From 36df570f6c24d60498bb8c040ffbaa4ad0f7583f Mon Sep 17 00:00:00 2001 From: gregor Date: Tue, 26 Jul 2005 14:43:17 +0000 Subject: =?UTF-8?q?L=C3=B6sung=20f=C3=BCr=20Bug=20232=20implementiert.=20N?= =?UTF-8?q?och=20nicht=20final=20getestet.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@406 d688527b-c9ab-4aba-bd8d-4036d912da1d --- spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd | 24 ++- .../egovernment/moa/spss/MOARuntimeException.java | 163 +++++++++++++++++ .../egovernment/moa/spss/api/common/InputData.java | 52 ++++++ .../moa/spss/api/impl/InputDataBinaryImpl.java | 99 +++++++++++ .../moa/spss/api/impl/InputDataXMLImpl.java | 99 +++++++++++ .../api/impl/VerifyXMLSignatureResponseImpl.java | 11 +- .../xmlbind/VerifyXMLSignatureResponseBuilder.java | 40 +++-- .../invoke/VerifyXMLSignatureResponseBuilder.java | 195 +++++++++++++++++---- .../invoke/XMLSignatureVerificationInvoker.java | 2 +- 9 files changed, 629 insertions(+), 56 deletions(-) create mode 100644 spss.server/src/at/gv/egovernment/moa/spss/MOARuntimeException.java create mode 100644 spss.server/src/at/gv/egovernment/moa/spss/api/common/InputData.java create mode 100644 spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java create mode 100644 spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java diff --git a/spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd b/spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd index 8bd5f4af8..80842b36c 100644 --- a/spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd +++ b/spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd @@ -1,8 +1,8 @@ - + @@ -155,8 +155,8 @@ only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any - - + + @@ -166,6 +166,22 @@ + + + + + + + + + + + + + + + + diff --git a/spss.server/src/at/gv/egovernment/moa/spss/MOARuntimeException.java b/spss.server/src/at/gv/egovernment/moa/spss/MOARuntimeException.java new file mode 100644 index 000000000..0ff175b50 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/MOARuntimeException.java @@ -0,0 +1,163 @@ +package at.gv.egovernment.moa.spss; +import java.io.PrintStream; +import java.io.PrintWriter; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.w3c.dom.DOMImplementation; +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.spss.util.MessageProvider; +import at.gv.egovernment.moa.util.Constants; + +/** + * Base class of MOA specific runtime exceptions. + * + * This class has the ability to wrap other exceptions which may be seen + * as the root cause for this exception. A similar mechanism is in place + * since JDK1.4 (see the getClause() method) but will not be used + * because of required compatibility with JDK1.3. + * + * @author Patrick Peck + * @version $Id$ + */ +public class MOARuntimeException extends RuntimeException { + /** The message ID. */ + private String messageId; + /** The wrapped Throwable. */ + private Throwable wrapped; + + /** + * Create a MOAException. + * + * @param messageId The message ID of the message contained in the created + * MOAException. + * @param parameters The parameters needed to fill in the message arguments. + */ + public MOARuntimeException(String messageId, Object[] parameters) { + super(MessageProvider.getInstance().getMessage(messageId, parameters)); + this.messageId = messageId; + } + + /** + * Create a MOAException. + * + * @param messageId The message ID of the message contained in the created + * MOAException. + * @param parameters The parameters needed to fill in the message arguments. + * @param wrapped The exception wrapped by the created + * MOAException. + */ + public MOARuntimeException( + String messageId, + Object[] parameters, + Throwable wrapped) { + + super(MessageProvider.getInstance().getMessage(messageId, parameters)); + this.messageId = messageId; + this.wrapped = wrapped; + } + + /** + * Returns the message ID of this exception. + * + * @return The message ID as provided in the constructor. + */ + public String getMessageId() { + return messageId; + } + + /** + * Returns the exception wrapped by this MOARuntimeException. + * + * @return The exception wrapped by this exception. Possibly + * null, if none was provided at