package at.gv.egovernment.moa.id.auth.parser; import iaik.utils.Base64InputStream; import iaik.x509.X509Certificate; import java.io.ByteArrayInputStream; import java.io.InputStream; import org.w3c.dom.Element; import at.gv.egovernment.moa.id.*; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; /** * Parses a <VerifyXMLSignatureResponse> returned by * MOA-SPSS. * This class implements the Singleton pattern * * @author Stefan Knirsch * @version $Id$ */ public class VerifyXMLSignatureResponseParser { // // XPath namespace prefix shortcuts // /** Xpath prefix for reaching MOA Namespaces */ private static final String MOA = Constants.MOA_PREFIX + ":"; /** Xpath prefix for reaching DSIG Namespaces */ private static final String DSIG = Constants.DSIG_PREFIX + ":"; /** Xpath prefix for reaching SecurityLayer 1.1 Namespaces */ private static final String SL11 = Constants.SL11_PREFIX + ":"; /** Xpath expression to the root element */ private static final String ROOT = "/" + MOA + "VerifyXMLSignatureResponse/"; /** Xpath expression to the X509SubjectName element */ private static final String DSIG_SUBJECT_NAME_XPATH = ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + DSIG + "X509SubjectName"; /** Xpath expression to the X509Certificate element */ private static final String DSIG_X509_CERTIFICATE_XPATH = ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + DSIG + "X509Certificate"; /** Xpath expression to the PublicAuthority element */ private static final String PUBLIC_AUTHORITY_XPATH = ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + MOA + "PublicAuthority"; /** Xpath expression to the PublicAuthorityCode element */ private static final String PUBLIC_AUTHORITY_CODE_XPATH = PUBLIC_AUTHORITY_XPATH + "/" + MOA + "Code"; /** Xpath expression to the QualifiedCertificate element */ private static final String QUALIFIED_CERTIFICATE_XPATH = ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + SL11 + "QualifiedCertificate"; /** Xpath expression to the SignatureCheckCode element */ private static final String SIGNATURE_CHECK_CODE_XPATH = ROOT + MOA + "SignatureCheck/" + MOA + "Code"; /** Xpath expression to the XMLDSIGManifestCheckCode element */ private static final String XMLDSIG_MANIFEST_CHECK_CODE_XPATH = ROOT + MOA + "XMLDSIGManifestCheck/" + MOA + "Code"; /** Xpath expression to the CertificateCheckCode element */ private static final String CERTIFICATE_CHECK_CODE_XPATH = ROOT + MOA + "CertificateCheck/" + MOA + "Code"; /** This is the root element of the XML-Document provided by the Security Layer Card*/ private Element verifyXMLSignatureResponse; /** * Constructor for VerifyXMLSignatureResponseParser. * A DOM-representation of the incoming String will be created * @param xmlResponse <InfoboxReadResponse> as String * @throws ParseException on any parsing error */ public VerifyXMLSignatureResponseParser(String xmlResponse) throws ParseException{ try { InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8")); verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(s); } catch (Throwable t) { throw new ParseException("parser.01", new Object[] { t.toString() }, t); } } /** * Constructor for VerifyXMLSignatureResponseParser. * A DOM-representation of the incoming Inputstream will be created * @param xmlResponse <InfoboxReadResponse> as InputStream * @throws Exception on any parsing error */ public VerifyXMLSignatureResponseParser(InputStream xmlResponse) throws Exception { try { verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(xmlResponse); } catch (Throwable t) { throw new ParseException("parser.01", null, t); } } /** * Constructor for VerifyXMLSignatureResponseParser. * The incoming Element will be used for further operations * @param xmlResponse <InfoboxReadResponse> as Element */ public VerifyXMLSignatureResponseParser(Element xmlResponse) { verifyXMLSignatureResponse =xmlResponse; } /** * Parse identity link from <InfoboxReadResponse> * @return Identity link * @throws ParseException on any parsing error */ public VerifyXMLSignatureResponse parseData() throws ParseException { VerifyXMLSignatureResponse respData=new VerifyXMLSignatureResponse(); try { respData.setXmlDsigSubjectName(XPathUtils.getElementValue(verifyXMLSignatureResponse,DSIG_SUBJECT_NAME_XPATH,"")); Element e = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,QUALIFIED_CERTIFICATE_XPATH); respData.setQualifiedCertificate(e!=null); Base64InputStream in = new Base64InputStream(new ByteArrayInputStream(XPathUtils.getElementValue( verifyXMLSignatureResponse,DSIG_X509_CERTIFICATE_XPATH,"").getBytes("UTF-8")),true); respData.setX509certificate(new X509Certificate(in)); Element publicAuthority = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_CODE_XPATH); respData.setPublicAuthority(publicAuthority != null); respData.setPublicAuthorityCode(XPathUtils.getElementValue(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_CODE_XPATH,"")); respData.setSignatureCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNATURE_CHECK_CODE_XPATH,"")).intValue()); String xmlDsigCheckCode = XPathUtils.getElementValue(verifyXMLSignatureResponse,XMLDSIG_MANIFEST_CHECK_CODE_XPATH,null); if (xmlDsigCheckCode!=null) { respData.setXmlDSIGManigest(true); respData.setXmlDSIGManifestCheckCode(new Integer(xmlDsigCheckCode).intValue()); } else respData.setXmlDSIGManigest(false); respData.setCertificateCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,CERTIFICATE_CHECK_CODE_XPATH,"")).intValue()); } catch (Throwable t) { throw new ParseException("parser.01", null, t); } return respData; } }