aboutsummaryrefslogtreecommitdiff
path: root/moaSig/moa-sig-lib/src/main/java/at
diff options
context:
space:
mode:
Diffstat (limited to 'moaSig/moa-sig-lib/src/main/java/at')
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOAApplicationException.java70
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOAException.java190
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOARuntimeException.java191
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOASystemException.java69
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/Configurator.java84
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java1139
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureCreationService.java81
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureVerificationService.java93
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CMSSignatureResponse.java41
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CreateCMSSignatureRequest.java49
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CreateCMSSignatureResponse.java42
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CreateCMSSignatureResponseElement.java51
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/DataObjectInfo.java58
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/SingleSignatureInfo.java51
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSContent.java52
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSContentExcplicit.java43
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSContentReference.java41
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSDataObject.java57
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java76
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponse.java45
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java57
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/Base64Transform.java37
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/CanonicalizationTransform.java41
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/CheckResult.java49
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/Content.java71
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentBinary.java45
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentLocRef.java41
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentReference.java35
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentXML.java43
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ElementSelector.java52
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/EnvelopedSignatureTransform.java39
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ExclusiveCanonicalizationTransform.java51
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/InputData.java71
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/MetaInfo.java61
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/SignerInfo.java92
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/TSLConfiguration.java82
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/Transform.java40
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/X509IssuerSerial.java49
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XMLDataObjectAssociation.java49
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XPathFilter.java62
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XPathFilter2Transform.java49
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XPathTransform.java54
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XSLTTransform.java47
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/Base64TransformImpl.java46
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSContentExplicitImpl.java64
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSContentReferenceImpl.java62
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSDataObjectImpl.java91
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSSignatureResponseImpl.java64
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CanonicalizationTransformImpl.java49
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CheckResultImpl.java76
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentBinaryImpl.java64
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentImpl.java52
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentLocRefImpl.java68
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentReferenceImpl.java48
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentXMLImpl.java64
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateCMSSignatureRequestImpl.java77
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateCMSSignatureResponseImpl.java60
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureEnvironmentProfileExplicitImpl.java90
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureEnvironmentProfileIDImpl.java63
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureInfoImpl.java74
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureLocationImpl.java55
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateTransformsInfoImpl.java75
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateTransformsInfoProfileExplicitImpl.java86
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateTransformsInfoProfileIDImpl.java62
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateXMLSignatureRequestImpl.java77
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateXMLSignatureResponseImpl.java61
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/DataObjectInfoCMSImpl.java69
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/DataObjectInfoImpl.java103
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ElementSelectorImpl.java71
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/EnvelopedSignatureTransformImpl.java46
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ErrorResponseImpl.java76
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ExclusiveCanonicalizationTransformImpl.java72
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java123
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java123
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ManifestRefsCheckResultImpl.java68
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ManifestRefsCheckResultInfoImpl.java56
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/MetaInfoImpl.java99
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ReferenceInfoImpl.java62
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ReferencesCheckResultImpl.java70
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ReferencesCheckResultInfoImpl.java70
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java656
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignatureEnvironmentResponseImpl.java65
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignatureManifestCheckParamsImpl.java76
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignerInfoImpl.java159
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SingleSignatureInfoCMSImpl.java62
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SingleSignatureInfoImpl.java73
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SupplementProfileExplicitImpl.java63
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SupplementProfileIDImpl.java61
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TSLConfigurationImpl.java100
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformImpl.java50
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformParameterBinaryImpl.java66
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformParameterImpl.java49
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformParameterURIImpl.java48
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformPatameterHashImpl.java78
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java117
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java86
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSinatureResponseImpl.java61
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifySignatureInfoImpl.java71
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifySignatureLocationImpl.java39
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyTransformsDataImpl.java60
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyTransformsInfoProfileExplicitImpl.java85
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyTransformsInfoProfileIDImpl.java62
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureRequestImpl.java137
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java166
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/X509IssuerSerialImpl.java69
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XMLDataObjectAssociationImpl.java69
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XPathFilter2TransformImpl.java67
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XPathFilterImpl.java88
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XPathTransformImpl.java83
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XSLTransformImpl.java61
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureRequestParser.java261
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureResponseBuilder.java145
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureRequestParser.java312
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureResponseBuilder.java143
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ProfileParser.java309
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/RequestParserUtils.java181
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java289
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/TransformParser.java270
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java210
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java131
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureRequestParser.java299
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java340
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureEnvironmentProfile.java54
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureEnvironmentProfileExplicit.java54
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureEnvironmentProfileID.java44
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureInfo.java49
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureLocation.java47
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfo.java51
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfoProfile.java52
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfoProfileExplicit.java50
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfoProfileID.java42
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateXMLSignatureRequest.java50
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateXMLSignatureResponse.java44
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateXMLSignatureResponseElement.java53
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/DataObjectInfo.java72
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/ErrorResponse.java48
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/SignatureEnvironmentResponse.java44
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/SingleSignatureInfo.java56
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ManifestRefsCheckResult.java48
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ManifestRefsCheckResultInfo.java43
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ReferenceInfo.java43
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ReferencesCheckResult.java47
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ReferencesCheckResultInfo.java49
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SignatureManifestCheckParams.java50
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SupplementProfile.java52
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SupplementProfileExplicit.java43
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SupplementProfileID.java42
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameter.java64
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameterBinary.java45
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameterHash.java50
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameterURI.java36
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifySignatureInfo.java51
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifySignatureLocation.java37
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyTransformsInfoProfile.java52
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyTransformsInfoProfileExplicit.java49
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyTransformsInfoProfileID.java42
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureRequest.java79
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java87
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/CRLDistributionPoint.java178
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationException.java63
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java1825
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java975
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/DistributionPoint.java62
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareCryptoModule.java84
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareKeyModule.java83
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/IssuerAndSerial.java149
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroup.java105
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroupEntry.java130
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyModule.java65
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/OCSPDistributionPoint.java57
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/SoftwareKeyModule.java72
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java132
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java249
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java61
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java60
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java72
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java121
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java93
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java81
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java145
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java57
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java115
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java75
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java79
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java217
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java58
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java113
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java112
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java99
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java80
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java158
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java131
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java88
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java159
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java67
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java78
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java73
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java67
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java111
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java66
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java100
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java58
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java67
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java70
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java71
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java67
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java140
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java106
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java122
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java217
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java174
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java399
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java69
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java177
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ConfiguratorImpl.java66
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ExternalInitializer.java7
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java253
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java437
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java371
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java85
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateCMSSignatureResponseBuilder.java93
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateXMLSignatureResponseBuilder.java95
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java1039
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ExternalURIResolver.java177
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java318
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/InvokerUtils.java87
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ProfileMapper.java273
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ServiceContextUtils.java75
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureCreationServiceImpl.java71
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureVerificationServiceImpl.java100
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/TransformationFactory.java282
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java127
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java501
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvoker.java586
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java543
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java727
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationProfileFactory.java170
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java150
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogFactory.java66
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogMsg.java78
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/TransactionId.java62
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java102
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/DeleteableDataSource.java7
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java385
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContextManager.java86
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionIDGenerator.java75
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/util/IdGenerator.java85
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/config/Configurator.java130
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/TSLConnector.java972
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/TSLConnectorInterface.java95
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/exception/MitigatedTSLSecurityException.java17
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java212
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/CertificateReader.java155
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/Mitigation.java15
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEUImportFromFileContext.java140
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEvaluationContext.java134
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLImportFromFileContext.java850
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertStoreConverter.java109
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java286
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java114
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MOASPSSEntityResolver.java142
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MessageProvider.java89
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/NodeListToNodeSetDataAdapter.java26
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/QCSSCDResult.java37
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/SecProviderUtils.java22
265 files changed, 33838 insertions, 0 deletions
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOAApplicationException.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOAApplicationException.java
new file mode 100644
index 0000000..305c227
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOAApplicationException.java
@@ -0,0 +1,70 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss;
+/**
+ * Base class of application specific MOA exceptions.
+ *
+ * Application exceptions are exceptions that originate from application
+ * code (e.g. inconsistent data provided by the user, no permission to access
+ * certain resources, etc.)
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class MOAApplicationException extends MOAException {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1042877795934327684L;
+
+/**
+ * Create a new <code>MOAApplicationException</code>.
+ *
+ * @param messageId The identifier of the message associated with this
+ * exception.
+ * @param parameters Additional message parameters.
+ */
+ public MOAApplicationException(String messageId, Object[] parameters) {
+ super(messageId, parameters);
+ }
+
+ /**
+ * Create a new <code>MOAApplicationException</code>.
+ *
+ * @param messageId The identifier of the message associated with this
+ * <code>MOAApplicationException</code>.
+ * @param parameters Additional message parameters.
+ * @param wrapped The exception wrapped by this
+ * <code>MOAApplicationException</code>.
+ */
+ public MOAApplicationException(
+ String messageId,
+ Object[] parameters,
+ Throwable wrapped) {
+ super(messageId, parameters, wrapped);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOAException.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOAException.java
new file mode 100644
index 0000000..803f3fd
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOAException.java
@@ -0,0 +1,190 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss;
+import java.io.PrintStream;
+import java.io.PrintWriter;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.w3c.dom.DOMImplementation;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.util.Constants;
+
+
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+
+/**
+ * Base class of MOA specific exceptions.
+ *
+ * This class has the ability to wrap other exceptions which may be seen
+ * as the root cause for this exception. A similar mechanism is in place
+ * since JDK1.4 (see the <code>getClause()</code> method) but will not be used
+ * because of required compatibility with JDK1.3.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class MOAException extends Exception {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 7115301799538771949L;
+/** The message ID. */
+ private String messageId;
+ /** The wrapped <code>Throwable</code>. */
+ private Throwable wrapped;
+
+ /**
+ * Create a <code>MOAException</code>.
+ *
+ * @param messageId The message ID of the message contained in the created
+ * <code>MOAException</code>.
+ * @param parameters The parameters needed to fill in the message arguments.
+ */
+ public MOAException(String messageId, Object[] parameters) {
+ super(MessageProvider.getInstance().getMessage(messageId, parameters));
+ this.messageId = messageId;
+ }
+
+ /**
+ * Create a <code>MOAException</code>.
+ *
+ * @param messageId The message ID of the message contained in the created
+ * <code>MOAException</code>.
+ * @param parameters The parameters needed to fill in the message arguments.
+ * @param wrapped The exception wrapped by the created
+ * <code>MOAException</code>.
+ */
+ public MOAException(String messageId, Object[] parameters, Throwable wrapped) {
+ // TODO: remove wrapped again from super constructor
+ super(MessageProvider.getInstance().getMessage(messageId, parameters), wrapped);
+ this.messageId = messageId;
+ this.wrapped = wrapped;
+ }
+
+ /**
+ * Returns the message ID of this exception.
+ *
+ * @return The message ID as provided in the constructor.
+ */
+ public String getMessageId() {
+ return messageId;
+ }
+
+ /**
+ * Returns the exception wrapped by this <code>MOAException</code>.
+ *
+ * @return The exception wrapped by this exception. Possibly
+ * <code>null</code>, if none was provided at construction time.
+ */
+ public Throwable getWrapped() {
+ return wrapped;
+ }
+
+ /**
+ * Convert this <code>MOAException</code> to an <code>ErrorResponse</code>
+ * element from the MOA namespace.
+ *
+ * @return An <code>ErrorResponse</code> element, containing the subelements
+ * <code>ErrorCode</code> and <code>Info</code> required by the MOA schema.
+ */
+ public Element toErrorResponse() {
+ DocumentBuilder builder;
+ DOMImplementation impl;
+ Document doc;
+ Element errorResponse;
+ Element errorCode;
+ Element info;
+
+ // create a new document
+ try {
+ builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
+ impl = builder.getDOMImplementation();
+ } catch (ParserConfigurationException e) {
+ return null;
+ }
+
+ // build the ErrorResponse element
+ doc = impl.createDocument(Constants.MOA_NS_URI, "ErrorResponse", null);
+ errorResponse = doc.getDocumentElement();
+
+ // add MOA namespace declaration
+ errorResponse.setAttributeNS(
+ Constants.XMLNS_NS_URI,
+ "xmlns",
+ Constants.MOA_NS_URI);
+
+ // build the child elements
+ errorCode = doc.createElementNS(Constants.MOA_NS_URI, "ErrorCode");
+ errorCode.appendChild(doc.createTextNode(messageId));
+ info = doc.createElementNS(Constants.MOA_NS_URI, "Info");
+ info.appendChild(doc.createTextNode(getMessage()));
+ errorResponse.appendChild(errorCode);
+ errorResponse.appendChild(info);
+ return errorResponse;
+ }
+
+ /**
+ * Print a stack trace of this exception to <code>System.err</code>.
+ *
+ * @see java.lang.Throwable#printStackTrace()
+ */
+ public void printStackTrace() {
+ printStackTrace(System.err);
+ }
+
+ /**
+ * Print a stack trace of this exception, including the wrapped exception.
+ *
+ * @param s The stream to write the stack trace to.
+ * @see java.lang.Throwable#printStackTrace(java.io.PrintStream)
+ */
+ public void printStackTrace(PrintStream s) {
+ super.printStackTrace(s);
+ if (getWrapped() != null) {
+ s.print("Caused by: ");
+ getWrapped().printStackTrace(s);
+ }
+ }
+
+ /**
+ * Print a stack trace of this exception, including the wrapped exception.
+ *
+ * @param s The stream to write the stacktrace to.
+ * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter)
+ */
+ public void printStackTrace(PrintWriter s) {
+ super.printStackTrace(s);
+ if (getWrapped() != null) {
+ s.print("Caused by: ");
+ getWrapped().printStackTrace(s);
+ }
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOARuntimeException.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOARuntimeException.java
new file mode 100644
index 0000000..a3c8565
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOARuntimeException.java
@@ -0,0 +1,191 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss;
+import java.io.PrintStream;
+import java.io.PrintWriter;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.w3c.dom.DOMImplementation;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.util.Constants;
+
+/**
+ * Base class of MOA specific runtime exceptions.
+ *
+ * This class has the ability to wrap other exceptions which may be seen
+ * as the root cause for this exception. A similar mechanism is in place
+ * since JDK1.4 (see the <code>getClause()</code> method) but will not be used
+ * because of required compatibility with JDK1.3.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class MOARuntimeException extends RuntimeException {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 8516197293435621864L;
+/** The message ID. */
+ private String messageId;
+ /** The wrapped <code>Throwable</code>. */
+ private Throwable wrapped;
+
+ /**
+ * Create a <code>MOAException</code>.
+ *
+ * @param messageId The message ID of the message contained in the created
+ * <code>MOAException</code>.
+ * @param parameters The parameters needed to fill in the message arguments.
+ */
+ public MOARuntimeException(String messageId, Object[] parameters) {
+ super(MessageProvider.getInstance().getMessage(messageId, parameters));
+ this.messageId = messageId;
+ }
+
+ /**
+ * Create a <code>MOAException</code>.
+ *
+ * @param messageId The message ID of the message contained in the created
+ * <code>MOAException</code>.
+ * @param parameters The parameters needed to fill in the message arguments.
+ * @param wrapped The exception wrapped by the created
+ * <code>MOAException</code>.
+ */
+ public MOARuntimeException(
+ String messageId,
+ Object[] parameters,
+ Throwable wrapped) {
+
+ super(MessageProvider.getInstance().getMessage(messageId, parameters));
+ this.messageId = messageId;
+ this.wrapped = wrapped;
+ }
+
+ /**
+ * Returns the message ID of this exception.
+ *
+ * @return The message ID as provided in the constructor.
+ */
+ public String getMessageId() {
+ return messageId;
+ }
+
+ /**
+ * Returns the exception wrapped by this <code>MOARuntimeException</code>.
+ *
+ * @return The exception wrapped by this exception. Possibly
+ * <code>null</code>, if none was provided at construction time.
+ */
+ public Throwable getWrapped() {
+ return wrapped;
+ }
+
+ /**
+ * Convert this <code>MOARuntimeException</code> to an <code>ErrorResponse</code>
+ * element from the MOA namespace.
+ *
+ * @return An <code>ErrorResponse</code> element, containing the subelements
+ * <code>ErrorCode</code> and <code>Info</code> required by the MOA schema.
+ */
+ public Element toErrorResponse() {
+ DocumentBuilder builder;
+ DOMImplementation impl;
+ Document doc;
+ Element errorResponse;
+ Element errorCode;
+ Element info;
+
+ // create a new document
+ try {
+ builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
+ impl = builder.getDOMImplementation();
+ } catch (ParserConfigurationException e) {
+ return null;
+ }
+
+ // build the ErrorResponse element
+ doc = impl.createDocument(Constants.MOA_NS_URI, "ErrorResponse", null);
+ errorResponse = doc.getDocumentElement();
+
+ // add MOA namespace declaration
+ errorResponse.setAttributeNS(
+ Constants.XMLNS_NS_URI,
+ "xmlns",
+ Constants.MOA_NS_URI);
+
+ // build the child elements
+ errorCode = doc.createElementNS(Constants.MOA_NS_URI, "ErrorCode");
+ errorCode.appendChild(doc.createTextNode(messageId));
+ info = doc.createElementNS(Constants.MOA_NS_URI, "Info");
+ info.appendChild(doc.createTextNode(getMessage()));
+ errorResponse.appendChild(errorCode);
+ errorResponse.appendChild(info);
+ return errorResponse;
+ }
+
+ /**
+ * Print a stack trace of this exception to <code>System.err</code>.
+ *
+ * @see java.lang.Throwable#printStackTrace()
+ */
+ public void printStackTrace() {
+ printStackTrace(System.err);
+ }
+
+ /**
+ * Print a stack trace of this exception, including the wrapped exception.
+ *
+ * @param s The stream to write the stack trace to.
+ * @see java.lang.Throwable#printStackTrace(java.io.PrintStream)
+ */
+ public void printStackTrace(PrintStream s) {
+ super.printStackTrace(s);
+ if (getWrapped() != null) {
+ s.print("Caused by: ");
+ getWrapped().printStackTrace(s);
+ }
+ }
+
+ /**
+ * Print a stack trace of this exception, including the wrapped exception.
+ *
+ * @param s The stream to write the stacktrace to.
+ * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter)
+ */
+ public void printStackTrace(PrintWriter s) {
+ super.printStackTrace(s);
+ if (getWrapped() != null) {
+ s.print("Caused by: ");
+ getWrapped().printStackTrace(s);
+ }
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOASystemException.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOASystemException.java
new file mode 100644
index 0000000..67c1908
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOASystemException.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss;
+/**
+ * Base class of technical MOA exceptions.
+ *
+ * Technical exceptions are exceptions that originate from system failure (e.g.,
+ * a database connection fails, a component is not available, etc.)
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class MOASystemException extends MOAException {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 655642019638205185L;
+
+/**
+ * Create a new <code>MOASystemException</code>.
+ *
+ * @param messageId The identifier of the message associated with this
+ * exception.
+ * @param parameters Additional message parameters.
+ */
+ public MOASystemException(String messageId, Object[] parameters) {
+ super(messageId, parameters);
+ }
+
+ /**
+ * Create a new <code>MOASystemException</code>.
+ *
+ * @param messageId The identifier of the message associated with this
+ * <code>MOASystemException</code>.
+ * @param parameters Additional message parameters.
+ * @param wrapped The exception wrapped by this
+ * <code>MOASystemException</code>.
+ */
+ public MOASystemException(
+ String messageId,
+ Object[] parameters,
+ Throwable wrapped) {
+ super(messageId, parameters, wrapped);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/Configurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/Configurator.java
new file mode 100644
index 0000000..6cbdf7d
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/Configurator.java
@@ -0,0 +1,84 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api;
+
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.server.init.ConfiguratorImpl;
+
+/**
+ * Configures the SP/SS API.
+ *
+ * Also handles dynamic configuration updates.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class Configurator {
+
+ /** The default implementation class. */
+ private static final String DEFAULT_IMPLEMENTATION =
+ "at.gv.egovernment.moa.spss.server.init.ConfiguratorImpl";
+
+ /** The single instance of this class. */
+ private static Configurator instance = null;
+
+ public static synchronized Configurator getInstance() {
+ if (instance == null) {
+ try {
+ /*DiscoverClass discover = new DiscoverClass();
+ instance =
+ (Configurator) discover.newInstance(
+ Configurator.class,
+ DEFAULT_IMPLEMENTATION);*/
+ return new ConfiguratorImpl();
+ } catch (Exception e) {
+ // this can not happen since we provide a valid default
+ // implementation
+ }
+ }
+ return instance;
+ }
+
+ /**
+ * Initialize the SP/SS configuration.
+ *
+ * Only a single call to this method will have an effect. Use
+ * <code>update()</code> for reflecting changes in the configuration instead.
+ *
+ * @throws MOAException An error occurred updating the SP/SS configuration.
+ */
+ public abstract void init() throws MOAException;
+
+ /**
+ * Update the SP/SS configuration.
+ *
+ * This will only have an effect after the system has been initialized once
+ * using <code>init()</code>.
+ *
+ * @throws MOAException An error occurred updating the SP/SS configuration.
+ */
+ public abstract void update() throws MOAException;
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
new file mode 100644
index 0000000..4c57b13
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
@@ -0,0 +1,1139 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api;
+
+import java.io.InputStream;
+import java.math.BigDecimal;
+import java.math.BigInteger;
+import java.security.cert.X509Certificate;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.spss.api.cmssign.CMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+import at.gv.egovernment.moa.spss.api.common.Transform;
+import at.gv.egovernment.moa.spss.api.common.X509IssuerSerial;
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+import at.gv.egovernment.moa.spss.api.common.XPathFilter;
+import at.gv.egovernment.moa.spss.api.impl.SPSSFactoryImpl;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.DataObjectInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.SignatureEnvironmentResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.SingleSignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResult;
+import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResultInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResultInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.SignatureManifestCheckParams;
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameter;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+
+/**
+ * An abstract factory for creating MOA SP/SS API objects.
+ *
+ * Use <code>getInstance()</code> to get a concrete factory instance. Using
+ * this instance, concrete MOA SP/SS API object can be created.
+ *
+ * @author Patrick Peck
+ * @author Gregor Karlinger
+ * @version $Id$
+ */
+public abstract class SPSSFactory {
+
+ /** The default implementation of this class. */
+ private static final String DEFAULT_IMPLEMENTATION =
+ "at.gv.egovernment.moa.spss.api.impl.SPSSFactoryImpl";
+
+ /** The single instance of this class. */
+ private static SPSSFactory instance = null;
+
+ /**
+ * Returns the single instance of this class.
+ *
+ * @return The single instance of this class.
+ */
+ public static synchronized SPSSFactory getInstance() {
+ if (instance == null) {
+ try {
+ /*DiscoverClass discover = new DiscoverClass();
+ instance =
+ (SPSSFactory) discover.newInstance(
+ SPSSFactory.class,
+ DEFAULT_IMPLEMENTATION);*/
+ return new SPSSFactoryImpl();
+ } catch (Exception e) {
+ // this can not happen since we provide a valid default
+ // implementation
+ }
+ }
+ return instance;
+ }
+
+ //
+ // Factory methods for creating XML signatures
+ //
+
+ /**
+ * Create a new <code>CreateXMLSignatureRequest</code> object.
+ *
+ * @param keyIdentifier The identifier for the key group to use for signing.
+ * @param singleSignatureInfos A <code>List</code> of
+ * <code>SingleSignatureInfo</code> objects containing information about a
+ * single signature to be created.
+ * @return The <code>CreateXMLSignatureRequest</code> containing the above
+ * data.
+ *
+ * @pre keyIdentifier != null && keyIdentifier.length() > 0
+ * @pre singleSignatureInfos != null
+ * @pre forall Object o in singleSignatureInfos |
+ * o instanceof at.gv.egovernment.moa.spss.api.common.SingleSignatureInfo
+ * @post return != null
+ */
+ public abstract CreateXMLSignatureRequest createCreateXMLSignatureRequest(
+ String keyIdentifier,
+ List singleSignatureInfos);
+
+ /**
+ * Create a new <code>CreateCMSSignatureRequest</code> object.
+ *
+ * @param keyIdentifier The identifier for the key group to use for signing.
+ * @param singleSignatureInfos A <code>List</code> of
+ * <code>SingleSignatureInfo</code> objects containing information about a
+ * single signature to be created.
+ * @return The <code>CreateCMSSignatureRequest</code> containing the above
+ * data.
+ *
+ * @pre keyIdentifier != null && keyIdentifier.length() > 0
+ * @pre singleSignatureInfos != null
+ * @pre forall Object o in singleSignatureInfos |
+ * o instanceof at.gv.egovernment.moa.spss.api.common.SingleSignatureInfo
+ * @post return != null
+ */
+ public abstract CreateCMSSignatureRequest createCreateCMSSignatureRequest(
+ String keyIdentifier,
+ List singleSignatureInfos);
+
+ /**
+ * Create a new <code>SingleSignatureInfo</code> object.
+ *
+ * @param dataObjectInfos The data objects that will be signed (including
+ * transformations).
+ * @param createSignatureInfo Information about the signature environment. May
+ * be <code>null</code>.
+ * @param securityLayerConform If <code>true</code>, a Security Layer conform
+ * signature manifest is created, otherwise not.
+ * @return The <code>SingleSignatureInfo</code> containing the above data.
+ *
+ * @pre dataObjectInfos != null && dataObjectInfos.size() > 0
+ * @pre forall Object o in dataObjectInfos |
+ * o instanceof at.gv.egovernment.moa.spss.api.xmlsign.DataObjectInfo
+ * @post return != null
+ */
+ public abstract SingleSignatureInfo createSingleSignatureInfo(
+ List dataObjectInfos,
+ CreateSignatureInfo createSignatureInfo, boolean securityLayerConform);
+
+ /**
+ * Create a new <code>SingleSignatureInfo</code> object.
+ *
+ * @param dataObjectInfo The data object that will be signed.
+ * @param securityLayerConform If <code>true</code>, a Security Layer conform
+ * signature manifest is created, otherwise not.
+ * @return The <code>SingleSignatureInfo</code> containing the above data.
+ *
+ * @post return != null
+ */
+ public abstract at.gv.egovernment.moa.spss.api.cmssign.SingleSignatureInfo createSingleSignatureInfoCMS(
+ at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo dataObjectInfo,
+ boolean securityLayerConform);
+
+
+
+
+ /**
+ * Create a new <code>DataObjectInfo</code> object.
+ *
+ * @param structure The type of signature to create.
+ * @param childOfManifest If <code>true</code>, references will be returned
+ * as children of an XMLDsig manifest. Otherwise, they will be returned as
+ * children of the signature itself.
+ * @param dataObject The data object that will be signed.
+ * @param createTransformsInfoProfile Additional transformations to apply
+ * to the data object.
+ * @return The <code>DataObjectInfo</code> containing the above data.
+ *
+ * @pre DataObjectInfo.STRUCTURE_DETACHED.equals(structure) ||
+ * DataObjectInfo.STRUCTURE_ENVELOPING.equals(structure)
+ * @pre dataObject != null
+ * @pre createTransformsInfoProfile != null
+ * @post return != null
+ */
+ public abstract DataObjectInfo createDataObjectInfo(
+ String structure,
+ boolean childOfManifest,
+ Content dataObject,
+ CreateTransformsInfoProfile createTransformsInfoProfile);
+
+ /**
+ * Create a new <code>DataObjectInfo</code> object.
+ *
+ * @param structure The type of signature to create.
+ * @param dataObject The data object that will be signed.
+ * @return The <code>DataObjectInfo</code> containing the above data.
+ *
+ * @pre DataObjectInfo.STRUCTURE_DETACHED.equals(structure) ||
+ * DataObjectInfo.STRUCTURE_ENVELOPING.equals(structure)
+ * @pre dataObject != null
+ * @post return != null
+ */
+ public abstract at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo createDataObjectInfo(
+ String structure,
+ CMSDataObject dataObject);
+
+ /**
+ * Create a new <code>CreateTransformsInfoProfile</code> object containing a
+ * reference to a locally stored profile.
+ *
+ * @param profileID The profile ID to resolve during signature creation.
+ * @return The <code>CreateTransformsInfoProfile</code> containing the given
+ * profile ID.
+ *
+ * @pre profileID != null && profileID.length() > 0
+ * @post return != null
+ */
+ public abstract CreateTransformsInfoProfile createCreateTransformsInfoProfile(String profileID);
+
+ /**
+ * Create a new <code>CreateTransformsInfoProfile</code> object by providing
+ * the profile data explicitly.
+ *
+ * @param transformsInfo The transformations to apply to the associated
+ * data object.
+ * @param supplements Supplemental information for the transformation. May be
+ * <code>null</code>.
+ * @return The <code>CreateTransformsInfoProfile</code> containing the above
+ * data.
+ *
+ * @pre transformsInfo != null
+ * @pre supplements != null implies
+ * forall Object o in supplements |
+ * o instanceof at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation
+ * @post return != null
+ */
+ public abstract CreateTransformsInfoProfile createCreateTransformsInfoProfile(
+ CreateTransformsInfo transformsInfo,
+ List supplements);
+
+ /**
+ * Create a new <code>CreateTransformsInfo</code> object.
+ *
+ * @param transforms The <code>Transform</code>s to apply to the associated
+ * data object. May be <code>null</code>.
+ * @param finalDataMetaInfo Information about the type of the transformed
+ * data.
+ * @return The <code>CreateTransformsInfo</code> containing the above data.
+ *
+ * @pre transforms != null implies transforms.size > 0
+ * @pre transforms != null implies
+ * forall Object o in transforms |
+ * o instanceof at.gv.egovernment.moa.spss.api.common.Transform
+ * @pre finalDataMetaInfo != null
+ * @post return != null
+ */
+ public abstract CreateTransformsInfo createCreateTransformsInfo(
+ List transforms,
+ MetaInfo finalDataMetaInfo);
+
+ /**
+ * Create a new <code>CreateSignatureInfo</code> object.
+ *
+ * @param createSignatureEnvironment The signature environment that will
+ * contain the signature.
+ * @param createSignatureEnvironmentProfile Additional information about
+ * the signture environment.
+ * @return The <code>CreateSignatureInfo</code> containing the above data.
+ *
+ * @pre createSignatureEnvironment != null
+ * @pre createSignatureEnvironmentProfile != null
+ * @post return != null
+ */
+ public abstract CreateSignatureInfo createCreateSignatureInfo(
+ Content createSignatureEnvironment,
+ CreateSignatureEnvironmentProfile createSignatureEnvironmentProfile);
+
+ /**
+ * Create a new <code>CreateSignatureEnvironmentProfile</code> object
+ * containing a reference to a locally stored profile.
+ *
+ * @param profileID The profile ID to resolve during signature creation.
+ * @return The <code>CreateSignatureEnvironmentProfile</code> containing
+ * the given profile ID.
+ *
+ * @pre profileID != null && profileID.length() > 0
+ * @post return != null
+ */
+ public abstract CreateSignatureEnvironmentProfile createCreateSignatureEnvironmentProfile(String profileID);
+
+ /**
+ * Create a new <code>CreateSignatureEnvironmentProfile</code> object by
+ * providing the profile data explicitly.
+ *
+ * @param createSignatureLocation The location where the signature will be
+ * inserted.
+ * @param supplements Additional information about the signature environment.
+ * @return The <code>CreateSignatureEnvironmentProfile</code> containing the
+ * above data.
+ *
+ * @pre createSignatureLocation != null
+ * @pre supplements != null
+ * @pre forall Object o in supplements |
+ * o instanceof at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation
+ * @post return != null
+ */
+ public abstract CreateSignatureEnvironmentProfile createCreateSignatureEnvironmentProfile(
+ CreateSignatureLocation createSignatureLocation,
+ List supplements);
+
+ /**
+ * Create a new <code>CreateSignatureLocation</code> object.
+ *
+ * @param xPathExpression The XPath expression to select the signature
+ * parent element within the signature environment.
+ * @param index The index of the node, after which the signature will be
+ * inserted.
+ * @param namespaceDeclarations The namespace prefix to URI mapping to apply
+ * while evaluating the XPath expression.
+ * @return The <code>CreateSignatureLocation</code> containing the above data.
+ *
+ * @pre xPathExpression != null
+ * @pre index >= 0
+ * @pre namespaceDeclarations != null
+ */
+ public abstract CreateSignatureLocation createCreateSignatureLocation(
+ String xPathExpression,
+ int index,
+ Map namespaceDeclarations);
+
+ /**
+ * Create a new <code>CreateXMLSignatureResponse</code> object.
+ *
+ * @param responseElements The elements of the response, either
+ * <code>SignatureEnvironmentResponse</code> objects, or
+ * <code>ErrorResponse</code> objects.
+ * @return The new <code>CreateXMLSignatureResponse</code> containing the
+ * above data.
+ *
+ * @pre responseElements != null && responseElements.size() > 0
+ * @pre forall Object o in responseElements |
+ * o instanceof at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureResponseElement
+ * @post return != null
+ */
+ public abstract CreateXMLSignatureResponse createCreateXMLSignatureResponse(List responseElements);
+
+
+ /**
+ * Create a new <code>CreateCMSSignatureResponse</code> object.
+ *
+ * @param responseElements The elements of the response, either
+ * <code>CMSSignatureResponse</code> objects, or
+ * <code>ErrorResponse</code> objects.
+ * @return The new <code>CreateCMSSignatureResponse</code> containing the
+ * above data.
+ *
+ * @pre responseElements != null && responseElements.size() > 0
+ * @pre forall Object o in responseElements |
+ * o instanceof at.gv.egovernment.moa.spss.api.cmssign.CMSSignatureResponse
+ * @post return != null
+ */
+ public abstract CreateCMSSignatureResponse createCreateCMSSignatureResponse(List responseElements);
+
+
+ /**
+ * Create a new <code>SignatureEnvironmentResponse</code> object.
+ *
+ * @param signatureEnvironment The signature environment containing the
+ * signature.
+ * @return The <code>SignatureEnvironmentResponse</code> containing the
+ * <code>signatureEnvironment</code>.
+ *
+ * @pre signatureEnvironment != null
+ * @post return != null
+ */
+ public abstract CMSSignatureResponse createCMSSignatureResponse(String base64value);
+
+ /**
+ * Create a new <code>SignatureEnvironmentResponse</code> object.
+ *
+ * @param signatureEnvironment The signature environment containing the
+ * signature.
+ * @return The <code>SignatureEnvironmentResponse</code> containing the
+ * <code>signatureEnvironment</code>.
+ *
+ * @pre signatureEnvironment != null
+ * @post return != null
+ */
+ public abstract SignatureEnvironmentResponse createSignatureEnvironmentResponse(Element signatureEnvironment);
+
+ /**
+ * Create a new <code>ErrorResponse</code> object.
+ *
+ * @param code The numerical error code.
+ * @param info Verbose error information.
+ * @return The new <code>ErrorResponse</code> containing the above data.
+ *
+ * @pre code > 0
+ * @pre info != null
+ * @post return != null
+ */
+ public abstract ErrorResponse createErrorResponse(int code, String info);
+
+ //
+ // Factory methods for verifying CMS signatures
+ //
+
+ /**
+ * Create a new <code>VerifyCMSSignatureRequest</code> object.
+ *
+ * @param signatories The indexes of the signatories whose signature is to
+ * be verified.
+ * @param dateTime The date for which the verification is to be performed.
+ * May be <code>null</code>.
+ * @param cmsSignature The CMS signature.
+ * @param dataObject The signed data. May be <code>null</code>.
+ * @param trustProfileID The ID of the trust profile containing the trusted
+ * root certificates.
+ * @return The <code>VerifyCMSSignatureRequest</code> containing the above
+ * data.
+ *
+ * @pre signatories != null && signatories.length > 0
+ * @pre signaturies != VerifyCMSSignatureRequest.ALL_SIGNATORIES implies
+ * for (int i = 0; i < signatories.length; i++)
+ * signatories[i] >= 1
+ * @pre cmsSignature != null
+ * @pre trustProfileID != null && trustProfileID.length() > 0
+ * @post return != null
+ */
+ public abstract VerifyCMSSignatureRequest createVerifyCMSSignatureRequest(
+ int[] signatories,
+ Date dateTime,
+ InputStream cmsSignature,
+ CMSDataObject dataObject,
+ String trustProfileID);
+
+ /**
+ * Create a new <code>CMSDataObject</code> object from data at a given URI.
+ *
+ * @param metaInfo Type information about the <code>CMSDataObject</code>.
+ * May be <code>null</code>.
+ * @param content The CMS content containing the data.