construction time. + */ + public Throwable getWrapped() { + return wrapped; + } + + /** + * Convert this MOARuntimeException to an ErrorResponse + * element from the MOA namespace. + * + * @return An ErrorResponse element, containing the subelements + * ErrorCode and Info required by the MOA schema. + */ + public Element toErrorResponse() { + DocumentBuilder builder; + DOMImplementation impl; + Document doc; + Element errorResponse; + Element errorCode; + Element info; + + // create a new document + try { + builder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); + impl = builder.getDOMImplementation(); + } catch (ParserConfigurationException e) { + return null; + } + + // build the ErrorResponse element + doc = impl.createDocument(Constants.MOA_NS_URI, "ErrorResponse", null); + errorResponse = doc.getDocumentElement(); + + // add MOA namespace declaration + errorResponse.setAttributeNS( + Constants.XMLNS_NS_URI, + "xmlns", + Constants.MOA_NS_URI); + + // build the child elements + errorCode = doc.createElementNS(Constants.MOA_NS_URI, "ErrorCode"); + errorCode.appendChild(doc.createTextNode(messageId)); + info = doc.createElementNS(Constants.MOA_NS_URI, "Info"); + info.appendChild(doc.createTextNode(getMessage())); + errorResponse.appendChild(errorCode); + errorResponse.appendChild(info); + return errorResponse; + } + + /** + * Print a stack trace of this exception to System.err. + * + * @see java.lang.Throwable#printStackTrace() + */ + public void printStackTrace() { + printStackTrace(System.err); + } + + /** + * Print a stack trace of this exception, including the wrapped exception. + * + * @param s The stream to write the stack trace to. + * @see java.lang.Throwable#printStackTrace(java.io.PrintStream) + */ + public void printStackTrace(PrintStream s) { + super.printStackTrace(s); + if (getWrapped() != null) { + s.print("Caused by: "); + getWrapped().printStackTrace(s); + } + } + + /** + * Print a stack trace of this exception, including the wrapped exception. + * + * @param s The stream to write the stacktrace to. + * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter) + */ + public void printStackTrace(PrintWriter s) { + super.printStackTrace(s); + if (getWrapped() != null) { + s.print("Caused by: "); + getWrapped().printStackTrace(s); + } + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/common/InputData.java b/spss.server/src/at/gv/egovernment/moa/spss/api/common/InputData.java new file mode 100644 index 000000000..1ecce90e7 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/api/common/InputData.java @@ -0,0 +1,52 @@ +package at.gv.egovernment.moa.spss.api.common; + +/** + * Interface specifying accessors for two attributes needed for returning + * HashInputData and ReferenceInputData information + * as part of VerifyXMLSignatureResponse. + * + * @author Gregor Karlinger + * + * @version $Id$ + */ +public interface InputData extends Content +{ + /** + * Possible value returned by {@link getPartOf}. + */ + public static String CONTAINER_SIGNEDINFO_ = "SignedInfo"; + + /** + * Possible value returned by {@link getPartOf}. + */ + public static String CONTAINER_XMLDSIGMANIFEST_ = "XMLDSIGManifest"; + + /** + * Possible value returned by {@link getPartOf}. + */ + public static String CONTAINER_SIGNATUREMANIFEST_ = "SignatureManifest"; + + /** + * Value returned by {link getReferringReferenceNumber}, signalling that the + * attribute is not used. + */ + public static int REFERER_NONE_ = -1; + + /** + * Returns a String signalling what kind of container the + * XMLDSIG Reference this InputData belongs + * to is part of. + * + * @return the kind of container. + */ + public String getPartOf(); + + /** + * If this InputData belongs to an XMLDSIG Reference + * being part of either a XMLDSIGManifest or a SignatureManifest, this method + * returns a positive int value signalling the particular Reference + * of the XMLDSIG SignedInfo referring to the XMLDSIGManifest or + * SignatureManifest respectively. + */ + public int getReferringReferenceNumber(); +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java new file mode 100644 index 000000000..42d61559e --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java @@ -0,0 +1,99 @@ +package at.gv.egovernment.moa.spss.api.impl; + +import java.io.InputStream; + +import at.gv.egovernment.moa.spss.MOARuntimeException; +import at.gv.egovernment.moa.spss.api.common.Content; +import at.gv.egovernment.moa.spss.api.common.ContentBinary; +import at.gv.egovernment.moa.spss.api.common.InputData; + +/** + * Content wrapper decorating a binary content with two additional attributes + * needed for returning HashInputData and ReferenceInputData + * information as part of VerifyXMLSignatureResponse. + * + * @author Gregor Karlinger + * + * @version $Id$ + */ +public class InputDataBinaryImpl implements ContentBinary, InputData +{ + /** + * The wrapped Content. + */ + protected ContentBinary wrapped_; + + /** + * This attribute signals what kind of container the XMLDSIG Reference + * this InputData belongs to is part of. + */ + protected String partOf_; + + /** + * If this InputData belongs to an XMLDSIG Reference + * being part of either a XMLDSIGManifest or a SignatureManifest, this attribute + * (a positive int) signals the particular Reference of the XMLDSIG + * SignedInfo referring to the XMLDSIGManifest or SignatureManifest + * respectively. + */ + protected int referringReferenceNumber_; + + /** + * Creates a new instance. + * + * @param wrapped The wrapped Content. Must be of type {@link Content#BINARY_CONTENT}. + * + * @param partOf see {@link InputData} + * + * @param referringReferenceNumber see {@link InputData} + */ + public InputDataBinaryImpl(Content wrapped, String partOf, int referringReferenceNumber) throws MOARuntimeException + { + if (wrapped.getContentType() != Content.BINARY_CONTENT) throw new MOARuntimeException("9901", null); + + wrapped_ = (ContentBinary) wrapped; + partOf_ = partOf; + referringReferenceNumber_ = referringReferenceNumber; + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.Content#getContentType() + */ + public int getContentType() + { + return wrapped_.getContentType(); + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.Content#getReference() + */ + public String getReference() + { + return wrapped_.getReference(); + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.ContentBinary#getBinaryContent() + */ + public InputStream getBinaryContent() + { + return wrapped_.getBinaryContent(); + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.InputData#getPartOf() + */ + public String getPartOf() + { + return partOf_; + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.InputData#getReferringReferenceNumber() + */ + public int getReferringReferenceNumber() + { + return referringReferenceNumber_; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java new file mode 100644 index 000000000..029a402f5 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java @@ -0,0 +1,99 @@ +package at.gv.egovernment.moa.spss.api.impl; + +import org.w3c.dom.NodeList; + +import at.gv.egovernment.moa.spss.MOARuntimeException; +import at.gv.egovernment.moa.spss.api.common.Content; +import at.gv.egovernment.moa.spss.api.common.ContentXML; +import at.gv.egovernment.moa.spss.api.common.InputData; + +/** + * Content wrapper decorating an XML content with two additional attributes + * needed for returning HashInputData and ReferenceInputData + * information as part of VerifyXMLSignatureResponse. + * + * @author Gregor Karlinger + * + * @version $Id$ + */ +public class InputDataXMLImpl implements ContentXML, InputData +{ + /** + * The wrapped ContentXML. + */ + protected ContentXML wrapped_; + + /** + * This attribute signals what kind of container the XMLDSIG Reference + * this InputData belongs to is part of. + */ + protected String partOf_; + + /** + * If this InputData belongs to an XMLDSIG Reference + * being part of either a XMLDSIGManifest or a SignatureManifest, this attribute + * (a positive int) signals the particular Reference of the XMLDSIG + * SignedInfo referring to the XMLDSIGManifest or SignatureManifest + * respectively. + */ + protected int referringReferenceNumber_; + + /** + * Creates a new instance. + * + * @param wrapped The wrapped ContentBinary. Must be of type {@link Content#XML_CONTENT}. + * + * @param