package at.gv.egovernment.moa.id.auth.parser;
import iaik.utils.Base64InputStream;
import iaik.x509.X509Certificate;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.*;
import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.XPathUtils;
/**
* Parses a <VerifyXMLSignatureResponse>
returned by
* MOA-SPSS.
* This class implements the Singleton pattern
*
* @author Stefan Knirsch
* @version $Id$
*/
public class VerifyXMLSignatureResponseParser {
//
// XPath namespace prefix shortcuts
//
/** Xpath prefix for reaching MOA Namespaces */
private static final String MOA = Constants.MOA_PREFIX + ":";
/** Xpath prefix for reaching DSIG Namespaces */
private static final String DSIG = Constants.DSIG_PREFIX + ":";
/** Xpath prefix for reaching SecurityLayer 1.1 Namespaces */
private static final String SL11 = Constants.SL11_PREFIX + ":";
/** Xpath expression to the root element */
private static final String ROOT = "/" + MOA + "VerifyXMLSignatureResponse/";
/** Xpath expression to the X509SubjectName element */
private static final String DSIG_SUBJECT_NAME_XPATH =
ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
DSIG + "X509SubjectName";
/** Xpath expression to the X509Certificate element */
private static final String DSIG_X509_CERTIFICATE_XPATH =
ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
DSIG + "X509Certificate";
/** Xpath expression to the PublicAuthority element */
private static final String PUBLIC_AUTHORITY_XPATH =
ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
MOA + "PublicAuthority";
/** Xpath expression to the PublicAuthorityCode element */
private static final String PUBLIC_AUTHORITY_CODE_XPATH =
PUBLIC_AUTHORITY_XPATH + "/" + MOA + "Code";
/** Xpath expression to the QualifiedCertificate element */
private static final String QUALIFIED_CERTIFICATE_XPATH =
ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
SL11 + "QualifiedCertificate";
/** Xpath expression to the SignatureCheckCode element */
private static final String SIGNATURE_CHECK_CODE_XPATH =
ROOT + MOA + "SignatureCheck/" + MOA + "Code";
/** Xpath expression to the XMLDSIGManifestCheckCode element */
private static final String XMLDSIG_MANIFEST_CHECK_CODE_XPATH =
ROOT + MOA + "XMLDSIGManifestCheck/" + MOA + "Code";
/** Xpath expression to the CertificateCheckCode element */
private static final String CERTIFICATE_CHECK_CODE_XPATH =
ROOT + MOA + "CertificateCheck/" + MOA + "Code";
/** This is the root element of the XML-Document provided by the Security Layer Card*/
private Element verifyXMLSignatureResponse;
/**
* Constructor for VerifyXMLSignatureResponseParser.
* A DOM-representation of the incoming String will be created
* @param xmlResponse <InfoboxReadResponse>
as String
* @throws ParseException on any parsing error
*/
public VerifyXMLSignatureResponseParser(String xmlResponse) throws ParseException{
try {
InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(s);
}
catch (Throwable t) {
throw new ParseException("parser.01", new Object[] { t.toString() }, t);
}
}
/**
* Constructor for VerifyXMLSignatureResponseParser.
* A DOM-representation of the incoming Inputstream will be created
* @param xmlResponse <InfoboxReadResponse>
as InputStream
* @throws Exception on any parsing error
*/
public VerifyXMLSignatureResponseParser(InputStream xmlResponse) throws Exception
{
try {
verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(xmlResponse);
}
catch (Throwable t) {
throw new ParseException("parser.01", null, t);
}
}
/**
* Constructor for VerifyXMLSignatureResponseParser.
* The incoming Element will be used for further operations
* @param xmlResponse <InfoboxReadResponse>
as Element
*/
public VerifyXMLSignatureResponseParser(Element xmlResponse)
{
verifyXMLSignatureResponse =xmlResponse;
}
/**
* Parse identity link from <InfoboxReadResponse>
* @return Identity link
* @throws ParseException on any parsing error
*/
public VerifyXMLSignatureResponse parseData() throws ParseException {
VerifyXMLSignatureResponse respData=new VerifyXMLSignatureResponse();
try {
respData.setXmlDsigSubjectName(XPathUtils.getElementValue(verifyXMLSignatureResponse,DSIG_SUBJECT_NAME_XPATH,""));
Element e = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,QUALIFIED_CERTIFICATE_XPATH);
respData.setQualifiedCertificate(e!=null);
Base64InputStream in = new Base64InputStream(new ByteArrayInputStream(XPathUtils.getElementValue(
verifyXMLSignatureResponse,DSIG_X509_CERTIFICATE_XPATH,"").getBytes("UTF-8")),true);
respData.setX509certificate(new X509Certificate(in));
Element publicAuthority = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_CODE_XPATH);
respData.setPublicAuthority(publicAuthority != null);
respData.setPublicAuthorityCode(XPathUtils.getElementValue(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_CODE_XPATH,""));
respData.setSignatureCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNATURE_CHECK_CODE_XPATH,"")).intValue());
String xmlDsigCheckCode = XPathUtils.getElementValue(verifyXMLSignatureResponse,XMLDSIG_MANIFEST_CHECK_CODE_XPATH,null);
if (xmlDsigCheckCode!=null)
{
respData.setXmlDSIGManigest(true);
respData.setXmlDSIGManifestCheckCode(new Integer(xmlDsigCheckCode).intValue());
}
else
respData.setXmlDSIGManigest(false);
respData.setCertificateCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,CERTIFICATE_CHECK_CODE_XPATH,"")).intValue());
}
catch (Throwable t) {
throw new ParseException("parser.01", null, t);
}
return respData;
}
}