+ * @return The new <code>CMSDataObject</code> containing the data.
+ *
+ * @pre referenceURI != null
+ * @pre content != null
+ * @post return != null
+ */
+ public abstract CMSDataObject createCMSDataObject(
+ MetaInfo metaInfo,
+ CMSContent content,
+ BigDecimal excludeByteRangeFrom,
+ BigDecimal excludeByteRangeTo);
+
+ /**
+ * Create a new <code>CMSContent</code> object from the data contained at the
+ * given URI.
+ *
+ * @param referenceURI The URI identifying the data. Must be resolvable.
+ * @return The <code>CMSContent</code> containing a reference to the signed
+ * data.
+ *
+ * @pre referenceURI != null
+ * @post return != null
+ */
+ public abstract CMSContent createCMSContent(String referenceURI);
+
+ /**
+ * Create a new <code>CMSContent</code> object from a byte stream.
+ *
+ * @param binaryContent The byte stream containing the signed data.
+ * @return The new <code>CMSContent</code> containing the data from the
+ * byte stream.
+ *
+ * @pre binaryContent != null
+ * @post return != null
+ */
+ public abstract CMSContent createCMSContent(InputStream binaryContent);
+
+ /**
+ * Create a new <code>VerifyCMSSignatureResponse</code> object.
+ *
+ * @param responseElements Verification information about each signature.
+ * @return The new <code>VerifyCMSSignatureResponse</code> containing the
+ * status of signature verification for each signature contained in the
+ * request.
+ *
+ * @pre responseElements != null && responseElements.size() > 0
+ * @pre forall Object o in responseElements |
+ * o instanceof at.gv.egovernment.moa.spss.api.cmssign.VerifyCMSSignatureResponseElement
+ * @post return != null
+ */
+ public abstract VerifyCMSSignatureResponse createVerifyCMSSignatureResponse(List responseElements);
+
+ /**
+ * Create a new <code>VerifyCMSSignatureResponseElement</code> object.
+ *
+ * @param signerInfo Information about the signer certificate.
+ * @param signatureCheck Result of the singature value check.
+ * @param certificateCheck Result of the certificate status check.
+ * @return The new <code>VerifyCMSSignatureResponseElement</code> containing
+ * the above data.
+ *
+ * @pre signerInfo != null && signatureCheck != null &&
+ * certificateCheck != null
+ * @post return != null
+ */
+ public abstract VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement(
+ SignerInfo signerInfo,
+ CheckResult signatureCheck,
+ CheckResult certificateCheck);
+
+ //
+ // Factory methods for verifying XML signatures
+ //
+
+ /**
+ * Create a new <code>VerifyXMLSignatureRequest</code> object.
+ *
+ * @param dateTime The date for which the verification is to be performed.
+ * May be <code>null</code>.
+ * @param verifySignatureInfo Information about the signature environment and
+ * the location of the signature.
+ * @param supplementProfiles Supplemental information for the signature
+ * environment. May be <code>null</code>.
+ * @param signatureManifestParams Additional information for checking the
+ * signature manifest. May be <code>null</code>.
+ * @param returnHashInputData If <code>true</code>, hash input data will
+ * be returned in the response, otherwise not.
+ * @param trustProfileID The ID of the trust profile containing the trusted
+ * root certificates.
+ * @return The new <code>VerifyXMLSignatureRequest</code> containing the
+ * above data.
+ *
+ * @pre verifySignatureInfo != null
+ * @pre supplementProfiles != null implies
+ * forall Object o in supplementProfiles |
+ * o instanceof at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile
+ * @pre trustProfileID != null && trustProfileID.length() > 0
+ * @post return != null
+ */
+ public abstract VerifyXMLSignatureRequest createVerifyXMLSignatureRequest(
+ Date dateTime,
+ VerifySignatureInfo verifySignatureInfo,
+ List supplementProfiles,
+ SignatureManifestCheckParams signatureManifestParams,
+ boolean returnHashInputData,
+ String trustProfileID);
+
+ /**
+ * Create a new <code>VerifySignatureInfo</code> object.
+ *
+ * @param verifySignatureEnvironment The signature environment containing
+ * the signature to be verified.
+ * @param verifySignatureLocation The location of the signature within the
+ * signature environment.
+ * @return The new <code>VerifySignatureInfo</code> containing the above data.
+ *
+ * @pre verifySignatureEnvironment != null
+ * @pre verifySignatureLocation != null
+ * @post return != null
+ */
+ public abstract VerifySignatureInfo createVerifySignatureInfo(
+ Content verifySignatureEnvironment,
+ VerifySignatureLocation verifySignatureLocation);
+
+ /**
+ * Create a new <code>VerifySignatureLocation</code> object.
+ *
+ * @param xPathExpression The XPath expression to select the signature
+ * element within the signature environment.
+ * @param namespaceDeclarations The namespace prefix to URI mapping to apply
+ * while evaluating the XPath expression.
+ * @return The new <code>VerifySignatureLocation</code> containing the above
+ * data.
+ *
+ * @pre xPathExpression != null
+ * @pre namespaceDeclarations != null
+ * @post return != null
+ */
+ public abstract VerifySignatureLocation createVerifySignatureLocation(
+ String xPathExpression,
+ Map namespaceDeclarations);
+
+ /**
+ * Create a new <code>SupplementProfile</code> object containing a reference
+ * to a locally stored profile.
+ *
+ * @param profileID The profile ID to resolve during signature verification.
+ * @return The <code>SupplementProfile</code> containing the profile ID.
+ *
+ * @pre profileID != null && profileID.length() > 0
+ * @post return != null
+ */
+ public abstract SupplementProfile createSupplementProfile(String profileID);
+
+ /**
+ * Create a new <code>SupplementProfile</code> object by providing the profile
+ * data explicitly.
+ *
+ * @param supplementProfile The profile data.
+ * @return The <code>SupplementProfile</code> containing the profile data.
+ */
+ public abstract SupplementProfile createSupplementProfile(XMLDataObjectAssociation supplementProfile);
+
+ /**
+ * Create a new <code>SignatureManifestCheckParams</code> object.
+ *
+ * @param referenceInfos Information for checking the validity of a
+ * a reference.
+ * @param returnReferenceInputData If <code>true</code>, the input data to
+ * the calculation of reference digest values will be returned in the
+ * response, otherwise not.
+ * @return The <code>SignatureManifestCheckParams</code> containing the
+ * above data.
+ *
+ * @pre referenceInfos != null && referenceInfos.size() > 0
+ * @pre forall Object o in referenceInfos |
+ * o instanceof at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo
+ * @post return != null
+ */
+ public abstract SignatureManifestCheckParams createSignatureManifestCheckParams(
+ List referenceInfos,
+ boolean returnReferenceInputData);
+
+ /**
+ * Create a new <code>ReferenceInfo</code> object.
+ *
+ * @param verifyTransformsInfoProfiles The transformation profiles valid for
+ * the associated reference.
+ * @return The <code>ReferenceInfo</code> containing the transformation
+ * profiles.
+ *
+ * @pre verifyTransformsInfoProfiles != null &&
+ * verifyTransformsInfoProfiles.size() > 0
+ * @pre forall Object o in verifyTransformsInfoProfiles |
+ * o instanceof at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfile
+ * @post return != null
+ */
+ public abstract ReferenceInfo createReferenceInfo(List verifyTransformsInfoProfiles);
+
+ /**
+ * Create a new <code>VerifyTransformsInfoProfile</code> object containing
+ * a reference to a locally stored profile.
+ *
+ * @param profileID The profile ID to resolve during signature verification.
+ * @return The <code>VerifyTransformsInfoProfile</code> containing the
+ * given profile ID.
+ *
+ * @pre profileID != null && profileID.length() > 0
+ * @post return != null
+ */
+ public abstract VerifyTransformsInfoProfile createVerifyTransformsInfoProfile(String profileID);
+
+ /**
+ * Create a new <code>VerifyTransformsInfoProfile</code> object by providing
+ * the profile data explicitly.
+ *
+ * @param transforms A valid chain of transformations for the reference.
+ * May be <code>null</code>.
+ * @param transformParameters Additional transformation information.
+ * @return The <code>VerifyTransformsInfoProfile</code> containing the above
+ * data.
+ *
+ * @pre transforms != null implies
+ * (transforms.size() > 0 &&
+ * forall Object o in transforms | o instanceof Transform)
+ * @pre transformParameters != null implies
+ * forall Object o in transformParameters |
+ * o instanceof at.gv.egovernment.moa.spss.api.xmlverify.TransformParameter
+ * @post return != null
+ */
+ public abstract VerifyTransformsInfoProfile createVerifyTransformsInfoProfile(
+ List transforms,
+ List transformParameters);
+
+ /**
+ * Create a new <code>TransformParameter</code> object with the data
+ * contained at the given URI.
+ *
+ * @param URI The URI identifying the data. The URI will be resolved during
+ * signature verification.
+ * @return The <code>TransformParameter</code> containing the URI of the
+ * data.
+ *
+ * @pre URI != null
+ * @post return != null
+ */
+ public abstract TransformParameter createTransformParameter(String URI);
+
+ /**
+ * Creata a new <code>TransformParameter</code> object containing the
+ * binary data.
+ *
+ * @param URI The URI identifying the data.
+ * @param binaryData The binary data.
+ * @return The <code>TransformParameter</code> containig the binary data.
+ *
+ * @pre URI != null
+ * @pre binary != null
+ * @post return != null
+ */
+ public abstract TransformParameter createTransformParameter(
+ String URI,
+ InputStream binaryData);
+
+ /**
+ * Create a new <code>TransformParameter</code> object containing the hash
+ * value of the transformation data.
+ *
+ * @param URI The URI identifying the data. It will be resolved during
+ * signature verification.
+ * @param digestMethod The digest method used for calculating the digest
+ * value.
+ * @param digestValue The hash value of the transformation data.
+ * @return The <code>TransformParameter</code> containing the above data.
+ *
+ * @pre URI != null
+ * @pre digestMethod != null
+ * @pre digestValue != null
+ */
+ public abstract TransformParameter createTransformParameter(
+ String URI,
+ String digestMethod,
+ byte[] digestValue);
+
+ /**
+ * Create a new <code>VerifyXMLSignatureResponse</code> object.
+ *
+ * @param signerInfo Information about the signer certificate.
+ * @param hashInputDatas The signed data objects. May be <code>null</code>.
+ * @param referenceInputDatas The reference input data objects.
+ * May be <code>null</code>.
+ * @param signatureCheck Status information about the signature check.
+ * @param signatureManifestCheck Status information about the signature
+ * manifest check.
+ * @param xmlDsigManifestChecks Status information about each XMLDsig manifest
+ * check.
+ * @param certificateCheck Status information about the signer certificate
+ * check.
+ * @return The <code>VerifyXMLSignatureResponse</code> containing the above
+ * data.
+ *
+ * @pre signerInfo != null
+ * @pre hashInputDatas != null implies
+ * forall Object o in hashInputDatas |
+ * o instanceof at.gv.egovernment.moa.spss.api.common.Content
+ * @pre referenceInputDatas != null implies
+ * forall Object o in referenceInputDatas |
+ * o instanceof at.gv.egovernment.moa.spss.api.common.Content
+ * @pre signatureCheck != null
+ * @pre xmlDsigManifestChecks != null implies
+ * forall Object o in xmlDsigManifestChecks |
+ * o instanceof at.gv.egovernment.moa.spss.api.xmlverifyManifestRefsCheckResult
+ * @pre certificateCheck != null
+ * @post return != null
+ */
+ public abstract VerifyXMLSignatureResponse createVerifyXMLSignatureResponse(
+ SignerInfo signerInfo,
+ List hashInputDatas,
+ List referenceInputDatas,
+ ReferencesCheckResult signatureCheck,
+ ReferencesCheckResult signatureManifestCheck,
+ List xmlDsigManifestChecks,
+ CheckResult certificateCheck);
+
+ /**
+ * Create a new <code>ReferencesCheckResult</code> object.
+ *
+ * @param code The status code.
+ * @param info Additional information about the reference check.
+ * @return The <code>ReferencesCheckResult</code> containing the above data.
+ *
+ * @pre code >= 0
+ * @post return != null
+ */
+ public abstract ReferencesCheckResult createReferencesCheckResult(
+ int code,
+ ReferencesCheckResultInfo info);
+
+ /**
+ * Create a new <code>ReferencesCheckResultInfo</code> object.
+ *
+ * @param anyOtherInfo Arbitrary XML content describing the check result.
+ * May be <code>null</code>.
+ * @param failedReferences The indexes of the failed references. May be
+ * <code>null</code>.
+ * @return The <code>ReferencesCheckResultInfo</code> containing the above
+ * data.
+ *
+ * @post return != null
+ */
+ public abstract ReferencesCheckResultInfo createReferencesCheckResultInfo(
+ NodeList anyOtherInfo,
+ int[] failedReferences);
+
+ /**
+ * Create a new <code>ManifestRefsCheckResult</code> object.
+ *
+ * @param code The status code.
+ * @param info Additional information about the manifest check. May be
+ * <code>null</code>.
+ * @return The <code>ManifestRefsCheckResult</code> containing the above
+ * data.
+ *
+ * @pre code >= 0
+ * @post return != null
+ */
+ public abstract ManifestRefsCheckResult createManifestRefsCheckResult(
+ int code,
+ ManifestRefsCheckResultInfo info);
+
+ /**
+ * Create a new <code>ManifestRefsCheckResultInfo</code> object.
+ *
+ * @param anyOtherInfo Arbitrary XML content describing the check result.
+ * May be <code>null</code>.
+ * @param failedReferences The indexes of the failed references. May be
+ * <code>null</code>.
+ * @param referringSigReference The index of the reference in the signature.
+ * @return The <code>ManifestRefsCheckResultInfo</code> containing the
+ * above data.
+ *
+ * @pre referringSigReference > 0
+ * @post return != null
+ */
+ public abstract ManifestRefsCheckResultInfo createManifestRefsCheckResultInfo(
+ NodeList anyOtherInfo,
+ int[] failedReferences,
+ int referringSigReference);
+
+ //
+ // Factory methods for common objects
+ //
+
+ /**
+ * Create a new <code>Content</code> object referencing data via a URI.
+ *
+ * @param referenceURI The URI pointing to the content.
+ * @return The <code>Content</code> object containing the reference.
+ *
+ * @pre referenceURI != null && referenceURI.length() > 0
+ * @post return != null
+ */
+ public abstract Content createContent(String referenceURI);
+
+ /**
+ * Create a new <code>Content</code> object containing binary data.
+ *
+ * @param binaryData An <code>InputStream</code> containing the binary data.
+ * @param referenceURI An URI identifying the data. May be <code>null</code>.
+ * @return The <code>Content</code> object containing the data.
+ *
+ * @pre binaryData != null
+ * @post return != null
+ */
+ public abstract Content createContent(
+ InputStream binaryData,
+ String referenceURI);
+
+ /**
+ * Create a new <code>Content</code> object containing location reference data.
+ *
+ * @param locationReferenceURI a URI pointing to the actual remote location of the content.
+ *
+ * @param referenceURI An URI identifying the data. May be <code>null</code>.
+ *
+ * @return The <code>Content</code> object containing the data.
+ *
+ * @pre locationReferenceURI != null
+ * @post return != null
+ */
+ public abstract Content createContent(
+ String locationReferenceURI,
+ String referenceURI);
+
+ /**
+ * Create a new <code>Content</code> object containing XML data.
+ *
+ * @param xmlData The XML data contained in the new <code>Content</code>.
+ * @param referenceURI An URI identifying the data. May be <code>null</code>.
+ * @return The <code>Content</code> object containing the data.
+ *
+ * @pre xmlData != null
+ * @post return != null
+ */
+ public abstract Content createContent(NodeList xmlData, String referenceURI);
+
+ /**
+ * Create a new <code>XMLDataObjectAssociation</code> object.
+ *
+ * @param metaInfo Information about the content type. May be
+ * <code>null</code>.
+ * @param content The <code>Content</code> object containing the data.
+ * @return The <code>XMLDataObjectAssociation</code> containing the above
+ * data.
+ *
+ * @pre content != null
+ * @pre content.getContentType() == Content.CONTENT_XML ||
+ * content.getContentType() == Contetn.CONTENT_BINARY
+ * @pre content.getReference() != null
+ * @post return != null
+ */
+ public abstract XMLDataObjectAssociation createXMLDataObjectAssociation(
+ MetaInfo metaInfo,
+ Content content);
+
+ /**
+ * Create a new <code>MetaInfo</code> object.
+ *
+ * @param mimeType The MIME type part of the meta information.
+ * @param description Descriptive meta information. May be <code>null</code>.
+ * @param otherInfo XML meta information. May be <code>null</code>.
+ * @param type Type information for XML signature creation. May be <code>null</code>.
+ * @return The <code>MetaInfo</code> object containing the above data.
+ *
+ * @pre mimeType != null && mimeType.length() > 0
+ * @pre otherInfo != null implies
+ * forall Node n in otherInfo | n.getNodeType() == Node.ELEMENT
+ */
+ public abstract MetaInfo createMetaInfo(
+ String mimeType,
+ String description,
+ NodeList otherInfo,
+ String type);
+
+ /**
+ * Create a <code>CanonicalizationTransform</code> type of <code>Transform</code>.
+ *
+ * @param algorithmURI The algorithm URI of the canonicalization.
+ * @return The created <code>CanonicalizationTransform</code> object.
+ *
+ * @pre CanonicalizationTransform.CANONICAL_XML.equals(algorithmURI) ||
+ * CanonicalizationTransform.CANONICAL_XML_WITH_COMMENTS.equals(algorithmURI)
+ * @post return != null
+ */
+ public abstract Transform createCanonicalizationTransform(String algorithmURI);
+
+ /**
+ * Create an <code>ExclusiveCanonicalizationTransform</code> type of
+ * <code>Transform</code>.
+ *
+ * @param algorithmURI The algorithm URI of the exclusive canonicalization.
+ * @param inclusiveNamespacePrefixes The prefixes of the namespaces to
+ * treat according to canonical XML.
+ * @return The new <code>ExclusiveCanonicalizationTransform</code>
+ *
+ * @pre ExclusiveCanonicalizationTransform.EXCLUSIVE_CANONICAL_XML.equals(algorithmURI) ||
+ * ExclusiveCanonicalizationTransform.EXCLUSIVE_CANONICAL_XML_WITH_COMMENTS.equals(algorithmURI)
+ * @pre inclusiveNamespacePrefixes != null
+ * @pre forall Object o in inclusiveNamespacePrefixes | o instanceof String
+ * @post return != null
+ */
+ public abstract Transform createExclusiveCanonicalizationTransform(
+ String algorithmURI,
+ List inclusiveNamespacePrefixes);
+
+ /**
+ * Create a <code>Base64Transform</code> type of <code>Transform</code>.
+ *
+ * @return A <code>Transform</code> denoting a Base64 decoding.
+ *
+ * @post return != null
+ */
+ public abstract Transform createBase64Transform();
+
+ /**
+ * Create a <code>EnvelopedSignatureTransform</code> type of
+ * <code>Transform</code>.
+ *
+ * @return A <code>Transform</code> denoting an enveloped signature.
+ *
+ * @post return != null
+ */
+ public abstract Transform createEnvelopedSignatureTransform();
+
+ /**
+ * Create an <code>XSLTTransform</code> type of <code>Transform</code>.
+ *
+ * @param styleSheet The XSLT stylesheet contained in the
+ * <code>Transform</code>.
+ * @return A <code>Transform</code> containing the XSLT stylesheet.
+ *
+ * @post return != null
+ */
+ public abstract Transform createXSLTTransform(Element styleSheet);
+
+ /**
+ * Create an <code>XPathTransform</code> type of <code>Transform</code>.
+ *
+ * @param xPathExpression The XPath expression to use in the created
+ * <code>Transform</code>.
+ * @param namespaceDeclarations The namespace prefix to URI mapping to
+ * apply on evaluation of the XPath expression.
+ * @return The <code>XPathTransform</code> containing the above data.
+ *
+ * @pre xPathExpression != null
+ * @pre namespaceDeclarations != null
+ * @post return != null
+ */
+ public abstract Transform createXPathTransform(
+ String xPathExpression,
+ Map namespaceDeclarations);
+
+ /**
+ * Create a new <code>XPathFilter2Transform</code> type of
+ * <code>Transform</code>.
+ *
+ * @param xPathFilters The filters contained in the newly created
+ * <code>XPathFilter2Transform</code>.
+ * @return The <code>XPathFilter2Transform</code> containing the given
+ * filters.
+ *
+ * @pre xPathFilters != null &&
+ * forall Object o in xPathFilters |
+ * o instanceof at.gv.egovernment.moa.spss.api.common.XPathFilter
+ * @post return != null
+ */
+ public abstract Transform createXPathFilter2Transform(List xPathFilters);
+
+ /**
+ * Create a new <code>XPathFilter</code> object.
+ *
+ * @param filterType The type of filter.
+ * @param xPathExpression The XPath expression contained in this filter.
+ * @param namespaceDeclarations The namespace prefix to URI mapping to apply
+ * on evaluation of the XPath expression.
+ * @return The <code>XPathFilter</code> containing the above data.
+ *
+ * @pre XPathFilter.SUBTRACT_TYPE.equals(filterType) ||
+ * XPathFilter.INTERSECT_TYPE.equals(filterType) ||
+ * XPathFilter.UNION_TYPE.equals(filterType)
+ * @pre xPathExpression != null
+ * @pre namespaceDeclarations != null
+ * @post return != null
+ */
+ public abstract XPathFilter createXPathFilter(
+ String filterType,
+ String xPathExpression,
+ Map namespaceDeclarations);
+
+ /**
+ * Create a new <code>CheckResult</code> object.
+ *
+ * @param code The check code.
+ * @param info Verbose information about the check. May be <code>null</code>.
+ * @return The <code>CheckResult</code> containing the above data.
+ *
+ * @pre code >= 0
+ * @post return != null
+ */
+ public abstract CheckResult createCheckResult(int code, NodeList info);
+
+
+
+ /**
+ * Create a new <code>SignerInfo</code> object.
+ *
+ * @param signerCertificate The signer certificate in binary form.
+ * @param qualifiedCertificate <code>true</code>, if the signer certificate is
+ * a qualified certificate, otherwise <code>false</code>.
+ * @param qcSourceTSL <code>true</code>, if the QC information comes from the TSL,
+ * otherwise <code>false</code>.
+ * @param publicAuthority <code>true</code>, if the signer certificate is a
+ * public authority certificate, otherwise <code>false</code>.
+ * @param publicAuthorityID The identification of the public authority
+ * (if <code>publicAuthority</code> is <code>true</code>). May be
+ * <code>null</code>.
+ * @param sscd <code>true</code>, if the TSL check verifies the
+ * signature based on a SSDC, otherwise <code>false</code>.
+ * @param sscdSourceTSL <code>true</code>, if the SSCD information comes from the TSL,
+ * otherwise <code>false</code>.
+ * @param issuerCountryCode contains the signer certificate issuer country code.
+ * @return The <code>SignerInfo</code> containing the above data.
+ *
+ * @pre signerCertSubjectName != null
+ * @pre signerCertIssuerSerial != null
+ * @pre signerCertificate != null
+ */
+ public abstract SignerInfo createSignerInfo(
+ X509Certificate signerCertificate,
+ boolean qualifiedCertificate,
+ boolean qcSourceTSL,
+ boolean publicAuthority,
+ String publicAuthorityID,
+ boolean sscd,
+ boolean sscdSourceTSL,
+ String issuerCountryCode);
+
+ /**
+ * Create a new <code>X509IssuerSerial</code> object.
+ *
+ * @param issuerName The distinguished name of the issuer.
+ * @param issuerSerial The certificate serial number.
+ * @return The <code>X509IssuerSerial</code> containing the above data.
+ *
+ * @pre issuerName != null
+ * @pre issuerSerial != null
+ */
+ public abstract X509IssuerSerial createX509IssuerSerial(
+ String issuerName,
+ BigInteger issuerSerial);
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureCreationService.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureCreationService.java
new file mode 100644
index 0000000..dfdd13d
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureCreationService.java
@@ -0,0 +1,81 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api;
+
+import at.gv.egovernment.moa.spss.MOAException;
+
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.server.invoke.SignatureCreationServiceImpl;
+
+/**
+ * Interface providing functions for signature creation.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class SignatureCreationService {
+
+ /** The default implementation class. */
+ private static final String DEFAULT_IMPLEMENTATION =
+ "at.gv.egovernment.moa.spss.server.invoke.SignatureCreationServiceImpl";
+
+ /** The single instance of this class. */
+ private static SignatureCreationService instance = null;
+
+ /**
+ * Get an instance of the <code>SignatureCreationService</code>.
+ *
+ * @return A concrete instance of the <code>SignatureCreationService</code>.
+ */
+ public static synchronized SignatureCreationService getInstance() {
+ if (instance == null) {
+ try {
+ /*
+ DiscoverClass discover = new DiscoverClass();
+ instance =
+ (SignatureCreationService) discover.newInstance(
+ SignatureCreationService.class,
+ DEFAULT_IMPLEMENTATION);*/
+ return new SignatureCreationServiceImpl();
+ } catch (Exception e) {
+ // this can not happen since we provide a valid default
+ // implementation
+ }
+ }
+ return instance;
+ }
+
+ /**
+ * Create an XML signature.
+ *
+ * @param request Information on how to create the signature.
+ * @return A <code>CreateXMLSignatureResponse</code> containing the
+ * signature.
+ * @throws MOAException Error in server side MOA module.
+ */
+ public abstract CreateXMLSignatureResponse createXMLSignature(CreateXMLSignatureRequest request)
+ throws MOAException;
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureVerificationService.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureVerificationService.java
new file mode 100644
index 0000000..85e2a97
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureVerificationService.java
@@ -0,0 +1,93 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api;
+
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.server.invoke.SignatureVerificationServiceImpl;
+
+/**
+ * Interface providing functions for verifying signatures.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class SignatureVerificationService {
+
+ /** The default implementation class. */
+ private static final String DEFAULT_IMPLEMENTATION =
+ "at.gv.egovernment.moa.spss.server.invoke.SignatureVerificationServiceImpl";
+
+ /** The single instance of this class. */
+ private static SignatureVerificationService instance = null;
+
+ /**
+ * Get an instance of the <code>SignatureVerificationService</code>.
+ *
+ * @return A concrete instance of the
+ * <code>SignatureVerificationService</code>.
+ */
+ public static synchronized SignatureVerificationService getInstance() {
+ if (instance == null) {
+ try {
+ /*DiscoverClass discover = new DiscoverClass();
+ instance =
+ (SignatureVerificationService) discover.newInstance(
+ SignatureVerificationService.class,
+ DEFAULT_IMPLEMENTATION);*/
+ return new SignatureVerificationServiceImpl();
+ } catch (Exception e) {
+ // this can not happen since we provide a valid default
+ // implementation
+ }
+ }
+ return instance;
+ }
+
+ /**
+ * Verify a CMS signature.
+ *
+ * @param request Detailed information on the verification that should be
+ * performed.
+ * @return A <code>VerifyCMSSignatureResponse</code> object that contains
+ * information about the performed verification.
+ * @throws MOAException Error in server side MOA module.
+ */
+ public abstract VerifyCMSSignatureResponse verifyCMSSignature(VerifyCMSSignatureRequest request)
+ throws MOAException;
+ /**
+ * Verfiy an XML Signature.
+ *
+ * @param request information on the verification that should be performed.
+ * @return A <code>VerifyXMLSignatureResponse</code> object that contains
+ * information about the performed verification.
+ * @throws MOAException Error in server side MOA module.
+ */
+ public abstract VerifyXMLSignatureResponse verifyXMLSignature(VerifyXMLSignatureRequest request)
+ throws MOAException;
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CMSSignatureResponse.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CMSSignatureResponse.java
new file mode 100644
index 0000000..10db676
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CMSSignatureResponse.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmssign;
+
+
+/**
+ * Contains the signature if the signature creation was successful.
+ *
+ * @version $Id$
+ */
+public interface CMSSignatureResponse
+ extends CreateCMSSignatureResponseElement {
+ /**
+ * Gets the CMS signature (Base64 encoded).
+ *
+ * @return The CMS signature
+ */
+ public String getCMSSignature();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CreateCMSSignatureRequest.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CreateCMSSignatureRequest.java
new file mode 100644
index 0000000..9d5cd7a
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CreateCMSSignatureRequest.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmssign;
+
+import java.util.List;
+
+
+/**
+ * Object that encapsulates a request to create a CMS Signature.
+ *
+ *
+ * @version $Id$
+ */
+public interface CreateCMSSignatureRequest {
+ /**
+ * Gets the identifier for the keys to be used for the signature.
+ *
+ * @return The identifier for the keys to be used.
+ */
+ public String getKeyIdentifier();
+ /**
+ * Gets the information of the singleSignatureInfo elements.
+ *
+ * @return The information of singleSignatureInfo elements.
+ */
+ public List getSingleSignatureInfos();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CreateCMSSignatureResponse.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CreateCMSSignatureResponse.java
new file mode 100644
index 0000000..6062a11
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CreateCMSSignatureResponse.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmssign;
+
+import java.util.List;
+
+/**
+ * Object that encapsulates the response on to a
+ * <code>CreateCMSSignatureRequest</code> to create an XML signature.
+ *
+ * @version $Id$
+ */
+public interface CreateCMSSignatureResponse {
+ /**
+ * Gets the response elements.
+ *
+ * @return The response elements.
+ */
+ public List getResponseElements();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CreateCMSSignatureResponseElement.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CreateCMSSignatureResponseElement.java
new file mode 100644
index 0000000..8e4e611
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/CreateCMSSignatureResponseElement.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmssign;
+
+/**
+ * Base class for <code>CMSSignature</code> and
+ * <code>ErrorResponse</code> elements in a
+ * <code>CreateXMLSignatureResponse</code>.
+ *
+ * @version $Id$
+ */
+public interface CreateCMSSignatureResponseElement {
+ /**
+ * Indicates that this object contains a <code>CMSSignature</code>.
+ */
+ public static final int CMS_SIGNATURE = 0;
+ /**
+ * Indicates that this objet contains an <code>ErrorResponse</code>.
+ */
+ public static final int ERROR_RESPONSE = 1;
+
+ /**
+ * Gets the type of response object.
+ *
+ * @return The type of response object, either
+ * <code>CMS_SIGNATURE</code> or <code>ERROR_RESPONSE</code>.
+ */
+ public int getResponseType();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/DataObjectInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/DataObjectInfo.java
new file mode 100644
index 0000000..b9f3630
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/DataObjectInfo.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmssign;
+
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+
+/**
+ * Encapsulates information required to create a single signature.
+ *
+ * @version $Id$
+ */
+public interface DataObjectInfo {
+ /**
+ * Indicates that a detached signature will be created.
+ */
+ public static final String STRUCTURE_DETACHED = "detached";
+ /**
+ * Indicates that an enveloping signature will be created.
+ */
+ public static final String STRUCTURE_ENVELOPING = "enveloping";
+
+ /**
+ * Gets the structure of the signature.
+ *
+ * @return The structure of the signature.
+ */
+ public String getStructure();
+
+ /**
+ * Gets information related to a single data object.
+ *
+ * @return Information related to a single data object.
+ */
+ public CMSDataObject getDataObject();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/SingleSignatureInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/SingleSignatureInfo.java
new file mode 100644
index 0000000..1f87a50
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmssign/SingleSignatureInfo.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmssign;
+
+
+
+/**
+ * Encapsulates data to create a single signature.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface SingleSignatureInfo {
+ /**
+ * Gets the dataObjectInfo information.
+ *
+ * @return The dataObjectInfo information.
+ */
+ public DataObjectInfo getDataObjectInfo();
+
+ /**
+ * Check whether a Security Layer conform signature manifest will be created.
+ *
+ * @return <code>true</code>, if a Security Layer conform signature manifest
+ * will be created, <code>false</code> otherwise.
+ */
+ public boolean isSecurityLayerConform();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSContent.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSContent.java
new file mode 100644
index 0000000..4c2c1cc
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSContent.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmsverify;
+
+/**
+ * Base class for objects containing CMS content.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CMSContent {
+ /**
+ * Indicates that this object contains a reference to the CMS content.
+ */
+ public static final int REFERENCE_CONTENT = 0;
+ /**
+ * Indicates that this object contains the CMS content explicitly.
+ */
+ public static final int EXPLICIT_CONTENT = 1;
+
+ /**
+ * Gets the type of the contained content.
+ *
+ * @return The type of content, either <code>REFERENCE_CONTENT</code> or
+ * <code>EXPLICIT_CONTENT</code>.
+ */
+ public int getContentType();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSContentExcplicit.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSContentExcplicit.java
new file mode 100644
index 0000000..7fc6029
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSContentExcplicit.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmsverify;
+
+import java.io.InputStream;
+
+/**
+ * Encapsulates binary CMS content.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CMSContentExcplicit extends CMSContent {
+ /**
+ * Gets the content as a stream.
+ *
+ * @return A stream containing the binary content.
+ */
+ public InputStream getBinaryContent();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSContentReference.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSContentReference.java
new file mode 100644
index 0000000..ade197d
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSContentReference.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmsverify;
+
+/**
+ * Encapsulates CMS content that is referenced by an URI.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CMSContentReference extends CMSContent {
+ /**
+ * Gets the reference URI from wher the content can be retrieved.
+ *
+ * @return The reference URI.
+ */
+ public String getReference();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSDataObject.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSDataObject.java
new file mode 100644
index 0000000..f9a6846
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/CMSDataObject.java
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmsverify;
+
+import java.math.BigDecimal;
+
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+
+/**
+ * A data object used for verification of CMS signatures.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CMSDataObject {
+ /**
+ * Gets the meta information of the content.
+ *
+ * @return An object containig the meta information.
+ */
+ public MetaInfo getMetaInfo();
+ /**
+ * Gets the actual content of the data object.
+ *
+ * @return The actual content.
+ */
+ public CMSContent getContent();
+
+
+ public BigDecimal getExcludeByteRangeFrom();
+
+ public BigDecimal getExcludeByteRangeTo();
+
+ }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java
new file mode 100644
index 0000000..225f685
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java
@@ -0,0 +1,76 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmsverify;
+
+import java.io.InputStream;
+import java.util.Date;
+
+/**
+ * Object that encapsulates a request to verify a CMS signature.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface VerifyCMSSignatureRequest {
+ /**
+ * Indicates, that signature checks for all signatories must be returned.
+ */
+ public static int[] ALL_SIGNATORIES = new int[] { -1 };
+ /**
+ * Gets the positions of signatories whose signature must be verified.
+ *
+ * @return The positions of signatories.
+ */
+ public int[] getSignatories();
+ /**
+ * Gets the date and time for which the signature verification has to
+ * be performed.
+ *
+ * @return Date and time for which the signature verification has
+ * to be performed.
+ */
+ public Date getDateTime();
+ /**
+ * Gets the binary CMS signature.
+ *
+ * @return An <code>InputStream</code> from which the binary CMS signature
+ * can be read.
+ */
+ public InputStream getCMSSignature();
+ /**
+ * Gets the data object necessary for the verification.
+ *
+ * @return The data object necessary for verification.
+ */
+ public CMSDataObject getDataObject();
+ /**
+ * Gets the profile ID of trusted certificates to be used for signature
+ * verification.
+ *
+ * @return The profile ID of trusted certificates.
+ */
+ public String getTrustProfileId();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponse.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponse.java
new file mode 100644
index 0000000..33924cb
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponse.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmsverify;
+
+import java.util.List;
+
+
+/**
+ * Object that encapsulates the response on a request to verify a CMS
+ * signature.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface VerifyCMSSignatureResponse {
+ /**
+ * Gets the response elements.
+ *
+ * @return The response elements.
+ */
+ public List getResponseElements();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
new file mode 100644
index 0000000..a1135ba
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.cmsverify;
+
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+
+/**
+ * Contains detailed information about the verification of a signature.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface VerifyCMSSignatureResponseElement {
+ /**
+ * Gets a SignerInfo element according to CMS.
+ *
+ * @return The SignerInfo element according to CMS.
+ */
+ public SignerInfo getSignerInfo();
+ /**
+ * Gets the result of the signature verification.
+ *
+ * @return The result of the signature verification.
+ */
+ public CheckResult getSignatureCheck();
+ /**
+ * Gets the result of the certificate verification.
+ *
+ * @return The result of the certificate verification.
