From 4aa19048995f9ddca2f8943287a681992a55b79a Mon Sep 17 00:00:00 2001 From: kstranacher Date: Tue, 13 Jul 2010 09:38:55 +0000 Subject: git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1169 d688527b-c9ab-4aba-bd8d-4036d912da1d --- spss/server/history.txt | 8 +-- spss/server/readme.update.txt | 3 - .../gv/egovernment/moa/spss/api/SPSSFactory.java | 23 ++------ .../VerifyCMSSignatureResponseElement.java | 8 +-- .../moa/spss/api/common/CheckTSLResult.java | 40 ------------- .../moa/spss/api/impl/CheckTSLResultImpl.java | 66 ---------------------- .../moa/spss/api/impl/SPSSFactoryImpl.java | 15 +---- .../VerifyCMSSignatureResponseElementImpl.java | 15 ----- .../api/impl/VerifyXMLSignatureResponseImpl.java | 16 +----- .../xmlbind/VerifyCMSSignatureResponseBuilder.java | 11 +--- .../xmlbind/VerifyXMLSignatureResponseBuilder.java | 7 +-- .../api/xmlverify/VerifyXMLSignatureResponse.java | 7 --- .../server/config/ConfigurationPartsBuilder.java | 34 +---------- .../moa/spss/server/config/TrustProfile.java | 14 +---- .../invoke/VerifyCMSSignatureResponseBuilder.java | 47 ++------------- .../invoke/VerifyXMLSignatureResponseBuilder.java | 14 +---- .../invoke/XMLSignatureVerificationInvoker.java | 39 +------------ .../properties/spss_messages_de.properties | 5 +- 18 files changed, 25 insertions(+), 347 deletions(-) delete mode 100644 spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/common/CheckTSLResult.java delete mode 100644 spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CheckTSLResultImpl.java (limited to 'spss/server') diff --git a/spss/server/history.txt b/spss/server/history.txt index 3f2f420a0..9e838b525 100644 --- a/spss/server/history.txt +++ b/spss/server/history.txt @@ -2,13 +2,7 @@ 1.4.7 ############## -- In den Trustprofilen können nun Trust-service Status Lists (TSLs) angegeben werden. - MOA-SP liefert hierbei in der Response das TSL Verifikationsergebnis im Element - TSLCheck retour (siehe hierzu Dokumentation - Konfiguration Kapitel "2.3.1.2.2 - Vertrauensprofile"). - -- Bei Nutzung der TSL-Funktionalität ist Java 1.5 Voraussetzung - +- - IAIK Libraries aktualisiert: iaik-moa: Version 1.27 ############## diff --git a/spss/server/readme.update.txt b/spss/server/readme.update.txt index fb87ed327..cabee33b6 100644 --- a/spss/server/readme.update.txt +++ b/spss/server/readme.update.txt @@ -18,9 +18,6 @@ CATALINA_HOME bezeichnet das Wurzelverzeichnis der Tomcat-Installation MOA_SPSS_INST bezeichnet das Verzeichnis, in das Sie die Datei moa-spss-1.4.7.zip entpackt haben. -Anmerkung: Wenn Sie MOA-SP mit TSL Unterstützung verwenden wollen, dann -ist die Verwendung von Java 1.5 Voraussetzung dafür. - ================= Update Variante A ================= diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java index 1a778ad2b..daca95eb2 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java @@ -32,7 +32,6 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.common.CheckResult; -import at.gv.egovernment.moa.spss.api.common.CheckTSLResult; import at.gv.egovernment.moa.spss.api.common.Content; import at.gv.egovernment.moa.spss.api.common.MetaInfo; import at.gv.egovernment.moa.spss.api.common.SignerInfo; @@ -434,8 +433,7 @@ public abstract class SPSSFactory { * @param signerInfo Information about the signer certificate. * @param signatureCheck Result of the singature value check. * @param certificateCheck Result of the certificate status check. - * @param tslCheck Result of the TSL check - * @return The new VerifyCMSSignatureResponseElement containing + * @return The new VerifyCMSSignatureResponseElement containing * the above data. * * @pre signerInfo != null && signatureCheck != null && @@ -445,8 +443,7 @@ public abstract class SPSSFactory { public abstract VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement( SignerInfo signerInfo, CheckResult signatureCheck, - CheckResult certificateCheck, - CheckTSLResult tslCheck); + CheckResult certificateCheck); // // Factory methods for verifying XML signatures @@ -700,8 +697,7 @@ public abstract class SPSSFactory { ReferencesCheckResult signatureCheck, ReferencesCheckResult signatureManifestCheck, List xmlDsigManifestChecks, - CheckResult certificateCheck, - CheckTSLResult tslCheck); + CheckResult certificateCheck); /** * Create a new ReferencesCheckResult object. @@ -990,18 +986,7 @@ public abstract class SPSSFactory { */ public