - JKS - \ No newline at end of file diff --git a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml deleted file mode 100644 index 29973690e..000000000 --- a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml +++ /dev/null @@ -1,127 +0,0 @@ - - - - - SAML constants for AuthnRequests and Responses. - - - unspecified - - - obtained - - - entity - - - - HTTP-POST - - - - - - false - - - true - - - https://testvidp.buergerkarte.at/moa-id-auth/stork2/SendPEPSAuthnRequest - - - https://testvidp.buergerkarte.at/moa-id-auth/stork2/SendPEPSAuthnRequest - - - 600 - - - false - - - true - - - http://www.stork.gov.eu/1.0/eIdentifier - http://www.stork.gov.eu/1.0/givenName - http://www.stork.gov.eu/1.0/surname - http://www.stork.gov.eu/1.0/inheritedFamilyName - http://www.stork.gov.eu/1.0/adoptedFamilyName - http://www.stork.gov.eu/1.0/gender - http://www.stork.gov.eu/1.0/dateOfBirth - http://www.stork.gov.eu/1.0/countryCodeOfBirth - http://www.stork.gov.eu/1.0/nationalityCode - http://www.stork.gov.eu/1.0/maritalStatus - http://www.stork.gov.eu/1.0/residenceAddress - http://www.stork.gov.eu/1.0/eMail - http://www.stork.gov.eu/1.0/academicTitle - http://www.stork.gov.eu/1.0/pseudonym - http://www.stork.gov.eu/1.0/age - http://www.stork.gov.eu/1.0/isAgeOver - - http://www.stork.gov.eu/1.0/textResidenceAddress - http://www.stork.gov.eu/1.0/canonicalResidenceAddress - - http://www.stork.gov.eu/1.0/title - http://www.stork.gov.eu/1.0/residencePermit - - http://www.stork.gov.eu/1.0/signedDoc - http://www.stork.gov.eu/1.0/citizen509Certificate - - http://www.stork.gov.eu/1.0/newAttribute1 - http://www.stork.gov.eu/1.0/newAttribute2 - http://www.stork.gov.eu/1.0/hasDegree - - - http://www.stork.gov.eu/1.0/diplomaSupplement - http://www.stork.gov.eu/1.0/currentStudiesSupplement - http://www.stork.gov.eu/1.0/isStudent - http://www.stork.gov.eu/1.0/isAcademicStaff - http://www.stork.gov.eu/1.0/isTeacherOf - http://www.stork.gov.eu/1.0/isCourseCoordinator - http://www.stork.gov.eu/1.0/isAdminStaff - http://www.stork.gov.eu/1.0/habilitation - http://www.stork.gov.eu/1.0/Title - http://www.stork.gov.eu/1.0/hasDegree - http://www.stork.gov.eu/1.0/hasAccountInBank - http://www.stork.gov.eu/1.0/isHealthCareProfessional - - http://www.stork.gov.eu/1.0/eLPIdentifier - http://www.stork.gov.eu/1.0/legalName - http://www.stork.gov.eu/1.0/alternativeName - http://www.stork.gov.eu/1.0/type - http://www.stork.gov.eu/1.0/translatableType - http://www.stork.gov.eu/1.0/status - http://www.stork.gov.eu/1.0/activity - http://www.stork.gov.eu/1.0/registeredAddress - http://www.stork.gov.eu/1.0/registeredCanonicalAddress - http://www.stork.gov.eu/1.0/contactInformation - http://www.stork.gov.eu/1.0/LPFiscalNumber - http://www.stork.gov.eu/1.0/mandate - http://www.stork.gov.eu/1.0/docRequest - - http://www.stork.gov.eu/1.0/mandateContent - http://www.stork.gov.eu/1.0/representative - http://www.stork.gov.eu/1.0/represented - - - http://www.stork.gov.eu/1.1/ECApplicationRole - http://www.stork.gov.eu/1.1/MSOrganization - - http://www.stork.gov.eu/1.0/citizenQAALevel - - - diff --git a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming.xml b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming.xml deleted file mode 100644 index a817e29c0..000000000 --- a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming.xml +++ /dev/null @@ -1,100 +0,0 @@ - - - - - SAML constants for AuthnRequests and Responses. - - - unspecified - - - obtained - - - entity - - - - HTTP-POST - - - - - - - - - - false - - - true - - - http://S-PEPS.gov.xx - - - http://C-PEPS.gov.xx - - - 300 - - - false - - - - http://www.stork.gov.eu/1.0/eIdentifier - http://www.stork.gov.eu/1.0/givenName - http://www.stork.gov.eu/1.0/surname - http://www.stork.gov.eu/1.0/inheritedFamilyName - http://www.stork.gov.eu/1.0/adoptedFamilyName - http://www.stork.gov.eu/1.0/gender - http://www.stork.gov.eu/1.0/dateOfBirth - http://www.stork.gov.eu/1.0/countryCodeOfBirth - http://www.stork.gov.eu/1.0/nationalityCode - http://www.stork.gov.eu/1.0/maritalStatus - http://www.stork.gov.eu/1.0/residenceAddress - http://www.stork.gov.eu/1.0/eMail - http://www.stork.gov.eu/1.0/academicTitle - http://www.stork.gov.eu/1.0/pseudonym - http://www.stork.gov.eu/1.0/age - http://www.stork.gov.eu/1.0/isAgeOver - http://www.stork.gov.eu/1.0/fiscalNumber - - http://www.stork.gov.eu/1.0/textResidenceAddress - http://www.stork.gov.eu/1.0/canonicalResidenceAddress - - http://www.stork.gov.eu/1.0/title - http://www.stork.gov.eu/1.0/residencePermit - - http://www.stork.gov.eu/1.0/signedDoc - http://www.stork.gov.eu/1.0/citizen509Certificate - - http://www.stork.gov.eu/1.0/newAttribute1 - http://www.stork.gov.eu/1.0/newAttribute2 - http://www.stork.gov.eu/1.0/hasDegree - http://www.stork.gov.eu/1.0/mandateContent - http://www.stork.gov.eu/1.0/representative - http://www.stork.gov.eu/1.0/represented - - - http://www.stork.gov.eu/1.1/ECApplicationRole - http://www.stork.gov.eu/1.1/MSOrganization - - http://www.stork.gov.eu/1.0/citizenQAALevel - - diff --git a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml deleted file mode 100644 index 33437c110..000000000 --- a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml +++ /dev/null @@ -1,98 +0,0 @@ - - - - - SAML constants for AuthnRequests and Responses. - - - unspecified - - - obtained - - - entity - - - - HTTP-POST - - - - - - - - - - false - - - true - - - http://S-PEPS.gov.xx - - - http://C-PEPS.gov.xx - - - 300 - - - false - - - - http://www.stork.gov.eu/1.0/eIdentifier - http://www.stork.gov.eu/1.0/givenName - http://www.stork.gov.eu/1.0/surname - http://www.stork.gov.eu/1.0/inheritedFamilyName - http://www.stork.gov.eu/1.0/adoptedFamilyName - http://www.stork.gov.eu/1.0/gender - http://www.stork.gov.eu/1.0/dateOfBirth - http://www.stork.gov.eu/1.0/countryCodeOfBirth - http://www.stork.gov.eu/1.0/nationalityCode - http://www.stork.gov.eu/1.0/maritalStatus - http://www.stork.gov.eu/1.0/residenceAddress - http://www.stork.gov.eu/1.0/eMail - http://www.stork.gov.eu/1.0/academicTitle - http://www.stork.gov.eu/1.0/pseudonym - http://www.stork.gov.eu/1.0/age - http://www.stork.gov.eu/1.0/isAgeOver - http://www.stork.gov.eu/1.0/fiscalNumber - - http://www.stork.gov.eu/1.0/textResidenceAddress - http://www.stork.gov.eu/1.0/canonicalResidenceAddress - - http://www.stork.gov.eu/1.0/title - http://www.stork.gov.eu/1.0/residencePermit - - http://www.stork.gov.eu/1.0/signedDoc - http://www.stork.gov.eu/1.0/citizen509Certificate - - http://www.stork.gov.eu/1.0/newAttribute1 - http://www.stork.gov.eu/1.0/newAttribute2 - http://www.stork.gov.eu/1.0/hasDegree - http://www.stork.gov.eu/1.0/mandateContent - http://www.stork.gov.eu/1.0/representative - http://www.stork.gov.eu/1.0/represented - - - http://www.stork.gov.eu/1.1/ECApplicationRole - http://www.stork.gov.eu/1.1/MSOrganization - - diff --git