+ */
+ public CheckResult getCertificateCheck();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/Base64Transform.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/Base64Transform.java
new file mode 100644
index 0000000..6050d5b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/Base64Transform.java
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+/**
+ * A <code>Transform</code> performing a Base64 decoding.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface Base64Transform extends Transform {
+ /** Algorithm URI of the Base64 <code>Transform</code> type. */
+ public static final String BASE64_DECODING =
+ "http://www.w3.org/2000/09/xmldsig#base64";
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/CanonicalizationTransform.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/CanonicalizationTransform.java
new file mode 100644
index 0000000..988c5bc
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/CanonicalizationTransform.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import at.gv.egovernment.moa.util.Constants;
+
+/**
+ * A canonicalization type of <code>Transform</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface CanonicalizationTransform extends Transform {
+ /** Algorithm URI of canonical XML. */
+ public static final String CANONICAL_XML = Constants.C14N_URI;
+ /** Algorithm URI of canonical XML with comments. */
+ public static final String CANONICAL_XML_WITH_COMMENTS =
+ Constants.C14N_WITH_COMMENTS_URI;
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/CheckResult.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/CheckResult.java
new file mode 100644
index 0000000..5c94981
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/CheckResult.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import org.w3c.dom.NodeList;
+
+/**
+ * Object encapsulating the result of a signature verification.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CheckResult {
+ /**
+ * Gets the result code.
+ *
+ * @return The result code.
+ */
+ public int getCode();
+ /**
+ * Gets descriptive information.
+ *
+ * @return Descriptive information.
+ */
+ public NodeList getInfo();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/Content.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/Content.java
new file mode 100644
index 0000000..efde1eb
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/Content.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+/**
+ * Encapsulates content data.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @author Gregor Karlinger
+ * @version $Id$
+ */
+public interface Content {
+
+ /**
+ * Indicates that this object contains a URI reference to some content.
+ */
+ public static final int REFERENCE_CONTENT = 0;
+
+ /**
+ * Indicates that this object contains binary content.
+ */
+ public static final int BINARY_CONTENT = 1;
+
+ /**
+ * Indicates that this object contains XML content.
+ */
+ public static final int XML_CONTENT = 2;
+
+ /**
+ * Indicates that this object contains a location reference content.
+ */
+ public static final int LOCREF_CONTENT = 3;
+
+ /**
+ * Gets the type of content contained in this object.
+ *
+ * @return The type of content, one of <code>BINARY_CONTENT</code>, <code>XML_CONTENT</code>, <code>
+ * REFERENCE_CONTENT</code> or <code>LOCREF_CONTENT</code>.
+ */
+ public int getContentType();
+
+ /**
+ * Gets the reference to the content data (a URI).
+ *
+ * @return The reference to the content data.
+ */
+ public String getReference();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentBinary.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentBinary.java
new file mode 100644
index 0000000..77ec9dd
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentBinary.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import java.io.InputStream;
+
+/**
+ * Encapsulates binary content.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface ContentBinary extends Content {
+ /**
+ * Get the binary content.
+ *
+ * @return An <code>InputStream</code> from which the binary content can
+ * be read.
+ */
+ public InputStream getBinaryContent();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentLocRef.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentLocRef.java
new file mode 100644
index 0000000..d1ef096
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentLocRef.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+/**
+ * Encapsulates location reference content.
+ *
+ * @author Gregor Karlinger
+ * @version $Id$
+ */
+public interface ContentLocRef extends Content
+{
+ /**
+ * Gets the location reference URI pointing to the actual remote location of the content.
+ *
+ * @return the location reference URI.
+ */
+ public String getLocationReferenceURI();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentReference.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentReference.java
new file mode 100644
index 0000000..8c4a658
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentReference.java
@@ -0,0 +1,35 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+/**
+ * Content containing a reference to content data.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface ContentReference extends Content {
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentXML.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentXML.java
new file mode 100644
index 0000000..d41f6a6
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ContentXML.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import org.w3c.dom.NodeList;
+
+/**
+ * Encapsulates arbitrary XML content.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface ContentXML extends Content {
+ /**
+ * Gets the XML content stored in this object.
+ *
+ * @return The XML content.
+ */
+ public NodeList getXMLContent();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ElementSelector.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ElementSelector.java
new file mode 100644
index 0000000..b446c5f
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ElementSelector.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import java.util.Map;
+
+/**
+ * A class containing data for selecting single elements using an XPath
+ * expression.
+ *
+ * Derived classes are used to point to the <code>CreateSignatureLocation</code>
+ * and the <code>VerifySignatureLocation</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface ElementSelector {
+ /**
+ * Gets the XPath expression pointing to a single element.
+ *
+ * @return The XPath expression to select the signature parent element.
+ */
+ public String getXPathExpression();
+ /**
+ * Gets the namespace prefix to URI mapping to use when evaluating the XPath.
+ *
+ * @return The namespace prefix to URI mapping.
+ */
+ public Map getNamespaceDeclarations();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/EnvelopedSignatureTransform.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/EnvelopedSignatureTransform.java
new file mode 100644
index 0000000..8e6de87
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/EnvelopedSignatureTransform.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+/**
+ * An enveloped signature type of <code>Transform</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface EnvelopedSignatureTransform extends Transform {
+ /**
+ * Algorithm URI of the enveloped signature type of <code>Transform</code>.
+ */
+ public static final String ENVELOPED_SIGNATURE =
+ "http://www.w3.org/2000/09/xmldsig#enveloped-signature";
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ExclusiveCanonicalizationTransform.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ExclusiveCanonicalizationTransform.java
new file mode 100644
index 0000000..5c2b633
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ExclusiveCanonicalizationTransform.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import java.util.List;
+
+import at.gv.egovernment.moa.util.Constants;
+
+/**
+ * An exclusive canonicalization type of <code>Transform</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface ExclusiveCanonicalizationTransform extends Transform {
+ /** Algorithm URI of exclusive canonical XML. */
+ public static final String EXCLUSIVE_CANONICAL_XML = Constants.EXC_C14N_URI;
+ /** Algorithm URI of exclusive canonical XML with comments. */
+ public static final String EXCLUSIVE_CANONICAL_XML_WITH_COMMENTS =
+ Constants.EXC_C14N_WITH_COMMENTS_URI;
+
+ /**
+ * Sets the namespace prefixes that are handled in the same manner as in
+ * canonical XML.
+ *
+ * @return The inclusive namespace prefixes.
+ */
+ public List getInclusiveNamespacePrefixes();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/InputData.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/InputData.java
new file mode 100644
index 0000000..8c940cd
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/InputData.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+/**
+ * Interface specifying accessors for two attributes needed for returning
+ * <code>HashInputData</code> and <code>ReferenceInputData</code> information
+ * as part of <code>VerifyXMLSignatureResponse</code>.
+ *
+ * @author Gregor Karlinger
+ *
+ * @version $Id$
+ */
+public interface InputData extends Content
+{
+ /**
+ * Possible value returned by {@link #getPartOf}.
+ */
+ public static String CONTAINER_SIGNEDINFO_ = "SignedInfo";
+
+ /**
+ * Possible value returned by {@link #getPartOf}.
+ */
+ public static String CONTAINER_XMLDSIGMANIFEST_ = "XMLDSIGManifest";
+
+ /**
+ * Value returned by {link getReferringReferenceNumber}, signalling that the
+ * attribute is not used.
+ */
+ public static int REFERER_NONE_ = -1;
+
+ /**
+ * Returns a <code>String</code> signalling what kind of container the
+ * XMLDSIG <code>Reference</code> this <code>InputData</code> belongs
+ * to is part of.
+ *
+ * @return the kind of container.
+ */
+ public String getPartOf();
+
+ /**
+ * If this <code>InputData</code> belongs to an XMLDSIG <code>Reference</code>
+ * being part of either a XMLDSIGManifest or a SignatureManifest, this method
+ * returns a positive int value signalling the particular <code>Reference</code>
+ * of the XMLDSIG <code>SignedInfo</code> referring to the XMLDSIGManifest or
+ * SignatureManifest respectively.
+ */
+ public int getReferringReferenceNumber();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/MetaInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/MetaInfo.java
new file mode 100644
index 0000000..2413229
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/MetaInfo.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import org.w3c.dom.NodeList;
+
+/**
+ * Object encapsulating descriptive meta information.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface MetaInfo {
+ /**
+ * Gets the mime type of the associated object.
+ *
+ * @return The mimetype of the associated object.
+ */
+ public String getMimeType();
+ /**
+ * Gets the descriptive information (URI).
+ *
+ * @return URI referencing the descriptive information.
+ */
+ public String getDescription();
+ /**
+ * Gets the elemental informations.
+ *
+ * @return The elemental informations.
+ */
+ public NodeList getAnyElements();
+ /**
+ * Gets the XML signature creation type information of the associated object.
+ *
+ * @return the XML signature creation type information of the associated object.
+ */
+ public String getType();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/SignerInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/SignerInfo.java
new file mode 100644
index 0000000..777365a
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/SignerInfo.java
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import java.security.cert.X509Certificate;
+
+
+/**
+ * Contains information about the signer.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface SignerInfo {
+ /**
+ * Gets the signer certificate.
+ *
+ * @return The signer certificate.
+ */
+ public X509Certificate getSignerCertificate();
+ /**
+ * Checks, whether the certificate contained in this object is qualified.
+ *
+ * @return <code>true</code>, if the certificate is qualified, otherwise
+ * <code>false</code>.
+ */
+ public boolean isQualifiedCertificate();
+
+
+ /**
+ * Checks, whether the signature is based on a SSCD.
+ *
+ * @return <code>true</code>, if the signature is based on a SSCD, otherwise
+ * <code>false</code>.
+ */
+ public boolean isSSCD();
+
+ /**
+ * Returns the source of the SSCD check (TSL or Certificate) *
+ */
+ public String getSSCDSource();
+
+ /**
+ * Returns the source of the QC check (TSL or Certificate) *
+ */
+ public String getQCSource();
+
+ /**
+ * Returns the signer certificate issuer country code
+ * @return
+ */
+ public String getIssuerCountryCode();
+ /**
+ * Checks, whether the certificate contained in this object is a
+ * public authority certificate.
+ *
+ * @return <code>true</code>, if the certificate is a public authority
+ * certificate, otherwise <code>false</code>.
+ */
+ public boolean isPublicAuthority();
+ /**
+ * Gets the public authority ID, if the certificate contained in this
+ * object is from a public authority.
+ *
+ * @return The public authority ID.
+ */
+ public String getPublicAuhtorityID();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/TSLConfiguration.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/TSLConfiguration.java
new file mode 100644
index 0000000..0e0c82c
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/TSLConfiguration.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+
+import iaik.xml.crypto.utils.URI;
+
+import java.util.Date;
+
+
+/**
+ * Contains TSL configuration information.
+ *
+ * @author kstranacher
+ */
+public interface TSLConfiguration {
+
+ /** Default URL of EU TSL */
+ public String DEFAULT_EU_TSL_URL = "https://ec.europa.eu/information_society/policy/esignature/trusted-list/tl-mp.xml";
+
+ /** Default period (1day=86400000 msec) for update schedule */
+ public String DEFAULT_UPDATE_SCHEDULE_PERIOD = "86400000";
+
+ /** Default start time (2:00 AM) for update schedule */
+ public String DEFAULT_UPDATE_SCHEDULE_STARTTIME = "02:00:00";
+
+ public String DEFAULT_WORKING_DIR = "tslworking";
+
+ /**
+ * Gets the EU TSL URL.
+ *
+ * @return The EU TSL URL.
+ */
+ public String getEuTSLUrl();
+
+ /**
+ *
+ * @return
+ */
+ public Date getUpdateScheduleStartTime();
+
+ /**
+ *
+ * @return
+ */
+ public long getUpdateSchedulePeriod();
+
+ /**
+ *
+ * @return
+ */
+ public String getWorkingDirectory();
+
+ /**
+ *
+ * @return
+ */
+ public URI getWorkingDirectoryAsURI();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/Transform.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/Transform.java
new file mode 100644
index 0000000..ad050b4
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/Transform.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+/**
+ * Base class for XMLDsig <code>Transform</code> elements.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface Transform {
+ /**
+ * Gets the algorithm URI of this <code>Transform</code>.
+ *
+ * @return The algorithm URI of this <code>Transform</code>.
+ */
+ public String getAlgorithmURI();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/X509IssuerSerial.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/X509IssuerSerial.java
new file mode 100644
index 0000000..39ec807
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/X509IssuerSerial.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import java.math.BigInteger;
+
+/**
+ * Contains an X.509 issuer distinguished name/serial number pair.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface X509IssuerSerial {
+ /**
+ * Gets the issuer distinguished name.
+ *
+ * @return The issuer distinguished name.
+ */
+ public String getX509IssuerName();
+ /**
+ * Gets the issuer serial number.
+ *
+ * @return The issuer serial number.
+ */
+ public BigInteger getX509SerialNumber();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XMLDataObjectAssociation.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XMLDataObjectAssociation.java
new file mode 100644
index 0000000..fe2a795
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XMLDataObjectAssociation.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+
+/**
+ * Object encapsulating arbitrary content and optional descriptive meta
+ * information.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface XMLDataObjectAssociation {
+ /**
+ * Gets descriptive meta information.
+ *
+ * @return The descriptive meta information.
+ */
+ public MetaInfo getMetaInfo();
+ /**
+ * Gets the actual content.
+ *
+ * @return The content of this association.
+ */
+ public Content getContent();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XPathFilter.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XPathFilter.java
new file mode 100644
index 0000000..06a49a2
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XPathFilter.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import java.util.Map;
+
+/**
+ * An XPath expression set operation.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface XPathFilter {
+ /** Subtract this filter's node set from the resulting node set. */
+ public static final String SUBTRACT_TYPE = "subtract";
+ /** Intersect this filter's node set with the resulting node set. */
+ public static final String INTERSECT_TYPE = "intersect";
+ /** Compute the union of this filter's node set and the resulting node set. */
+ public static final String UNION_TYPE = "union";
+
+ /**
+ * Gets the type of this <code>XPathFilter</code>.
+ *
+ * @return The type of this <code>XPathFilter</code>.
+ */
+ public String getFilterType();
+ /**
+ * Gets the XPath expression for selecting the nodes.
+ *
+ * @return The XPath expression for selecting the nodes.
+ */
+ public String getXPathExpression();
+ /**
+ * Gets The namespace prefix to URI mapping used during evaluation of the
+ * XPath expression.
+ *
+ * @return The namespace prefix to URI mapping.
+ */
+ public Map getNamespaceDeclarations();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XPathFilter2Transform.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XPathFilter2Transform.java
new file mode 100644
index 0000000..6f05710
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XPathFilter2Transform.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import java.util.List;
+
+/**
+ * An XPath type of <code>Transform</code> containing multiple filters for
+ * performing set operations on XPath selections.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface XPathFilter2Transform extends Transform {
+ /** Algorithm URI for the XPath Filter2 <code>Transform</code>. */
+ public static final String XPATH_FILTER2 =
+ "http://www.w3.org/2002/06/xmldsig-filter2";
+
+ /**
+ * Gets the <code>XPathFilter</code>s contained in this
+ * <code>XPathFilter2Transform</code>.
+ *
+ * @return The <code>XPathFilter</code>s.
+ */
+ public List getFilters();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XPathTransform.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XPathTransform.java
new file mode 100644
index 0000000..99eda2a
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XPathTransform.java
@@ -0,0 +1,54 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import java.util.Map;
+
+/**
+ * A <code>Transform</code> performing an XPath selection.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface XPathTransform extends Transform {
+ /** Algorithm URI of the XPath <code>Transform</code>. */
+ public static final String XPATH =
+ "http://www.w3.org/TR/1999/REC-xpath-19991116";
+
+ /**
+ * Gets the XPath expression used for selection.
+ *
+ * @return The XPath expression used for selection.
+ */
+ public String getXPathExpression();
+ /**
+ * Gets The namespace prefix to URI mapping used during evaluation of the
+ * XPath expression.
+ *
+ * @return The namespace prefix to URI mapping.
+ */
+ public Map getNamespaceDeclarations();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XSLTTransform.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XSLTTransform.java
new file mode 100644
index 0000000..8cb6c8e
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/XSLTTransform.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.common;
+
+import org.w3c.dom.Element;
+
+/**
+ * A <code>Transform</code> containing an XSLT stylesheet.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface XSLTTransform extends Transform {
+ /** Algorithm URI for the XSLT type of <code>Transform</code>. */
+ public static final String XSLT =
+ "http://www.w3.org/TR/1999/REC-xslt-19991116";
+
+ /**
+ * Gets the XSLT stylesheet element used for the transformation.
+ *
+ * @return The XSLT stylesheet element used for the transformation.
+ */
+ public Element getStylesheet();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/Base64TransformImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/Base64TransformImpl.java
new file mode 100644
index 0000000..f708bab
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/Base64TransformImpl.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.Base64Transform;
+
+/**
+ * Default implementation of <code>Base64Transform</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class Base64TransformImpl
+ extends TransformImpl
+ implements Base64Transform {
+
+ /**
+ * Create a new <code>Base64TransformImpl</code> object.
+ */
+ public Base64TransformImpl() {
+ setAlgorithmURI(BASE64_DECODING);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSContentExplicitImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSContentExplicitImpl.java
new file mode 100644
index 0000000..8dede90
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSContentExplicitImpl.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.io.InputStream;
+
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentExcplicit;
+
+/**
+ * Default implementation of <code>CMSContentExplicit</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CMSContentExplicitImpl implements CMSContentExcplicit {
+
+ /** The binary content, as a stream. */
+ private InputStream binaryContent;
+
+ /**
+ * Sets the binary content as a stream.
+ *
+ * @param content The binary content as a stream.
+ */
+ public void setBinaryContent(InputStream content) {
+ this.binaryContent = content;
+ }
+
+ public InputStream getBinaryContent() {
+ return binaryContent;
+ }
+
+ /**
+ * Gets the type of content.
+ *
+ * @return EXPLICIT_CONTENT
+ */
+ public int getContentType() {
+ return EXPLICIT_CONTENT;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSContentReferenceImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSContentReferenceImpl.java
new file mode 100644
index 0000000..fb90c5f
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSContentReferenceImpl.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentReference;
+
+/**
+ * Default implementation of <code>CMSContentReference</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CMSContentReferenceImpl implements CMSContentReference {
+
+ /** The reference pointing to the actual data. */
+ private String reference;
+
+ /**
+ * Sets the reference URI.
+ *
+ * @param referenceURI The URI pointing to the content data.
+ */
+ public void setReference(String referenceURI) {
+ this.reference = referenceURI;
+ }
+
+ public String getReference() {
+ return reference;
+ }
+
+ /**
+ * Gets the content type.
+ *
+ * @return REFERENCE_CONTENT
+ */
+ public int getContentType() {
+ return REFERENCE_CONTENT;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSDataObjectImpl.java
new file mode 100644
index 0000000..20a9b56
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSDataObjectImpl.java
@@ -0,0 +1,91 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.math.BigDecimal;
+
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+
+/**
+ * Default implementation of <code>CMLSDataObject</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CMSDataObjectImpl implements CMSDataObject {
+
+ /** The <code>MetaInfo</code> associated with the CMS data object. */
+ private MetaInfo metaInfo;
+ /** The <code>CMSContent</code> contained in this data object. */
+ private CMSContent cmsContent;
+
+ private BigDecimal excludeByteRangeFrom;
+ private BigDecimal excludeByteRangeTo;
+
+ /**
+ * Sets the meta information associated with the CMS data object.
+ *
+ * @param metaInfo The meta information.
+ */
+ public void setMetaInfo(MetaInfo metaInfo) {
+ this.metaInfo = metaInfo;
+ }
+
+ public MetaInfo getMetaInfo() {
+ return metaInfo;
+ }
+
+ /**
+ * Sets the data of this <code>CMSDataObject</code>.
+ *
+ * @param cmsContent The actual data of this <code>CMSDataObject</code>.
+ */
+ public void setContent(CMSContent cmsContent) {
+ this.cmsContent = cmsContent;
+ }
+
+ public CMSContent getContent() {
+ return cmsContent;
+ }
+
+ public void setExcludeByteRangeFrom(BigDecimal excludeByteRangeFrom) {
+ this.excludeByteRangeFrom = excludeByteRangeFrom;
+ }
+
+ public BigDecimal getExcludeByteRangeFrom() {
+ return excludeByteRangeFrom;
+ }
+
+ public void setExcludeByteRangeTo(BigDecimal excludeByteRangeTo) {
+ this.excludeByteRangeTo = excludeByteRangeTo;
+ }
+
+ public BigDecimal getExcludeByteRangeTo() {
+ return excludeByteRangeTo;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSSignatureResponseImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSSignatureResponseImpl.java
new file mode 100644
index 0000000..b512dd0
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CMSSignatureResponseImpl.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.spss.api.cmssign.CMSSignatureResponse;
+
+/**
+ * Default implementation of <code>CMSSignatureResponse</code>.
+ *
+ * @version $Id$
+ */
+public class CMSSignatureResponseImpl
+ implements CMSSignatureResponse {
+
+ /** The base64 value of the CMS signature. */
+ private String cmsSignature;
+
+ /**
+ * Sets the CMS signature.
+ *
+ * @param cmsSignature The Base64 encoded value CMS signature.
+ */
+ public void setCMSSignature(String cmsSignature) {
+ this.cmsSignature = cmsSignature;
+ }
+
+ public String getCMSSignature() {
+ return cmsSignature;
+ }
+
+ /**
+ * Gets the type of <code>CreateCMSSignatureResponseElement</code>.
+ *
+ * @return CMS_SIGNATURE
+ */
+ public int getResponseType() {
+ return CMS_SIGNATURE;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CanonicalizationTransformImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CanonicalizationTransformImpl.java
new file mode 100644
index 0000000..f8efe26
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CanonicalizationTransformImpl.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.CanonicalizationTransform;
+
+/**
+ * Default implementation of <code>CanonicalizationTransform</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CanonicalizationTransformImpl
+ extends TransformImpl
+ implements CanonicalizationTransform {
+
+ /**
+ * Create a new <code>CanonicalizationTransformImpl</code> object.
+ *
+ * @param algorithmURI Algorithm URI of the canonicalization
+ * <code>Transform</code> type.
+ */
+ public CanonicalizationTransformImpl(String algorithmURI) {
+ setAlgorithmURI(algorithmURI);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CheckResultImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CheckResultImpl.java
new file mode 100644
index 0000000..5bb6e60
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CheckResultImpl.java
@@ -0,0 +1,76 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+
+/**
+ * Default implementation of <code>CheckResult</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CheckResultImpl implements CheckResult {
+ /** The result code. */
+ private int code;
+
+ /** Additional information. */
+ private NodeList info;
+
+ /**
+ * Sets a result code.
+ *
+ * @param code The result code.
+ */
+ public void setCode(int code) {
+ this.code = code;
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.CheckResult#getCode()
+ */
+ public int getCode() {
+ return code;
+ }
+
+ /**
+ * Sets a descriptive information.
+ *
+ * @param info The descriptive information.
+ */
+ public void setInfo(NodeList info) {
+ this.info = info;
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.CheckResult#getInfo()
+ */
+ public NodeList getInfo() {
+ return info;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentBinaryImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentBinaryImpl.java
new file mode 100644
index 0000000..7fe1cf9
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentBinaryImpl.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.io.InputStream;
+
+import at.gv.egovernment.moa.spss.api.common.ContentBinary;
+
+/**
+ * Default implementation of <code>ContentBinary</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class ContentBinaryImpl extends ContentImpl implements ContentBinary {
+
+ /** The binary content as a stream. */
+ private InputStream binaryContent;
+
+ /**
+ * Sets the binary content as a stream.
+ *
+ * @param binaryContent The binary content as a stream.
+ */
+ public void setBinaryContent(InputStream binaryContent) {
+ this.binaryContent = binaryContent;
+ }
+
+ public InputStream getBinaryContent() {
+ return binaryContent;
+ }
+
+ /**
+ * Gets the type of content.
+ *
+ * @return BINARY_CONTENT
+ */
+ public int getContentType() {
+ return BINARY_CONTENT;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentImpl.java
new file mode 100644
index 0000000..d061747
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentImpl.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.Content;
+
+/**
+ * Default base class for <code>Content</code> implementations.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class ContentImpl implements Content {
+ /** The reference pointing to the content data. */
+ private String reference;
+
+ /**
+ * Sets the reference pointing to the content data.
+ *
+ * @param referenceURI The URI of the content data.
+ */
+ public void setReference(String referenceURI) {
+ this.reference = referenceURI;
+ }
+
+ public String getReference() {
+ return reference;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentLocRefImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentLocRefImpl.java
new file mode 100644
index 0000000..aa01a93
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentLocRefImpl.java
@@ -0,0 +1,68 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.ContentLocRef;
+
+/**
+ * Default implementation of <code>ContentLocRef</code>.
+ *
+ * @author Gregor Karlinger
+ * @version $Id$
+ */
+public class ContentLocRefImpl extends ContentImpl implements ContentLocRef
+{
+ /**
+ * The location reference URI pointing to the actual remote location of the content.
+ */
+ private String locationReferenceURI_;
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.ContentLocRef#getLocationReferenceURI()
+ */
+ public String getLocationReferenceURI()
+ {
+ return locationReferenceURI_;
+ }
+
+ /**
+ * Sets the location reference URI pointing to the actual remote location of the content.
+ *
+ * @param locationReferenceURI the location reference URI.
+ */
+ public void setLocationReferenceURI(String locationReferenceURI)
+ {
+ locationReferenceURI_ = locationReferenceURI;
+ }
+
+ /**
+ * Gets the type of content.
+ *
+ * @return LOCREF_CONTENT.
+ */
+ public int getContentType() {
+ return LOCREF_CONTENT;
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentReferenceImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentReferenceImpl.java
new file mode 100644
index 0000000..ab5c3b4
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentReferenceImpl.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.ContentReference;
+
+/**
+ * Default implementation of <code>ContentReference</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ContentReferenceImpl
+ extends ContentImpl
+ implements ContentReference {
+
+ /**
+ * Gets the type of content.
+ *
+ * @return REFERENCE_CONTENT
+ */
+ public int getContentType() {
+ return REFERENCE_CONTENT;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentXMLImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentXMLImpl.java
new file mode 100644
index 0000000..dcc1935
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ContentXMLImpl.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.spss.api.common.ContentXML;
+
+/**
+ * Default implementation of <code>ContentXML</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class ContentXMLImpl extends ContentImpl implements ContentXML {
+
+ /** The nodes making up the XML content. */
+ private NodeList xmlContent;
+
+ /**
+ * Sets the nodes making up the XML content.
+ *
+ * @param xmlContent The XML content.
+ */
+ public void setXMLContent(NodeList xmlContent) {
+ this.xmlContent = xmlContent;
+ }
+
+ public NodeList getXMLContent() {
+ return xmlContent;
+ }
+
+ /**
+ * Gets the type of content.
+ *
+ * @return XML_CONTENT
+ */
+ public int getContentType() {
+ return XML_CONTENT;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateCMSSignatureRequestImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateCMSSignatureRequestImpl.java
new file mode 100644
index 0000000..e8408bc
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateCMSSignatureRequestImpl.java
@@ -0,0 +1,77 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureRequest;
+
+/**
+ * Default implementation of <code>CreateCMSSignatureRequest</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CreateCMSSignatureRequestImpl
+ implements CreateCMSSignatureRequest {
+
+ /** The identifier for selecting the private keys for creating the signature.*/
+ private String keyIdentifier;
+ /** Information for creating a single signature. */
+ private List singleSignatureInfos = new ArrayList();
+
+ /**
+ * Sets the identifier for selecting the private keys for creating the
+ * signature.
+ *
+ * @param keyIdentifier The identifier for selecting the private keys.
+ */
+ public void setKeyIdentifier(String keyIdentifier) {
+ this.keyIdentifier = keyIdentifier;
+ }
+
+ public String getKeyIdentifier() {
+ return keyIdentifier;
+ }
+
+ /**
+ * Sets the information for creating single signatures.
+ *
+ * @param singleSignaureInfos The information for creating single signatures.
+ */
+ public void setSingleSignatureInfos(List singleSignaureInfos) {
+ this.singleSignatureInfos =
+ singleSignaureInfos != null
+ ? Collections.unmodifiableList(new ArrayList(singleSignaureInfos))
+ : null;
+ }
+
+ public List getSingleSignatureInfos() {
+ return singleSignatureInfos;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateCMSSignatureResponseImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateCMSSignatureResponseImpl.java
new file mode 100644
index 0000000..d596058
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateCMSSignatureResponseImpl.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponse;
+
+/**
+ * Default implementation of <code>CreateCMSSignatureResponse</code>.
+ *
+ * @version $Id$
+ */
+public class CreateCMSSignatureResponseImpl
+ implements CreateCMSSignatureResponse {
+
+ /** The elements contained in the response. */
+ private List responseElements = new ArrayList();
+
+ /**
+ * Sets the elements contained in the response.
+ *
+ * @param responseElements The response elements.
+ */
+ public void setResponseElements(List responseElements) {
+ this.responseElements =
+ responseElements != null
+ ? Collections.unmodifiableList(new ArrayList(responseElements))
+ : null;
+ }
+
+ public List getResponseElements() {
+ return responseElements;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureEnvironmentProfileExplicitImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureEnvironmentProfileExplicitImpl.java
new file mode 100644
index 0000000..9fe8eaf
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureEnvironmentProfileExplicitImpl.java
@@ -0,0 +1,90 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfileExplicit;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureLocation;
+
+/**
+ * Default implementation of
+ * <codeCreateSignatureEnvironmentProfileExplicit</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CreateSignatureEnvironmentProfileExplicitImpl
+ implements CreateSignatureEnvironmentProfileExplicit {
+
+ /** The insertion location of the signature to be created. */
+ private CreateSignatureLocation createSignatureLocation;
+
+ /** Supplemental information for evaluating the signature environment. */
+ private List supplements;
+
+ /**
+ * Sets the insertion location of the signature to be created.
+ *
+ * @param createSignatureLocation The insertion location of the signature to
+ * be created.
+ */
+ public void setCreateSignatureLocation(CreateSignatureLocation createSignatureLocation) {
+ this.createSignatureLocation = createSignatureLocation;
+ }
+
+ public CreateSignatureLocation getCreateSignatureLocation() {
+ return createSignatureLocation;
+ }
+
+ /**
+ * Sets the supplemental information for evaluating the signature
+ * environment.
+ *
+ * @param supplements The supplemental information.
+ */
+ public void setSupplements(List supplements) {
+ this.supplements =
+ supplements != null
+ ? Collections.unmodifiableList(new ArrayList(supplements))
+ : null;
+ }
+
+ public List getSupplements() {
+ return supplements;
+ }
+
+ /**
+ * Gets the type of profile.
+ *
+ * @return EXPLICIT_CREATESIGNATUREENVIRONMENTPROFILE
+ */
+ public int getCreateSignatureEnvironmentProfileType() {
+ return EXPLICIT_CREATESIGNATUREENVIRONMENTPROFILE;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureEnvironmentProfileIDImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureEnvironmentProfileIDImpl.java
new file mode 100644
index 0000000..5edbf4f
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureEnvironmentProfileIDImpl.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfileID;
+
+/**
+ * Default implementation of <code>CreateSignatureEnvironmentProfileID</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CreateSignatureEnvironmentProfileIDImpl
+ implements CreateSignatureEnvironmentProfileID {
+
+ /** The profile ID. */
+ private String createSignatureEnvironmentProfileID;
+
+ /**
+ * Sets the profile ID.
+ *
+ * @param profileID The profile ID.
+ */
+ public void setCreateSignatureEnvironmentProfileID(String profileID) {
+ this.createSignatureEnvironmentProfileID = profileID;
+ }
+
+ public String getCreateSignatureEnvironmentProfileID() {
+ return createSignatureEnvironmentProfileID;
+ }
+
+ /**
+ * Gets the type of profile.
+ *
+ * @return ID_CREATESIGNATUREENVIRONMENTPROFILE
+ */
+ public int getCreateSignatureEnvironmentProfileType() {
+ return ID_CREATESIGNATUREENVIRONMENTPROFILE;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureInfoImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureInfoImpl.java
new file mode 100644
index 0000000..7111633
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureInfoImpl.java
@@ -0,0 +1,74 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureInfo;
+
+/**
+ * Default implementation of <code>CreateSignatureInfo</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CreateSignatureInfoImpl implements CreateSignatureInfo {
+
+ /** The signature environment that will contain the newly created
+ * signature. */
+ private Content createSignatureEnvironment;
+
+ /** Additional information about the signature environment. */
+ private CreateSignatureEnvironmentProfile createSignatureEnvironmentProfile;
+
+ /**
+ * Sets the signature environment that will contain the newly created
+ * signature.
+ *
+ * @param createSignatureEnvironment The signature environment.
+ */
+ public void setCreateSignatureEnvironment(Content createSignatureEnvironment) {
+ this.createSignatureEnvironment = createSignatureEnvironment;
+ }
+
+ public Content getCreateSignatureEnvironment() {
+ return createSignatureEnvironment;
+ }
+
+ /**
+ * Sets the signature environment profile containing additional information
+ * about the signature environment.
+ *
+ * @param profile The signature environment profile.
+ */
+ public void setCreateSignatureEnvironmentProfile(CreateSignatureEnvironmentProfile profile) {
+ this.createSignatureEnvironmentProfile = profile;
+ }
+
+ public CreateSignatureEnvironmentProfile getCreateSignatureEnvironmentProfile() {
+ return createSignatureEnvironmentProfile;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureLocationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureLocationImpl.java
new file mode 100644
index 0000000..6f3101f
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateSignatureLocationImpl.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureLocation;
+
+/**
+ * Default implementation of <code>CreateSignatureLocation</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CreateSignatureLocationImpl
+ extends ElementSelectorImpl
+ implements CreateSignatureLocation {
+
+ /** The index of the newly created signature. */
+ private int index;
+
+ /**
+ * Sets the index of the newly created signature.
+ *
+ * @param index The index of the newly created signature.
+ */
+ public void setIndex(int index) {
+ this.index = index;
+ }
+
+ public int getIndex() {
+ return index;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateTransformsInfoImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateTransformsInfoImpl.java
new file mode 100644
index 0000000..d53f103
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateTransformsInfoImpl.java
@@ -0,0 +1,75 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfo;
+
+/**
+ * Default implementation of <code>CreateTransformsInfo</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CreateTransformsInfoImpl implements CreateTransformsInfo {
+ /** The dsig:Transforms. */
+ private List transforms;
+ /** Meta information about the data resulting from the transforms. */
+ private MetaInfo finalDataMetaInfo;
+
+ /**
+ * Sets the transforms.
+ *
+ * @param transforms The transforms.
+ */
+ public void setTransforms(List transforms) {
+ this.transforms =
+ transforms != null
+ ? Collections.unmodifiableList(new ArrayList(transforms))
+ : null;
+ }
+
+ public List getTransforms() {
+ return transforms;
+ }
+
+ /**
+ * Sets the meta information about the data resulting from the transforms.
+ *
+ * @param finalDataMetaInfo The meta information.
+ */
+ public void setFinalDataMetaInfo(MetaInfo finalDataMetaInfo) {
+ this.finalDataMetaInfo = finalDataMetaInfo;
+ }
+
+ public MetaInfo getFinalDataMetaInfo() {
+ return finalDataMetaInfo;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateTransformsInfoProfileExplicitImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateTransformsInfoProfileExplicitImpl.java
new file mode 100644
index 0000000..b6b9d52
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateTransformsInfoProfileExplicitImpl.java
@@ -0,0 +1,86 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfileExplicit;
+
+/**
+ * Default implementation of <code>CreateTransformsInfoProfileExplicit</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CreateTransformsInfoProfileExplicitImpl
+ implements CreateTransformsInfoProfileExplicit {
+
+ /** Transformation information. */
+ private CreateTransformsInfo transformsInfo;
+ /** Additional data for the transformations. */
+ private List supplements = new ArrayList();
+
+ /**
+ * Sets the transformation information.
+ *
+ * @param transformsInfo The transformation information.
+ */
+ public void setCreateTransformsInfo(CreateTransformsInfo transformsInfo) {
+ this.transformsInfo = transformsInfo;
+ }
+
+ public CreateTransformsInfo getCreateTransformsInfo() {
+ return transformsInfo;
+ }
+
+ /**
+ * Sets the additional data for the transformations.
+ *
+ * @param supplements The additional data.
+ */
+ public void setSupplements(List supplements) {
+ this.supplements =
+ supplements != null
+ ? Collections.unmodifiableList(new ArrayList(supplements))
+ : null;
+ }
+
+ public List getSupplements() {
+ return supplements;
+ }
+
+ /**
+ * Gets the type of profile.