abstract CheckResult createCheckResult(int code, NodeList info); - /** - * Create a new CheckTSLResult object. - * - * @param code The numerical error code. - * @param info Verbose error information. - * @return The new CheckTSLResult containing the above data. - * - * @pre code >= 0 - * @pre info != null - * @post return != null - */ - public abstract CheckTSLResult createCheckTSLResult(int code, String info); + /** * Create a new SignerInfo object. diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java index e2f44c540..4920aac0c 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java @@ -16,7 +16,6 @@ package at.gv.egovernment.moa.spss.api.cmsverify; import at.gv.egovernment.moa.spss.api.common.CheckResult; -import at.gv.egovernment.moa.spss.api.common.CheckTSLResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; /** @@ -45,10 +44,5 @@ public interface VerifyCMSSignatureResponseElement { * @return The result of the certificate verification. */ public CheckResult getCertificateCheck(); - /** - * Gets the result of the TSL verification - * - * @return The result of the TSL verification - */ - public CheckTSLResult getTSLCheck(); + } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/common/CheckTSLResult.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/common/CheckTSLResult.java deleted file mode 100644 index f31512cdb..000000000 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/common/CheckTSLResult.java +++ /dev/null @@ -1,40 +0,0 @@ -/* -* Copyright 2003 Federal Chancellery Austria -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egovernment.moa.spss.api.common; - -import org.w3c.dom.NodeList; - -/** - * Object encapsulating the result of a TSL verification. - * - * @author Patrick Peck - * @author Stephan Grill - * @version $Id: CheckResult.java 1087 2008-08-28 07:55:59Z mcentner $ - */ -public interface CheckTSLResult { - /** - * Gets the result code. - * - * @return The result code. - */ - public int getCode(); - /** - * Gets descriptive information. - * - * @return Descriptive information. - */ - public String getInfo(); -} diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CheckTSLResultImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CheckTSLResultImpl.java deleted file mode 100644 index 62f3ab979..000000000 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CheckTSLResultImpl.java +++ /dev/null @@ -1,66 +0,0 @@ -/* -* Copyright 2003 Federal Chancellery Austria -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egovernment.moa.spss.api.impl; - -import at.gv.egovernment.moa.spss.api.common.CheckTSLResult; - -/** - * Default implementation of CheckTSLResult. - * - * @author Fatemeh Philippi - * @author Klaus Stranacher - * @version $Id: CheckResultImpl.java 1087 2008-08-28 07:55:59Z mcentner $ - */ -public class CheckTSLResultImpl implements CheckTSLResult { - /** The result code. */ - private int code; - - /** Additional information. */ - private String info; - - /** - * Sets a result code. - * - * @param code The result code. - */ - public void setCode(int code) { - this.code = code; - } - - /** - * @see at.gv.egovernment.moa.spss.api.common.CheckTSLResult#getCode() - */ - public int getCode() { - return code; - } - - /** - * Sets a descriptive information. - * - * @param info The descriptive information. - */ - public void setInfo(String info) { - this.info = info; - } - - /** - * @see at.gv.egovernment.moa.spss.api.common.CheckTSLResult#getInfo() - */ - public String getInfo() { - return info; - } - -} diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java index 8cf06bb15..7c8b7b561 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java @@ -32,7 +32,6 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.common.CheckResult; -import at.gv.egovernment.moa.spss.api.common.CheckTSLResult; import at.gv.egovernment.moa.spss.api.common.Content; import at.gv.egovernment.moa.spss.api.common.MetaInfo; import at.gv.egovernment.moa.spss.api.common.SignerInfo; @@ -260,14 +259,12 @@ public class SPSSFactoryImpl extends SPSSFactory { public VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement( SignerInfo signerInfo, CheckResult signatureCheck, - CheckResult certificateCheck, - CheckTSLResult tslCheck) { + CheckResult certificateCheck) { VerifyCMSSignatureResponseElementImpl verifyCMSSignatureResponseElement = new