a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_outgoing.xml b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_outgoing.xml deleted file mode 100644 index b840b4fe5..000000000 --- a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_outgoing.xml +++ /dev/null @@ -1,130 +0,0 @@ - - - - - SAML constants for AuthnRequests and Responses. - - - unspecified - - - obtained - - - entity - - - - HTTP-POST - - - - - - - - - - false - - - true - - - http://S-PEPS.gov.xx - - - http://C-PEPS.gov.xx - - - 300 - - - false - - - - http://www.stork.gov.eu/1.0/eIdentifier - http://www.stork.gov.eu/1.0/givenName - http://www.stork.gov.eu/1.0/surname - http://www.stork.gov.eu/1.0/inheritedFamilyName - http://www.stork.gov.eu/1.0/adoptedFamilyName - http://www.stork.gov.eu/1.0/gender - http://www.stork.gov.eu/1.0/dateOfBirth - http://www.stork.gov.eu/1.0/countryCodeOfBirth - http://www.stork.gov.eu/1.0/nationalityCode - http://www.stork.gov.eu/1.0/maritalStatus - http://www.stork.gov.eu/1.0/residenceAddress - http://www.stork.gov.eu/1.0/eMail - http://www.stork.gov.eu/1.0/academicTitle - http://www.stork.gov.eu/1.0/pseudonym - http://www.stork.gov.eu/1.0/age - http://www.stork.gov.eu/1.0/isAgeOver - http://www.stork.gov.eu/1.0/fiscalNumber - - http://www.stork.gov.eu/1.0/textResidenceAddress - http://www.stork.gov.eu/1.0/canonicalResidenceAddress - - http://www.stork.gov.eu/1.0/title - http://www.stork.gov.eu/1.0/residencePermit - - http://www.stork.gov.eu/1.0/signedDoc - http://www.stork.gov.eu/1.0/citizen509Certificate - - http://www.stork.gov.eu/1.0/newAttribute1 - http://www.stork.gov.eu/1.0/newAttribute2 - http://www.stork.gov.eu/1.0/hasDegree - - - http://www.stork.gov.eu/1.0/diplomaSupplement - http://www.stork.gov.eu/1.0/currentStudiesSupplement - http://www.stork.gov.eu/1.0/isStudent - http://www.stork.gov.eu/1.0/isAcademicStaff - http://www.stork.gov.eu/1.0/isTeacherOf - http://www.stork.gov.eu/1.0/isCourseCoordinator - http://www.stork.gov.eu/1.0/isAdminStaff - http://www.stork.gov.eu/1.0/habilitation - http://www.stork.gov.eu/1.0/Title - http://www.stork.gov.eu/1.0/hasDegree - http://www.stork.gov.eu/1.0/hasAccountInBank - http://www.stork.gov.eu/1.0/isHealthCareProfessional - - http://www.stork.gov.eu/1.0/eLPIdentifier - http://www.stork.gov.eu/1.0/legalName - http://www.stork.gov.eu/1.0/alternativeName - http://www.stork.gov.eu/1.0/type - http://www.stork.gov.eu/1.0/translatableType - http://www.stork.gov.eu/1.0/status - http://www.stork.gov.eu/1.0/activity - http://www.stork.gov.eu/1.0/registeredAddress - http://www.stork.gov.eu/1.0/registeredCanonicalAddress - http://www.stork.gov.eu/1.0/contactInformation - http://www.stork.gov.eu/1.0/LPFiscalNumber - http://www.stork.gov.eu/1.0/mandate - http://www.stork.gov.eu/1.0/docRequest - - - http://www.stork.gov.eu/1.0/mandateContent - http://www.stork.gov.eu/1.0/representative - http://www.stork.gov.eu/1.0/represented - - - http://www.stork.gov.eu/1.1/ECApplicationRole - http://www.stork.gov.eu/1.1/MSOrganization - - http://www.stork.gov.eu/1.0/citizenQAALevel - - diff --git a/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks b/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks deleted file mode 100644 index f9baad202..000000000 Binary files a/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks and /dev/null differ diff --git a/id/server/data/deploy/conf/moa-id/stork/storkDemoKeys_minividp_old.jks b/id/server/data/deploy/conf/moa-id/stork/storkDemoKeys_minividp_old.jks