partOf see {@link InputData} + * + * @param referringReferenceNumber see {@link InputData} + */ + public InputDataXMLImpl(Content wrapped, String partOf, int referringReferenceNumber) + { + if (wrapped.getContentType() != Content.XML_CONTENT) throw new MOARuntimeException("9901", null); + + wrapped_ = (ContentXML) wrapped; + partOf_ = partOf; + referringReferenceNumber_ = referringReferenceNumber; + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.Content#getContentType() + */ + public int getContentType() + { + return wrapped_.getContentType(); + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.Content#getReference() + */ + public String getReference() + { + return wrapped_.getReference(); + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.ContentXML#getXMLContent() + */ + public NodeList getXMLContent() + { + return wrapped_.getXMLContent(); + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.InputData#getPartOf() + */ + public String getPartOf() + { + return partOf_; + } + + /** + * @see at.gv.egovernment.moa.spss.api.common.InputData#getReferringReferenceNumber() + */ + public int getReferringReferenceNumber() + { + return referringReferenceNumber_; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java index f163013c1..989dbfb4a 100644 --- a/spss.server/src/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java +++ b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java @@ -18,10 +18,17 @@ public class VerifyXMLSignatureResponseImpl /** Information about the signer certificate. */ private SignerInfo signerInfo; - /** The hash input data objects. */ + + /** + * The hash input data objects. The list consists of {@link at.gv.egovernment.moa.spss.api.common.InputData}s. + * */ private List hashInputDatas = new ArrayList(); - /** The reference input data objects. */ + + /** + * The reference input data objects. The list consists of {@link at.gv.egovernment.moa.spss.api.common.InputData}s. + * */ private List referenceInputDatas = new ArrayList(); + /** Information about the signature check. */ private ReferencesCheckResult signatureCheck; /** Information about the signature manifest check. */ diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java b/spss.server/src/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java index 56bcf63fa..960d9571d 100644 --- a/spss.server/src/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java +++ b/spss.server/src/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java @@ -17,6 +17,7 @@ import at.gv.egovernment.moa.spss.MOASystemException; import at.gv.egovernment.moa.spss.api.common.Content; import at.gv.egovernment.moa.spss.api.common.ContentBinary; import at.gv.egovernment.moa.spss.api.common.ContentXML; +import at.gv.egovernment.moa.spss.api.common.InputData; import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResult; import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; @@ -78,8 +79,8 @@ public class VerifyXMLSignatureResponseBuilder { responseData = response.getHashInputDatas(); if (responseData != null && !responseData.isEmpty()) { for (iter = responseData.iterator(); iter.hasNext();) { - Content content = (Content) iter.next(); - addContent("HashInputData", content); + InputData inputData = (InputData) iter.next(); + addContent("HashInputData", inputData); } } @@ -87,8 +88,8 @@ public class VerifyXMLSignatureResponseBuilder { responseData = response.getReferenceInputDatas(); if (responseData != null && !responseData.isEmpty()) { for (iter = responseData.iterator(); iter.hasNext();) { - Content content = (Content) iter.next(); - addContent("ReferenceInputData", content); + InputData inputData = (InputData) iter.next(); + addContent("ReferenceInputData", inputData); } } @@ -127,23 +128,32 @@ public class VerifyXMLSignatureResponseBuilder { * Add an element of type ContentBaseType to the response. * * @param elementName The name of the element. - * @param content The Content to add. Based on the type of - * the Content, either a Base64Content element - * or a XMLContent subelement will be added. A - * ContentBinary of type BinaryDataObject will be - * added as a Base64Content child element. - * ContentXML