VerifyCMSSignatureResponseElementImpl(); verifyCMSSignatureResponseElement.setSignerInfo(signerInfo); verifyCMSSignatureResponseElement.setSignatureCheck(signatureCheck); verifyCMSSignatureResponseElement.setCertificateCheck(certificateCheck); - verifyCMSSignatureResponseElement.setTSLCheck(tslCheck); return verifyCMSSignatureResponseElement; } @@ -394,8 +391,7 @@ public class SPSSFactoryImpl extends SPSSFactory { ReferencesCheckResult signatureCheck, ReferencesCheckResult signatureManifestCheck, List xmlDsigManifestChecks, - CheckResult certificateCheck, - CheckTSLResult tslCheck) { + CheckResult certificateCheck) { VerifyXMLSignatureResponseImpl verifyXMLSignatureResponse = new VerifyXMLSignatureResponseImpl(); verifyXMLSignatureResponse.setSignerInfo(signerInfo); @@ -406,7 +402,6 @@ public class SPSSFactoryImpl extends SPSSFactory { signatureManifestCheck); verifyXMLSignatureResponse.setXMLDsigManifestChecks(xmlDsigManifestChecks); verifyXMLSignatureResponse.setCertificateCheck(certificateCheck); - verifyXMLSignatureResponse.setTSLCheck(tslCheck); return verifyXMLSignatureResponse; } @@ -565,12 +560,6 @@ public class SPSSFactoryImpl extends SPSSFactory { return checkResult; } - public CheckTSLResult createCheckTSLResult(int code, String info) { - CheckTSLResultImpl checkTSLResult = new CheckTSLResultImpl(); - checkTSLResult.setCode(code); - checkTSLResult.setInfo(info); - return checkTSLResult; - } public SignerInfo createSignerInfo( X509Certificate signerCertificate, diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java index f80c4ace2..6d14692fd 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java @@ -17,7 +17,6 @@ package at.gv.egovernment.moa.spss.api.impl; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.common.CheckResult; -import at.gv.egovernment.moa.spss.api.common.CheckTSLResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; /** @@ -35,8 +34,6 @@ public class VerifyCMSSignatureResponseElementImpl private CheckResult signatureCheck; /** Information about the certificate check. */ private CheckResult certificateCheck; - /** Information about the TSL check */ - private CheckTSLResult tslCheck; /** * Sets a SignerInfo element according to CMS. @@ -77,16 +74,4 @@ public class VerifyCMSSignatureResponseElementImpl return certificateCheck; } - /** - * Sets a result of the TSL verification. - * - * @param tslCheck The result of the TSL verification. - */ - public void setTSLCheck(CheckTSLResult tslCheck) { - this.tslCheck = tslCheck; - } - - public CheckTSLResult getTSLCheck() { - return tslCheck; - } } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java index ea6a180a7..3cad988ff 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java @@ -20,7 +20,6 @@ import java.util.Collections; import java.util.List; import at.gv.egovernment.moa.spss.api.common.CheckResult; -import at.gv.egovernment.moa.spss.api.common.CheckTSLResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; @@ -53,8 +52,6 @@ public class VerifyXMLSignatureResponseImpl private List xmlDsigManifestChecks = new ArrayList(); /** Information about the certificate check. */ private CheckResult certificateCheck; - /** Information about the TSL check. */ - private CheckTSLResult tslCheck; /** * Sets information about the signer certificate. @@ -139,18 +136,7 @@ public class VerifyXMLSignatureResponseImpl public CheckResult getCertificateCheck() { return certificateCheck; } - /** - * Sets the result of the TSL verification. - * - * @param certificateCheck The result of the TSL verification. - */ - public void setTSLCheck(CheckTSLResult tslCheck) { - this.tslCheck = tslCheck; - } - - public CheckTSLResult getTSLCheck() { - return tslCheck; - } + /** * Sets the XMLDSigManifestChecks. diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java index 2e4a95a89..1215f1ccc 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java @@ -25,7 +25,6 @@ import at.gv.egovernment.moa.spss.MOASystemException; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.common.CheckResult; -import at.gv.egovernment.moa.spss.api.common.CheckTSLResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; /** @@ -90,8 +89,7 @@ public class VerifyCMSSignatureResponseBuilder { SignerInfo signerInfo = responseElement.getSignerInfo(); CheckResult signatureCheck = responseElement.getSignatureCheck(); CheckResult certCheck = responseElement.getCertificateCheck(); - CheckTSLResult tslCheck = responseElement.getTSLCheck(); - + ResponseBuilderUtils.addSignerInfo( responseDoc, responseElem, @@ -114,12 +112,7 @@ public class VerifyCMSSignatureResponseBuilder { certCheck.getCode(), certCheck.getInfo()); - ResponseBuilderUtils.addCodeInfoElement( - responseDoc, - responseElem, - "TSLCheck", - tslCheck.getCode(), - tslCheck.getInfo()); + } } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java index dedb1dc88..1ca931e9c 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java @@ -136,12 +136,7 @@ public class VerifyXMLSignatureResponseBuilder { response.getCertificateCheck().getCode(), response.getCertificateCheck().getInfo()); - ResponseBuilderUtils.addCodeInfoElement( - responseDoc, - responseElem, - "TSLCheck", - response.getTSLCheck().getCode(), - response.getTSLCheck().getInfo()); + return responseDoc; } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java index 63da503cb..1ccbae133 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java @@ -18,7 +18,6 @@ package at.gv.egovernment.moa.spss.api.xmlverify; import java.util.List; import at.gv.egovernment.moa.spss.api.common.CheckResult; -import at.gv.egovernment.moa.spss.api.common.CheckTSLResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; /** @@ -73,12 +72,6 @@ public interface VerifyXMLSignatureResponse { */ public CheckResult getCertificateCheck(); - /** - * Gets the result of the TSL verification. - * - * @return The result of the TSL verification. - */ - public CheckTSLResult getTSLCheck(); diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 51669026f..9e0dc7688 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -949,7 +949,6 @@ public class ConfigurationPartsBuilder { String id = getElementValue(profileElem, CONF + "Id", null); String trustAnchorsLocStr = getElementValue(profileElem, CONF + "TrustAnchorsLocation", null); String signerCertsLocStr = getElementValue(profileElem, CONF + "SignerCertsLocation", null); - String tslLocStr = getElementValue(profileElem, CONF + "TSLLocation", null); URI trustAnchorsLocURI = null; try @@ -976,33 +975,7 @@ public class ConfigurationPartsBuilder { } - URI tslLocURI = null; - if (tslLocStr != null) { - - try - { - tslLocURI = new URI(tslLocStr); - if (!tslLocURI.isAbsolute()) { // make it absolute to the config file - tslLocURI = new URI(configRoot_.toURL() + tslLocStr); - } - } - catch (URIException e) { - warn("config.14", new Object[] { "uriTSL", id, tslLocStr }, e); - continue; - } - catch (MalformedURLException e) - { - warn("config.33", new Object[] {id}, e); - continue; - } - - File profileDirTSL = new File(tslLocURI.getPath()); - if (!profileDirTSL.exists() || !profileDirTSL.isDirectory()) { - warn("config.27", new Object[] { "uriTSL", id }); - continue; - } - } - + if (trustProfiles.containsKey(id)) { warn("config.04", new Object[] { "TrustProfile", id }); continue; @@ -1033,10 +1006,7 @@ public class ConfigurationPartsBuilder { } signerCertsLocStr = (signerCertsLocURI != null) ? signerCertsLocURI.toString() : null; - String tslLocURIString = null; - if (tslLocURI != null) - tslLocURIString = tslLocURI.toString(); - TrustProfile profile = new TrustProfile(id, trustAnchorsLocURI.toString(), signerCertsLocStr, tslLocURIString); + TrustProfile profile = new TrustProfile(id, trustAnchorsLocURI.toString(), signerCertsLocStr); trustProfiles.put(id, profile); } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java index 66c08e34e..b1031c4cb 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java @@ -28,8 +28,6 @@ public class TrustProfile { private String uri; /** The URI giving the location of the allowed signer certificates. */ private String signerCertsUri; - /** The URI giving the location of the TSLs */ - private String uriTSL; /** * Create a TrustProfile. @@ -38,13 +36,11 @@ public class TrustProfile { * @param uri The URI of the TrustProfile to create. * @param signerCertsUri The URI of the location of the allowed signer * certificates of the TrustProfile to create. - * @param uriTSL The URI to the TSLs */ - public TrustProfile(String id, String uri, String signerCertsUri, String uriTSL) { + public TrustProfile(String id, String uri, String signerCertsUri) { this.id = id; this.uri = uri; this.signerCertsUri = signerCertsUri; - this.uriTSL = uriTSL; } /** @@ -75,11 +71,5 @@ public class TrustProfile { return signerCertsUri; } - /** - * Return the URI of the location of