+ *
+ * @return EXPLICIT_CREATETRANSFORMSINFOPROFILE
+ */
+ public int getCreateTransformsInfoProfileType() {
+ return EXPLICIT_CREATETRANSFORMSINFOPROFILE;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateTransformsInfoProfileIDImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateTransformsInfoProfileIDImpl.java
new file mode 100644
index 0000000..55d0ca6
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateTransformsInfoProfileIDImpl.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfileID;
+
+/**
+ * Default implementation of <code>CreateTransformsInfoProfileID</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CreateTransformsInfoProfileIDImpl
+ implements CreateTransformsInfoProfileID {
+
+ /** The profile ID. */
+ private String createTransformsID;
+
+ /**
+ * Sets the profile ID.
+ * @param createTransformsID The profile ID.
+ */
+ public void setCreateTransformsInfoProfileID(String createTransformsID) {
+ this.createTransformsID = createTransformsID;
+ }
+
+ public String getCreateTransformsInfoProfileID() {
+ return createTransformsID;
+ }
+
+ /**
+ * Gets the type of profile.
+ *
+ * @return ID_CREATETRANSFORMSINFOPROFILE
+ */
+ public int getCreateTransformsInfoProfileType() {
+ return ID_CREATETRANSFORMSINFOPROFILE;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateXMLSignatureRequestImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateXMLSignatureRequestImpl.java
new file mode 100644
index 0000000..aaffaa7
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateXMLSignatureRequestImpl.java
@@ -0,0 +1,77 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest;
+
+/**
+ * Default implementation of <code>CreateXMLSignatureRequest</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CreateXMLSignatureRequestImpl
+ implements CreateXMLSignatureRequest {
+
+ /** The identifier for selecting the private keys for creating the signature.*/
+ private String keyIdentifier;
+ /** Information for creating a single signature. */
+ private List singleSignatureInfos = new ArrayList();
+
+ /**
+ * Sets the identifier for selecting the private keys for creating the
+ * signature.
+ *
+ * @param keyIdentifier The identifier for selecting the private keys.
+ */
+ public void setKeyIdentifier(String keyIdentifier) {
+ this.keyIdentifier = keyIdentifier;
+ }
+
+ public String getKeyIdentifier() {
+ return keyIdentifier;
+ }
+
+ /**
+ * Sets the information for creating single signatures.
+ *
+ * @param singleSignaureInfos The information for creating single signatures.
+ */
+ public void setSingleSignatureInfos(List singleSignaureInfos) {
+ this.singleSignatureInfos =
+ singleSignaureInfos != null
+ ? Collections.unmodifiableList(new ArrayList(singleSignaureInfos))
+ : null;
+ }
+
+ public List getSingleSignatureInfos() {
+ return singleSignatureInfos;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateXMLSignatureResponseImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateXMLSignatureResponseImpl.java
new file mode 100644
index 0000000..7a8359f
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/CreateXMLSignatureResponseImpl.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse;
+
+/**
+ * Default implementation of <code>CreateXMLSignatureResponse</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class CreateXMLSignatureResponseImpl
+ implements CreateXMLSignatureResponse {
+
+ /** The elements contained in the response. */
+ private List responseElements = new ArrayList();
+
+ /**
+ * Sets the elements contained in the response.
+ *
+ * @param responseElements The response elements.
+ */
+ public void setResponseElements(List responseElements) {
+ this.responseElements =
+ responseElements != null
+ ? Collections.unmodifiableList(new ArrayList(responseElements))
+ : null;
+ }
+
+ public List getResponseElements() {
+ return responseElements;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/DataObjectInfoCMSImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/DataObjectInfoCMSImpl.java
new file mode 100644
index 0000000..702086b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/DataObjectInfoCMSImpl.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+
+/**
+ * Default implementation of <code>DataObjectInfo</code> for CMS.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class DataObjectInfoCMSImpl implements DataObjectInfo {
+ /** The signature structure type. */
+ private String stucture;
+ /** The data object to be signed. */
+ private CMSDataObject dataObject;
+
+ /**
+ * Sets the signature structure type.
+ *
+ * @param structure The signature structure type.
+ */
+ public void setStructure(String structure) {
+ this.stucture = structure;
+ }
+
+ public String getStructure() {
+ return stucture;
+ }
+
+
+ /**
+ * Sets the data object to be signed.
+ *
+ * @param dataObject The data object to be signed.
+ */
+ public void setDataObject(CMSDataObject dataObject) {
+ this.dataObject = dataObject;
+ }
+
+ public CMSDataObject getDataObject() {
+ return dataObject;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/DataObjectInfoImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/DataObjectInfoImpl.java
new file mode 100644
index 0000000..7a25a97
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/DataObjectInfoImpl.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.DataObjectInfo;
+
+/**
+ * Default implementation of <code>DataObjectInfo</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class DataObjectInfoImpl implements DataObjectInfo {
+ /** The signature structure type. */
+ private String stucture;
+ /** Whether a reference will be placed in the signature itself or in the
+ * manifest */
+ private boolean childOfManifest;
+ /** The data object to be signed. */
+ private Content dataObject;
+ /** The profile containing additional information for the transformations. */
+ private CreateTransformsInfoProfile createTransformsInfoProfile;
+
+ /**
+ * Sets the signature structure type.
+ *
+ * @param structure The signature structure type.
+ */
+ public void setStructure(String structure) {
+ this.stucture = structure;
+ }
+
+ public String getStructure() {
+ return stucture;
+ }
+
+ /**
+ * Sets whether a reference will be placed in the signature itself or in the
+ * manifest.
+ *
+ * @param childOfManifest Whether to put the reference in the signature of
+ * in the manifest.
+ */
+ public void setChildOfManifest(boolean childOfManifest) {
+ this.childOfManifest = childOfManifest;
+ }
+
+ public boolean isChildOfManifest() {
+ return childOfManifest;
+ }
+
+ /**
+ * Sets the data object to be signed.
+ *
+ * @param dataObject The data object to be signed.
+ */
+ public void setDataObject(Content dataObject) {
+ this.dataObject = dataObject;
+ }
+
+ public Content getDataObject() {
+ return dataObject;
+ }
+
+ /**
+ * Sets additional information for the transformations.
+ *
+ * @param profile The profile containing additional information for the
+ * transformations.
+ */
+ public void setCreateTransformsInfoProfile(CreateTransformsInfoProfile profile) {
+ this.createTransformsInfoProfile = profile;
+ }
+
+ public CreateTransformsInfoProfile getCreateTransformsInfoProfile() {
+ return createTransformsInfoProfile;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ElementSelectorImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ElementSelectorImpl.java
new file mode 100644
index 0000000..7de0660
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ElementSelectorImpl.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import at.gv.egovernment.moa.spss.api.common.ElementSelector;
+
+/**
+ * Default implementation of <code>ElementSelector</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class ElementSelectorImpl implements ElementSelector {
+ /** The XPath expression pointing to the element. */
+ private String xPathExpression;
+ /** The namespace declarations to apply for evaluating the XPath */
+ private Map namespaceDeclarations = new HashMap();
+
+ /**
+ * Sets the XPath expression pointing to the element.
+ *
+ * @param xPathExpression XPath expression pointing to the element.
+ */
+ public void setXPathExpression(String xPathExpression) {
+ this.xPathExpression = xPathExpression;
+ }
+
+ public String getXPathExpression() {
+ return xPathExpression;
+ }
+
+ /**
+ * Sets namespace declarations to apply for evaluating the XPath.
+ *
+ * @param namespaceDeclarations The namespace declarations to apply for
+ * evaluating the XPath.
+ */
+ public void setNamespaceDeclarations(Map namespaceDeclarations) {
+ this.namespaceDeclarations = namespaceDeclarations;
+ }
+
+ public Map getNamespaceDeclarations() {
+ return namespaceDeclarations;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/EnvelopedSignatureTransformImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/EnvelopedSignatureTransformImpl.java
new file mode 100644
index 0000000..121037f
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/EnvelopedSignatureTransformImpl.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.EnvelopedSignatureTransform;
+
+/**
+ * Default implementation of <code>EnvelopedSignatureTransform</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class EnvelopedSignatureTransformImpl
+ extends TransformImpl
+ implements EnvelopedSignatureTransform {
+
+ /**
+ * Create a <code>EnvelopedSignatureTransformImpl</code>.
+ */
+ public EnvelopedSignatureTransformImpl() {
+ setAlgorithmURI(ENVELOPED_SIGNATURE);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ErrorResponseImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ErrorResponseImpl.java
new file mode 100644
index 0000000..a2a59a7
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ErrorResponseImpl.java
@@ -0,0 +1,76 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
+
+/**
+ * Default implementation of <code>ErrorResponse</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class ErrorResponseImpl implements ErrorResponse {
+ /** The error code. */
+ private int code;
+ /** Verbose error message. */
+ private String info;
+
+ /**
+ * Sets the error code.
+ *
+ * @param code The error code.
+ */
+ public void setErrorCode(int code) {
+ this.code = code;
+ }
+
+ public int getErrorCode() {
+ return code;
+ }
+
+ /**
+ * Sets the verbose error information.
+ *
+ * @param info The verbose error information.
+ */
+ public void setInfo(String info) {
+ this.info = info;
+ }
+
+ public String getInfo() {
+ return info;
+ }
+
+ /**
+ * Gets the response type.
+ *
+ * @return ERROR_RESPONSE
+ */
+ public int getResponseType() {
+ return ERROR_RESPONSE;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ExclusiveCanonicalizationTransformImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ExclusiveCanonicalizationTransformImpl.java
new file mode 100644
index 0000000..eea09c0
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ExclusiveCanonicalizationTransformImpl.java
@@ -0,0 +1,72 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.common.ExclusiveCanonicalizationTransform;
+
+/**
+ * Default implementation of <code>ExclusiveCanonicalizationTransform</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ExclusiveCanonicalizationTransformImpl
+ extends TransformImpl
+ implements ExclusiveCanonicalizationTransform {
+
+ /** The namespaces to treat according to canonical XML. */
+ private List inclusiveNamespacePrefixes;
+
+ /**
+ * Create a <code>ExclusiveCanonicalizationTransformImpl</code> object.
+ *
+ * @param algorithmURI The algorithm URI identifying the transformation
+ * algorithm.
+ */
+ public ExclusiveCanonicalizationTransformImpl(String algorithmURI) {
+ setAlgorithmURI(algorithmURI);
+ }
+
+ /**
+ * Sets the namespaces to treat according to canonical XML.
+ * @param inclusiveNamespacePrefixes The namespaces to treat according to
+ * canonical XML.
+ */
+ public void setInclusiveNamespacePrefixes(List inclusiveNamespacePrefixes) {
+ this.inclusiveNamespacePrefixes =
+ inclusiveNamespacePrefixes != null
+ ? Collections.unmodifiableList(new ArrayList(inclusiveNamespacePrefixes))
+ : null;
+ }
+
+ public List getInclusiveNamespacePrefixes() {
+ return inclusiveNamespacePrefixes;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java
new file mode 100644
index 0000000..27f6f85
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java
@@ -0,0 +1,123 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.io.InputStream;
+
+import at.gv.egovernment.moa.spss.MOARuntimeException;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.ContentBinary;
+import at.gv.egovernment.moa.spss.api.common.InputData;
+
+/**
+ * Content wrapper decorating a binary content with two additional attributes
+ * needed for returning <code>HashInputData</code> and <code>ReferenceInputData
+ * </code> information as part of <code>VerifyXMLSignatureResponse</code>.
+ *
+ * @author Gregor Karlinger
+ *
+ * @version $Id$
+ */
+public class InputDataBinaryImpl implements ContentBinary, InputData
+{
+ /**
+ * The wrapped <code>Content</code>.
+ */
+ protected ContentBinary wrapped_;
+
+ /**
+ * This attribute signals what kind of container the XMLDSIG <code>Reference</code>
+ * this <code>InputData</code> belongs to is part of.
+ */
+ protected String partOf_;
+
+ /**
+ * If this <code>InputData</code> belongs to an XMLDSIG <code>Reference</code>
+ * being part of either a XMLDSIGManifest or a SignatureManifest, this attribute
+ * (a positive int) signals the particular <code>Reference</code> of the XMLDSIG
+ * <code>SignedInfo</code> referring to the XMLDSIGManifest or SignatureManifest
+ * respectively.
+ */
+ protected int referringReferenceNumber_;
+
+ /**
+ * Creates a new instance.
+ *
+ * @param wrapped The wrapped <code>Content</code>. Must be of type {@link Content#BINARY_CONTENT}.
+ *
+ * @param partOf see {@link InputData}
+ *
+ * @param referringReferenceNumber see {@link InputData}
+ */
+ public InputDataBinaryImpl(Content wrapped, String partOf, int referringReferenceNumber) throws MOARuntimeException
+ {
+ if (wrapped.getContentType() != Content.BINARY_CONTENT) throw new MOARuntimeException("9901", null);
+
+ wrapped_ = (ContentBinary) wrapped;
+ partOf_ = partOf;
+ referringReferenceNumber_ = referringReferenceNumber;
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.Content#getContentType()
+ */
+ public int getContentType()
+ {
+ return wrapped_.getContentType();
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.Content#getReference()
+ */
+ public String getReference()
+ {
+ return wrapped_.getReference();
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.ContentBinary#getBinaryContent()
+ */
+ public InputStream getBinaryContent()
+ {
+ return wrapped_.getBinaryContent();
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.InputData#getPartOf()
+ */
+ public String getPartOf()
+ {
+ return partOf_;
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.InputData#getReferringReferenceNumber()
+ */
+ public int getReferringReferenceNumber()
+ {
+ return referringReferenceNumber_;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java
new file mode 100644
index 0000000..432e1a2
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java
@@ -0,0 +1,123 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.spss.MOARuntimeException;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.ContentXML;
+import at.gv.egovernment.moa.spss.api.common.InputData;
+
+/**
+ * Content wrapper decorating an XML content with two additional attributes
+ * needed for returning <code>HashInputData</code> and <code>ReferenceInputData
+ * </code> information as part of <code>VerifyXMLSignatureResponse</code>.
+ *
+ * @author Gregor Karlinger
+ *
+ * @version $Id$
+ */
+public class InputDataXMLImpl implements ContentXML, InputData
+{
+ /**
+ * The wrapped <code>ContentXML</code>.
+ */
+ protected ContentXML wrapped_;
+
+ /**
+ * This attribute signals what kind of container the XMLDSIG <code>Reference</code>
+ * this <code>InputData</code> belongs to is part of.
+ */
+ protected String partOf_;
+
+ /**
+ * If this <code>InputData</code> belongs to an XMLDSIG <code>Reference</code>
+ * being part of either a XMLDSIGManifest or a SignatureManifest, this attribute
+ * (a positive int) signals the particular <code>Reference</code> of the XMLDSIG
+ * <code>SignedInfo</code> referring to the XMLDSIGManifest or SignatureManifest
+ * respectively.
+ */
+ protected int referringReferenceNumber_;
+
+ /**
+ * Creates a new instance.
+ *
+ * @param wrapped The wrapped <code>ContentBinary</code>. Must be of type {@link Content#XML_CONTENT}.
+ *
+ * @param partOf see {@link InputData}
+ *
+ * @param referringReferenceNumber see {@link InputData}
+ */
+ public InputDataXMLImpl(Content wrapped, String partOf, int referringReferenceNumber)
+ {
+ if (wrapped.getContentType() != Content.XML_CONTENT) throw new MOARuntimeException("9901", null);
+
+ wrapped_ = (ContentXML) wrapped;
+ partOf_ = partOf;
+ referringReferenceNumber_ = referringReferenceNumber;
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.Content#getContentType()
+ */
+ public int getContentType()
+ {
+ return wrapped_.getContentType();
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.Content#getReference()
+ */
+ public String getReference()
+ {
+ return wrapped_.getReference();
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.ContentXML#getXMLContent()
+ */
+ public NodeList getXMLContent()
+ {
+ return wrapped_.getXMLContent();
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.InputData#getPartOf()
+ */
+ public String getPartOf()
+ {
+ return partOf_;
+ }
+
+ /**
+ * @see at.gv.egovernment.moa.spss.api.common.InputData#getReferringReferenceNumber()
+ */
+ public int getReferringReferenceNumber()
+ {
+ return referringReferenceNumber_;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ManifestRefsCheckResultImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ManifestRefsCheckResultImpl.java
new file mode 100644
index 0000000..e5b7f40
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ManifestRefsCheckResultImpl.java
@@ -0,0 +1,68 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResult;
+import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResultInfo;
+
+/**
+ * Default implementation of <code>ManifestRefsCheckResult</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class ManifestRefsCheckResultImpl implements ManifestRefsCheckResult {
+ /** The numerical check code. */
+ private int code;
+ /** Additional information about the check. */
+ private ManifestRefsCheckResultInfo info;
+
+ /**
+ * Sets the check code.
+ *
+ * @param code A numerical representation of the result of the manifest check.
+ */
+ public void setCode(int code) {
+ this.code = code;
+ }
+
+ public int getCode() {
+ return code;
+ }
+
+ /**
+ * Sets a reference to the manifest.
+ *
+ * @param info The reference to the manifest.
+ */
+ public void setInfo(ManifestRefsCheckResultInfo info) {
+ this.info = info;
+ }
+
+ public ManifestRefsCheckResultInfo getInfo() {
+ return info;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ManifestRefsCheckResultInfoImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ManifestRefsCheckResultInfoImpl.java
new file mode 100644
index 0000000..f0ef1c5
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ManifestRefsCheckResultInfoImpl.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResultInfo;
+
+/**
+ * Default implementation of <code>ManifestRefsCheckResultInfo</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class ManifestRefsCheckResultInfoImpl
+ extends ReferencesCheckResultInfoImpl
+ implements ManifestRefsCheckResultInfo {
+
+ /** The position of the signature reference containing the reference to the
+ * manifest being described by this object.*/
+ private int referringSignatureReference;
+
+ /**
+ * Sets the position of the signature reference containing the reference to
+ * the manifest being described by this object.
+ * @param referringSignatureReference The position of the signature reference.
+ */
+ public void setReferringSignatureReference(int referringSignatureReference) {
+ this.referringSignatureReference = referringSignatureReference;
+ }
+
+ public int getReferringSignatureReference() {
+ return referringSignatureReference;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/MetaInfoImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/MetaInfoImpl.java
new file mode 100644
index 0000000..e3a06c6
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/MetaInfoImpl.java
@@ -0,0 +1,99 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+
+/**
+ * Default implementation of <code>MetaInfo</code>.
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class MetaInfoImpl implements MetaInfo {
+ /** Information about the MIME type. */
+ private String mimeType;
+ /** URI pointing to a description of the content. */
+ private String description;
+ /** Descriptive XML content. */
+ private NodeList anyElements;
+ /** Type information for XML signature creation */
+ private String type;
+
+ /**
+ * Sets the MIME type.
+ *
+ * @param mimeType The MIME type to set.
+ */
+ public void setMimeType(String mimeType) {
+ this.mimeType = mimeType;
+ }
+
+ public String getMimeType() {
+ return mimeType;
+ }
+
+ /**
+ * Sets the URI pointing to a description of the content.
+ *
+ * @param description The URI pointing to a description of the content.
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * Sets descriptive XML content.
+ *
+ * @param anyElements The elements to set.
+ */
+ public void setAnyElements(NodeList anyElements) {
+ this.anyElements = anyElements;
+ }
+
+ public NodeList getAnyElements() {
+ return anyElements;
+ }
+
+ /**
+ * Sets the XML signature creation type information.
+ *
+ * @param type the XML signature creation type information to set.
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ public String getType() {
+ return type;
+ }
+
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ReferenceInfoImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ReferenceInfoImpl.java
new file mode 100644
index 0000000..8bd81a7
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ReferenceInfoImpl.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo;
+
+/**
+ * Default implementation of <code>ReferenceInfo</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class ReferenceInfoImpl implements ReferenceInfo {
+ /** Profile containing the transforms allowed in the signature. */
+ private List verifyTransformsInfoProfiles;
+
+ /**
+ * Sets the transforms profile used for verifying the transforms contained
+ * in the signature.
+ *
+ * @param verifyTransformsInfoProfiles The profiles containing the transforms
+ * allowed in the signature.
+ */
+ public void setVerifyTransformsInfoProfiles(List verifyTransformsInfoProfiles) {
+ this.verifyTransformsInfoProfiles =
+ verifyTransformsInfoProfiles != null
+ ? Collections.unmodifiableList(
+ new ArrayList(verifyTransformsInfoProfiles))
+ : null;
+ }
+
+ public List getVerifyTransformsInfoProfiles() {
+ return verifyTransformsInfoProfiles;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ReferencesCheckResultImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ReferencesCheckResultImpl.java
new file mode 100644
index 0000000..d4cbab0
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ReferencesCheckResultImpl.java
@@ -0,0 +1,70 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResultInfo;
+
+/**
+ * Default implementation of <code>ReferencesCheckResult</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ReferencesCheckResultImpl implements ReferencesCheckResult {
+ /** The check code. */
+ private int code;
+ /** Additional information about the reference check. */
+ private ReferencesCheckResultInfo info;
+
+ /**
+ * Sets the check code.
+ *
+ * @param code A numerical representation of the result of the reference
+ * check.
+ */
+ public void setCode(int code) {
+ this.code = code;
+ }
+
+ public int getCode() {
+ return code;
+ }
+
+ /**
+ * Sets additional information about the reference check.
+ *
+ * @param manifestRefsCheckResultInfo Additional information about the
+ * reference check.
+ */
+ public void setInfo(ReferencesCheckResultInfo manifestRefsCheckResultInfo) {
+ this.info = manifestRefsCheckResultInfo;
+ }
+
+ public ReferencesCheckResultInfo getInfo() {
+ return info;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ReferencesCheckResultInfoImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ReferencesCheckResultInfoImpl.java
new file mode 100644
index 0000000..a696988
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/ReferencesCheckResultInfoImpl.java
@@ -0,0 +1,70 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResultInfo;
+
+/**
+ * Default implementation of <code>ReferencesCheckResultInfo</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ReferencesCheckResultInfoImpl
+ implements ReferencesCheckResultInfo {
+
+ /** Additional information about the references check. */
+ private NodeList anyOtherInfo;
+ /** The indexes of the failed references. */
+ private int[] failedReferences = new int[0];
+
+ /**
+ * Sets additional information about the references check.
+ * @param anyOtherInfo Additional information about the references check.
+ */
+ public void setAnyOtherInfo(NodeList anyOtherInfo) {
+ this.anyOtherInfo = anyOtherInfo;
+ }
+
+ public NodeList getAnyOtherInfo() {
+ return anyOtherInfo;
+ }
+
+ /**
+ * Sets the indexes of the failed references.
+ *
+ * @param failedReferences The indexes of the failed references.
+ */
+ public void setFailedReferences(int[] failedReferences) {
+ this.failedReferences = failedReferences;
+ }
+
+ public int[] getFailedReferences() {
+ return failedReferences;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
new file mode 100644
index 0000000..ac3d4c9
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
@@ -0,0 +1,656 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.io.InputStream;
+import java.math.BigDecimal;
+import java.math.BigInteger;
+import java.security.cert.X509Certificate;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.cmssign.CMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+import at.gv.egovernment.moa.spss.api.common.Transform;
+import at.gv.egovernment.moa.spss.api.common.X509IssuerSerial;
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+import at.gv.egovernment.moa.spss.api.common.XPathFilter;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.DataObjectInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.SignatureEnvironmentResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.SingleSignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResult;
+import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResultInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResultInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.SignatureManifestCheckParams;
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameter;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+
+/**
+ * Default implementation of <code>SPSSFactory</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class SPSSFactoryImpl extends SPSSFactory {
+
+ public CreateXMLSignatureRequest createCreateXMLSignatureRequest(
+ String keyIdentifier,
+ List singleSignatureInfos) {
+ CreateXMLSignatureRequestImpl createXMLSignatureRequest =
+ new CreateXMLSignatureRequestImpl();
+ createXMLSignatureRequest.setKeyIdentifier(keyIdentifier);
+ createXMLSignatureRequest.setSingleSignatureInfos(singleSignatureInfos);
+ return createXMLSignatureRequest;
+ }
+
+ public CreateCMSSignatureRequest createCreateCMSSignatureRequest(
+ String keyIdentifier,
+ List singleSignatureInfos) {
+ CreateCMSSignatureRequestImpl createCMSSignatureRequest =
+ new CreateCMSSignatureRequestImpl();
+ createCMSSignatureRequest.setKeyIdentifier(keyIdentifier);
+ createCMSSignatureRequest.setSingleSignatureInfos(singleSignatureInfos);
+ return createCMSSignatureRequest;
+
+ }
+
+ public CreateCMSSignatureResponse createCreateCMSSignatureResponse(List responseElements) {
+ CreateCMSSignatureResponseImpl createCMSSignatureResponse = new CreateCMSSignatureResponseImpl();
+ createCMSSignatureResponse.setResponseElements(responseElements);
+ return createCMSSignatureResponse;
+ }
+
+
+ public CMSSignatureResponse createCMSSignatureResponse(String base64value) {
+ CMSSignatureResponseImpl cmsSignatureResponse = new CMSSignatureResponseImpl();
+ cmsSignatureResponse.setCMSSignature(base64value);
+
+ return cmsSignatureResponse;
+ }
+
+
+ public SingleSignatureInfo createSingleSignatureInfo(
+ List dataObjectInfos,
+ CreateSignatureInfo createSignatureInfo,
+ boolean securityLayerConform) {
+ SingleSignatureInfoImpl singleSignatureInfo = new SingleSignatureInfoImpl();
+ singleSignatureInfo.setDataObjectInfos(dataObjectInfos);
+ singleSignatureInfo.setCreateSignatureInfo(createSignatureInfo);
+ singleSignatureInfo.setSecurityLayerConform(securityLayerConform);
+ return singleSignatureInfo;
+ }
+
+ public at.gv.egovernment.moa.spss.api.cmssign.SingleSignatureInfo createSingleSignatureInfoCMS(
+ at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo dataObjectInfo,
+ boolean securityLayerConform) {
+ SingleSignatureInfoCMSImpl singleSignatureInfo = new SingleSignatureInfoCMSImpl();
+ singleSignatureInfo.setDataObjectInfo(dataObjectInfo);
+ singleSignatureInfo.setSecurityLayerConform(securityLayerConform);
+ return singleSignatureInfo;
+ }
+
+ public DataObjectInfo createDataObjectInfo(
+ String structure,
+ boolean childOfManifest,
+ Content dataObject,
+ CreateTransformsInfoProfile createTransformsInfoProfile) {
+ DataObjectInfoImpl dataObjectInfo = new DataObjectInfoImpl();
+ dataObjectInfo.setStructure(structure);
+ dataObjectInfo.setChildOfManifest(childOfManifest);
+ dataObjectInfo.setDataObject(dataObject);
+ dataObjectInfo.setCreateTransformsInfoProfile(createTransformsInfoProfile);
+ return dataObjectInfo;
+ }
+
+ public at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo createDataObjectInfo(
+ String structure,
+ CMSDataObject dataObject) {
+ DataObjectInfoCMSImpl dataObjectInfo = new DataObjectInfoCMSImpl();
+ dataObjectInfo.setStructure(structure);
+ dataObjectInfo.setDataObject(dataObject);
+ return dataObjectInfo;
+ }
+
+ public CreateTransformsInfoProfile createCreateTransformsInfoProfile(String profileID) {
+
+ CreateTransformsInfoProfileIDImpl createTransformsInfoProfile =
+ new CreateTransformsInfoProfileIDImpl();
+ createTransformsInfoProfile.setCreateTransformsInfoProfileID(profileID);
+ return createTransformsInfoProfile;
+ }
+
+ public CreateTransformsInfoProfile createCreateTransformsInfoProfile(
+ CreateTransformsInfo transformsInfo,
+ List supplements) {
+ CreateTransformsInfoProfileExplicitImpl createTransformsInfoProfile =
+ new CreateTransformsInfoProfileExplicitImpl();
+ createTransformsInfoProfile.setCreateTransformsInfo(transformsInfo);
+ createTransformsInfoProfile.setSupplements(supplements);
+ return createTransformsInfoProfile;
+ }
+
+ public CreateTransformsInfo createCreateTransformsInfo(
+ List transforms,
+ MetaInfo finalDataMetaInfo) {
+ CreateTransformsInfoImpl createTransformsInfo =
+ new CreateTransformsInfoImpl();
+
+ createTransformsInfo.setTransforms(transforms);
+ createTransformsInfo.setFinalDataMetaInfo(finalDataMetaInfo);
+ return createTransformsInfo;
+ }
+
+ public CreateSignatureInfo createCreateSignatureInfo(
+ Content createSignatureEnvironment,
+ CreateSignatureEnvironmentProfile createSignatureEnvironmentProfile) {
+ CreateSignatureInfoImpl createSignatureInfo = new CreateSignatureInfoImpl();
+ createSignatureInfo.setCreateSignatureEnvironment(
+ createSignatureEnvironment);
+ createSignatureInfo.setCreateSignatureEnvironmentProfile(
+ createSignatureEnvironmentProfile);
+ return createSignatureInfo;
+ }
+
+ public CreateSignatureEnvironmentProfile createCreateSignatureEnvironmentProfile(
+ CreateSignatureLocation createSignatureLocation,
+ List supplements) {
+ CreateSignatureEnvironmentProfileExplicitImpl createSignatureEnvironmentProfile =
+ new CreateSignatureEnvironmentProfileExplicitImpl();
+ createSignatureEnvironmentProfile.setCreateSignatureLocation(
+ createSignatureLocation);
+ createSignatureEnvironmentProfile.setSupplements(supplements);
+ return createSignatureEnvironmentProfile;
+ }
+
+ public CreateSignatureLocation createCreateSignatureLocation(
+ String signatureLocationXPath,
+ int signatureLocationIndex,
+ Map namespaceDeclarations) {
+ CreateSignatureLocationImpl createSignatureLocation =
+ new CreateSignatureLocationImpl();
+ createSignatureLocation.setIndex(signatureLocationIndex);
+ createSignatureLocation.setNamespaceDeclarations(namespaceDeclarations);
+ createSignatureLocation.setXPathExpression(signatureLocationXPath);
+ return createSignatureLocation;
+ }
+
+ public CreateSignatureEnvironmentProfile createCreateSignatureEnvironmentProfile(String profileID) {
+ CreateSignatureEnvironmentProfileIDImpl createSignatureEnvironmentProfile =
+ new CreateSignatureEnvironmentProfileIDImpl();
+ createSignatureEnvironmentProfile.setCreateSignatureEnvironmentProfileID(
+ profileID);
+ return createSignatureEnvironmentProfile;
+ }
+
+ public CreateXMLSignatureResponse createCreateXMLSignatureResponse(List responseElements) {
+ CreateXMLSignatureResponseImpl createXMLSignatureResponse =
+ new CreateXMLSignatureResponseImpl();
+ createXMLSignatureResponse.setResponseElements(responseElements);
+ return createXMLSignatureResponse;
+ }
+
+ public SignatureEnvironmentResponse createSignatureEnvironmentResponse(Element signatureEnvironment) {
+ SignatureEnvironmentResponseImpl signatureEnvironmentResponse =
+ new SignatureEnvironmentResponseImpl();
+ signatureEnvironmentResponse.setSignatureEnvironment(signatureEnvironment);
+ return signatureEnvironmentResponse;
+ }
+
+ public ErrorResponse createErrorResponse(int code, String info) {
+ ErrorResponseImpl errorResponse = new ErrorResponseImpl();
+ errorResponse.setErrorCode(code);
+ errorResponse.setInfo(info);
+ return errorResponse;
+ }
+
+ public VerifyCMSSignatureRequest createVerifyCMSSignatureRequest(
+ int[] signatories,
+ Date dateTime,
+ InputStream cmsSignature,
+ CMSDataObject dataObject,
+ String trustProfileID) {
+ VerifyCMSSignatureRequestImpl verifyCMSSignatureRequest =
+ new VerifyCMSSignatureRequestImpl();
+ verifyCMSSignatureRequest.setDateTime(dateTime);
+ verifyCMSSignatureRequest.setCMSSignature(cmsSignature);
+ verifyCMSSignatureRequest.setDataObject(dataObject);
+ verifyCMSSignatureRequest.setTrustProfileId(trustProfileID);
+ verifyCMSSignatureRequest.setSignatories(signatories);
+ return verifyCMSSignatureRequest;
+ }
+
+ public CMSDataObject createCMSDataObject(
+ MetaInfo metaInfo,
+ CMSContent content,
+ BigDecimal excludeByteRangeFrom,
+ BigDecimal excludeByteRangeTo) {
+
+ CMSDataObjectImpl cmsDataObject = new CMSDataObjectImpl();
+ cmsDataObject.setMetaInfo(metaInfo);
+ cmsDataObject.setContent(content);
+ cmsDataObject.setExcludeByteRangeFrom(excludeByteRangeFrom);
+ cmsDataObject.setExcludeByteRangeTo(excludeByteRangeTo);
+
+ return cmsDataObject;
+ }
+
+ public CMSContent createCMSContent(InputStream binaryContent) {
+ CMSContentExplicitImpl cmsContent = new CMSContentExplicitImpl();
+
+ cmsContent.setBinaryContent(binaryContent);
+ return cmsContent;
+ }
+
+ public CMSContent createCMSContent(String referenceURI) {
+ CMSContentReferenceImpl cmsContent = new CMSContentReferenceImpl();
+
+ cmsContent.setReference(referenceURI);
+ return cmsContent;
+ }
+
+
+ public CMSDataObject createCMSDataObject(
+ MetaInfo metaInfo,
+ String referenceURI) {
+ CMSDataObjectImpl cmsDataObject = new CMSDataObjectImpl();
+ CMSContentReferenceImpl cmsContent = new CMSContentReferenceImpl();
+ cmsDataObject.setMetaInfo(metaInfo);
+ cmsContent.setReference(referenceURI);
+ return cmsDataObject;
+ }
+
+ public VerifyCMSSignatureResponse createVerifyCMSSignatureResponse(List responseElements) {
+ VerifyCMSSinatureResponseImpl verifyCMSSignatureResponse =
+ new VerifyCMSSinatureResponseImpl();
+ verifyCMSSignatureResponse.setResponseElements(responseElements);
+ return verifyCMSSignatureResponse;
+ }
+
+ public VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement(
+ SignerInfo signerInfo,
+ CheckResult signatureCheck,
+ CheckResult certificateCheck) {
+ VerifyCMSSignatureResponseElementImpl verifyCMSSignatureResponseElement =
+ new VerifyCMSSignatureResponseElementImpl();
+ verifyCMSSignatureResponseElement.setSignerInfo(signerInfo);
+ verifyCMSSignatureResponseElement.setSignatureCheck(signatureCheck);
+ verifyCMSSignatureResponseElement.setCertificateCheck(certificateCheck);
+
+ return verifyCMSSignatureResponseElement;
+ }
+
+ public VerifyXMLSignatureRequest createVerifyXMLSignatureRequest(
+ Date dateTime,
+ VerifySignatureInfo verifySignatureInfo,
+ List supplementProfiles,
+ SignatureManifestCheckParams signatureManifestParams,
+ boolean returnHashInputData,
+ String trustProfileID) {
+ VerifyXMLSignatureRequestImpl verifyXMLSignatureRequest =
+ new VerifyXMLSignatureRequestImpl();
+ verifyXMLSignatureRequest.setDateTime(dateTime);
+ verifyXMLSignatureRequest.setSignatureInfo(verifySignatureInfo);
+ verifyXMLSignatureRequest.setSupplementProfiles(supplementProfiles);
+ verifyXMLSignatureRequest.setSignatureManifestCheckParams(
+ signatureManifestParams);
+ verifyXMLSignatureRequest.setReturnHashInputData(returnHashInputData);
+ verifyXMLSignatureRequest.setTrustProfileId(trustProfileID);
+ return verifyXMLSignatureRequest;
+ }
+
+ public VerifySignatureInfo createVerifySignatureInfo(
+ Content verifySignatureEnvironment,
+ VerifySignatureLocation verifySignatureLocation) {
+ VerifySignatureInfoImpl verifySignatureInfo = new VerifySignatureInfoImpl();
+ verifySignatureInfo.setVerifySignatureEnvironment(