will be added as XMLContent child - * element. + * + * @param inputData The InputData to add. Based on the type of + * + * the InputData, either a Base64Content element + * or a XMLContent subelement will be added. An + * InputDataBinaryImpl will be added as a Base64Content + * child element. AnInputDataXMLImpl will be added as + * XMLContent child element. + * * @throws MOAApplicationException An error occurred adding the content. */ - private void addContent(String elementName, Content content) + private void addContent(String elementName, InputData inputData) throws MOAApplicationException { Element contentElem = responseDoc.createElementNS(MOA_NS_URI, elementName); - switch (content.getContentType()) { + contentElem.setAttributeNS(null, "PartOf", inputData.getPartOf()); + if (inputData.getReferringReferenceNumber() != InputData.REFERER_NONE_) + contentElem.setAttributeNS( + null, + "ReferringSigReference", + Integer.toString(inputData.getReferringReferenceNumber())); + + switch (inputData.getContentType()) { case Content.XML_CONTENT : - ContentXML contentXml = (ContentXML) content; + ContentXML contentXml = (ContentXML) inputData; NodeList nodes = contentXml.getXMLContent(); Element xmlElem; int i; @@ -161,7 +171,7 @@ public class VerifyXMLSignatureResponseBuilder { case Content.BINARY_CONTENT : Element binaryElem = responseDoc.createElementNS(MOA_NS_URI, "Base64Content"); - ContentBinary contentBinary = (ContentBinary) content; + ContentBinary contentBinary = (ContentBinary) inputData; String base64Str; try { diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java index af5787795..076e9d1a5 100644 --- a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java @@ -1,13 +1,5 @@ package at.gv.egovernment.moa.spss.server.invoke; -import java.io.InputStream; -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; - -import org.w3c.dom.DocumentFragment; -import org.w3c.dom.NodeList; - import iaik.ixsil.algorithms.CanonicalizationAlgorithm; import iaik.ixsil.algorithms.CanonicalizationAlgorithmImplExclusiveCanonicalXMLWithComments; import iaik.server.modules.xml.BinaryDataObject; @@ -24,19 +16,29 @@ import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile; import iaik.server.modules.xmlverify.XMLSignatureVerificationResult; import iaik.x509.X509Certificate; -import at.gv.egovernment.moa.util.CollectionUtils; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.NodeListAdapter; +import java.io.InputStream; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import org.w3c.dom.DocumentFragment; +import org.w3c.dom.NodeList; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.api.SPSSFactory; import at.gv.egovernment.moa.spss.api.common.CheckResult; import at.gv.egovernment.moa.spss.api.common.Content; +import at.gv.egovernment.moa.spss.api.common.InputData; import at.gv.egovernment.moa.spss.api.common.SignerInfo; +import at.gv.egovernment.moa.spss.api.impl.InputDataBinaryImpl; +import at.gv.egovernment.moa.spss.api.impl.InputDataXMLImpl; import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResultInfo; import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult; import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResultInfo; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.util.CollectionUtils; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.NodeListAdapter; /** * A class to build a VerifyXMLSignatureResponse object. @@ -123,23 +125,76 @@ public class VerifyXMLSignatureResponseBuilder { certResult.isPublicAuthorityCertificate(), certResult.getPublicAuthorityID()); - // add HashInputData Content objects + // Create HashInputData Content objects referenceDataList = result.getReferenceDataList(); if (profile.includeHashInputData()) { hashInputDatas = new ArrayList(); - for (iter = referenceDataList.iterator(); iter.hasNext();) { - referenceData = (ReferenceData) iter.next(); - hashInputDatas.add(buildContent(referenceData.getHashInputData())); + + // Include SignedInfo references + addHashInputDatas( + hashInputDatas, + referenceDataList, + InputData.CONTAINER_SIGNEDINFO_, + InputData.REFERER_NONE_); + + // Include SignatureManifest references + if (result.containsSecurityLayerManifest()) + { + List sigMFReferenceDataList = result.getSecurityLayerManifest().getReferenceDataList(); + addHashInputDatas( + hashInputDatas, + sigMFReferenceDataList, + InputData.CONTAINER_SIGNATUREMANIFEST_, + result.getSecurityLayerManifest().getReferringReferenceInfo().getReferenceIndex()); + } + + // Include XMLDSIGManifest references + List xMLDSIGManifests = result.getDsigManifestList(); + for (iter = xMLDSIGManifests.iterator(); iter.hasNext();) + { + DsigManifest currentMF = (DsigManifest) iter.next(); + List xMLDSIGMFReferenceDataList = currentMF.getReferenceDataList(); + addHashInputDatas( + hashInputDatas, + xMLDSIGMFReferenceDataList, + InputData.CONTAINER_XMLDSIGMANIFEST_, + currentMF.getReferringReferenceInfo().getReferenceIndex()); } } - // create the ReferenceInputData Content objects + // Create the ReferenceInputData Content objects if (profile.includeReferenceInputData()) { referenceInputDatas = new ArrayList(); - for (iter = referenceDataList.iterator(); iter.hasNext();) { - referenceData = (ReferenceData) iter.next(); - referenceInputDatas.add( - buildContent(referenceData.getReferenceInputData())); + + // Include SignedInfo references + addReferenceInputDatas( + referenceInputDatas, + referenceDataList, + InputData.CONTAINER_SIGNEDINFO_, + InputData.REFERER_NONE_); + + // Include SignatureManifest references + if (result.containsSecurityLayerManifest()) + { + List sigMFReferenceDataList = result.getSecurityLayerManifest().getReferenceDataList(); + addReferenceInputDatas( + referenceInputDatas, + sigMFReferenceDataList, + InputData.CONTAINER_SIGNATUREMANIFEST_, + result.getSecurityLayerManifest().getReferringReferenceInfo().getReferenceIndex()); + } + + // Include XMLDSIGManifest references + List xMLDSIGManifests = result.getDsigManifestList(); + for (iter = xMLDSIGManifests.iterator(); iter.hasNext();) + { + DsigManifest currentMF = (DsigManifest) iter.next(); + List xMLDSIGMFReferenceDataList = currentMF.getReferenceDataList(); + addReferenceInputDatas( + referenceInputDatas, + xMLDSIGMFReferenceDataList, + InputData.CONTAINER_XMLDSIGMANIFEST_, + currentMF.getReferringReferenceInfo().getReferenceIndex()); } } @@ -183,7 +238,7 @@ public class VerifyXMLSignatureResponseBuilder { else { // security layer manifest exists, but has errors - failedReferences = buildFailedReferences(slManifest.getReferenceInfoList()); + failedReferences = buildFailedReferences(slManifest.getReferenceDataList()); checkResultInfo = (failedReferences != null) ? factory.createReferencesCheckResultInfo(null, failedReferences) : null; @@ -221,7 +276,7 @@ public class VerifyXMLSignatureResponseBuilder { ManifestRefsCheckResultInfo manifestCheckResultInfo; failedReferences = - buildFailedReferences(dsigManifest.getReferenceInfoList()); + buildFailedReferences(dsigManifest.getReferenceDataList()); manifestCheckResultInfo = factory.createManifestRefsCheckResultInfo( null, @@ -239,27 +294,93 @@ public class VerifyXMLSignatureResponseBuilder { } /** - * Build a Content object from the given DataObject. + * Adds {@link InputData} entries to the specified inputDatas list. The content of the entry will + * be created from {@link ReferenceData#getHashInputData()}. + * + * @param inputDatas The list to be amended. + * + * @param referenceDataList The list of {@link ReferenceData} objects to be investigated. + * + * @param containerType The type of container of the {@link InputData} objects to be created. + * + * @param refererNumber The number of the referring reference for the {@link InputData} objects to be created. + * + * @throws MOAApplicationException if creating an {@link InputData} fails. + */ + private void addHashInputDatas(List inputDatas, List referenceDataList, String containerType, int refererNumber) + throws MOAApplicationException + { + for (Iterator iter = referenceDataList.iterator(); iter.hasNext();) + { + ReferenceData referenceData = (ReferenceData) iter.next(); + inputDatas.add(buildInputData( + referenceData.getHashInputData(), + containerType, + refererNumber)); + } + } + + /** + * Adds {@link InputData} entries to the specified inputDatas list. The content of the entry will + * be created from {@link ReferenceData#getReferenceInputData()}. + * + * @param inputDatas The list to be amended. + * + * @param referenceDataList The list of {@link ReferenceData} objects to be investigated. + * + * @param containerType The type of container of the {@link InputData} objects to be created. + * + * @param refererNumber The number of the referring reference for the {@link InputData} objects to be created. + * + * @throws MOAApplicationException if creating an {@link InputData} fails. + */ + private void addReferenceInputDatas(List inputDatas, List referenceDataList, String containerType, int refererNumber) + throws MOAApplicationException + { + for (Iterator iter = referenceDataList.iterator(); iter.hasNext();) + { + ReferenceData referenceData = (ReferenceData) iter.next(); + inputDatas.add(buildInputData( + referenceData.getReferenceInputData(), + containerType, + refererNumber)); + } + } + + /** + * Build a InputDataBinaryImpl or an InputDataXMLImpl + * object from the given DataObject and the given attributes. + * + * @param dataObject The DataObject from which to build the result. + * Based on the type of this parameter, the type of the result will either be + * InputDataBinaryImpl or InputDataXMLImpl. + * + * @param partof see {@link InputData} + * + * @param referringReferenceNumber see {@link InputData} * - * @param dataObject The DataObject from which to build the - * Content. Based on the type of this parameter, the type of - * Content will either be XML_CONTENT or - * BINARY_CONTENT. - * @return The Content object containing the data. - * @throws MOAApplicationException An error occurred adding the content. + * @return The corresponinding input data implementation. + * + * @throws MOAApplicationException An error occurred creating the result. */ - private Content buildContent(DataObject dataObject) + private Content buildInputData(DataObject dataObject, String partOf, int referringReferenceNumber) throws MOAApplicationException { if (dataObject instanceof BinaryDataObject) { BinaryDataObject binaryData = (BinaryDataObject) dataObject; - return factory.createContent(binaryData.getInputStream(), null); + return new InputDataBinaryImpl( + factory.createContent(binaryData.getInputStream(), null), + partOf, + referringReferenceNumber); } else if (dataObject instanceof XMLDataObject) { XMLDataObject xmlData = (XMLDataObject) dataObject; List nodes = new ArrayList(); nodes.add(xmlData.getElement()); - return factory.createContent(new NodeListAdapter(nodes), null); + return new InputDataXMLImpl( + factory.createContent(new NodeListAdapter(nodes), null), + partOf, + referringReferenceNumber); } else { // dataObject instanceof XMLNodeListDataObject // if the data in the NodeList can be converted back to valid XML, // write it as XMLContent; otherwise, write it as Base64Content @@ -271,7 +392,10 @@ public class VerifyXMLSignatureResponseBuilder { try { DocumentFragment fragment = DOMUtils.nodeList2DocumentFragment(nodes); - return factory.createContent(fragment.getChildNodes(), null); + return new InputDataXMLImpl( + factory.createContent(fragment.getChildNodes(), null), + partOf, + referringReferenceNumber); } catch (Exception e) { // not successful -> fall through to the Base64Content } @@ -285,7 +409,10 @@ public class VerifyXMLSignatureResponseBuilder { c14n.setInput(nodes); is = c14n.canonicalize(); - return factory.createContent(is, null); + return new InputDataBinaryImpl( + factory.createContent(is, null), + partOf, + referringReferenceNumber); } catch (Exception e) { throw new MOAApplicationException("2200", null); } diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java index 1f9d45ed1..e675a40d6 100644 --- a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java @@ -501,7 +501,7 @@ public class XMLSignatureVerificationInvoker { Set transformParameterURIs = buildTransformParameterURIs(profile.getTransformationSupplements()); List referenceInfoList = - result.getSecurityLayerManifest().getReferenceInfoList(); + result.getSecurityLayerManifest().getReferenceDataList(); Iterator refIter; for (refIter = referenceInfoList.iterator(); refIter.hasNext();) { -- cgit v1.2.3