the TSLS - * @return The URI of the location of the TSLS - */ - public String getUriTSL() { - return uriTSL; - } + } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java index b7bdbc9b8..dc23b5c2d 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java @@ -30,7 +30,6 @@ import at.gv.egovernment.moa.spss.api.SPSSFactory; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.common.CheckResult; -import at.gv.egovernment.moa.spss.api.common.CheckTSLResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; import at.gv.egovernment.moa.spss.server.config.TrustProfile; import at.gv.egovernment.moa.spss.util.MessageProvider; @@ -82,8 +81,7 @@ public class VerifyCMSSignatureResponseBuilder { SignerInfo signerInfo; CheckResult signatureCheck; CheckResult certificateCheck; - CheckTSLResult tslCheck; - + // add SignerInfo element signerInfo = factory.createSignerInfo( @@ -98,54 +96,17 @@ public class VerifyCMSSignatureResponseBuilder { // add CertificateCheck element certificateCheck = factory.createCheckResult(certificateCheckCode, null); - // add TSL check - tslCheck = validateTSL(result, trustProfile); - + // build the response element responseElement = factory.createVerifyCMSSignatureResponseElement( signerInfo, signatureCheck, - certificateCheck, - tslCheck); + certificateCheck); responseElements.add(responseElement); } - /** - * Checks the certificate chain against the given (in the provided trustProfile) TSLs - * - * @param result The result produced by the XMLSignatureVerificationModule. - * - * @param trustProfile The trust profile the signer certificate is validated against. - * - * @return The overal result of the TSL validation. - * - * @throws MOAException - */ - private CheckTSLResult validateTSL(CMSSignatureVerificationResult result, TrustProfile trustProfile) - throws MOAException -{ - MessageProvider msg = MessageProvider.getInstance(); - //String logMsg = msg.getMessage("tsl.00", new Object[]{trustProfile.getId(), files[i].getName()}); - - // TODO KS: TSL initialisieren, TSL abfrage mit chain - - List chain = result.getCertificateValidationResult().getCertificateChain(); - String uriTSL = trustProfile.getUriTSL(); - //System.out.println("Size: " + chain.size()); - ListIterator it = chain.listIterator(); - while(it.hasNext()) { - X509Certificate cert = (X509Certificate) it.next(); - //System.out.println(cert.getSubjectDN()); - } - //System.out.println("URL-TSL: " + uriTSL); - - int resultCode = 0; - String resultInfo = msg.getMessage("tsl.00", null); - - SPSSFactory factory = SPSSFactory.getInstance(); - return factory.createCheckTSLResult(resultCode, resultInfo); -} + } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java index 68ba4ad7e..7d66811db 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java @@ -42,7 +42,6 @@ import org.w3c.dom.NodeList; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.api.SPSSFactory; import at.gv.egovernment.moa.spss.api.common.CheckResult; -import at.gv.egovernment.moa.spss.api.common.CheckTSLResult; import at.gv.egovernment.moa.spss.api.common.Content; import at.gv.egovernment.moa.spss.api.common.InputData; import at.gv.egovernment.moa.spss.api.common.SignerInfo; @@ -87,10 +86,7 @@ public class VerifyXMLSignatureResponseBuilder { private List xmlDsigManifestChecks; /** The result of the certificate check. */ private CheckResult certificateCheck; - /** The result of the TSL check. */ - private CheckTSLResult tslCheck; - /** * Get the VerifyMLSignatureResponse built so far. * @@ -104,8 +100,7 @@ public class VerifyXMLSignatureResponseBuilder { signatureCheck, signatureManifestCheck, xmlDsigManifestChecks, - certificateCheck, - tslCheck); + certificateCheck); } /** @@ -119,15 +114,13 @@ public class VerifyXMLSignatureResponseBuilder { * @param transformsSignatureManifestCheck The overall result for the signature * manifest check. * @param certificateCheck The overall result for the certificate check. - * @param tslCheck The result of the TSL check * @throws MOAApplicationException An error occurred adding the result. */ public void setResult( XMLSignatureVerificationResult result, XMLSignatureVerificationProfile profile, ReferencesCheckResult transformsSignatureManifestCheck, - CheckResult certificateCheck, - CheckTSLResult tslCheck) + CheckResult certificateCheck) throws MOAApplicationException { CertificateValidationResult certResult = @@ -292,8 +285,7 @@ public class VerifyXMLSignatureResponseBuilder { // create the certificate check this.certificateCheck = certificateCheck; - // create the tsl check - this.tslCheck = tslCheck; + } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java index 765a48e79..eb6275b3a 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java @@ -59,7 +59,6 @@ import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.MOASystemException; import at.gv.egovernment.moa.spss.api.SPSSFactory; import at.gv.egovernment.moa.spss.api.common.CheckResult; -import at.gv.egovernment.moa.spss.api.common.CheckTSLResult; import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation; import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo; import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult; @@ -236,11 +235,9 @@ public class XMLSignatureVerificationInvoker { TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId()); CheckResult certificateCheck = validateSignerCertificate(result, trustProfile); - // Check the TSL result - CheckTSLResult tslCheck = validateTSL(result, trustProfile); // build the response - responseBuilder.setResult(result, profile, signatureManifestCheck, certificateCheck, tslCheck); + responseBuilder.setResult(result, profile, signatureManifestCheck, certificateCheck); return responseBuilder.getResponse(); } @@ -325,41 +322,7 @@ public class XMLSignatureVerificationInvoker { return factory.createCheckResult(resultCode, null); } - /** - * Checks the certificate chain against the given (in the provided trustProfile) TSLs - * - * @param result The result produced by the XMLSignatureVerificationModule. - * - * @param trustProfile The trust profile the signer certificate is validated against. - * - * @return The overal result of the TSL validation. - * - * @throws MOAException - */ - private CheckTSLResult validateTSL(XMLSignatureVerificationResult result, TrustProfile trustProfile) - throws MOAException -{ - MessageProvider msg = MessageProvider.getInstance(); - //String logMsg = msg.getMessage("tsl.00", new Object[]{trustProfile.getId(), files[i].getName()}); - - // TODO KS: TSL initialisieren, TSL abfrage mit chain - - List chain = result.getCertificateValidationResult().getCertificateChain(); - String uriTSL = trustProfile.getUriTSL(); - //System.out.println("Size: " + chain.size()); - ListIterator it = chain.listIterator(); - while(it.hasNext()) { - X509Certificate cert = (X509Certificate) it.next(); - //System.out.println(cert.getSubjectDN()); - } - //System.out.println("URL-TSL: " + uriTSL); - - int resultCode = 0; - String resultInfo = msg.getMessage("tsl.00", null); - SPSSFactory factory = SPSSFactory.getInstance(); - return factory.createCheckTSLResult(resultCode, resultInfo); -} /** * Select the dsig:Signature DOM element within the signature diff --git a/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties b/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties index 4c9d11f63..3920da4d9 100644 --- a/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties +++ b/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties @@ -134,7 +134,6 @@ config.28=Einen detaillierten Fehlerbericht entnehmen Sie bitte der Log-Datei. config.29=Es sind folgende leichte Fehler aufgetreten: config.31=Fehler in der Konfiguration der KeyGroup mit id={0}: Der Schlüssel im KeyModule id={1} mit IssuerName={2} und SerialNumber={3} konnte nicht geladen werden config.32=Fehler in der Konfiguration: Verzeichnisangabe für den Zertifikatsspeicher ist ungültig ({0}). -config.33=Fehler beim Erstellen des TrustProfile id={0}: Name des TSL-Verzeichnisses konnte nicht in eine URL umgewandet werden handler.00=Starte neue Transaktion: TID={0}, Service={1} handler.01=Aufruf von Adresse={0} @@ -148,6 +147,4 @@ handler.07=SOAP Request empfangen: Request={0} invoker.00=Das Signature Environment konnte nicht validierend geparst werden invoker.01=Keine passende Transformationskette gefunden (Index={0}) invoker.02=Der Hashwert der Transformation stimmt nicht überein (Index={0}) -invoker.03=Signatorzertifikat aus Trustprofile mit id={0} konnte nicht geparst werden (Dateiname={1}) - -tsl.00 = Das Zertifikat konnte erfolgreich gegen die TSL verifiziert werden \ No newline at end of file +invoker.03=Signatorzertifikat aus Trustprofile mit id={0} konnte nicht geparst werden (Dateiname={1}) \ No newline at end of file -- cgit v1.2.3