+ verifySignatureEnvironment);
+ verifySignatureInfo.setVerifySignatureLocation(verifySignatureLocation);
+ return verifySignatureInfo;
+ }
+
+ public VerifySignatureLocation createVerifySignatureLocation(
+ String xPathExpression,
+ Map namespaceDeclarations) {
+ VerifySignatureLocationImpl verifySignatureLocation =
+ new VerifySignatureLocationImpl();
+ verifySignatureLocation.setXPathExpression(xPathExpression);
+ verifySignatureLocation.setNamespaceDeclarations(namespaceDeclarations);
+ return verifySignatureLocation;
+ }
+
+ public SupplementProfile createSupplementProfile(String profileID) {
+ SupplementProfileIDImpl supplementProfileID = new SupplementProfileIDImpl();
+ supplementProfileID.setSupplementProfileID(profileID);
+ return supplementProfileID;
+ }
+
+ public SupplementProfile createSupplementProfile(XMLDataObjectAssociation supplementProfile) {
+ SupplementProfileExplicitImpl supplementProfileExplicit =
+ new SupplementProfileExplicitImpl();
+ supplementProfileExplicit.setSupplementProfile(supplementProfile);
+ return supplementProfileExplicit;
+ }
+
+ public SignatureManifestCheckParams createSignatureManifestCheckParams(
+ List referenceInfos,
+ boolean returnReferenceInputData) {
+ SignatureManifestCheckParamsImpl signatureManifestCheckParams =
+ new SignatureManifestCheckParamsImpl();
+ signatureManifestCheckParams.setReferenceInfos(referenceInfos);
+ signatureManifestCheckParams.setReturnReferenceInputData(
+ returnReferenceInputData);
+ return signatureManifestCheckParams;
+ }
+
+ public ReferenceInfo createReferenceInfo(List verifyTransformsInfoProfiles) {
+ ReferenceInfoImpl referenceInfo = new ReferenceInfoImpl();
+ referenceInfo.setVerifyTransformsInfoProfiles(verifyTransformsInfoProfiles);
+ return referenceInfo;
+ }
+
+ public VerifyTransformsInfoProfile createVerifyTransformsInfoProfile(
+ List transforms,
+ List transformParameters) {
+ VerifyTransformsInfoProfileExplicitImpl verifyTransformsInfoProfile =
+ new VerifyTransformsInfoProfileExplicitImpl();
+
+ verifyTransformsInfoProfile.setTransforms(transforms);
+ verifyTransformsInfoProfile.setTransformParameters(transformParameters);
+
+ return verifyTransformsInfoProfile;
+ }
+
+ public VerifyTransformsInfoProfile createVerifyTransformsInfoProfile(String profileID) {
+ VerifyTransformsInfoProfileIDImpl verifyTransformsInfoProfile =
+ new VerifyTransformsInfoProfileIDImpl();
+ verifyTransformsInfoProfile.setVerifyTransformsInfoProfileID(profileID);
+ return verifyTransformsInfoProfile;
+ }
+
+
+ public TransformParameter createTransformParameter(String URI, String digestMethod, byte[] digestValue) {
+ TransformPatameterHashImpl transformParameter =
+ new TransformPatameterHashImpl();
+ transformParameter.setURI(URI);
+ transformParameter.setDigestMethod(digestMethod);
+ transformParameter.setDigestValue(digestValue);
+ return transformParameter;
+ }
+
+ public TransformParameter createTransformParameter(
+ String URI,
+ InputStream binaryData) {
+ TransformParameterBinaryImpl transformParameter =
+ new TransformParameterBinaryImpl();
+ transformParameter.setURI(URI);
+ transformParameter.setBinaryContent(binaryData);
+ return transformParameter;
+ }
+
+ public TransformParameter createTransformParameter(String URI) {
+ TransformParameterURIImpl transformParameter =
+ new TransformParameterURIImpl();
+ transformParameter.setURI(URI);
+ return transformParameter;
+ }
+
+ public VerifyXMLSignatureResponse createVerifyXMLSignatureResponse(
+ SignerInfo signerInfo,
+ List hashInputDatas,
+ List referenceInputDatas,
+ ReferencesCheckResult signatureCheck,
+ ReferencesCheckResult signatureManifestCheck,
+ List xmlDsigManifestChecks,
+ CheckResult certificateCheck) {
+ VerifyXMLSignatureResponseImpl verifyXMLSignatureResponse =
+ new VerifyXMLSignatureResponseImpl();
+ verifyXMLSignatureResponse.setSignerInfo(signerInfo);
+ verifyXMLSignatureResponse.setHashInputDatas(hashInputDatas);
+ verifyXMLSignatureResponse.setReferenceInputDatas(referenceInputDatas);
+ verifyXMLSignatureResponse.setSignatureCheck(signatureCheck);
+ verifyXMLSignatureResponse.setSignatureManifestCheck(
+ signatureManifestCheck);
+ verifyXMLSignatureResponse.setXMLDsigManifestChecks(xmlDsigManifestChecks);
+ verifyXMLSignatureResponse.setCertificateCheck(certificateCheck);
+
+ return verifyXMLSignatureResponse;
+ }
+
+ public ReferencesCheckResult createReferencesCheckResult(
+ int code,
+ ReferencesCheckResultInfo info) {
+ ReferencesCheckResultImpl referencesCheckResult =
+ new ReferencesCheckResultImpl();
+ referencesCheckResult.setCode(code);
+ referencesCheckResult.setInfo(info);
+ return referencesCheckResult;
+ }
+
+ public ReferencesCheckResultInfo createReferencesCheckResultInfo(
+ NodeList anyOtherInfo,
+ int[] failedReferences) {
+ ReferencesCheckResultInfoImpl referencesCheckResultInfo =
+ new ReferencesCheckResultInfoImpl();
+ referencesCheckResultInfo.setAnyOtherInfo(anyOtherInfo);
+ referencesCheckResultInfo.setFailedReferences(failedReferences);
+ return referencesCheckResultInfo;
+ }
+
+ public ManifestRefsCheckResult createManifestRefsCheckResult(
+ int code,
+ ManifestRefsCheckResultInfo info) {
+ ManifestRefsCheckResultImpl manifestRefsCheckResult =
+ new ManifestRefsCheckResultImpl();
+ manifestRefsCheckResult.setCode(code);
+ manifestRefsCheckResult.setInfo(info);
+ return manifestRefsCheckResult;
+ }
+
+ public ManifestRefsCheckResultInfo createManifestRefsCheckResultInfo(
+ NodeList anyOtherInfo,
+ int[] failedReferences,
+ int referringSigReference) {
+ ManifestRefsCheckResultInfoImpl manifestRefsCheckResultInfo =
+ new ManifestRefsCheckResultInfoImpl();
+ manifestRefsCheckResultInfo.setAnyOtherInfo(anyOtherInfo);
+ manifestRefsCheckResultInfo.setReferringSignatureReference(
+ referringSigReference);
+ manifestRefsCheckResultInfo.setFailedReferences(failedReferences);
+ return manifestRefsCheckResultInfo;
+ }
+
+ public Content createContent(InputStream binaryData, String referenceURI) {
+ ContentBinaryImpl content = new ContentBinaryImpl();
+ content.setBinaryContent(binaryData);
+ content.setReference(referenceURI);
+ return content;
+ }
+
+ public Content createContent(String locationReferenceURI, String referenceURI) {
+ ContentLocRefImpl content = new ContentLocRefImpl();
+ content.setLocationReferenceURI(locationReferenceURI);
+ content.setReference(referenceURI);
+ return content;
+ }
+
+ public Content createContent(String referenceURI) {
+ ContentReferenceImpl content = new ContentReferenceImpl();
+ content.setReference(referenceURI);
+ return content;
+ }
+
+ public Content createContent(NodeList xmlData, String referenceURI) {
+ ContentXMLImpl content = new ContentXMLImpl();
+ content.setXMLContent(xmlData);
+ content.setReference(referenceURI);
+ return content;
+ }
+
+ public XMLDataObjectAssociation createXMLDataObjectAssociation(
+ MetaInfo metaInfo,
+ Content xmlContent) {
+ XMLDataObjectAssociationImpl xmlDataObjectAssociation =
+ new XMLDataObjectAssociationImpl();
+ xmlDataObjectAssociation.setMetaInfo(metaInfo);
+ xmlDataObjectAssociation.setContent(xmlContent);
+ return xmlDataObjectAssociation;
+ }
+
+ public MetaInfo createMetaInfo(
+ String mimeType,
+ String description,
+ NodeList otherInfo,
+ String type) {
+ MetaInfoImpl metaInfo = new MetaInfoImpl();
+ metaInfo.setMimeType(mimeType);
+ metaInfo.setDescription(description);
+ metaInfo.setAnyElements(otherInfo);
+ metaInfo.setType(type);
+ return metaInfo;
+ }
+
+ public Transform createCanonicalizationTransform(String algorithmURI) {
+ CanonicalizationTransformImpl transform = new CanonicalizationTransformImpl(algorithmURI);
+ return transform;
+ }
+
+ public Transform createExclusiveCanonicalizationTransform(String algorithmURI, List inclusiveNamespacePrefixes) {
+ ExclusiveCanonicalizationTransformImpl transform = new ExclusiveCanonicalizationTransformImpl(algorithmURI);
+ transform.setInclusiveNamespacePrefixes(inclusiveNamespacePrefixes);
+ return transform;
+ }
+
+ public Transform createBase64Transform() {
+ Base64TransformImpl transform = new Base64TransformImpl();
+ return transform;
+ }
+
+ public Transform createEnvelopedSignatureTransform() {
+ EnvelopedSignatureTransformImpl transform =
+ new EnvelopedSignatureTransformImpl();
+ return transform;
+ }
+
+ public Transform createXSLTTransform(Element styleSheet) {
+ XSLTransformImpl transform = new XSLTransformImpl();
+ transform.setStylesheet(styleSheet);
+ return transform;
+ }
+
+ public Transform createXPathTransform(
+ String xPathExpression,
+ Map namespaceDeclarations) {
+ XPathTransformImpl transform = new XPathTransformImpl();
+ transform.setXPathExpression(xPathExpression);
+ transform.setNamespaceDelcarations(namespaceDeclarations);
+ return transform;
+ }
+
+ public Transform createXPathFilter2Transform(List xPathFilters) {
+ XPathFilter2TransformImpl transform = new XPathFilter2TransformImpl();
+ transform.setFilters(xPathFilters);
+ return transform;
+ }
+
+ public XPathFilter createXPathFilter(
+ String filterType,
+ String xPathExpression,
+ Map namespaceDeclarations) {
+ XPathFilterImpl xPathFilter = new XPathFilterImpl();
+ xPathFilter.setFilterType(filterType);
+ xPathFilter.setXPathExpression(xPathExpression);
+ xPathFilter.setNamespaceDelcarations(namespaceDeclarations);
+ return xPathFilter;
+ }
+
+ public CheckResult createCheckResult(int code, NodeList info) {
+ CheckResultImpl checkResult = new CheckResultImpl();
+ checkResult.setCode(code);
+ checkResult.setInfo(info);
+ return checkResult;
+ }
+
+
+ public SignerInfo createSignerInfo(
+ X509Certificate signerCertificate,
+ boolean qualifiedCertificate,
+ boolean qcSourceTSL,
+ boolean publicAuthority,
+ String publicAuthorityID,
+ boolean sscd,
+ boolean sscdSourceTSL,
+ String issuerCountryCode) {
+ SignerInfoImpl signerInfo = new SignerInfoImpl();
+ signerInfo.setSignerCertificate(signerCertificate);
+ signerInfo.setQualifiedCertificate(qualifiedCertificate);
+ signerInfo.setQCSourceTSL(qcSourceTSL);
+ signerInfo.setPublicAuthority(publicAuthority);
+ signerInfo.setPublicAuhtorityID(publicAuthorityID);
+ signerInfo.setSSCD(sscd);
+ signerInfo.setSSCDSourceTSL(sscdSourceTSL);
+ signerInfo.setIssuerCountryCode(issuerCountryCode);
+ return signerInfo;
+ }
+
+ public X509IssuerSerial createX509IssuerSerial(
+ String issuerName,
+ BigInteger serialNumber) {
+ X509IssuerSerialImpl x509IssuerSerial = new X509IssuerSerialImpl();
+ x509IssuerSerial.setX509IssuerName(issuerName);
+ x509IssuerSerial.setX509SerialNumber(serialNumber);
+ return x509IssuerSerial;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignatureEnvironmentResponseImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignatureEnvironmentResponseImpl.java
new file mode 100644
index 0000000..4b50d89
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignatureEnvironmentResponseImpl.java
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.spss.api.xmlsign.SignatureEnvironmentResponse;
+
+/**
+ * Default implementation of <code>SignatureEnvironmentResponse</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class SignatureEnvironmentResponseImpl
+ implements SignatureEnvironmentResponse {
+
+ /** The signature environment containing the XML signature. */
+ private Element signatureEnvironment;
+
+ /**
+ * Sets the XML structure which contains the signature.
+ *
+ * @param signatureEnvironment A general XML structure containing the signature.
+ */
+ public void setSignatureEnvironment(Element signatureEnvironment) {
+ this.signatureEnvironment = signatureEnvironment;
+ }
+
+ public Element getSignatureEnvironment() {
+ return signatureEnvironment;
+ }
+
+ /**
+ * Gets the type of <code>CreateXMLSignatureResponseElement</code>.
+ *
+ * @return SIGNATURE_ENVIRONMENT_RESPONSE
+ */
+ public int getResponseType() {
+ return SIGNATURE_ENVIRONMENT_RESPONSE;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignatureManifestCheckParamsImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignatureManifestCheckParamsImpl.java
new file mode 100644
index 0000000..40e87e7
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignatureManifestCheckParamsImpl.java
@@ -0,0 +1,76 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.SignatureManifestCheckParams;
+
+/**
+ * Default implementation of <code>SignatureManifestCheckParams</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class SignatureManifestCheckParamsImpl
+ implements SignatureManifestCheckParams {
+
+ /** Referential information. */
+ private List referenceInfos;
+ /** Whether to return the signature source data. */
+ private boolean returnReferenceInputData = true;
+
+ /**
+ * Sets the referantial information.
+ *
+ * @param referenceInfos The referential information.
+ */
+ public void setReferenceInfos(List referenceInfos) {
+ this.referenceInfos =
+ referenceInfos != null
+ ? Collections.unmodifiableList(new ArrayList(referenceInfos))
+ : null;
+ }
+
+ public List getReferenceInfos() {
+ return referenceInfos;
+ }
+
+ /**
+ * Sets whether to return signature source data.
+ *
+ * @param returnReferenceInputData Whether to return signature source data.
+ */
+ public void setReturnReferenceInputData(boolean returnReferenceInputData) {
+ this.returnReferenceInputData = returnReferenceInputData;
+ }
+
+ public boolean getReturnReferenceInputData() {
+ return returnReferenceInputData;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignerInfoImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignerInfoImpl.java
new file mode 100644
index 0000000..7a108e8
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignerInfoImpl.java
@@ -0,0 +1,159 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.security.cert.X509Certificate;
+
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+
+/**
+ * Default implementation of <code>SignerInfo</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class SignerInfoImpl implements SignerInfo {
+
+ /** The signer certificate. */
+ private X509Certificate signerCertificate;
+ /** Determines, whether <code>signerCertificate</code> is a qualified
+ * certificate. */
+ private boolean qualifiedCertificate;
+ /** Determines, whether <code>signerCertificate</code> is from a public
+ * authority. */
+ private boolean publicAuthority;
+ /** The public authority ID of the <code>signerCertificate</code>. */
+ private String publicAuthorityID;
+
+ /** Determines, whether the signature is based on an SSCD */
+ private boolean sscd;
+
+ /** Determines, if the SSCD check bases upon on TSL */
+ private boolean sscdSourceTSL;
+
+ /** Determines, if the QC check bases upon on TSL */
+ private boolean qcSourceTSL;
+
+ /** The certificate issuer country code */
+ private String issuerCountryCode;
+
+ /**
+ * Sets the signer certificate.
+ *
+ * @param signerCertificate The signer certificate.
+ */
+ public void setSignerCertificate(X509Certificate signerCertificate) {
+ this.signerCertificate = signerCertificate;
+ }
+
+ public X509Certificate getSignerCertificate() {
+ return signerCertificate;
+ }
+
+ /**
+ * Sets, whether the certificate contained in this object is qualified or not.
+ *
+ * @param qualifiedCertificate Is <code>true</code>, if the certificate is
+ * qualified, otherwise <code>false</code>.
+ */
+ public void setQualifiedCertificate(boolean qualifiedCertificate) {
+ this.qualifiedCertificate = qualifiedCertificate;
+ }
+
+ public boolean isQualifiedCertificate() {
+ return qualifiedCertificate;
+ }
+
+ /**
+ * Sets, whether the signature is based on an SSCS or not.
+ *
+ * @param sscd Is <code>true</code>, if the signature is
+ * based on an SSCD, otherwise <code>false</code>.
+ */
+ public void setSSCD(boolean sscd) {
+ this.sscd = sscd;
+ }
+ public boolean isSSCD() {
+ return sscd;
+ }
+
+ public void setSSCDSourceTSL(boolean sscdSourceTSL) {
+ this.sscdSourceTSL = sscdSourceTSL;
+ }
+
+ public String getSSCDSource() {
+ if (sscdSourceTSL)
+ return "TSL";
+ else
+ return "Certificate";
+ }
+
+ public void setQCSourceTSL(boolean qcSourceTSL) {
+ this.qcSourceTSL = qcSourceTSL;
+ }
+
+ public String getQCSource() {
+ if (qcSourceTSL)
+ return "TSL";
+ else
+ return "Certificate";
+ }
+
+ public void setIssuerCountryCode(String issuerCountryCode) {
+ this.issuerCountryCode = issuerCountryCode;
+ }
+ public String getIssuerCountryCode() {
+ return issuerCountryCode;
+ }
+
+ /**
+ * Sets, whether the certificate contained in this object is an
+ * e-government certificate or not.
+ *
+ * @param publicAuthority Is <code>true</code>, if the certificate is
+ * public authority certificate, otherwise <code>false</code>.
+ */
+ public void setPublicAuthority(boolean publicAuthority) {
+ this.publicAuthority = publicAuthority;
+ }
+
+ public boolean isPublicAuthority() {
+ return publicAuthority;
+ }
+
+ /**
+ * Sets the public authority ID of the signer certificate.
+ *
+ * @param publicAuhtorityID The public authority ID of the signer certificate.
+ */
+ public void setPublicAuhtorityID(String publicAuhtorityID) {
+ this.publicAuthorityID = publicAuhtorityID;
+ }
+
+ public String getPublicAuhtorityID() {
+ return publicAuthorityID;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SingleSignatureInfoCMSImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SingleSignatureInfoCMSImpl.java
new file mode 100644
index 0000000..cb36515
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SingleSignatureInfoCMSImpl.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo;
+import at.gv.egovernment.moa.spss.api.cmssign.SingleSignatureInfo;
+
+/**
+ * @version $Id$
+ */
+public class SingleSignatureInfoCMSImpl implements SingleSignatureInfo {
+
+ private DataObjectInfo dataObjectInfo = null;
+
+
+ private boolean securityLayerConform = true;
+
+ public void setDataObjectInfo(DataObjectInfo dataObjectInfo) {
+ this.dataObjectInfo = dataObjectInfo;
+ }
+
+ public DataObjectInfo getDataObjectInfo() {
+ return dataObjectInfo;
+ }
+
+
+
+ public void setSecurityLayerConform(boolean securityLayerConform) {
+ this.securityLayerConform = securityLayerConform;
+ }
+
+ public boolean isSecurityLayerConform() {
+ return securityLayerConform;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SingleSignatureInfoImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SingleSignatureInfoImpl.java
new file mode 100644
index 0000000..3d43068
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SingleSignatureInfoImpl.java
@@ -0,0 +1,73 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.SingleSignatureInfo;
+
+/**
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class SingleSignatureInfoImpl implements SingleSignatureInfo {
+
+ private List dataObjectInfos = new ArrayList();
+
+ private CreateSignatureInfo createSignatureInfo;
+
+ private boolean securityLayerConform = true;
+
+ public void setDataObjectInfos(List dataObjectInfos) {
+ this.dataObjectInfos =
+ dataObjectInfos != null
+ ? Collections.unmodifiableList(new ArrayList(dataObjectInfos))
+ : null;
+ }
+
+ public List getDataObjectInfos() {
+ return dataObjectInfos;
+ }
+
+ public void setCreateSignatureInfo(CreateSignatureInfo createSignatureInfo) {
+ this.createSignatureInfo = createSignatureInfo;
+ }
+
+ public CreateSignatureInfo getCreateSignatureInfo() {
+ return createSignatureInfo;
+ }
+
+ public void setSecurityLayerConform(boolean securityLayerConform) {
+ this.securityLayerConform = securityLayerConform;
+ }
+
+ public boolean isSecurityLayerConform() {
+ return securityLayerConform;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SupplementProfileExplicitImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SupplementProfileExplicitImpl.java
new file mode 100644
index 0000000..7f80388
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SupplementProfileExplicitImpl.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfileExplicit;
+
+/**
+ * Default implementation of <code>SupplementProfileExplicit</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class SupplementProfileExplicitImpl implements SupplementProfileExplicit {
+
+ /** Supplemental information for verifying a signature. */
+ private XMLDataObjectAssociation supplement;
+
+ /**
+ * Sets the supplemental information for verifying a signature.
+ *
+ * @param supplement The supplemental information for verifying a signature.
+ */
+ public void setSupplementProfile(XMLDataObjectAssociation supplement) {
+ this.supplement = supplement;
+ }
+
+ public XMLDataObjectAssociation getSupplementProfile() {
+ return supplement;
+ }
+
+ /**
+ * Gets the type of <code>SupplementProfile</code>.
+ *
+ * @return EXPLICIT_SUPPLEMENTPROFILE
+ */
+ public int getSupplementProfileType() {
+ return EXPLICIT_SUPPLEMENTPROFILE;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SupplementProfileIDImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SupplementProfileIDImpl.java
new file mode 100644
index 0000000..e73ce60
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SupplementProfileIDImpl.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfileID;
+
+/**
+ * Default implementation of <code>SupplementProfileID</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class SupplementProfileIDImpl implements SupplementProfileID {
+ /** The profile ID. */
+ private String profileID;
+
+ /**
+ * Sets the <code>SupplementProfile</code> profile ID.
+ *
+ * @param profileID The profile ID.
+ */
+ public void setSupplementProfileID(String profileID) {
+ this.profileID = profileID;
+ }
+
+ public String getSupplementProfileID() {
+ return profileID;
+ }
+
+ /**
+ * Gets the type of <code>SupplementProfile</code>.
+ *
+ * @return ID_SUPPLEMENTPROFILE
+ */
+ public int getSupplementProfileType() {
+ return ID_SUPPLEMENTPROFILE;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TSLConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TSLConfigurationImpl.java
new file mode 100644
index 0000000..4d69ed7
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TSLConfigurationImpl.java
@@ -0,0 +1,100 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import iaik.xml.crypto.utils.URI;
+
+import java.util.Date;
+
+import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
+
+/**
+ * Default implementation of <code>TSLConfiguration</code>.
+ *
+ * @author kstranacher
+ */
+public class TSLConfigurationImpl implements TSLConfiguration {
+
+
+
+ /** The EU TSL URL. */
+ private String euTSLUrl;
+
+ /** update period in milliseconds */
+ private long updateSchedulePeriod;
+
+ /** Time of the first update */
+ private Date updateScheduleStartTime;
+
+ /** Working directory */
+ private String workingDirectory;
+
+ /** Working directory */
+ private URI workingDirectoryAsURI;
+
+ public String getEuTSLUrl() {
+ return this.euTSLUrl;
+ }
+
+ public long getUpdateSchedulePeriod() {
+ return this.updateSchedulePeriod;
+ }
+
+ public Date getUpdateScheduleStartTime() {
+ return this.updateScheduleStartTime;
+ }
+
+ public String getWorkingDirectory() {
+ return this.workingDirectory;
+ }
+
+ public URI getWorkingDirectoryAsURI() {
+ return this.workingDirectoryAsURI;
+ }
+
+ public void setEuTSLUrl(String euTSLUrl) {
+ this.euTSLUrl = euTSLUrl;
+ }
+
+ public void setUpdateSchedulePeriod(long updateSchedulePeriod) {
+ this.updateSchedulePeriod = updateSchedulePeriod;
+ }
+
+ public void setUpdateScheduleStartTime(Date updateScheduleStartTime) {
+ this.updateScheduleStartTime = updateScheduleStartTime;
+ }
+
+ public void setWorkingDirectory(String workingDirectory) {
+ this.workingDirectory = workingDirectory;
+ }
+
+ public void setWorkingDirectoryURI(URI workingDirectoryAsURI) {
+ this.workingDirectoryAsURI = workingDirectoryAsURI;
+ }
+
+
+
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformImpl.java
new file mode 100644
index 0000000..37a05f9
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformImpl.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.Transform;
+
+/**
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class TransformImpl implements Transform {
+ /** The URI identifying the transformation algorithm. */
+ private String algorithmURI;
+
+ /**
+ * Sets the URI identifying the transformation algorithm.
+ *
+ * @param algorithmURI The URI identifying the transformation algorithm.
+ */
+ public void setAlgorithmURI(String algorithmURI) {
+ this.algorithmURI = algorithmURI;
+ }
+
+ public String getAlgorithmURI() {
+ return algorithmURI;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformParameterBinaryImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformParameterBinaryImpl.java
new file mode 100644
index 0000000..691f3a9
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformParameterBinaryImpl.java
@@ -0,0 +1,66 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.io.InputStream;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameterBinary;
+
+/**
+ * Default implementation of <code>TransformParameterBinary</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class TransformParameterBinaryImpl
+ extends TransformParameterImpl
+ implements TransformParameterBinary {
+
+ /** The binary content as a stream. */
+ private InputStream binaryContent;
+
+ /**
+ * Sets the binary content as a stream.
+ *
+ * @param binaryContent The binary content as a stream.
+ */
+ public void setBinaryContent(InputStream binaryContent) {
+ this.binaryContent = binaryContent;
+ }
+
+ public InputStream getBinaryContent() {
+ return binaryContent;
+ }
+
+ /**
+ * Gets the <code>TransformParameter</code> type.
+ *
+ * @return BINARY_TRANSFORMPARAMETER
+ */
+ public int getTransformParameterType() {
+ return BINARY_TRANSFORMPARAMETER;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformParameterImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformParameterImpl.java
new file mode 100644
index 0000000..1399c6e
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformParameterImpl.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+/**
+ * Default base implementation of <code>TransformParameter</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class TransformParameterImpl {
+ /** An URI identifying the <code>TransformParameter</code>. */
+ private String uri;
+
+ /**
+ * Sets the URI identifying the <code>TransformParameter</code>.
+ * @param uri The URI identifying the <code>TransformParameter</code>.
+ */
+ public void setURI(String uri) {
+ this.uri = uri;
+ }
+
+ public String getURI() {
+ return uri;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformParameterURIImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformParameterURIImpl.java
new file mode 100644
index 0000000..77810be
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformParameterURIImpl.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameterURI;
+
+/**
+ * Default implementation of <code>TransformParameterURI</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class TransformParameterURIImpl
+ extends TransformParameterImpl
+ implements TransformParameterURI {
+
+ /**
+ * Gets the type of <code>TransformParameter</code>.
+ *
+ * @return URI_TRANSFORMPARAMETER
+ */
+ public int getTransformParameterType() {
+ return URI_TRANSFORMPARAMETER;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformPatameterHashImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformPatameterHashImpl.java
new file mode 100644
index 0000000..7fcd72c
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/TransformPatameterHashImpl.java
@@ -0,0 +1,78 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameterHash;
+
+/**
+ * Default implementation of <code>TransformParameterHash</code>
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class TransformPatameterHashImpl
+ extends TransformParameterImpl
+ implements TransformParameterHash {
+
+ /** The method used to calculate the digest value. */
+ private String digestMethod;
+ /** The digest value. */
+ private byte[] digestValue;
+
+ /**
+ * Sets method used to calculate the digest value.
+ * @param digestMethod The method used to calculate the digest value.
+ */
+ public void setDigestMethod(String digestMethod) {
+ this.digestMethod = digestMethod;
+ }
+
+ public String getDigestMethod() {
+ return digestMethod;
+ }
+
+ /**
+ * Sets the digest value.
+ *
+ * @param digestValue The digest value.
+ */
+ public void setDigestValue(byte[] digestValue) {
+ this.digestValue = digestValue;
+ }
+
+ public byte[] getDigestValue() {
+ return digestValue;
+ }
+
+ /**
+ * Gets the type of <code>TransformParameter</code>.
+ *
+ * @return HASH_TRANSFORMPARAMETER
+ */
+ public int getTransformParameterType() {
+ return HASH_TRANSFORMPARAMETER;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java
new file mode 100644
index 0000000..c759f5f
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java
@@ -0,0 +1,117 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.io.InputStream;
+import java.util.Date;
+
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
+
+/**
+ * Default implementation of <code>VerifyCMSSignatureRequest</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class VerifyCMSSignatureRequestImpl
+ implements VerifyCMSSignatureRequest {
+
+ /** The indexes of the signatories whose signature should be verified. */
+ private int[] signatories;
+ /** The profile ID of trusted certificates. */
+ private String trustProfileId;
+ /** The data object necessary for signature verification. */
+ private CMSDataObject dataObject;
+ /** The CMS signature to verify. */
+ private InputStream cmsSignature;
+ /** The date for which to verify the signature. */
+ private Date dateTime;
+
+ /**
+ * Sets the indexes of the signatories whose signature should be verified.
+ *
+ * @param signatories The indexes of the signatories whose signature should be
+ * verified.
+ */
+ public void setSignatories(int[] signatories) {
+ this.signatories = signatories;
+ }
+
+ public int[] getSignatories() {
+ return signatories;
+ }
+
+ /**
+ * Sets the date for which to verify the signature.
+ *
+ * @param dateTime The date for which to verify the signature.
+ */
+ public void setDateTime(Date dateTime) {
+ this.dateTime = dateTime;
+ }
+
+ public Date getDateTime() {
+ return dateTime;
+ }
+
+ /**
+ * Sets the CMS signature to verify.
+ * @param signature The CMS signature to verify.
+ */
+ public void setCMSSignature(InputStream signature) {
+ this.cmsSignature = signature;
+
+ }
+
+ public InputStream getCMSSignature() {
+ return cmsSignature;
+ }
+
+ /**
+ * Sets the data object necessary for signature verification.
+ * @param dataObject The data object necessary for signature verification.
+ */
+ public void setDataObject(CMSDataObject dataObject) {
+ this.dataObject = dataObject;
+ }
+
+ public CMSDataObject getDataObject() {
+ return dataObject;
+ }
+
+ /**
+ * Sets the profile ID of trusted certificates.
+ * @param trustProfileId The profile ID of trusted certificates.
+ */
+ public void setTrustProfileId(String trustProfileId) {
+ this.trustProfileId = trustProfileId;
+ }
+
+ public String getTrustProfileId() {
+ return trustProfileId;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
new file mode 100644
index 0000000..f258b3b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
@@ -0,0 +1,86 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+
+/**
+ * Default implementation of <code>VerifyCMSSignatureResponseElement</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class VerifyCMSSignatureResponseElementImpl
+ implements VerifyCMSSignatureResponseElement {
+
+ /** Information about the signer certificate. */
+ private SignerInfo signerInfo;
+ /** Information about the signature check. */
+ private CheckResult signatureCheck;
+ /** Information about the certificate check. */
+ private CheckResult certificateCheck;
+
+ /**
+ * Sets a SignerInfo element according to CMS.
+ *
+ * @param signerInfo The SignerInfo element according to CMS.
+ */
+ public void setSignerInfo(SignerInfo signerInfo) {
+ this.signerInfo = signerInfo;
+ }
+
+ public SignerInfo getSignerInfo() {
+ return signerInfo;
+ }
+
+ /**
+ * Sets a result of the signature verification.
+ *
+ * @param signatureCheck The result of the signature verification.
+ */
+ public void setSignatureCheck(CheckResult signatureCheck) {
+ this.signatureCheck = signatureCheck;
+ }
+
+ public CheckResult getSignatureCheck() {
+ return signatureCheck;
+ }
+
+ /**
+ * Sets a result of the certificate verification.
+ *
+ * @param certificateCheck The result of the certificate verification.
+ */
+ public void setCertificateCheck(CheckResult certificateCheck) {
+ this.certificateCheck = certificateCheck;
+ }
+
+ public CheckResult getCertificateCheck() {
+ return certificateCheck;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSinatureResponseImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSinatureResponseImpl.java
new file mode 100644
index 0000000..44fb474
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSinatureResponseImpl.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+
+/**
+ * Default implementation of <code>VerifyCMSSignatureResponse</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class VerifyCMSSinatureResponseImpl
+ implements VerifyCMSSignatureResponse {
+
+ /** The elements contained in the response. */
+ private List responseElements;
+
+ /**
+ * Sets the elements contained in the response.
+ *
+ * @param responseElements The elements contained in the response.
+ */
+ public void setResponseElements(List responseElements) {
+ this.responseElements =
+ responseElements != null
+ ? Collections.unmodifiableList(new ArrayList(responseElements))
+ : null;
+ }
+
+ public List getResponseElements() {
+ return responseElements;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifySignatureInfoImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifySignatureInfoImpl.java
new file mode 100644
index 0000000..d022ae4
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifySignatureInfoImpl.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
+
+/**
+ * Default implementation of <code>VerifySignatureInfo</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class VerifySignatureInfoImpl implements VerifySignatureInfo {
+ /** The location of the signature to be verified. */
+ private VerifySignatureLocation verifySignatureLocation;
+ /** The environment containing the signature to be verified. */
+ private Content verifySignatureEnvironment;
+
+ /**
+ * Sets the location of the signature to be verified.
+ *
+ * @param verifySignatureLocation The location of the signature to be
+ * verified.
+ */
+ public void setVerifySignatureLocation(VerifySignatureLocation verifySignatureLocation) {
+ this.verifySignatureLocation = verifySignatureLocation;
+ }
+
+ public VerifySignatureLocation getVerifySignatureLocation() {
+ return verifySignatureLocation;
+ }
+
+ /**
+ * Sets the signature environment containing the signature to be verified.
+ *
+ * @param verifySignatureEnvironment The signature environment containing the
+ * signature to be verified.
+ */
+ public void setVerifySignatureEnvironment(Content verifySignatureEnvironment) {
+ this.verifySignatureEnvironment = verifySignatureEnvironment;
+ }
+
+ public Content getVerifySignatureEnvironment() {
+ return verifySignatureEnvironment;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifySignatureLocationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifySignatureLocationImpl.java
new file mode 100644
index 0000000..8e183bb
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifySignatureLocationImpl.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
+
+/**
+ * Default implementation of <code>VerifySignatureLocation</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class VerifySignatureLocationImpl
+ extends ElementSelectorImpl
+ implements VerifySignatureLocation {
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyTransformsDataImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyTransformsDataImpl.java
new file mode 100644
index 0000000..25b5c39
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyTransformsDataImpl.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo;
+
+/**
+ * Default implementation of <codeReferenceInfo</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class VerifyTransformsDataImpl implements ReferenceInfo {
+ /** Information about the transformations contained in the signature. */
+ private List verifyTransformsInfoProfiles;
+
+ /**
+ * Sets the information about the transformations contained in the signature.
+ *
+ * @param verifyTransformsInfoProfiles The profiles containing transformation
+ * information.
+ */
+ public void setVerifyTransformsInfoProfiles(List verifyTransformsInfoProfiles) {
+ this.verifyTransformsInfoProfiles =
+ verifyTransformsInfoProfiles != null
+ ? Collections.unmodifiableList(
+ new ArrayList(verifyTransformsInfoProfiles))
+ : null;
+ }
+
+ public List getVerifyTransformsInfoProfiles() {
+ return verifyTransformsInfoProfiles;
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyTransformsInfoProfileExplicitImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyTransformsInfoProfileExplicitImpl.java
new file mode 100644
index 0000000..2ce5f39
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyTransformsInfoProfileExplicitImpl.java
@@ -0,0 +1,85 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfileExplicit;
+
+/**
+ * Default implementation of <code>VerifyTransformsInfoProfileExplicit</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class VerifyTransformsInfoProfileExplicitImpl
+ implements VerifyTransformsInfoProfileExplicit {
+
+ /** The transforms contained in this profile. */
+ private List transforms;
+ /** Additional information for the transforms. */
+ private List transformParameters = new ArrayList();
+
+ /**
+ * Sets the transforms contained in this profile.
+ *
+ * @param transforms The transforms contained in this profile.