deleted file mode 100644 index efaeac86c..000000000 Binary files a/id/server/data/deploy/conf/moa-id/stork/storkDemoKeys_minividp_old.jks and /dev/null differ -- cgit v1.2.3 From b77f94b81123ddf50ea02fd893254579dc220880 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 28 Nov 2017 11:33:02 +0100 Subject: update default log4j.properties --- id/server/data/deploy/conf/moa-id/log4j.properties | 57 +++++++++++++++------- 1 file changed, 40 insertions(+), 17 deletions(-) diff --git a/id/server/data/deploy/conf/moa-id/log4j.properties b/id/server/data/deploy/conf/moa-id/log4j.properties index f37100a5b..2c3b8a311 100644 --- a/id/server/data/deploy/conf/moa-id/log4j.properties +++ b/id/server/data/deploy/conf/moa-id/log4j.properties @@ -2,34 +2,57 @@ org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory # define log4j root loggers -log4j.rootLogger=info, stdout -log4j.logger.at.gv.egovernment.moa=info -log4j.logger.at.gv.egovernment.moa.spss=info -log4j.logger.iaik.server=info -log4j.logger.at.gv.egovernment.moa.id=info,R -log4j.logger.at.gv.egovernment.moa.id.proxy=info -log4j.logger.eu.stork=info -log4j.logger.org.hibernate=warn +log4j.rootLogger=warn,stdout +### MOA-ID process log ### +log4j.logger.at.gv.egovernment.moa.id=info,moaid +log4j.logger.at.gv.egovernment.moa.spss=info,moaid + +### process revision log with event-codes ### +log4j.logger.at.gv.egiz.eventlog.plain.all=info,reversion + +### Signature verification and certificate proofing #### +log4j.logger.at.gv.egovernment.moa.spss=info,moaspss +log4j.logger.iaik.server=info,moaspss +log4j.logger.pki=info,moaspss + +### ConfigTool Logs #### log4j.logger.at.gv.egiz.components.configuration=info,CONFIGTOOL -log4j.logger.at.gv.egovernment.moa.id.commons=info,CONFIGTOOL R +log4j.logger.at.gv.egovernment.moa.id.commons=info,CONFIGTOOL log4j.logger.at.gv.egovernment.moa.id.config.webgui=info,CONFIGTOOL log4j.logger.at.gv.egovernment.moa.id.configuration=info,CONFIGTOOL + +### Log Appender #### # configure the stdout appender log4j.appender.stdout=org.apache.log4j.ConsoleAppender log4j.appender.stdout.layout=org.apache.log4j.PatternLayout log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n -# configure the rolling file appender (R) -log4j.appender.R=org.apache.log4j.RollingFileAppender -log4j.appender.R.File=${catalina.base}/logs/moa-id.log -log4j.appender.R.MaxFileSize=10000KB -log4j.appender.R.MaxBackupIndex=1 -log4j.appender.R.layout=org.apache.log4j.PatternLayout -log4j.appender.R.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n +# configure the rolling file appender (moaid) +log4j.appender.moaid=org.apache.log4j.RollingFileAppender +log4j.appender.moaid.File=${catalina.base}/logs/moa-id.log +log4j.appender.moaid.MaxFileSize=10000KB +log4j.appender.moaid.MaxBackupIndex=1 +log4j.appender.moaid.layout=org.apache.log4j.PatternLayout +log4j.appender.moaid.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + +# configure the rolling file appender (moaid) +log4j.appender.moaspss=org.apache.log4j.RollingFileAppender +log4j.appender.moaspss.File=${catalina.base}/logs/moa-spss.log +log4j.appender.moaspss.MaxFileSize=10000KB +log4j.appender.moaspss.MaxBackupIndex=1 +log4j.appender.moaspss.layout=org.apache.log4j.PatternLayout +log4j.appender.moaspss.