+ */
+ public void setTransforms(List transforms) {
+ this.transforms =
+ transforms != null
+ ? Collections.unmodifiableList(new ArrayList(transforms))
+ : null;
+ }
+
+ public List getTransforms() {
+ return transforms;
+ }
+
+ /**
+ * Sets additional information for the transforms.
+ *
+ * @param transformParameters Additional information for the transforms.
+ */
+ public void setTransformParameters(List transformParameters) {
+ this.transformParameters = new ArrayList(transformParameters);
+ }
+
+ public List getTransformParameters() {
+ return transformParameters;
+ }
+
+ /**
+ * Gets the type of <code>VerifyTransformsInfoProfile</code>.
+ *
+ * @return EXPLICIT_VERIFYTRANSFORMSINFOPROFILE
+ */
+ public int getVerifyTransformsInfoProfileType() {
+ return EXPLICIT_VERIFYTRANSFORMSINFOPROFILE;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyTransformsInfoProfileIDImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyTransformsInfoProfileIDImpl.java
new file mode 100644
index 0000000..a545535
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyTransformsInfoProfileIDImpl.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfileID;
+
+/**
+ * Default implementation of <code>VerifyTransformsInfoProfileID</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class VerifyTransformsInfoProfileIDImpl implements VerifyTransformsInfoProfileID {
+
+ /** The profile ID. */
+ private String verifyTransformsInfoProfileID;
+
+ /**
+ * Sets the profile ID.
+ *
+ * @param profileID The profile ID.
+ */
+ public void setVerifyTransformsInfoProfileID(String profileID) {
+ this.verifyTransformsInfoProfileID = profileID;
+ }
+
+ public String getVerifyTransformsInfoProfileID() {
+ return verifyTransformsInfoProfileID;
+ }
+
+ /**
+ * Gets the type of <code>VerifyTransformsInfoProfile</code>.
+ *
+ * @return ID_VERIFYTRANSFORMSINFOPROFILE
+ */
+ public int getVerifyTransformsInfoProfileType() {
+ return ID_VERIFYTRANSFORMSINFOPROFILE;
+ }
+
+} \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureRequestImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureRequestImpl.java
new file mode 100644
index 0000000..1b9be35
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureRequestImpl.java
@@ -0,0 +1,137 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Date;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.xmlverify.SignatureManifestCheckParams;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+
+/**
+ * Default implementation of <code>VerifyXMLSignatureRequest</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class VerifyXMLSignatureRequestImpl
+ implements VerifyXMLSignatureRequest {
+ /** Date and time for signature verification. */
+ private Date dateTime;
+ /** The signature to be verified. */
+ private VerifySignatureInfo verifySignatureInfo;
+ /** Supplemental information about the singature. */
+ private List supplementProfiles;
+ /** Additional parameters for checking the signature manifest. */
+ private SignatureManifestCheckParams signatureManifestCheckParams;
+ /** Whether to return the hash input data. */
+ private boolean returnHashInputData;
+ /** The profile ID of the trust profile containing the trusted certificates.
+ */
+ private String trustProfileId;
+
+ /**
+ * Sets the date and time for signature verification.
+ *
+ * @param dateTime The date and time for signature verification.
+ */
+ public void setDateTime(Date dateTime) {
+ this.dateTime = dateTime;
+ }
+
+ public Date getDateTime() {
+ return dateTime;
+ }
+
+ /**
+ * Sets the signature to be verified.
+ *
+ * @param signatureInfo The signature to be verified.
+ */
+ public void setSignatureInfo(VerifySignatureInfo signatureInfo) {
+ this.verifySignatureInfo = signatureInfo;
+ }
+
+ public VerifySignatureInfo getSignatureInfo() {
+ return verifySignatureInfo;
+ }
+
+ /**
+ * Sets supplemental information about the singature.
+ * @param supplementProfiles
+ */
+ public void setSupplementProfiles(List supplementProfiles) {
+ this.supplementProfiles =
+ supplementProfiles != null
+ ? Collections.unmodifiableList(new ArrayList(supplementProfiles))
+ : null;
+ }
+
+ public List getSupplementProfiles() {
+ return supplementProfiles;
+ }
+
+ /**
+ * Sets supplemental information about the singature.
+ * @param params Supplemental information about the singature.
+ */
+ public void setSignatureManifestCheckParams(SignatureManifestCheckParams params) {
+ this.signatureManifestCheckParams = params;
+ }
+
+ public SignatureManifestCheckParams getSignatureManifestCheckParams() {
+ return signatureManifestCheckParams;
+ }
+
+ /**
+ * Sets whether to return hash input data.
+ *
+ * @param returnSignedData Whether to return hash input data.
+ */
+ public void setReturnHashInputData(boolean returnSignedData) {
+ this.returnHashInputData = returnSignedData;
+ }
+
+ public boolean getReturnHashInputData() {
+ return returnHashInputData;
+ }
+
+ /**
+ * Sets the profile ID of trusted certificates.
+ *
+ * @param trustProfileId The profile ID of trusted certificates.
+ */
+ public void setTrustProfileId(String trustProfileId) {
+ this.trustProfileId = trustProfileId;
+ }
+
+ public String getTrustProfileId() {
+ return trustProfileId;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java
new file mode 100644
index 0000000..46fd517
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java
@@ -0,0 +1,166 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+
+/**
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class VerifyXMLSignatureResponseImpl
+ implements VerifyXMLSignatureResponse {
+
+ /** Information about the signer certificate. */
+ private SignerInfo signerInfo;
+
+ /**
+ * The hash input data objects. The list consists of {@link at.gv.egovernment.moa.spss.api.common.InputData}s.
+ * */
+ private List hashInputDatas = new ArrayList();
+
+ /**
+ * The reference input data objects. The list consists of {@link at.gv.egovernment.moa.spss.api.common.InputData}s.
+ * */
+ private List referenceInputDatas = new ArrayList();
+
+ /** Information about the signature check. */
+ private ReferencesCheckResult signatureCheck;
+ /** Information about the signature manifest check. */
+ private ReferencesCheckResult signatureManifestCheck;
+ /** Information about the XMLDsig manifest check. */
+ private List xmlDsigManifestChecks = new ArrayList();
+ /** Information about the certificate check. */
+ private CheckResult certificateCheck;
+
+ /**
+ * Sets information about the signer certificate.
+ *
+ * @param signerInfo Information about the signer certificate.
+ */
+ public void setSignerInfo(SignerInfo signerInfo) {
+ this.signerInfo = signerInfo;
+ }
+
+ public SignerInfo getSignerInfo() {
+ return signerInfo;
+ }
+
+ /**
+ * Sets data signed by the signatory.
+ *
+ * @param hashInputDatas The signed datas.
+ */
+ public void setHashInputDatas(List hashInputDatas) {
+ this.hashInputDatas =
+ hashInputDatas != null
+ ? Collections.unmodifiableList(new ArrayList(hashInputDatas))
+ : null;
+ }
+
+ public List getHashInputDatas() {
+ return hashInputDatas;
+ }
+
+ /**
+ * Sets the source data elements.
+ *
+ * @param referenceInputDatas The source data elements.
+ */
+ public void setReferenceInputDatas(List referenceInputDatas) {
+ this.referenceInputDatas =
+ referenceInputDatas != null
+ ? Collections.unmodifiableList(new ArrayList(referenceInputDatas))
+ : null;
+ }
+
+ public List getReferenceInputDatas() {
+ return referenceInputDatas;
+ }
+
+ /**
+ * Sets the result of the signature verification.
+ *
+ * @param signatureCheck The result of the signature verification.
+ */
+ public void setSignatureCheck(ReferencesCheckResult signatureCheck) {
+ this.signatureCheck = signatureCheck;
+ }
+
+ public ReferencesCheckResult getSignatureCheck() {
+ return signatureCheck;
+ }
+
+ /**
+ * Sets the result of the signature manifest verification.
+ *
+ * @param signatureManifestCheck The result of the signature manifest verification.
+ */
+ public void setSignatureManifestCheck(ReferencesCheckResult signatureManifestCheck) {
+ this.signatureManifestCheck = signatureManifestCheck;
+ }
+
+ public ReferencesCheckResult getSignatureManifestCheck() {
+ return signatureManifestCheck;
+ }
+
+ /**
+ * Sets the result of the certification verification.
+ *
+ * @param certificateCheck The result of the certificate verification.
+ */
+ public void setCertificateCheck(CheckResult certificateCheck) {
+ this.certificateCheck = certificateCheck;
+ }
+
+ public CheckResult getCertificateCheck() {
+ return certificateCheck;
+ }
+
+
+ /**
+ * Sets the XMLDSigManifestChecks.
+ *
+ * @param xmlDsigManifestChecks The XMLDSigManifestChecks.
+ */
+ public void setXMLDsigManifestChecks(List xmlDsigManifestChecks) {
+ this.xmlDsigManifestChecks =
+ xmlDsigManifestChecks != null
+ ? Collections.unmodifiableList(new ArrayList(xmlDsigManifestChecks))
+ : null;
+ }
+
+ public List getXMLDsigManifestChecks() {
+ return xmlDsigManifestChecks;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/X509IssuerSerialImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/X509IssuerSerialImpl.java
new file mode 100644
index 0000000..aff7e10
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/X509IssuerSerialImpl.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.math.BigInteger;
+
+import at.gv.egovernment.moa.spss.api.common.X509IssuerSerial;
+
+/**
+ * Default implementation of <code>X509IssuerSerial</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class X509IssuerSerialImpl implements X509IssuerSerial {
+ /** The certificate serial number. */
+ private BigInteger x509SerialNumber;
+ /** The certificate issuer DN. */
+ private String x509IssuerName;
+
+ /**
+ * Sets the issuer distinguished name.
+ *
+ * @param x509IssuerName The issuer distinguished name.
+ */
+ public void setX509IssuerName(String x509IssuerName) {
+ this.x509IssuerName = x509IssuerName;
+ }
+
+ public String getX509IssuerName() {
+ return x509IssuerName;
+ }
+
+ /**
+ * Sets the certificate serial number.
+ *
+ * @param x509SerialNumber The issuer serial number.
+ */
+ public void setX509SerialNumber(BigInteger x509SerialNumber) {
+ this.x509SerialNumber = x509SerialNumber;
+ }
+
+ public BigInteger getX509SerialNumber() {
+ return x509SerialNumber;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XMLDataObjectAssociationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XMLDataObjectAssociationImpl.java
new file mode 100644
index 0000000..dabf29d
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XMLDataObjectAssociationImpl.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+
+/**
+ * Default implementation of <code>XMLDataObjectAssociation</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class XMLDataObjectAssociationImpl implements XMLDataObjectAssociation {
+
+ /** Meta information about the <code>Content</code> object. */
+ private MetaInfo metaInfo;
+ /** The actual data contained in this object. */
+ private Content content;
+
+ /**
+ * Sets meta information about the <code>Content</code> object.
+ * @param metaInfo Meta information about the <code>Content</code> object.
+ */
+ public void setMetaInfo(MetaInfo metaInfo) {
+ this.metaInfo = metaInfo;
+ }
+
+ public MetaInfo getMetaInfo() {
+ return metaInfo;
+ }
+
+ /**
+ * Sets the actual data contained in this object.
+ *
+ * @param content The actual data contained in this object.
+ */
+ public void setContent(Content content) {
+ this.content = content;
+ }
+
+ public Content getContent() {
+ return content;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XPathFilter2TransformImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XPathFilter2TransformImpl.java
new file mode 100644
index 0000000..175de3a
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XPathFilter2TransformImpl.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.common.XPathFilter2Transform;
+
+/**
+ * Default implementation of <code>XPathFilter2Transform</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class XPathFilter2TransformImpl
+ extends TransformImpl
+ implements XPathFilter2Transform {
+
+ /** The XPath filters. */
+ private List filters;
+
+ /**
+ * Create a new <code>XPathFilter2TransformImpl</code> object.
+ */
+ public XPathFilter2TransformImpl() {
+ setAlgorithmURI(XPATH_FILTER2);
+ }
+
+ /**
+ * Sets the XPath filters contained in this
+ * <code>XPathFilter2Transform</code>.
+ *
+ * @param filters The XPath filters contained in this
+ * <code>XPathFilter2Transform</code>.
+ */
+ public void setFilters(List filters) {
+ this.filters = new ArrayList(filters);
+ }
+
+ public List getFilters() {
+ return filters;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XPathFilterImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XPathFilterImpl.java
new file mode 100644
index 0000000..6615e9f
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XPathFilterImpl.java
@@ -0,0 +1,88 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import at.gv.egovernment.moa.spss.api.common.XPathFilter;
+
+/**
+ * Default implementation of <code>XPathFilter</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class XPathFilterImpl implements XPathFilter {
+ /** The type of filter. */
+ private String filterType;
+ /** The XPath expression of the filter. */
+ private String xPathExpression;
+ /** The namespace prefix to URI mapping to while evaluating the XPath
+ * expression. */
+ private Map namespaceDeclarations = new HashMap();
+
+ /**
+ * Sets the type of filter.
+ *
+ * @param filterType The type of filter.
+ */
+ public void setFilterType(String filterType) {
+ this.filterType = filterType;
+ }
+
+ public String getFilterType() {
+ return filterType;
+ }
+
+ /**
+ * Sets the XPath expression of the filter.
+ *
+ * @param xPathExpression The XPath expression of the filter.
+ */
+ public void setXPathExpression(String xPathExpression) {
+ this.xPathExpression = xPathExpression;
+ }
+
+ public String getXPathExpression() {
+ return xPathExpression;
+ }
+
+ /**
+ * Sets the namespace prefix to URI mapping to while evaluating the XPath
+ * expression.
+ *
+ * @param namespaceDeclarations The namespace prefix to URI mapping to while
+ * evaluating the XPath expression.
+ */
+ public void setNamespaceDelcarations(Map namespaceDeclarations) {
+ this.namespaceDeclarations = namespaceDeclarations;
+ }
+
+ public Map getNamespaceDeclarations() {
+ return namespaceDeclarations;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XPathTransformImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XPathTransformImpl.java
new file mode 100644
index 0000000..f626a95
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XPathTransformImpl.java
@@ -0,0 +1,83 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import at.gv.egovernment.moa.spss.api.common.XPathTransform;
+
+/**
+ * Default implementation of <code>XPathTransform</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class XPathTransformImpl
+ extends TransformImpl
+ implements XPathTransform {
+
+ /** The XPath expression to evaluate. */
+ private String xPathExpression;
+ /** The namespace prefix to URI mapping to while evaluating the XPath
+ * expression. */
+ private Map namespaceDeclarations = new HashMap();
+
+ /**
+ * Create a new <code>XPathTransformImpl</code> object.
+ */
+ public XPathTransformImpl() {
+ setAlgorithmURI(XPATH);
+ }
+
+ /**
+ * Sets the XPath expression to evaluate.
+ *
+ * @param xPathExpression The XPath expression to evaluate.
+ */
+ public void setXPathExpression(String xPathExpression) {
+ this.xPathExpression = xPathExpression;
+ }
+
+ public String getXPathExpression() {
+ return xPathExpression;
+ }
+
+ /**
+ * Sets the namespace prefix to URI mapping to while evaluating the XPath
+ * expression.
+ *
+ * @param namespaceDeclarations The namespace prefix to URI mapping to while
+ * evaluating the XPath expression.
+ */
+ public void setNamespaceDelcarations(Map namespaceDeclarations) {
+ this.namespaceDeclarations = namespaceDeclarations;
+ }
+
+ public Map getNamespaceDeclarations() {
+ return namespaceDeclarations;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XSLTransformImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XSLTransformImpl.java
new file mode 100644
index 0000000..3fd4cc1
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/XSLTransformImpl.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.impl;
+
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.spss.api.common.XSLTTransform;
+
+/**
+ * Default implementation of <code>XSLTTransform</code>.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class XSLTransformImpl extends TransformImpl implements XSLTTransform {
+ /** The XSLT stylesheet to apply. */
+ private Element styleSheet;
+
+ /**
+ * Create a new <code>XSLTransformImpl</code> object.
+ */
+ public XSLTransformImpl() {
+ setAlgorithmURI(XSLT);
+ }
+
+ /**
+ * Sets the XSLT stylesheet to apply.
+ *
+ * @param styleSheet The XSLT stylesheet to apply.
+ */
+ public void setStylesheet(Element styleSheet) {
+ this.styleSheet = styleSheet;
+ }
+
+ public Element getStylesheet() {
+ return styleSheet;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureRequestParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureRequestParser.java
new file mode 100644
index 0000000..a8cae9c
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureRequestParser.java
@@ -0,0 +1,261 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.io.InputStream;
+import java.math.BigDecimal;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.traversal.NodeIterator;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo;
+import at.gv.egovernment.moa.spss.api.cmssign.SingleSignatureInfo;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.BoolUtils;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+/**
+ * A parser to parse <code>CreateCMSSignatureRequest</code> DOM trees into
+ * <code>CreateCMSSignatureRequest</code> API objects.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CreateCMSSignatureRequestParser {
+
+ //
+ // XPath expresssions to select elements in the CreateCMSSignatureRequest
+ //
+ private static final String MOA = Constants.MOA_PREFIX + ":";
+ private static final String KEY_IDENTIFIER_XPATH =
+ "/" + MOA + "CreateCMSSignatureRequest/" + MOA + "KeyIdentifier";
+ private static final String SINGLE_SIGNATURE_INFO_XPATH =
+ "/" + MOA + "CreateCMSSignatureRequest/" + MOA + "SingleSignatureInfo";
+ private static final String DATA_OBJECT_INFO_XPATH = MOA + "DataObjectInfo";
+ private static final String DATA_OBJECT_XPATH = MOA + "DataObject";
+
+ private static final String SL_CONFORM_ATTR_NAME = "SecurityLayerConformity";
+
+ private static final String META_INFO_XPATH = MOA + "MetaInfo";
+ private static final String CONTENT_XPATH = MOA + "Content";
+ private static final String BASE64_CONTENT_XPATH = MOA + "Base64Content";
+ private static final String EXCLUDEBYTERANGE_FROM_XPATH = MOA + "ExcludedByteRange/" + MOA + "From";
+ private static final String EXCLUDEBYTERANGE_TO_XPATH = MOA + "ExcludedByteRange/" + MOA + "To";
+
+
+
+ /** The factory to create API objects. */
+ private SPSSFactory factory;
+
+ /**
+ * Create a new <code>CreateCMSSignatureRequestParser</code>.
+ */
+ public CreateCMSSignatureRequestParser() {
+ this.factory = SPSSFactory.getInstance();
+ }
+
+ /**
+ * Parse a <code>CreateCMSSignatureRequest</code> DOM element, as defined
+ * by the MOA schema.
+ *
+ * @param requestElem The <code>CreateCMSSignatureRequest</code> to parse. The
+ * request must have been successfully parsed against the schema for this
+ * method to succeed.
+ * @return A <code>CreateCMSSignatureRequest</code> API object containing
+ * the data from the DOM element.
+ * @throws MOAApplicationException An error occurred parsing the request.
+ */
+ public CreateCMSSignatureRequest parse(Element requestElem)
+ throws MOAApplicationException {
+
+ List singleSignatureInfos = parseSingleSignatureInfos(requestElem);
+ String keyIdentifier =
+ XPathUtils.getElementValue(requestElem, KEY_IDENTIFIER_XPATH, null);
+
+ return factory.createCreateCMSSignatureRequest(
+ keyIdentifier,
+ singleSignatureInfos);
+ }
+
+ /**
+ * Parse all <code>SingleSignatureInfo</code> elements of the
+ * <code>CreateCMSSignatureRequest</code>.
+ *
+ * @param requestElem The <code>CreateCMSSignatureRequest</code> to parse.
+ * @return A <code>List</code> of <code>SingleSignatureInfo</code> API
+ * objects.
+ * @throws MOAApplicationException An error occurred parsing on of the
+ * <code>SingleSignatureInfo</code> elements.
+ */
+ private List parseSingleSignatureInfos(Element requestElem)
+ throws MOAApplicationException {
+
+ List singleSignatureInfos = new ArrayList();
+ NodeIterator sigInfoElems =
+ XPathUtils.selectNodeIterator(requestElem, SINGLE_SIGNATURE_INFO_XPATH);
+ Element sigInfoElem;
+
+ while ((sigInfoElem = (Element) sigInfoElems.nextNode()) != null) {
+ singleSignatureInfos.add(parseSingleSignatureInfo(sigInfoElem));
+ }
+
+ return singleSignatureInfos;
+ }
+
+ /**
+ * Parse a <code>SingleSignatureInfo</code> DOM element.
+ *
+ * @param sigInfoElem The <code>SingleSignatureInfo</code> DOM element to
+ * parse.
+ * @return A <code>SingleSignatureInfo</code> API object containing the
+ * information of <code>sigInfoElem</code>.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>SingleSignatureInfo</code>.
+ */
+ private SingleSignatureInfo parseSingleSignatureInfo(Element sigInfoElem)
+ throws MOAApplicationException {
+
+ DataObjectInfo dataObjectInfo = parseDataObjectInfo(sigInfoElem);
+ boolean securityLayerConform;
+
+ if (sigInfoElem.hasAttribute(SL_CONFORM_ATTR_NAME)) {
+ securityLayerConform =
+ BoolUtils.valueOf(sigInfoElem.getAttribute(SL_CONFORM_ATTR_NAME));
+ } else {
+ securityLayerConform = true;
+ }
+
+ return factory.createSingleSignatureInfoCMS(
+ dataObjectInfo,
+ securityLayerConform);
+ }
+
+ /**
+ * Parse the <code>DataObjectInfo</code> DOM elements contained in the given
+ * <code>SingleSignatureInfo</code> DOM element.
+ *
+ * @param sigInfoElem The <code>SingleSignatureInfo</code> DOM element
+ * whose <code>DataObjectInfo</code>s to parse.
+ * @return A <code>List</code> of <code>DataObjectInfo</code> API objects
+ * containing the data from the <code>DataObjectInfo</code> DOM elements.
+ * @throws MOAApplicationException An error occurred parsing one of the
+ * <code>DataObjectInfo</code>s.
+ */
+ private DataObjectInfo parseDataObjectInfo(Element sigInfoElem)
+ throws MOAApplicationException {
+
+ Element dataObjInfoElem = (Element)XPathUtils.selectSingleNode(sigInfoElem, DATA_OBJECT_INFO_XPATH);
+
+ String structure = dataObjInfoElem.getAttribute("Structure");
+ Element dataObjectElem =
+ (Element) XPathUtils.selectSingleNode(dataObjInfoElem, DATA_OBJECT_XPATH);
+
+ CMSDataObject dataObject = parseDataObject(dataObjectElem);
+
+ return factory.createDataObjectInfo(
+ structure,
+ dataObject);
+
+ }
+
+
+
+
+
+ /**
+ * Parse a the <code>DataObject</code> DOM element contained in a given
+ * <code>CreateCMSSignatureRequest</code> DOM element.
+ *
+ * @param requestElem The DataObject DOM element of the <code>VerifyCMSSignatureRequest</code>
+ * to parse.
+ * @return The <code>CMSDataObject</code> API object containing the data
+ * from the <code>DataObject</code> DOM element.
+ */
+ private CMSDataObject parseDataObject(Element dataObjectElem) {
+
+ if (dataObjectElem != null) {
+ Element metaInfoElem = (Element) XPathUtils.selectSingleNode(dataObjectElem, META_INFO_XPATH);
+ MetaInfo metaInfo = null;
+ Element contentElem = (Element) XPathUtils.selectSingleNode(dataObjectElem, CONTENT_XPATH);
+ CMSContent content = parseContent(contentElem);
+
+ if (metaInfoElem != null) {
+ metaInfo = RequestParserUtils.parseMetaInfo(metaInfoElem);
+ }
+
+ String excludeByteRangeFromStr = XPathUtils.getElementValue(dataObjectElem, EXCLUDEBYTERANGE_FROM_XPATH, null);
+ String excludeByteRangeToStr = XPathUtils.getElementValue(dataObjectElem, EXCLUDEBYTERANGE_TO_XPATH, null);
+
+ BigDecimal excludeByteRangeFrom = null;
+ BigDecimal excludeByteRangeTo = null;
+
+ if (excludeByteRangeFromStr != null)
+ excludeByteRangeFrom = new BigDecimal(excludeByteRangeFromStr);
+ if (excludeByteRangeToStr != null)
+ excludeByteRangeTo = new BigDecimal(excludeByteRangeToStr);
+
+ return factory.createCMSDataObject(metaInfo, content, excludeByteRangeFrom, excludeByteRangeTo);
+ }
+ else {
+ return null;
+ }
+ }
+
+
+
+ /**
+ * Parse the content contained in a <code>CMSContentBaseType</code> kind of
+ * DOM element.
+ *
+ * @param contentElem The <code>CMSContentBaseType</code> kind of element to
+ * parse.
+ * @return A <code>CMSDataObject</code> API object containing the data
+ * from the given DOM element.
+ */
+ private CMSContent parseContent(Element contentElem) {
+ Element base64ContentElem =
+ (Element) XPathUtils.selectSingleNode(contentElem, BASE64_CONTENT_XPATH);
+
+ if (base64ContentElem != null) {
+ String base64Str = DOMUtils.getText(base64ContentElem);
+ InputStream binaryContent = Base64Utils.decodeToStream(base64Str, true);
+ return factory.createCMSContent(binaryContent);
+ } else {
+ return factory.createCMSContent(
+ contentElem.getAttribute("Reference"));
+ }
+ }
+
+} \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureResponseBuilder.java
new file mode 100644
index 0000000..907f90d
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureResponseBuilder.java
@@ -0,0 +1,145 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.io.IOException;
+import java.util.Iterator;
+
+import javax.xml.transform.TransformerException;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.api.cmssign.CMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.SignatureEnvironmentResponse;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+
+/**
+ * Convert a <code>CreateCMSSignatureResponse</code> API object into its
+ * XML representation, according to the MOA XML schema.
+ *
+ * @version $Id$
+ */
+public class CreateCMSSignatureResponseBuilder {
+ private static final String MOA_NS_URI = Constants.MOA_NS_URI;
+
+ /** The XML document containing the response element. */
+ private Document responseDoc;
+ /** The response <code>CreateCMSSignatureResponse</code> DOM element. */
+ private Element responseElem;
+
+ /**
+ * Create a new <code>CreateCMSSignatureResponseBuilder</code>:
+ *
+ * @throws MOASystemException An error occurred setting up the resulting
+ * XML document.
+ */
+ public CreateCMSSignatureResponseBuilder() throws MOASystemException {
+ responseDoc =
+ ResponseBuilderUtils.createResponse("CreateCMSSignatureResponse");
+ responseElem = responseDoc.getDocumentElement();
+ }
+
+ /**
+ * Build a document containing a <code>CreateCMSSignatureResponse</code>
+ * DOM element being the XML representation of the given
+ * <code>CreateCMSSignatureResponse</code> API object.
+ *
+ * @param response The <code>CreateCMSSignatureResponse</code> to convert
+ * to XML.
+ * @return A document containing the <code>CreateCMSSignatureResponse</code>
+ * DOM element.
+ */
+ public Document build(CreateCMSSignatureResponse response) {
+ Iterator iter;
+
+
+ for (iter = response.getResponseElements().iterator(); iter.hasNext();) {
+ CreateCMSSignatureResponseElement responseElement =
+ (CreateCMSSignatureResponseElement) iter.next();
+
+ switch (responseElement.getResponseType()) {
+ case CreateCMSSignatureResponseElement.CMS_SIGNATURE :
+ CMSSignatureResponse cmsSignatureResponse = (CMSSignatureResponse) responseElement;
+ addCMSSignature(cmsSignatureResponse);
+ break;
+
+ case CreateCMSSignatureResponseElement.ERROR_RESPONSE :
+ ErrorResponse errorResponse = (ErrorResponse) responseElement;
+ addErrorResponse(errorResponse);
+ break;
+ }
+
+ }
+
+ return responseDoc;
+ }
+
+
+
+ /**
+ * Add a <code>CMSSignature</code> element to the response.
+ *
+ * @param cmsSignatureResponse The content to put under the
+ * <code>CMSSignature</code> element.
+ */
+ private void addCMSSignature(CMSSignatureResponse cmsSignatureResponse) {
+ String base64Value = cmsSignatureResponse.getCMSSignature();
+
+ Element cmsSignature = responseDoc.createElementNS(MOA_NS_URI, "CMSSignature");
+ cmsSignature.setTextContent(base64Value);
+
+ responseElem.appendChild(cmsSignature);
+
+}
+
+ /**
+ * Add a <code>ErrorResponse</code> element to the response.
+ *
+ * @param errorResponse The API object containing the information to put into
+ * the <code>ErrorResponse</code> DOM element.
+ */
+ private void addErrorResponse(ErrorResponse errorResponse) {
+ Element errorElem =
+ responseDoc.createElementNS(MOA_NS_URI, "ErrorResponse");
+ Element errorCodeElem =
+ responseDoc.createElementNS(MOA_NS_URI, "ErrorCode");
+ Element infoElem = responseDoc.createElementNS(MOA_NS_URI, "Info");
+ String errorCodeStr = Integer.toString(errorResponse.getErrorCode());
+
+ errorCodeElem.appendChild(responseDoc.createTextNode(errorCodeStr));
+ errorElem.appendChild(errorCodeElem);
+ infoElem.appendChild(responseDoc.createTextNode(errorResponse.getInfo()));
+ errorElem.appendChild(errorCodeElem);
+ errorElem.appendChild(infoElem);
+ responseElem.appendChild(errorElem);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureRequestParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureRequestParser.java
new file mode 100644
index 0000000..9cea2fc
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureRequestParser.java
@@ -0,0 +1,312 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.traversal.NodeIterator;
+
+import at.gv.egovernment.moa.util.BoolUtils;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlsign.DataObjectInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.SingleSignatureInfo;
+
+/**
+ * A parser to parse <code>CreateXMLSignatureRequest</code> DOM trees into
+ * <code>CreateXMLSignatureRequest</code> API objects.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CreateXMLSignatureRequestParser {
+
+ //
+ // XPath expresssions to select elements in the CreateXMLSignatureRequest
+ //
+ private static final String MOA = Constants.MOA_PREFIX + ":";
+ private static final String KEY_IDENTIFIER_XPATH =
+ "/" + MOA + "CreateXMLSignatureRequest/" + MOA + "KeyIdentifier";
+ private static final String SINGLE_SIGNATURE_INFO_XPATH =
+ "/" + MOA + "CreateXMLSignatureRequest/" + MOA + "SingleSignatureInfo";
+ private static final String DATA_OBJECT_INFO_XPATH = MOA + "DataObjectInfo";
+ private static final String DATA_OBJECT_XPATH = MOA + "DataObject";
+ private static final String CREATE_SIGNATURE_INFO_XPATH =
+ MOA + "CreateSignatureInfo";
+ private static final String CREATE_TRANSFORMS_INFO_PROFILE_XPATH =
+ (MOA + "CreateTransformsInfoProfile | ")
+ + (MOA + "CreateTransformsInfoProfileID");
+ private static final String CREATE_SIGNATURE_ENVIRONMENT_XPATH =
+ MOA + "CreateSignatureEnvironment";
+ private static final String CREATE_SIGNATURE_ENVIRONMENT_PROFILE_XPATH =
+ (MOA + "CreateSignatureEnvironmentProfile | ")
+ + (MOA + "CreateSignatureEnvironmentProfileID");
+ private static final String SL_CONFORM_ATTR_NAME = "SecurityLayerConformity";
+
+ /** The factory to create API objects. */
+ private SPSSFactory factory;
+
+ /**
+ * Create a new <code>CreateXMLSignatureRequestParser</code>.
+ */
+ public CreateXMLSignatureRequestParser() {
+ this.factory = SPSSFactory.getInstance();
+ }
+
+ /**
+ * Parse a <code>CreateXMLSignatureRequest</code> DOM element, as defined
+ * by the MOA schema.
+ *
+ * @param requestElem The <code>CreateXMLSignatureRequest</code> to parse. The
+ * request must have been successfully parsed against the schema for this
+ * method to succeed.
+ * @return A <code>CreateXMLSignatureRequest</code> API object containing
+ * the data from the DOM element.
+ * @throws MOAApplicationException An error occurred parsing the request.
+ */
+ public CreateXMLSignatureRequest parse(Element requestElem)
+ throws MOAApplicationException {
+
+ List singleSignatureInfos = parseSingleSignatureInfos(requestElem);
+ String keyIdentifier =
+ XPathUtils.getElementValue(requestElem, KEY_IDENTIFIER_XPATH, null);
+
+ return factory.createCreateXMLSignatureRequest(
+ keyIdentifier,
+ singleSignatureInfos);
+ }
+
+ /**
+ * Parse all <code>SingleSignatureInfo</code> elements of the
+ * <code>CreateXMLSignatureRequest</code>.
+ *
+ * @param requestElem The <code>CreateXMLSignatureRequest</code> to parse.
+ * @return A <code>List</code> of <code>SingleSignatureInfo</code> API
+ * objects.
+ * @throws MOAApplicationException An error occurred parsing on of the
+ * <code>SingleSignatureInfo</code> elements.
+ */
+ private List parseSingleSignatureInfos(Element requestElem)
+ throws MOAApplicationException {
+
+ List singleSignatureInfos = new ArrayList();
+ NodeIterator sigInfoElems =
+ XPathUtils.selectNodeIterator(requestElem, SINGLE_SIGNATURE_INFO_XPATH);
+ Element sigInfoElem;
+
+ while ((sigInfoElem = (Element) sigInfoElems.nextNode()) != null) {
+ singleSignatureInfos.add(parseSingleSignatureInfo(sigInfoElem));
+ }
+
+ return singleSignatureInfos;
+ }
+
+ /**
+ * Parse a <code>SingleSignatureInfo</code> DOM element.
+ *
+ * @param sigInfoElem The <code>SingleSignatureInfo</code> DOM element to
+ * parse.
+ * @return A <code>SingleSignatureInfo</code> API object containing the
+ * information of <code>sigInfoElem</code>.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>SingleSignatureInfo</code>.
+ */
+ private SingleSignatureInfo parseSingleSignatureInfo(Element sigInfoElem)
+ throws MOAApplicationException {
+
+ List dataObjectInfos = parseDataObjectInfos(sigInfoElem);
+ CreateSignatureInfo createSignatureInfo =
+ parseCreateSignatureInfo(sigInfoElem);
+ boolean securityLayerConform;
+
+ if (sigInfoElem.hasAttribute(SL_CONFORM_ATTR_NAME)) {
+ securityLayerConform =
+ BoolUtils.valueOf(sigInfoElem.getAttribute(SL_CONFORM_ATTR_NAME));
+ } else {
+ securityLayerConform = true;
+ }
+
+ return factory.createSingleSignatureInfo(
+ dataObjectInfos,
+ createSignatureInfo,
+ securityLayerConform);
+ }
+
+ /**
+ * Parse the <code>DataObjectInfo</code> DOM elements contained in the given
+ * <code>SingleSignatureInfo</code> DOM element.
+ *
+ * @param sigInfoElem The <code>SingleSignatureInfo</code> DOM element
+ * whose <code>DataObjectInfo</code>s to parse.
+ * @return A <code>List</code> of <code>DataObjectInfo</code> API objects
+ * containing the data from the <code>DataObjectInfo</code> DOM elements.
+ * @throws MOAApplicationException An error occurred parsing one of the
+ * <code>DataObjectInfo</code>s.
+ */
+ private List parseDataObjectInfos(Element sigInfoElem)
+ throws MOAApplicationException {
+
+ List dataObjectInfos = new ArrayList();
+ NodeIterator dataObjInfoElems =
+ XPathUtils.selectNodeIterator(sigInfoElem, DATA_OBJECT_INFO_XPATH);
+ Element dataObjInfoElem;
+
+ while ((dataObjInfoElem = (Element) dataObjInfoElems.nextNode()) != null) {
+ dataObjectInfos.add(parseDataObjectInfo(dataObjInfoElem));
+ }
+ return dataObjectInfos;
+ }
+
+ /**
+ * Parse a <code>DataObjectInfo</code> DOM element.
+ *
+ * @param dataObjInfoElem The <code>DataObjectInfo</code> DOM element to
+ * parse.
+ * @return A <code>DataObjectInfo</code> API element containing the data
+ * from <code>dataObjInfoElem</code>.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>DataObjectInfo</code>.
+ */
+ private DataObjectInfo parseDataObjectInfo(Element dataObjInfoElem)
+ throws MOAApplicationException {
+
+ String structure = dataObjInfoElem.getAttribute("Structure");
+ Element dataObjectElem =
+ (Element) XPathUtils.selectSingleNode(dataObjInfoElem, DATA_OBJECT_XPATH);
+ Content dataObject = RequestParserUtils.parseContent(dataObjectElem);
+ CreateTransformsInfoProfile createTransformsInfoProfile =
+ parseCreateTransformsInfoProfile(dataObjInfoElem);
+ boolean childOfManifest;
+
+ if (dataObjInfoElem.hasAttribute("ChildOfManifest")) {
+ childOfManifest =
+ BoolUtils.valueOf(dataObjInfoElem.getAttribute("ChildOfManifest"));
+ } else {
+ childOfManifest = false;
+ }
+
+ return factory.createDataObjectInfo(
+ structure,
+ childOfManifest,
+ dataObject,
+ createTransformsInfoProfile);
+ }
+
+ /**
+ * Parse a <code>CreateTransformsInfoProfile</code> DOM element.
+ *
+ * @param dataObjInfoElem The <code>DataObjectInfo</code> DOM element
+ * containing the <code>CreateTransformsInfoProfile</code>.
+ * @return The <code>CreateTransformsInfoProfile</code> API object containing
+ * the profile found in <code>dataObjInfoElem</code>.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>CreateTransformsInfoProfile</code>.
+ */
+ private CreateTransformsInfoProfile parseCreateTransformsInfoProfile(Element dataObjInfoElem)
+ throws MOAApplicationException {
+
+ Element profileElem =
+ (Element) XPathUtils.selectSingleNode(
+ dataObjInfoElem,
+ CREATE_TRANSFORMS_INFO_PROFILE_XPATH);
+
+ if ("CreateTransformsInfoProfile".equals(profileElem.getLocalName())) {
+ ProfileParser profileParser = new ProfileParser();
+ return profileParser.parseCreateTransformsInfoProfile(profileElem);
+
+ } else {
+ String profileID = DOMUtils.getText(profileElem);
+ return factory.createCreateTransformsInfoProfile(profileID);
+ }
+ }
+
+ /**
+ * Parse the <code>CreateSignatureInfo</code> DOM element contained in
+ * a <code>SingleSignatureInfo</code>.
+ *
+ * @param sigInfoElem The <code>SingleSignatureInfo</code> DOM element
+ * containing the <code>CreateSignatureInfo</code> to be parsed.
+ * @return A <code>CreateSignatureInfo</code> API object containing the
+ * data from the <code>CreateSignatureInfo</code> DOM element, or
+ * <code>null</code>, if none was found.
+ */
+ private CreateSignatureInfo parseCreateSignatureInfo(Element sigInfoElem) {
+ Element createInfoElem =
+ (Element) XPathUtils.selectSingleNode(
+ sigInfoElem,
+ CREATE_SIGNATURE_INFO_XPATH);
+
+ if (createInfoElem != null) {
+ Element environmentElem =
+ (Element) XPathUtils.selectSingleNode(
+ createInfoElem,
+ CREATE_SIGNATURE_ENVIRONMENT_XPATH);
+ Content environment = RequestParserUtils.parseContent(environmentElem);
+ CreateSignatureEnvironmentProfile environmentProfile =
+ parseCreateSignatureEnvironmentProfile(createInfoElem);
+
+ return factory.createCreateSignatureInfo(environment, environmentProfile);
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * Parse the <code>CreateSignatureEnvironmentProfile</code> contained in
+ * the given <code>CreateSignatureInfo</code> DOM element.
+ *
+ * @param createInfoElem <code>CreateSignatureInfo</code> DOM element to
+ * parse.
+ * @return The <code>CreateSignatureEnvironmentProfile</code> contained
+ * in the given <code>CreateSignatureInfo</code> DOM element..
+ */
+ private CreateSignatureEnvironmentProfile parseCreateSignatureEnvironmentProfile(Element createInfoElem) {
+ Element profileElem =
+ (Element) XPathUtils.selectSingleNode(
+ createInfoElem,
+ CREATE_SIGNATURE_ENVIRONMENT_PROFILE_XPATH);
+
+ if ("CreateSignatureEnvironmentProfile"
+ .equals(profileElem.getLocalName())) {
+ ProfileParser profileParser = new ProfileParser();
+ return profileParser.parseCreateSignatureEnvironmentProfile(profileElem);
+ } else {
+ String profileID = DOMUtils.getText(profileElem);
+ return factory.createCreateSignatureEnvironmentProfile(profileID);
+ }
+ }
+
+} \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureResponseBuilder.java
new file mode 100644
index 0000000..0af1a67
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureResponseBuilder.java
@@ -0,0 +1,143 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.util.Iterator;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+import at.gv.egovernment.moa.util.Constants;
+
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.SignatureEnvironmentResponse;
+
+/**
+ * Convert a <code>CreateXMLSignatureResponse</code> API object into its
+ * XML representation, according to the MOA XML schema.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CreateXMLSignatureResponseBuilder {
+ private static final String MOA_NS_URI = Constants.MOA_NS_URI;
+
+ /** The XML document containing the response element. */
+ private Document responseDoc;
+ /** The response <code>CreateXMLSignatureResponse</code> DOM element. */
+ private Element responseElem;
+
+ /**
+ * Create a new <code>CreateXMLSignatureResponseBuilder</code>:
+ *
+ * @throws MOASystemException An error occurred setting up the resulting
+ * XML document.
+ */
+ public CreateXMLSignatureResponseBuilder() throws MOASystemException {
+ responseDoc =
+ ResponseBuilderUtils.createResponse("CreateXMLSignatureResponse");
+ responseElem = responseDoc.getDocumentElement();
+ }
+
+ /**
+ * Build a document containing a <code>CreateXMLSignatureResponse</code>
+ * DOM element being the XML representation of the given
+ * <code>CreateXMLSignatureResponse</code> API object.
+ *
+ * @param response The <code>CreateXMLSignatureResponse</code> to convert
+ * to XML.
+ * @return A document containing the <code>CreateXMLSignatureResponse</code>
+ * DOM element.
+ */
+ public Document build(CreateXMLSignatureResponse response) {
+ Iterator iter;
+
+ for (iter = response.getResponseElements().iterator(); iter.hasNext();) {
+ CreateXMLSignatureResponseElement responseElement =
+ (CreateXMLSignatureResponseElement) iter.next();
+
+ switch (responseElement.getResponseType()) {
+ case CreateXMLSignatureResponseElement.SIGNATURE_ENVIRONMENT_RESPONSE :
+ SignatureEnvironmentResponse envResponse =
+ (SignatureEnvironmentResponse) responseElement;
+ addSignatureEnvironment(envResponse);
+ break;
+
+ case CreateXMLSignatureResponseElement.ERROR_RESPONSE :
+ ErrorResponse errorResponse = (ErrorResponse) responseElement;
+ addErrorResponse(errorResponse);
+ break;
+ }
+
+ }
+
+ return responseDoc;
+ }
+
+ /**
+ * Add a <code>SignatureEnvironment</code> element to the response.
+ *
+ * @param envResponse The content to put under the
+ * <code>SignatureEnvironment</code> element. This should either be a
+ * <code>dsig:Signature</code> element (in case of a detached signature) or
+ * the signature environment containing the signature (in case of
+ * an enveloping signature).
+ */
+ private void addSignatureEnvironment(SignatureEnvironmentResponse envResponse) {
+ Element content = envResponse.getSignatureEnvironment();
+ Node importedSignature = responseDoc.importNode(content, true);
+ Element signatureEnvironment =
+ responseDoc.createElementNS(MOA_NS_URI, "SignatureEnvironment");
+ signatureEnvironment.appendChild(importedSignature);
+ responseElem.appendChild(signatureEnvironment);
+ }
+
+ /**
+ * Add a <code>ErrorResponse</code> element to the response.
+ *
+ * @param errorResponse The API object containing the information to put into
+ * the <code>ErrorResponse</code> DOM element.
+ */
+ private void addErrorResponse(ErrorResponse errorResponse) {
+ Element errorElem =
+ responseDoc.createElementNS(MOA_NS_URI, "ErrorResponse");
+ Element errorCodeElem =
+ responseDoc.createElementNS(MOA_NS_URI, "ErrorCode");
+ Element infoElem = responseDoc.createElementNS(MOA_NS_URI, "Info");
+ String errorCodeStr = Integer.toString(errorResponse.getErrorCode());
+
+ errorCodeElem.appendChild(responseDoc.createTextNode(errorCodeStr));
+ errorElem.appendChild(errorCodeElem);
+ infoElem.appendChild(responseDoc.createTextNode(errorResponse.getInfo()));
+ errorElem.appendChild(errorCodeElem);
+ errorElem.appendChild(infoElem);
+ responseElem.appendChild(errorElem);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ProfileParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ProfileParser.java
new file mode 100644
index 0000000..0705c0b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ProfileParser.java
@@ -0,0 +1,309 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.traversal.NodeIterator;
+
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameter;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfile;
+
+/**
+ * Parse the various profile elements contained in the MOA web service requests
+ * and given as separate files in the MOA configuration.
+ *
+ * The profiles parsed must be schema valid according to the MOA XML schema.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ProfileParser {
+
+ //
+ // XPath expressions to select parts of the profiles
+ //
+ private static final String MOA = Constants.MOA_PREFIX + ":";
+ private static final String DSIG = Constants.DSIG_PREFIX + ":";
+ private static final String CREATE_TRANSFORMS_XPATH =
+ MOA + "CreateTransformsInfo/" + DSIG + "Transforms";
+ private static final String FINAL_DATA_META_INFO_XPATH =
+ MOA + "CreateTransformsInfo/" + MOA + "FinalDataMetaInfo";
+ private static final String CREATE_SIGNATURE_LOCATION_XPATH =
+ MOA + "CreateSignatureLocation";
+ private static final String SUPPLEMENT_XPATH = MOA + "Supplement";
+ private static final String VERIFY_TRANSFORMS_XPATH = DSIG + "Transforms";
+ private static final String TRANSFORM_PARAMETER_XPATH =
+ MOA + "TransformParameter";
+ private static final String TRANSFORM_PARAMETER_CONTENT_XPATH =
+ MOA + "Base64Content | " + MOA + "Hash";
+ private static final String DIGEST_METHOD_XPATH = DSIG + "DigestMethod";
+ private static final String DIGEST_VALUE_XPATH = DSIG + "DigestValue";
+
+ /** The factory used to create API objects. */
+ private SPSSFactory factory = SPSSFactory.getInstance();
+
+ /**
+ * Parse a <code>CreateTransformsInfoProfile</code> DOM element.
+ *
+ * @param profileElem The <code>CreateTransformsInfoProfile</code> element
+ * to parse.
+ * @return The <code>CreateTransformsInfoProfile</code> API object containing
+ * the data from the <code>profileElem</code>.
+ * @throws MOAApplicationException An error occurred parsing the DOM element.
+ */
+ public CreateTransformsInfoProfile parseCreateTransformsInfoProfile(Element profileElem)
+ throws MOAApplicationException {
+ CreateTransformsInfo createTransformsInfo =
+ parseCreateTransformsInfo(profileElem);
+ List supplements = parseSupplements(profileElem);
+
+ return factory.createCreateTransformsInfoProfile(
+ createTransformsInfo,
+ supplements);
+ }
+
+ /**
+ * Parse the <code>CreateTransformsInfo</code> DOM element contained in a
+ * <code>CreateTransformsInfoProfile</code>.
+ *
+ * @param profileElem The <code>CreateTransformsInfoProfile</code> DOM
+ * element containing the <code>CreateTransformsInfo</code>.
+ * @return The <code>CreateTransformsInfo</code> API object containinig the
+ * data from the <code>CreateTransformsInfo</code> DOM element.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>CreateTransformsInfo</code> DOM element.
+ */
+ private CreateTransformsInfo parseCreateTransformsInfo(Element profileElem)
+ throws MOAApplicationException {
+
+ Element transformsElem =
+ (Element) XPathUtils.selectSingleNode(
+ profileElem,
+ CREATE_TRANSFORMS_XPATH);
+ Element metaInfoElem =
+ (Element) XPathUtils.selectSingleNode(
+ profileElem,
+ FINAL_DATA_META_INFO_XPATH);
+ MetaInfo finalDataMetaInfo;
+ List transforms;
+
+ // parse the dsig:Transforms
+ if (transformsElem != null) {
+ TransformParser transformsParser = new TransformParser();
+ transforms = transformsParser.parseTransforms(transformsElem);
+ } else {
+ transforms = null;
+ }
+
+ // parse the meta info
+ finalDataMetaInfo = RequestParserUtils.parseMetaInfo(metaInfoElem);
+
+ return factory.createCreateTransformsInfo(transforms, finalDataMetaInfo);
+ }
+
+ /**
+ * Parse a <code>CreateSignatureEnvironmentProfile</code> DOM element.
+ *
+ * @param profileElem The <code>CreateSignatureEnvironmentProfile</code>
+ * DOM element to parse.
+ * @return The <code>CreateSignatureEnvironmentProfile</code> API object
+ * containing the data from the <code>profileElem</code>.
+ */
+ public CreateSignatureEnvironmentProfile parseCreateSignatureEnvironmentProfile(Element profileElem) {
+ CreateSignatureLocation createSignatureLocation =
+ parseCreateSignatureLocation(profileElem);
+ List supplements = parseSupplements(profileElem);
+
+ return factory.createCreateSignatureEnvironmentProfile(
+ createSignatureLocation,
+ supplements);
+ }
+
+ /**
+ * Parse a <code>CreateSignatureLocation</code> DOM element contained in
+ * a <code>CreateSignatureEnvironmentProfile</code>.
+ *
+ * @param profileElem The <code>CreateSignatureEnvironmentProfile</code> DOM
+ * element containing the <code>CreateSignatureLocation</code>.
+ * @return The <code>CreateSignatureLocation</code> API object containing
+ * the data from the <code>CreateSignatureLocation</code> DOM element.
+ */
+ private CreateSignatureLocation parseCreateSignatureLocation(Element profileElem) {
+ Element locationElem =
+ (Element) XPathUtils.selectSingleNode(
+ profileElem,
+ CREATE_SIGNATURE_LOCATION_XPATH);
+ String xPathExpression = DOMUtils.getText(locationElem);
+ Map namespaceDeclarations = DOMUtils.getNamespaceDeclarations(locationElem);
+ String indexStr = locationElem.getAttribute("Index");
+ int index = Integer.parseInt(indexStr);
+
+ return factory.createCreateSignatureLocation(
+ xPathExpression,
+ index,
+ namespaceDeclarations);
+ }
+
+ /**
+ * Parse all <code>Supplement</code> DOM elements contained in a given
+ * parent DOM element.
+ *
+ * @param supplementsParentElem The DOM element being the parent of the
+ * <code>Supplement</code>s.
+ * @return A <code>List</code> of <code>Supplement</code> API objects
+ * containing the data from the <code>Supplement</code> DOM elements.
+ */
+ private List parseSupplements(Element supplementsParentElem) {
+ List supplements = new ArrayList();
+ NodeIterator supplementElems =
+ XPathUtils.selectNodeIterator(supplementsParentElem, SUPPLEMENT_XPATH);
+ Element supplementElem;
+
+ while ((supplementElem = (Element) supplementElems.nextNode()) != null) {
+ XMLDataObjectAssociation supplement =
+ RequestParserUtils.parseXMLDataObjectAssociation(supplementElem);
+ supplements.add(supplement);
+ }
+ return supplements;
+ }
+
+ /**
+ * Parse a <code>SupplementProfile</code> DOM element.
+ *
+ * @param profileElem The <code>SupplementProfile</code> DOM element to parse.
+ * @return The <code>SupplementProfile</code> API object containing the
+ * data from the <code>SupplementProfile</code> DOM element.
+ */
+ public SupplementProfile parseSupplementProfile(Element profileElem) {
+ XMLDataObjectAssociation supplementProfile =
+ RequestParserUtils.parseXMLDataObjectAssociation(profileElem);
+
+ return factory.createSupplementProfile(supplementProfile);
+ }
+
+ /**
+ * Parse a <code>VerifyTransformsInfoProfile</code> DOM element.
+ *
+ * @param profileElem The <code>VerifyTransformsInfoProfile</code> DOM
+ * element to parse.
+ * @return A <code>VerifyTransformsInfoProfile</code> API object containing
+ * the information from the <code>VerifyTransformsInfoProfile</code> DOM
+ * element.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>VerifyTransformsInfoProfile</code>.
+ */
+ public VerifyTransformsInfoProfile parseVerifyTransformsInfoProfile(Element profileElem)
+ throws MOAApplicationException {
+ Element transformsElem =
+ (Element) XPathUtils.selectSingleNode(
+ profileElem,
+ VERIFY_TRANSFORMS_XPATH);
+ List transforms = null;
+ NodeIterator paramElems =
+ XPathUtils.selectNodeIterator(profileElem, TRANSFORM_PARAMETER_XPATH);
+ Element paramElem;
+ List transformParameters = new ArrayList();
+
+ // parse the dsig:Transforms
+ if (transformsElem != null) {
+ TransformParser transformsParser = new TransformParser();
+ transforms = transformsParser.parseTransforms(transformsElem);
+ }
+
+ // parse the TransformParameter elements
+ while ((paramElem = (Element) paramElems.nextNode()) != null) {
+ transformParameters.add(parseTransformParameter(paramElem));
+ }
+
+ return factory.createVerifyTransformsInfoProfile(
+ transforms,
+ transformParameters);
+ }
+
+ /**
+ * Parse a <code>TransformParameter</code> DOM element.
+ *
+ * @param paramElem The <code>TransformParameter</code> DOM element to
+ * parse.
+ * @return The <code>TransformParameter</code> API object containing the
+ * information from the <code>TransformParameter</code> DOM element.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>TransformParameter</code> DOM element.
+ */
+ private TransformParameter parseTransformParameter(Element paramElem)
+ throws MOAApplicationException {
+ String uri = paramElem.getAttribute("URI");
+ Element contentElem =
+ (Element) XPathUtils.selectSingleNode(
+ paramElem,
+ TRANSFORM_PARAMETER_CONTENT_XPATH);
+
+ if (contentElem == null) {
+ return factory.createTransformParameter(uri);
+ } else if ("Base64Content".equals(contentElem.getLocalName())) {
+ String base64Str = DOMUtils.getText(contentElem);
+ InputStream binaryContent = Base64Utils.decodeToStream(base64Str, true);
+
+ return factory.createTransformParameter(uri, binaryContent);
+ } else { // "Hash".equals(contentElem.getLocalName())
+ String digestMethodStr =
+ XPathUtils.getElementValue(contentElem, DIGEST_METHOD_XPATH, "");
+ String digestValueStr =
+ XPathUtils.getElementValue(contentElem, DIGEST_VALUE_XPATH, "");
+ byte[] digestValue = null;
+
+ try {
+ digestValue = Base64Utils.decode(digestValueStr, true);
+ } catch (IOException e) {
+ throw new MOAApplicationException("2270", null);
+ }
+ return factory.createTransformParameter(
+ uri,
+ digestMethodStr,
+ digestValue);
+ }
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/RequestParserUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/RequestParserUtils.java
new file mode 100644
index 0000000..743a17c
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/RequestParserUtils.java
@@ -0,0 +1,181 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.text.ParseException;
+import java.util.Date;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.DateTimeUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+
+/**
+ * Utility methods for parsing XML requests definied in the MOA XML schema.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class RequestParserUtils {
+ //
+ // XPath expressions for parsing parts of a request
+ //
+ private static final String MOA = Constants.MOA_PREFIX + ":";
+ private static final String REFERENCE_ATTR_NAME = "Reference";
+ private static final String MIME_TYPE_XPATH = MOA + "MimeType";
+ private static final String DESCRIPTION_XPATH = MOA + "Description";
+ private static final String TYPE_XPATH = MOA + "Type";
+ private static final String XML_ASSOC_CONTENT_XPATH = MOA + "Content";
+ private static final String CONTENT_XPATH =
+ MOA + "Base64Content | " + MOA + "XMLContent |" + MOA + "LocRefContent";
+ private static final String ANY_OTHER_XPATH =
+ "*[namespace-uri() != \"" + Constants.MOA_NS_URI + "\"]";
+
+ /**
+ * Parse a <code>XMLDataObjectAssociationType</code> kind of DOM element.
+ *
+ * @param assocElem The <code>XMLDataObjectAssociationType</code> kind of
+ * DOM elmeent to parse.
+ * @return The <code>XMLDataObjectAssociation</code> API object containing
+ * the data from the <code>XMLDataObjectAssociationType</code> DOM element.
+ */
+ public static XMLDataObjectAssociation parseXMLDataObjectAssociation(Element assocElem) {
+ SPSSFactory factory = SPSSFactory.getInstance();
+ MetaInfo metaInfo = parseMetaInfo(assocElem);
+ Element contentElem =
+ (Element) XPathUtils.selectSingleNode(assocElem, XML_ASSOC_CONTENT_XPATH);
+ Content content = parseContent(contentElem);
+
+ return factory.createXMLDataObjectAssociation(metaInfo, content);
+ }
+
+ /**
+ * Parse a <code>MetaInfoType</code> kind of DOM element.
+ *
+ * @param metaInfoElem The <code>MetaInfoType</code> kind of DOM element.
+ * @return The <code>MetaInfo</code> API object containing the data from
+ * the <code>metaInfoElem</code>.
+ */
+ public static MetaInfo parseMetaInfo(Element metaInfoElem) {
+ SPSSFactory factory = SPSSFactory.getInstance();
+ String mimeType =
+ XPathUtils.getElementValue(metaInfoElem, MIME_TYPE_XPATH, null);
+ String description =
+ XPathUtils.getElementValue(metaInfoElem, DESCRIPTION_XPATH, null);
+ NodeList anyOther =
+ XPathUtils.selectNodeList(metaInfoElem, ANY_OTHER_XPATH);
+ String type =
+ XPathUtils.getElementValue(metaInfoElem, TYPE_XPATH, null);
+
+ return factory.createMetaInfo(mimeType, description, anyOther, type);
+ }
+
+ /**
+ * Parse a <code>ContentOptionalRefType</code> or
+ * <code>ContentRequiredRefType</code> kind of DOM element.
+ * @param contentParentElem The DOM element being the parent of the
+ * content element.
+ * @return The <code>Content</code> API object containing the data from
+ * the given DOM element.
+ */
+ public static Content parseContent(Element contentParentElem) {
+ SPSSFactory factory = SPSSFactory.getInstance();
+ String referenceURI =
+ contentParentElem.hasAttribute(REFERENCE_ATTR_NAME)
+ ? contentParentElem.getAttribute(REFERENCE_ATTR_NAME)
+ : null;
+ Element contentElem =
+ (Element) XPathUtils.selectSingleNode(contentParentElem, CONTENT_XPATH);
+
+ if (contentElem == null) {
+ return factory.createContent(referenceURI);
+ }
+
+ if ("Base64Content".equals(contentElem.getLocalName())) {
+ String base64String = DOMUtils.getText(contentElem);
+ return factory.createContent(
+ Base64Utils.decodeToStream(base64String, true),
+ referenceURI);
+ } else if ("LocRefContent".equals(contentElem.getLocalName())) {
+ String locationReferenceURI = DOMUtils.getText(contentElem);
+ return factory.createContent(
+ locationReferenceURI,
+ referenceURI);
+ } else { // "XMLContent".equals(contentElem.getLocalName())
+ return factory.createContent(
+ contentElem.getChildNodes(),
+ referenceURI);
+ }
+ }
+
+ /**
+ * Get the signing time from a Verfiy(CMS|XML)SignatureRequest.
+ *
+ * @param requestElem A <code>Verify(CMS|XML)SignatureRequest</code> DOM
+ * element.
+ * @param dateTimeXPath The XPath to lookup the <code>DateTime</code> element
+ * within the request.
+ * @return Date The date and time corresponding to the <code>DateTime</code>
+ * element in the request. If no <code>DateTime</code> element exists in the
+ * request, <code>null</code> is returned.
+ * @throws MOAApplicationException An error occurred during a parsing the
+ * <code>DateTime</code> element or creating the return value.
+ */
+ public static Date parseDateTime(Element requestElem, String dateTimeXPath)
+ throws MOAApplicationException {
+
+ Element dateTimeElem;
+ String dateTimeText;
+
+ // select the DateTime element
+ dateTimeElem =
+ (Element) XPathUtils.selectSingleNode(requestElem, dateTimeXPath);
+
+ // parse a date from the element value
+ if (dateTimeElem != null) {
+ dateTimeText = DOMUtils.getText(dateTimeElem);
+ try {
+ return DateTimeUtils.parseDateTime(dateTimeText);
+ } catch (ParseException e) {
+ throw new MOAApplicationException(
+ "1104",
+ new Object[] { dateTimeText });
+ }
+ } else {
+ return null;
+ }
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
new file mode 100644
index 0000000..b5ec20f
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
@@ -0,0 +1,289 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.io.IOException;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.w3c.dom.DOMImplementation;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.Constants;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+
+/**
+ * Utility methods used by the verious <code>ResponseBuilder</code> classes.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ResponseBuilderUtils {
+ //
+ // shortcuts to various XML namespace constants
+ //
+ private static final String MOA_NS_URI = Constants.MOA_NS_URI;
+ private static final String DSIG = Constants.DSIG_PREFIX + ":";
+ private static final String DSIG_NS_URI = Constants.DSIG_NS_URI;
+ private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI;
+
+ /**
+ * Create a response element with all the namespaces set.
+ *
+ * @param responseName The name of the response root element.
+ * @return A DOM document containing the response root element and predefined
+ * MOA, DSIG and XML namespace declarations.
+ * @throws MOASystemException An error building the response document.
+ */
+ public static Document createResponse(String responseName)
+ throws MOASystemException {
+
+ try {
+ DocumentBuilder docBuilder =
+ DocumentBuilderFactory.newInstance().newDocumentBuilder();
+ DOMImplementation impl = docBuilder.getDOMImplementation();
+ Document response;
+ Element root;
+ String attrValue;
+
+ response = impl.createDocument(MOA_NS_URI, responseName, null);
+ root = response.getDocumentElement();
+
+ // add namespace prefix declarations
+ root.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI);
+ attrValue = "xmlns:" + Constants.DSIG_PREFIX;
+ root.setAttributeNS(XMLNS_NS_URI, attrValue, DSIG_NS_URI);
+
+ return response;
+ } catch (ParserConfigurationException e) {
+ throw new MOASystemException("2200", null, e);
+ }
+ }
+
+ /**
+ * Add a <code>SignerInfo</code> element to the response.
+ *
+ * @param response The response document, in order to create new elements in
+ * it.
+ * @param root The root element into which the <code>SignerInfo</code> element
+ * will be inserted.
+ * @param cert The signer certificate to add.
+ * @param isQualified Indicates, whether <code>cert</code> is a qualified
+ * certificate.
+ * @param isPublicAuthority Indicates, whether <code>cert</code> is
+ * certificate owned by a public authority.
+ * @param publicAuthorityID Information about the public authority owning
+ * <code>cert</code>. Must not be <code>null</code>, if
+ * <code>isPublicAuthority ! = null</code>.
+ * @throws MOAApplicationException An error occurred reading data from the
+ * certificate.
+ */
+ public static void addSignerInfo(
+ Document response,
+ Element root,
+ X509Certificate cert,
+ boolean isQualified,
+ String qcSource,
+ boolean isPublicAuthority,
+ String publicAuthorityID,
+ boolean isSSCD,
+ String sscdSource,
+ String issuerCountryCode)
+ throws MOAApplicationException {
+
+ Element signerInfoElem = response.createElementNS(MOA_NS_URI, "SignerInfo");
+ Element x509DataElem =
+ response.createElementNS(DSIG_NS_URI, DSIG + "X509Data");
+ Element x509IssuerSerialElem =
+ response.createElementNS(DSIG_NS_URI, DSIG + "X509IssuerSerial");
+ Element x509IssuerElem =
+ response.createElementNS(DSIG_NS_URI, DSIG + "X509IssuerName");
+ String issuer = cert.getIssuerDN().getName();
+ Element x509SerialNumberElem =
+ response.createElementNS(DSIG_NS_URI, DSIG + "X509SerialNumber");
+ String serialNumber = cert.getSerialNumber().toString();
+ Element x509SubjectNameElem =
+ response.createElementNS(DSIG_NS_URI, DSIG + "X509SubjectName");
+ Element x509CertificateElem =
+ response.createElementNS(DSIG_NS_URI, DSIG + "X509Certificate");
+ Element qualifiedCertificateElem =
+ isQualified
+ ? response.createElementNS(MOA_NS_URI, "QualifiedCertificate")
+ : null;
+ Element sscdElem =
+ isSSCD
+ ? response.createElementNS(MOA_NS_URI, "SecureSignatureCreationDevice")
+ : null;
+ Element issuerCountryCodeElem = null;
+ if (issuerCountryCode != null) {
+ issuerCountryCodeElem = response.createElementNS(MOA_NS_URI, "IssuerCountryCode");
+ issuerCountryCodeElem.setTextContent(issuerCountryCode);
+ }
+
+ Element publicAuthorityElem =
+ isPublicAuthority
+ ? response.createElementNS(MOA_NS_URI, "PublicAuthority")
+ : null;
+ Element codeElem =
+ publicAuthorityID != null
+ ? response.createElementNS(MOA_NS_URI, "Code")
+ : null;
+
+ // fill in text
+ x509IssuerElem.appendChild(response.createTextNode(issuer));
+ x509SerialNumberElem.appendChild(response.createTextNode(serialNumber));
+ try {
+ RFC2253NameParser parser =
+ new RFC2253NameParser(cert.getSubjectDN().getName());
+ String subjectRfc2253 = parser.parse().getRFC2253String();
+ x509SubjectNameElem.appendChild(response.createTextNode(subjectRfc2253));
+ } catch (RFC2253NameParserException e) {
+ x509SubjectNameElem.appendChild(
+ response.createTextNode(cert.getSubjectDN().getName()));
+ }
+ try {
+ x509CertificateElem.appendChild(
+ response.createTextNode(Base64Utils.encode(cert.getEncoded())));
+ } catch (CertificateEncodingException e) {
+ throw new MOAApplicationException("2245", null, e);
+ } catch (IOException e) {
+ throw new MOAApplicationException("2245", null, e);
+ }
+
+ // build structure
+ x509DataElem.appendChild(x509SubjectNameElem);
+ x509IssuerSerialElem.appendChild(x509IssuerElem);
+ x509IssuerSerialElem.appendChild(x509SerialNumberElem);
+ x509DataElem.appendChild(x509IssuerSerialElem);
+ x509DataElem.appendChild(x509CertificateElem);
+ if (isQualified) {
+ if (qcSource.compareToIgnoreCase("TSL") == 0)
+ qualifiedCertificateElem.setAttributeNS(MOA_NS_URI, "Source", qcSource);
+
+ x509DataElem.appendChild(qualifiedCertificateElem);
+ }
+ if (isPublicAuthority) {
+ x509DataElem.appendChild(publicAuthorityElem);
+ if (publicAuthorityID != null) {
+ codeElem.appendChild(response.createTextNode(publicAuthorityID));
+ publicAuthorityElem.appendChild(codeElem);
+ }
+ }
+ if (isSSCD) {
+ sscdElem.setAttributeNS(MOA_NS_URI, "Source", sscdSource);
+ x509DataElem.appendChild(sscdElem);
+ }
+ if (issuerCountryCodeElem != null)
+ x509DataElem.appendChild(issuerCountryCodeElem);
+
+ signerInfoElem.appendChild(x509DataElem);
+ root.appendChild(signerInfoElem);
+ }
+
+ /**
+ * Add an element containing <code>Code</code> and <code>Info</code>
+ * subelements.
+ *
+ * @param response The response document, in order to create new elements in
+ * it.
+ * @param root The root element into which to insert the newly created
+ * element.
+ * @param elementName The name of the newly created element.
+ * @param code The content of the <code>Code</code> subelement.
+ * @param info The content of the <code>Info</code> subelement.
+ */
+ public static void addCodeInfoElement(
+ Document response,
+ Element root,
+ String elementName,
+ int code,
+ NodeList info) {
+
+ Element codeInfoElem = response.createElementNS(MOA_NS_URI, elementName);
+ Element codeElem = response.createElementNS(MOA_NS_URI, "Code");
+ Element infoElem;
+ int i;
+
+ codeElem.appendChild(response.createTextNode(Integer.toString(code)));
+ codeInfoElem.appendChild(codeElem);
+ if (info != null) {
+ infoElem = response.createElementNS(MOA_NS_URI, "Info");
+
+ for (i = 0; i < info.getLength(); i++) {
+ infoElem.appendChild(info.item(i).cloneNode(true));
+ }
+ codeInfoElem.appendChild(infoElem);
+ }
+ root.appendChild(codeInfoElem);
+ }
+
+ /**
+ * Add an element containing <code>Code</code> and <code>Info</code>
+ * subelements.
+ *
+ * @param response The response document, in order to create new elements in
+ * it.
+ * @param root The root element into which to insert the newly created
+ * element.
+ * @param elementName The name of the newly created element.
+ * @param code The content of the <code>Code</code> subelement.
+ * @param info The content of the <code>Info</code> subelement.
+ */
+ public static void addCodeInfoElement(
+ Document response,
+ Element root,
+ String elementName,
+ int code,
+ String info) {
+
+ Element codeInfoElem = response.createElementNS(MOA_NS_URI, elementName);
+ Element codeElem = response.createElementNS(MOA_NS_URI, "Code");
+ Element infoElem;
+ int i;
+
+ codeElem.appendChild(response.createTextNode(Integer.toString(code)));
+ codeInfoElem.appendChild(codeElem);
+
+ if (info != null) {
+ infoElem = response.createElementNS(MOA_NS_URI, "Info");
+ infoElem.appendChild(response.createTextNode(info));
+ codeInfoElem.appendChild(infoElem);
+ }
+ root.appendChild(codeInfoElem);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/TransformParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/TransformParser.java
new file mode 100644
index 0000000..687b0ae
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/TransformParser.java
@@ -0,0 +1,270 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.StringTokenizer;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.traversal.NodeIterator;
+
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.common.Base64Transform;
+import at.gv.egovernment.moa.spss.api.common.CanonicalizationTransform;
+import at.gv.egovernment.moa.spss.api.common.EnvelopedSignatureTransform;
+import at.gv.egovernment.moa.spss.api.common.ExclusiveCanonicalizationTransform;
+import at.gv.egovernment.moa.spss.api.common.Transform;
+import at.gv.egovernment.moa.spss.api.common.XPathFilter;
+import at.gv.egovernment.moa.spss.api.common.XPathFilter2Transform;
+import at.gv.egovernment.moa.spss.api.common.XPathTransform;
+import at.gv.egovernment.moa.spss.api.common.XSLTTransform;
+
+/**
+ * A parser to parse XMLDsig <code>Transform</code> DOM elements into their
+ * MOA SPSS API representation.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class TransformParser {
+ //
+ // XPath expressions for selecting information from the DOM tree
+ //
+ private static final String DSIG = Constants.DSIG_PREFIX + ":";
+ private static final String DSIG_FILTER2 =
+ Constants.DSIG_FILTER2_PREFIX + ":";
+ private static final String XSLT = Constants.XSLT_PREFIX + ":";
+ private static final String EC = Constants.DSIG_EC_PREFIX + ":";
+ private static final String TRANSFORM_XPATH = DSIG + "Transform";
+ private static final String XPATH_XPATH = DSIG + "XPath";
+ private static final String XSLT_ELEMENT_XPATH = XSLT + "stylesheet";
+ private static final String XPATH2_XPATH =
+ (DSIG_FILTER2 + "XPath[@Filter=\"intersect\"] | ")
+ + (DSIG_FILTER2 + "XPath[@Filter=\"subtract\"] | ")
+ + (DSIG_FILTER2 + "XPath[@Filter=\"union\"]");
+ private static final String INCLUSIVE_NAMESPACES_XPATH =
+ EC + "InclusiveNamespaces";
+
+ /**
+ * The <code>SPSSFactory</code> to use for creating new API objects.
+ */
+ private SPSSFactory factory = SPSSFactory.getInstance();
+
+ /**
+ * Parse an XMLDsig <code>Transforms</code> DOM element.
+ *
+ * @param transformsElem The <code>Transforms</code> DOM element to parse.
+ * @return A <code>List</code> of <code>Transform</code> API objects
+ * containing the data from the individual <code>Transform</code> DOM
+ * elements.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>Transforms</code> DOM element.
+ */
+ public List parseTransforms(Element transformsElem)
+ throws MOAApplicationException {
+ List transforms = new ArrayList();
+ NodeIterator transformElems =
+ XPathUtils.selectNodeIterator(transformsElem, TRANSFORM_XPATH);
+ Element transformElem;
+ Transform transform;
+
+ while ((transformElem = (Element) transformElems.nextNode()) != null) {
+ transform = parseTransform(transformElem);
+ transforms.add(transform);
+ }
+
+ return transforms;
+ }
+
+ /**
+ * Parse an XMLDsig <code>Transform</code> DOM element.