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + +log4j.appender.reversion=org.apache.log4j.RollingFileAppender +log4j.appender.reversion.File=${catalina.base}/moa-id-reversion.log +log4j.appender.reversion.MaxFileSize=10000KB +log4j.appender.reversion.MaxBackupIndex=9999 +log4j.appender.reversion.layout=org.apache.log4j.PatternLayout +log4j.appender.reversion.layout.ConversionPattern=%5p | %d{ISO8601} | %t | %m%n -# configure the rolling file appender (R) +# configure the rolling file appender (configtool) log4j.appender.CONFIGTOOL=org.apache.log4j.RollingFileAppender log4j.appender.CONFIGTOOL.File=${catalina.base}/logs/moa-id-webgui.log log4j.appender.CONFIGTOOL.MaxFileSize=10000KB -- cgit v1.2.3 From bbeef4d494f2af3b60a8093258887e4223dbe5d7 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 29 Nov 2017 08:13:34 +0100 Subject: Fix problem in SAML2 AuthnRequestValidator --- id/history.txt | 1 + .../builder/assertion/PVP2AssertionBuilder.java | 3 ++- .../pvp2x/validation/AuthnRequestValidator.java | 24 +++++++++++++--------- 3 files changed, 17 insertions(+), 11 deletions(-) diff --git a/id/history.txt b/id/history.txt index c0b12dd1c..8d1495e30 100644 --- a/id/history.txt +++ b/id/history.txt @@ -8,6 +8,7 @@ Version MOA-ID Release 3.3.0: - Anpassungen des BKU Auswahl(OnlineBKU entfernt, Detection der lokalen BKU hinzugefügt) - Anpassungen der Konfigurationsoberfläche (OnlineBKU entfernt) - Bugfix - Problem mit openSAML welches unsignierte SAML2 AuthnRequests bei Redirect Binding ermöglicht + - Bugfix - Nicht spezifikationskonforme Validierung PVP2 AuthnRequest bezüglich NameIDPolicy - Bugfix - Ungültig kodierter PVP2 Attributwert 'MANDATOR-NATURAL-PERSON-BPK' - Bugfix - Updates an Endpunten um Cross-Site-Scripting (XSS) zu verhindern - Code-Cleaning von unbenutzen Methoden und Klassen diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java index 45539da3f..196aa47af 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java @@ -373,7 +373,8 @@ public class PVP2AssertionBuilder implements PVPConstants { //get NameIDFormat from request AuthnRequest authnReq = (AuthnRequestImpl) authnRequest; - if (authnReq.getNameIDPolicy() != null) { + if (authnReq.getNameIDPolicy() != null && + MiscUtil.isNotEmpty(authnReq.getNameIDPolicy().getFormat())) { nameIDFormat = authnReq.getNameIDPolicy().getFormat(); } else { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java index ab8fab5d1..4ae89466d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java @@ -28,6 +28,7 @@ import org.opensaml.saml2.core.NameIDPolicy; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidatorException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NameIDFormatNotSupportedException; +import at.gv.egovernment.moaspss.logging.Logger; /** * @author tlenz @@ -41,17 +42,20 @@ public class AuthnRequestValidator { NameIDPolicy nameIDPolicy = req.getNameIDPolicy(); if (nameIDPolicy != null) { String nameIDFormat = nameIDPolicy.getFormat(); - - if ( !(nameIDFormat != null && - (NameID.TRANSIENT.equals(nameIDFormat) || - NameID.PERSISTENT.equals(nameIDFormat) || - NameID.UNSPECIFIED.equals(nameIDFormat))) ) { - - throw new NameIDFormatNotSupportedException(nameIDFormat); + if (nameIDFormat != null) { + if ( !(NameID.TRANSIENT.equals(nameIDFormat) || + NameID.PERSISTENT.equals(nameIDFormat) || + NameID.UNSPECIFIED.equals(nameIDFormat)) ) { - } - } - + throw new NameIDFormatNotSupportedException(nameIDFormat); + + } + + } else + Logger.trace("Find NameIDPolicy, but NameIDFormat is 'null'"); + } else + Logger.trace("AuthnRequest includes no 'NameIDPolicy'"); + } -- cgit v1.2.3 From f18f6318f7233b336ea2653f183460f17d6562f0 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 29 Nov 2017 08:13:51 +0100 Subject: update logging --- .../gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java | 2 ++ .../pvp2x/verification/metadata/MetadataSignatureFilter.java | 12 ++++++------ .../pvp2x/verification/metadata/PVPEntityCategoryFilter.java | 11 ++++++++--- 3 files changed, 16 insertions(+), 9 deletions(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index 216d7a8b1..cdb85c563 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -259,6 +259,8 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController { throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()}); } catch (MOAIDException e) { + String samlRequest = req.getParameter("SAMLRequest"); + Logger.info("Receive INVALID protocol request: " + samlRequest); throw e; } catch (Throwable e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java index 679bdd10f..589713c4b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java @@ -22,8 +22,6 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata; -import iaik.x509.X509Certificate; - import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Iterator; @@ -31,16 +29,15 @@ import java.util.List; import org.opensaml.saml2.metadata.EntitiesDescriptor; import org.opensaml.saml2.metadata.EntityDescriptor; -import org.opensaml.saml2.metadata.provider.FilterException; import org.opensaml.saml2.metadata.provider.MetadataFilter; import org.opensaml.xml.XMLObject; import org.opensaml.xml.security.x509.BasicX509Credential; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.EntityVerifier; import at.gv.egovernment.moa.logging.Logger; +import iaik.x509.X509Certificate; public class MetadataSignatureFilter implements MetadataFilter { @@ -87,8 +84,9 @@ public class MetadataSignatureFilter implements MetadataFilter { //CHECK if Entity also match MetaData signature. /*This check is necessary to prepend declaration of counterfeit OA metadata!!*/ + Logger.debug("Validate metadata for entityID: " + entityID + " ..... "); byte[] entityCert = EntityVerifier.fetchSavedCredential(entityID); - + if (entityCert != null) { X509Certificate cert; @@ -99,8 +97,10 @@ public class MetadataSignatureFilter implements MetadataFilter { EntityVerifier.verify(desc, entityCrendential); - //add entity to verified entity-list + //add entity to verified entity-list verifiedEntIT.add(entity); + Logger.debug("Metadata for entityID: " + entityID + " valid"); + } catch (Exception e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java index ed96f1962..caabfea30 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java @@ -112,6 +112,7 @@ public class PVPEntityCategoryFilter implements MetadataFilter { if (extensions != null) { List listOfExt = extensions.getUnknownXMLObjects(); if (listOfExt != null && !listOfExt.isEmpty()) { + Logger.trace("Find #" + listOfExt.size() + " 'Extension' elements "); for (XMLObject el : listOfExt) { Logger.trace("Find ExtensionElement: " + el.getElementQName().toString()); if (el instanceof EntityAttributes) { @@ -150,9 +151,13 @@ public class PVPEntityCategoryFilter implements MetadataFilter { Logger.info("Can NOT resolve EntityAttributes! Reason: Only EntityAttributes are supported!"); } - } - } - } + } + + } else + Logger.trace("'Extension' element is 'null' or empty"); + + } else + Logger.trace("No 'Extension' element found"); } -- cgit v1.2.3