+ *
+ * @param transformElem <code>Transform</code> DOM element to parse.
+ * @return The <code>Transform</code> API object containing the data
+ * from the <code>Transform</code> DOM element.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>Transform</code> DOM element.
+ */
+ public Transform parseTransform(Element transformElem)
+ throws MOAApplicationException {
+
+ String algorithmUri = transformElem.getAttribute("Algorithm");
+
+ if (CanonicalizationTransform.CANONICAL_XML.equals(algorithmUri)
+ || CanonicalizationTransform.CANONICAL_XML_WITH_COMMENTS.equals(
+ algorithmUri)) {
+ return factory.createCanonicalizationTransform(algorithmUri);
+ } else if (
+ ExclusiveCanonicalizationTransform.EXCLUSIVE_CANONICAL_XML.equals(
+ algorithmUri)
+ || ExclusiveCanonicalizationTransform
+ .EXCLUSIVE_CANONICAL_XML_WITH_COMMENTS
+ .equals(
+ algorithmUri)) {
+ return parseExclusiveC14nTransform(algorithmUri, transformElem);
+ } else if (Base64Transform.BASE64_DECODING.equals(algorithmUri)) {
+ return factory.createBase64Transform();
+ } else if (
+ EnvelopedSignatureTransform.ENVELOPED_SIGNATURE.equals(algorithmUri)) {
+ return factory.createEnvelopedSignatureTransform();
+ } else if (XPathTransform.XPATH.equals(algorithmUri)) {
+ return parseXPathTransform(transformElem);
+ } else if (XPathFilter2Transform.XPATH_FILTER2.equals(algorithmUri)) {
+ return parseXPathFilter2Transform(transformElem);
+ } else if (XSLTTransform.XSLT.equals(algorithmUri)) {
+ return parseXSLTTransform(transformElem);
+ } else {
+ throw new MOAApplicationException("1108", new Object[] { algorithmUri });
+ }
+ }
+
+ /**
+ * Parse an exclusive canonicalization type of transform.
+ *
+ * @param algorithmUri The algorithm URI of the canonicalization algorithm.
+ * @param transformElem The <code>Transform</code> DOM element to parse.
+ * @return An <code>ExclusiveCanonicalizationTransform</code> API object
+ * containing the data from the <code>transformElem</code>.
+ */
+ private Transform parseExclusiveC14nTransform(
+ String algorithmUri,
+ Element transformElem)
+ {
+
+ Element inclusiveNamespacesElem =
+ (Element) XPathUtils.selectSingleNode(
+ transformElem,
+ INCLUSIVE_NAMESPACES_XPATH);
+
+ List inclusiveNamespaces = new ArrayList();
+ if (inclusiveNamespacesElem != null)
+ {
+ StringTokenizer tokenizer = new StringTokenizer(inclusiveNamespacesElem.getAttribute("PrefixList"));
+ while (tokenizer.hasMoreTokens())
+ {
+ inclusiveNamespaces.add(tokenizer.nextToken());
+ }
+ }
+ return factory.createExclusiveCanonicalizationTransform(
+ algorithmUri,
+ inclusiveNamespaces);
+ }
+
+ /**
+ * Parse an <code>XPath</code> type of <code>Transform</code>.
+ *
+ * @param transformElem The <code>Transform</code> DOM element to parse.
+ * @return The <code>Transform</code> API object representation of the
+ * <code>Transform</code> DOM element.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>Transform</code> DOM element.
+ */
+ private Transform parseXPathTransform(Element transformElem)
+ throws MOAApplicationException {
+ Element xPathElem =
+ (Element) XPathUtils.selectSingleNode(transformElem, XPATH_XPATH);
+ Map nsDecls;
+
+ if (xPathElem == null) {
+ throw new MOAApplicationException("2202", null);
+ }
+
+ nsDecls = DOMUtils.getNamespaceDeclarations(xPathElem);
+ nsDecls.remove("");
+
+ return factory.createXPathTransform(DOMUtils.getText(xPathElem), nsDecls);
+ }
+
+ /**
+ * Parse an <code>XPathFilter2</code> type of <code>Transform</code>.
+ *
+ * @param transformElem The <code>Transform</code> DOM element to parse.
+ * @return The <code>Transform</code> API object representation of the
+ * <code>Transform</code> DOM element.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>Transform</code> DOM element.
+ */
+ private Transform parseXPathFilter2Transform(Element transformElem)
+ throws MOAApplicationException {
+ List filters = new ArrayList();
+ NodeIterator iter =
+ XPathUtils.selectNodeIterator(transformElem, XPATH2_XPATH);
+ Element filterElem;
+
+ while ((filterElem = (Element) iter.nextNode()) != null) {
+ String filterAttr = filterElem.getAttribute("Filter");
+ String filterType;
+ String expression;
+ Map nsDecls;
+
+ if (filterAttr.equals("intersect")) {
+ filterType = XPathFilter.INTERSECT_TYPE;
+ } else if (filterAttr.equals("subtract")) {
+ filterType = XPathFilter.SUBTRACT_TYPE;
+ } else {
+ filterType = XPathFilter.UNION_TYPE;
+ }
+
+ expression = DOMUtils.getText(filterElem);
+ nsDecls = DOMUtils.getNamespaceDeclarations(filterElem);
+ nsDecls.remove("");
+ filters.add(factory.createXPathFilter(filterType, expression, nsDecls));
+ }
+ if (filters.size() == 0) {
+ throw new MOAApplicationException("2216", null);
+ }
+
+ return factory.createXPathFilter2Transform(filters);
+ }
+
+ /**
+ * Parse an <code>XSLT</code> type of <code>Transform</code>.
+ *
+ * @param transformElem The <code>Transform</code> DOM element to parse.
+ * @return The <code>Transform</code> API object representation of the
+ * <code>Transform</code> DOM element.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>Transform</code> DOM element.
+ */
+ private Transform parseXSLTTransform(Element transformElem)
+ throws MOAApplicationException {
+ Element xsltElem =
+ (Element) XPathUtils.selectSingleNode(transformElem, XSLT_ELEMENT_XPATH);
+
+ if (xsltElem == null) {
+ throw new MOAApplicationException("2215", null);
+ }
+
+ return factory.createXSLTTransform(xsltElem);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java
new file mode 100644
index 0000000..6b3f430
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java
@@ -0,0 +1,210 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.io.InputStream;
+import java.math.BigDecimal;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.StringTokenizer;
+
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.CollectionUtils;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+
+/**
+ * A parser to parse <code>VerifyCMSSignatureRequest</code> DOM trees into
+ * <code>VerifyCMSSignatureRequest</code> API objects.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class VerifyCMSSignatureRequestParser {
+
+ //
+ // XPath expressions for selecting parts of the DOM message
+ //
+ private static final String MOA = Constants.MOA_PREFIX + ":";
+ private static final String DATE_TIME_XPATH = MOA + "DateTime";
+ private static final String CMS_SIGNATURE_XPATH = MOA + "CMSSignature";
+ private static final String TRUST_PROFILE_ID_XPATH = MOA + "TrustProfileID";
+ private static final String DATA_OBJECT_XPATH = MOA + "DataObject";
+ private static final String META_INFO_XPATH = MOA + "MetaInfo";
+ private static final String CONTENT_XPATH = MOA + "Content";
+ private static final String BASE64_CONTENT_XPATH = MOA + "Base64Content";
+ private static final String EXCLUDEBYTERANGE_FROM_XPATH = MOA + "ExcludedByteRange/" + MOA + "From";
+ private static final String EXCLUDEBYTERANGE_TO_XPATH = MOA + "ExcludedByteRange/" + MOA + "To";
+
+
+ /** The <code>SPSSFactory</code> for creating new API objects. */
+ private SPSSFactory factory = SPSSFactory.getInstance();
+
+ /**
+ * Parse a <code>VerifyCMSSignatureRequest</code> DOM element, as defined
+ * by the MOA schema.
+ *
+ * @param requestElem The <code>VerifyCMSSignatureRequest</code> to parse. The
+ * request must have been successfully parsed against the schema for this
+ * method to succeed.
+ * @return A <code>VerifyCMSSignatureRequest</code> API objects containing
+ * the data from the DOM element.
+ * @throws MOAApplicationException An error occurred parsing the request.
+ */
+ public VerifyCMSSignatureRequest parse(Element requestElem)
+ throws MOAApplicationException {
+
+ int[] signatories = parseSignatories(requestElem);
+ Date dateTime =
+ RequestParserUtils.parseDateTime(requestElem, DATE_TIME_XPATH);
+ String cmsSignatureStr =
+ XPathUtils.getElementValue(requestElem, CMS_SIGNATURE_XPATH, "");
+ CMSDataObject dataObject = parseDataObject(requestElem);
+ String trustProfileID =
+ XPathUtils.getElementValue(requestElem, TRUST_PROFILE_ID_XPATH, null);
+ InputStream cmsSignature =
+ Base64Utils.decodeToStream(cmsSignatureStr, true);
+
+ return factory.createVerifyCMSSignatureRequest(
+ signatories,
+ dateTime,
+ cmsSignature,
+ dataObject,
+ trustProfileID);
+ }
+
+ /**
+ * Parse the <code>Signatories</code> attribute contained in the
+ * <code>VerifyCMSSignatureRequest</code> DOM element.
+ *
+ * @param requestElem The <code>VerifyCMSSignatureRequest</code> DOM element.
+ * @return The signatories contained in the given
+ * <code>VerifyCMSSignatureRequest</code> DOM element.
+ */
+ private int[] parseSignatories(Element requestElem) {
+ String signatoriesStr = requestElem.getAttribute("Signatories");
+
+ if ("all".equals(signatoriesStr)) {
+ return VerifyCMSSignatureRequest.ALL_SIGNATORIES;
+ } else {
+ StringTokenizer tokenizer = new StringTokenizer(signatoriesStr);
+ List signatoriesList = new ArrayList();
+ int[] signatories;
+
+ // put the signatories into a List
+ while (tokenizer.hasMoreTokens()) {
+ try {
+ signatoriesList.add(new Integer(tokenizer.nextToken()));
+ } catch (NumberFormatException e) {
+ // this cannot occur if the request has been validated
+ }
+ }
+
+ // convert the List into an int array
+ signatories = CollectionUtils.toIntArray(signatoriesList);
+
+ return signatories;
+ }
+ }
+
+ /**
+ * Parse a the <code>DataObject</code> DOM element contained in a given
+ * <code>VerifyCMSSignatureRequest</code> DOM element.
+ *
+ * @param requestElem The <code>VerifyCMSSignatureRequest</code> DOM element
+ * to parse.
+ * @return The <code>CMSDataObject</code> API object containing the data
+ * from the <code>DataObject</code> DOM element.
+ */
+ private CMSDataObject parseDataObject(Element requestElem) {
+ Element dataObjectElem =
+ (Element) XPathUtils.selectSingleNode(requestElem, DATA_OBJECT_XPATH);
+
+ if (dataObjectElem != null) {
+ Element metaInfoElem =
+ (Element) XPathUtils.selectSingleNode(dataObjectElem, META_INFO_XPATH);
+ MetaInfo metaInfo = null;
+ Element contentElem =
+ (Element) XPathUtils.selectSingleNode(dataObjectElem, CONTENT_XPATH);
+ CMSContent content = parseContent(contentElem);
+
+ if (metaInfoElem != null) {
+ metaInfo = RequestParserUtils.parseMetaInfo(metaInfoElem);
+ }
+
+ String excludeByteRangeFromStr = XPathUtils.getElementValue(dataObjectElem, EXCLUDEBYTERANGE_FROM_XPATH, null);
+ String excludeByteRangeToStr = XPathUtils.getElementValue(dataObjectElem, EXCLUDEBYTERANGE_TO_XPATH, null);
+
+ BigDecimal excludeByteRangeFrom = null;
+ BigDecimal excludeByteRangeTo = null;
+
+ if (excludeByteRangeFromStr != null)
+ excludeByteRangeFrom = new BigDecimal(excludeByteRangeFromStr);
+ if (excludeByteRangeToStr != null)
+ excludeByteRangeTo = new BigDecimal(excludeByteRangeToStr);
+
+ return factory.createCMSDataObject(metaInfo, content, excludeByteRangeFrom, excludeByteRangeTo);
+
+
+ } else {
+ return null;
+ }
+
+ }
+
+ /**
+ * Parse the content contained in a <code>CMSContentBaseType</code> kind of
+ * DOM element.
+ *
+ * @param contentElem The <code>CMSContentBaseType</code> kind of element to
+ * parse.
+ * @return A <code>CMSDataObject</code> API object containing the data
+ * from the given DOM element.
+ */
+ private CMSContent parseContent(Element contentElem) {
+ Element base64ContentElem =
+ (Element) XPathUtils.selectSingleNode(contentElem, BASE64_CONTENT_XPATH);
+
+ if (base64ContentElem != null) {
+ String base64Str = DOMUtils.getText(base64ContentElem);
+ InputStream binaryContent = Base64Utils.decodeToStream(base64Str, true);
+ return factory.createCMSContent(binaryContent);
+ } else {
+ return factory.createCMSContent(
+ contentElem.getAttribute("Reference"));
+ }
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java
new file mode 100644
index 0000000..b11560b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java
@@ -0,0 +1,131 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.util.Iterator;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+
+/**
+ * Convert a <code>VerifyCMSSignatureResponse</code> API object into its
+ * XML representation, according to the MOA XML schema.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class VerifyCMSSignatureResponseBuilder {
+ /** The XML document containing the response element. */
+ private Document responseDoc;
+ /** The response <code>VerifyCMSSignatureResponse</code> DOM element. */
+ private Element responseElem;
+
+ /**
+ * Create a new <code>VerifyCMSSignatureResponseBuilder</code>:
+ *
+ * @throws MOASystemException An error occurred setting up the resulting
+ * XML document.
+ */
+ public VerifyCMSSignatureResponseBuilder() throws MOASystemException {
+ responseDoc =
+ ResponseBuilderUtils.createResponse("VerifyCMSSignatureResponse");
+ responseElem = responseDoc.getDocumentElement();
+ }
+
+ /**
+ * Build a document containing a <code>VerifyCMSSignatureResponse</code>
+ * DOM element being the XML representation of the given
+ * <code>VerifyCMSSignatureResponse</code> API object.
+ *
+ * @param response The <code>VerifyCMSSignatureResponse</code> to convert
+ * to XML.
+ * @return A document containing the <code>VerifyCMSSignatureResponse</code>
+ * DOM element.
+ * @throws MOAApplicationException An error occurred building the response.
+ */
+ public Document build(VerifyCMSSignatureResponse response)
+ throws MOAApplicationException {
+
+ Iterator iter;
+
+ for (iter = response.getResponseElements().iterator(); iter.hasNext();) {
+ VerifyCMSSignatureResponseElement responseElement =
+ (VerifyCMSSignatureResponseElement) iter.next();
+ addResponseElement(responseElement);
+ }
+
+ return responseDoc;
+ }
+
+ /**
+ * Add an element to the response.
+ *
+ * @param responseElement The element to add to the response.
+ * @throws MOAApplicationException An error occurred adding the element.
+ */
+ private void addResponseElement(VerifyCMSSignatureResponseElement responseElement)
+ throws MOAApplicationException {
+
+ SignerInfo signerInfo = responseElement.getSignerInfo();
+ CheckResult signatureCheck = responseElement.getSignatureCheck();
+ CheckResult certCheck = responseElement.getCertificateCheck();
+
+ ResponseBuilderUtils.addSignerInfo(
+ responseDoc,
+ responseElem,
+ signerInfo.getSignerCertificate(),
+ signerInfo.isQualifiedCertificate(),
+ signerInfo.getQCSource(),
+ signerInfo.isPublicAuthority(),
+ signerInfo.getPublicAuhtorityID(),
+ signerInfo.isSSCD(),
+ signerInfo.getSSCDSource(),
+ signerInfo.getIssuerCountryCode());
+
+ ResponseBuilderUtils.addCodeInfoElement(
+ responseDoc,
+ responseElem,
+ "SignatureCheck",
+ signatureCheck.getCode(),
+ signatureCheck.getInfo());
+
+ ResponseBuilderUtils.addCodeInfoElement(
+ responseDoc,
+ responseElem,
+ "CertificateCheck",
+ certCheck.getCode(),
+ certCheck.getInfo());
+
+
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureRequestParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureRequestParser.java
new file mode 100644
index 0000000..7bd0b9e
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureRequestParser.java
@@ -0,0 +1,299 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.traversal.NodeIterator;
+
+import at.gv.egovernment.moa.util.BoolUtils;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.SignatureManifestCheckParams;
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+
+/**
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class VerifyXMLSignatureRequestParser {
+
+ //
+ // XPath expressions for parsing parts of the request
+ //
+ private static final String MOA = Constants.MOA_PREFIX + ":";
+ private static final String DATE_TIME_XPATH = MOA + "DateTime";
+ private static final String RETURN_HASH_INPUT_DATA_XPATH =
+ MOA + "ReturnHashInputData";
+ private static final String TRUST_PROFILE_ID_XPATH = MOA + "TrustProfileID";
+ private static final String VERIFY_SIGNATURE_ENVIRONMENT_XPATH =
+ MOA + "VerifySignatureInfo/" + MOA + "VerifySignatureEnvironment";
+ private static final String VERIFY_SIGNATURE_LOCATION_XPATH =
+ MOA + "VerifySignatureInfo/" + MOA + "VerifySignatureLocation";
+ private static final String SUPPLEMENT_PROFILE_XPATH =
+ MOA + "SupplementProfile | " + MOA + "SupplementProfileID";
+ private static final String SIGNATURE_MANIFEST_CHECK_PARAMS_XPATH =
+ MOA + "SignatureManifestCheckParams";
+ private static final String VERIFY_TRANSFORMS_INFO_PROFILE_XPATH =
+ (MOA + "VerifyTransformsInfoProfile | ")
+ + (MOA + "VerifyTransformsInfoProfileID");
+ private static final String REFERENCE_INFO_XPATH = MOA + "ReferenceInfo";
+
+ /** The <code>SPSSFactory</code> for creating new API objects. */
+ private SPSSFactory factory = SPSSFactory.getInstance();
+
+
+ /**
+ * Parse a <code>VerifyXMLSignatureRequest</code> DOM element, as defined
+ * by the MOA schema.
+ *
+ * @param requestElem The <code>VerifyXMLSignatureRequest</code> to parse. The
+ * request must have been successfully parsed against the schema for this
+ * method to succeed.
+ * @return A <code>VerifyXMLSignatureRequest</code> API object containing
+ * the data from the DOM element.
+ * @throws MOAApplicationException An error occurred parsing the request.
+ */
+ public VerifyXMLSignatureRequest parse(Element requestElem)
+ throws MOAApplicationException {
+
+ Date dateTime =
+ RequestParserUtils.parseDateTime(requestElem, DATE_TIME_XPATH);
+ VerifySignatureInfo verifySignatureInfo =
+ parseVerifySignatureInfo(requestElem);
+ List supplementProfiles = parseSupplementProfiles(requestElem);
+ SignatureManifestCheckParams signatureManifestCheckParams =
+ parseSignatureManifestCheckParams(requestElem);
+ boolean returnHashInputData =
+ XPathUtils.selectSingleNode(requestElem, RETURN_HASH_INPUT_DATA_XPATH)
+ != null;
+ String trustProfileID =
+ XPathUtils.getElementValue(requestElem, TRUST_PROFILE_ID_XPATH, null);
+
+ return factory.createVerifyXMLSignatureRequest(
+ dateTime,
+ verifySignatureInfo,
+ supplementProfiles,
+ signatureManifestCheckParams,
+ returnHashInputData,
+ trustProfileID);
+ }
+
+ /**
+ * Parse the <code>VerifySignatureInfo</code> DOM element contained in
+ * the <code>VerifyXMLSignatureRequest</code> DOM element.
+ *
+ * @param requestElem The <code>VerifyXMLSignatureRequest</code> DOM element
+ * containing the <code>VerifySignatureInfo</code> DOM element.
+ * @return The <code>VerifySignatureInfo</code> API object containing the
+ * data from the DOM element.
+ */
+ private VerifySignatureInfo parseVerifySignatureInfo(Element requestElem) {
+ Element verifySignatureEnvironmentElem =
+ (Element) XPathUtils.selectSingleNode(
+ requestElem,
+ VERIFY_SIGNATURE_ENVIRONMENT_XPATH);
+ Content verifySignatureEnvironment =
+ RequestParserUtils.parseContent(verifySignatureEnvironmentElem);
+ VerifySignatureLocation verifySignatureLocation =
+ parseVerifySignatureLocation(requestElem);
+
+ return factory.createVerifySignatureInfo(
+ verifySignatureEnvironment,
+ verifySignatureLocation);
+ }
+
+ /**
+ * Parse the <code>VerifySignatureLocation</code> DOM element contained
+ * in the given <code>VerifyXMLSignatureRequest</code> DOM element.
+ *
+ * @param requestElem The <code>VerifyXMLSignatureRequst</code> DOM element.
+ * @return The <code>VerifySignatureLocation</code> API object containing the
+ * data from the DOM element.
+ */
+ private VerifySignatureLocation parseVerifySignatureLocation(Element requestElem) {
+ Element locationElem =
+ (Element) XPathUtils.selectSingleNode(
+ requestElem,
+ VERIFY_SIGNATURE_LOCATION_XPATH);
+ String xPathExpression = DOMUtils.getText(locationElem);
+ Map namespaceDeclarations = DOMUtils.getNamespaceDeclarations(locationElem);
+
+ return factory.createVerifySignatureLocation(
+ xPathExpression,
+ namespaceDeclarations);
+ }
+
+ /**
+ * Parse the supplement profiles contained in the given
+ * <code>VerifyXMLSignatureRequest</code> DOM element.
+ *
+ * @param requestElem The <code>VerifyXMLSignatureRequest</code> DOM element.
+ * @return A <code>List</code> of <code>SupplementProfile</code> API objects
+ * containing the data from the <code>SupplementProfile</code> DOM elements.
+ */
+ private List parseSupplementProfiles(Element requestElem) {
+ List supplementProfiles = new ArrayList();
+ NodeIterator profileElems =
+ XPathUtils.selectNodeIterator(requestElem, SUPPLEMENT_PROFILE_XPATH);
+ Element profileElem;
+
+ while ((profileElem = (Element) profileElems.nextNode()) != null) {
+ SupplementProfile profile;
+
+ if ("SupplementProfile".equals(profileElem.getLocalName())) {
+ ProfileParser profileParser = new ProfileParser();
+ profile = profileParser.parseSupplementProfile(profileElem);
+ } else {
+ String profileID = DOMUtils.getText(profileElem);
+ profile = factory.createSupplementProfile(profileID);
+ }
+ supplementProfiles.add(profile);
+ }
+ return supplementProfiles;
+ }
+
+ /**
+ * Parse the <code>SignatureManifestCheckParams</code> DOM element contained
+ * in the given <code>VerifyXMLSignatureRequest</code> DOM element.
+ * @param requestElem The <code>VerifyXMLSignatureRequest</code> DOM element.
+ * @return The <code>SignatureManifestCheckParams</code> API object containing
+ * the data from the <code>SignatureManifestCheckParams</code> DOM element.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>SignatureManifestCheckParams</code> DOM element.
+ */
+ private SignatureManifestCheckParams parseSignatureManifestCheckParams(Element requestElem)
+ throws MOAApplicationException {
+ Element paramsElem =
+ (Element) XPathUtils.selectSingleNode(
+ requestElem,
+ SIGNATURE_MANIFEST_CHECK_PARAMS_XPATH);
+
+ if (paramsElem != null) {
+ String returnReferenceInputDataStr =
+ paramsElem.getAttribute("ReturnReferenceInputData");
+ boolean returnReferencInputData =
+ BoolUtils.valueOf(returnReferenceInputDataStr);
+ List referenceInfos = parseReferenceInfos(paramsElem);
+
+ return factory.createSignatureManifestCheckParams(
+ referenceInfos,
+ returnReferencInputData);
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * Parse the <code>ReferenceInfo</code> DOM elements contained in a
+ * <code>SignatureManifestCheckParams</code> DOM element.
+ *
+ * @param paramsElem The <code>SignatureManifestCheckParams</code> DOM element
+ * containing the <code>ReferenceInfo</code> DOM elements.
+ * @return A <code>List</code> of <code>RefernceInfo</code> API objects
+ * containing the data from the <code>ReferenceInfo</code> DOM elements.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>ReferenceInfo</code> DOM elements.
+ */
+ private List parseReferenceInfos(Element paramsElem)
+ throws MOAApplicationException {
+
+ List referenceInfos = new ArrayList();
+ NodeIterator refInfoElems =
+ XPathUtils.selectNodeIterator(paramsElem, REFERENCE_INFO_XPATH);
+ Element refInfoElem;
+
+ while ((refInfoElem = (Element) refInfoElems.nextNode()) != null) {
+ ReferenceInfo referenceInfo = parseReferenceInfo(refInfoElem);
+
+ referenceInfos.add(referenceInfo);
+ }
+
+ return referenceInfos;
+ }
+
+ /**
+ * Parse a <code>ReferenceInfo</code> DOM element.
+ *
+ * @param refInfoElem The <code>ReferenceInfo</code> DOM element to parse.
+ * @return The <code>ReferenceInfo</code> API object containing the data
+ * from the given <code>ReferenceInfo</code> DOM element.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>ReferenceInfo</code> DOM element.
+ */
+ private ReferenceInfo parseReferenceInfo(Element refInfoElem)
+ throws MOAApplicationException {
+ List profiles = parseVerifyTransformsInfoProfiles(refInfoElem);
+ return factory.createReferenceInfo(profiles);
+ }
+
+ /**
+ * Parse the <code>VerifyTransformsInfoProfile</code> DOM elements contained
+ * in a <code>ReferenceInfo</code> DOM element.
+ *
+ * @param refInfoElem <code>ReferenceInfo</code> DOM element containing
+ * the <code>VerifyTransformsInfoProfile</code> DOM elements.
+ * @return A <code>List</code> of <code>VerifyTransformsInfoProfile</code>
+ * API objects containing the profile data.
+ * @throws MOAApplicationException An error occurred building the
+ * <code>VerifyTransformsInfoProfile</code>s.
+ */
+ private List parseVerifyTransformsInfoProfiles(Element refInfoElem)
+ throws MOAApplicationException {
+
+ List profiles = new ArrayList();
+ NodeIterator profileElems =
+ XPathUtils.selectNodeIterator(
+ refInfoElem,
+ VERIFY_TRANSFORMS_INFO_PROFILE_XPATH);
+ Element profileElem;
+
+ while ((profileElem = (Element) profileElems.nextNode()) != null) {
+ if ("VerifyTransformsInfoProfile".equals(profileElem.getLocalName())) {
+ ProfileParser profileParser = new ProfileParser();
+ profiles.add(
+ profileParser.parseVerifyTransformsInfoProfile(profileElem));
+ } else {
+ String profileID = DOMUtils.getText(profileElem);
+ profiles.add(factory.createVerifyTransformsInfoProfile(profileID));
+ }
+ }
+ return profiles;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java
new file mode 100644
index 0000000..dd4e13a
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java
@@ -0,0 +1,340 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.io.IOException;
+import java.util.Iterator;
+import java.util.List;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.DocumentFragment;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.Constants;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.ContentBinary;
+import at.gv.egovernment.moa.spss.api.common.ContentXML;
+import at.gv.egovernment.moa.spss.api.common.InputData;
+import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResult;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+
+/**
+ * Convert a <code>VerifyXMLSignatureResponse</code> API object into its
+ * XML representation, according to the MOA XML schema.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class VerifyXMLSignatureResponseBuilder {
+ private static final String MOA_NS_URI = Constants.MOA_NS_URI;
+
+ /** The XML document containing the response element. */
+ private Document responseDoc;
+ /** The response <code>VerifyXMLSignatureResponse</code> DOM element. */
+ private Element responseElem;
+
+ /**
+ * Create a new <code>VerifyXMLSignatureResponseBuilder</code>:
+ *
+ * @throws MOASystemException An error occurred setting up the resulting
+ * XML document.
+ */
+ public VerifyXMLSignatureResponseBuilder() throws MOASystemException {
+ responseDoc =
+ ResponseBuilderUtils.createResponse("VerifyXMLSignatureResponse");
+ responseElem = responseDoc.getDocumentElement();
+ }
+
+ /**
+ * Build a document containing a <code>VerifyXMLSignatureResponse</code>
+ * DOM element being the XML representation of the given
+ * <code>VerifyXMLSignatureResponse</code> API object.
+ *
+ * @param response The <code>VerifyXMLSignatureResponse</code> to convert
+ * to XML.
+ * @return A document containing the <code>VerifyXMLSignatureResponse</code>
+ * DOM element.
+ * @throws MOAApplicationException An error occurred building the response.
+ */
+ public Document build(VerifyXMLSignatureResponse response)
+ throws MOAApplicationException {
+
+ Iterator iter;
+ List responseData;
+
+ // add the SignerInfo
+ ResponseBuilderUtils.addSignerInfo(
+ responseDoc,
+ responseElem,
+ response.getSignerInfo().getSignerCertificate(),
+ response.getSignerInfo().isQualifiedCertificate(),
+ response.getSignerInfo().getQCSource(),
+ response.getSignerInfo().isPublicAuthority(),
+ response.getSignerInfo().getPublicAuhtorityID(),
+ response.getSignerInfo().isSSCD(),
+ response.getSignerInfo().getSSCDSource(),
+ response.getSignerInfo().getIssuerCountryCode());
+
+ // add HashInputData elements
+ responseData = response.getHashInputDatas();
+ if (responseData != null && !responseData.isEmpty()) {
+ for (iter = responseData.iterator(); iter.hasNext();) {
+ InputData inputData = (InputData) iter.next();
+ addContent("HashInputData", inputData);
+ }
+ }
+
+ // add ReferenceInputData elements
+ responseData = response.getReferenceInputDatas();
+ if (responseData != null && !responseData.isEmpty()) {
+ for (iter = responseData.iterator(); iter.hasNext();) {
+ InputData inputData = (InputData) iter.next();
+ addContent("ReferenceInputData", inputData);
+ }
+ }
+
+ // add the SignatureCheck
+ addReferencesCheckResult("SignatureCheck", response.getSignatureCheck());
+
+ // add the SignatureManifestCheck
+ if (response.getSignatureManifestCheck() != null) {
+ addReferencesCheckResult(
+ "SignatureManifestCheck",
+ response.getSignatureManifestCheck());
+ }
+
+ // add the XMLDsigManifestChecks
+ responseData = response.getXMLDsigManifestChecks();
+ if (responseData != null && !responseData.isEmpty()) {
+ for (iter = responseData.iterator(); iter.hasNext();) {
+ ManifestRefsCheckResult checkResult =
+ (ManifestRefsCheckResult) iter.next();
+ addManifestRefsCheckResult("XMLDSIGManifestCheck", checkResult);
+ }
+ }
+
+ // add the CertificateCheck
+ ResponseBuilderUtils.addCodeInfoElement(
+ responseDoc,
+ responseElem,
+ "CertificateCheck",
+ response.getCertificateCheck().getCode(),
+ response.getCertificateCheck().getInfo());
+
+
+
+ return responseDoc;
+ }
+
+ /**
+ * Add an element of type <code>ContentBaseType</code> to the response.
+ *
+ * @param elementName The name of the element.
+ *
+ * @param inputData The <code>InputData</code> to add. Based on the type of
+ *
+ * the <code>InputData</code>, either a <code>Base64Content</code> element
+ * or a <code>XMLContent</code> subelement will be added. An <code>
+ * InputDataBinaryImpl</code> will be added as a <code>Base64Content</code>
+ * child element. An<code>InputDataXMLImpl</code> will be added as <code>
+ * XMLContent</code> child element.
+ *
+ * @throws MOAApplicationException An error occurred adding the content.
+ */
+ private void addContent(String elementName, InputData inputData)
+ throws MOAApplicationException {
+
+ Element contentElem = responseDoc.createElementNS(MOA_NS_URI, elementName);
+
+ contentElem.setAttributeNS(null, "PartOf", inputData.getPartOf());
+ if (inputData.getReferringReferenceNumber() != InputData.REFERER_NONE_)
+ contentElem.setAttributeNS(
+ null,
+ "ReferringSigReference",
+ Integer.toString(inputData.getReferringReferenceNumber()));
+
+ switch (inputData.getContentType()) {
+ case Content.XML_CONTENT :
+ ContentXML contentXml = (ContentXML) inputData;
+ NodeList nodes = contentXml.getXMLContent();
+ Element xmlElem;
+ int i;
+
+ xmlElem = responseDoc.createElementNS(MOA_NS_URI, "XMLContent");
+ //xmlElem.setAttributeNS(XML_NS_URI, "xml:space", "preserve");
+ xmlElem.setAttribute("xml:space", "preserve");
+
+ for (i = 0; i < nodes.getLength(); i++) {
+ xmlElem.appendChild(responseDoc.importNode(nodes.item(i), true));
+ }
+ contentElem.appendChild(xmlElem);
+ responseElem.appendChild(contentElem);
+ break;
+ case Content.BINARY_CONTENT :
+ Element binaryElem =
+ responseDoc.createElementNS(MOA_NS_URI, "Base64Content");
+ ContentBinary contentBinary = (ContentBinary) inputData;
+ String base64Str;
+
+ try {
+ base64Str = Base64Utils.encode(contentBinary.getBinaryContent());
+ } catch (IOException e) {
+ throw new MOAApplicationException("2200", null, e);
+ }
+ binaryElem.appendChild(responseDoc.createTextNode(base64Str));
+ contentElem.appendChild(binaryElem);
+ responseElem.appendChild(contentElem);
+ break;
+ }
+ }
+
+ /**
+ * Add a <code>ReferencesCheckResult</code> to the response.
+ *
+ * @param elementName The DOM element name to use.
+ * @param checkResult The <code>ReferencesCheckResult</code> to add.
+ */
+ private void addReferencesCheckResult(
+ String elementName,
+ ReferencesCheckResult checkResult) {
+
+ NodeList info = null;
+
+ if (checkResult.getInfo() != null) {
+ DocumentFragment fragment = responseDoc.createDocumentFragment();
+ NodeList anyOtherInfo = checkResult.getInfo().getAnyOtherInfo();
+ int[] failedReferences = checkResult.getInfo().getFailedReferences();
+
+ if (anyOtherInfo != null) {
+ addAnyOtherInfo(fragment, checkResult.getInfo().getAnyOtherInfo());
+ }
+
+ if (failedReferences != null) {
+ addFailedReferences(fragment, failedReferences);
+ }
+
+ info = fragment.getChildNodes();
+ }
+
+ ResponseBuilderUtils.addCodeInfoElement(
+ responseDoc,
+ responseElem,
+ elementName,
+ checkResult.getCode(),
+ info);
+ }
+
+
+ /**
+ * Add a <code>ManifestRefsCheckResult</code> to the response.
+ *
+ * @param elementName The DOM element name to use.
+ * @param checkResult The <code>ManifestRefsCheckResult</code> to add.
+ */
+ private void addManifestRefsCheckResult(
+ String elementName,
+ ManifestRefsCheckResult checkResult) {
+
+ DocumentFragment fragment = responseDoc.createDocumentFragment();
+ NodeList anyOtherInfo = checkResult.getInfo().getAnyOtherInfo();
+ int[] failedReferences = checkResult.getInfo().getFailedReferences();
+ Element referringSigRefElem;
+ String referringSigRefStr;
+
+ // add any other elements
+ if (anyOtherInfo != null) {
+ addAnyOtherInfo(fragment, checkResult.getInfo().getAnyOtherInfo());
+ }
+
+ // add the failed references
+ if (failedReferences != null) {
+ addFailedReferences(fragment, failedReferences);
+ }
+
+ // add the ReferringSigReference
+ referringSigRefElem =
+ responseDoc.createElementNS(MOA_NS_URI, "ReferringSigReference");
+ referringSigRefStr =
+ Integer.toString(checkResult.getInfo().getReferringSignatureReference());
+ referringSigRefElem.appendChild(
+ responseDoc.createTextNode(referringSigRefStr));
+ fragment.appendChild(referringSigRefElem);
+
+ // add XMLDSIGManifestCheckResult to the response
+ ResponseBuilderUtils.addCodeInfoElement(
+ responseDoc,
+ responseElem,
+ elementName,
+ checkResult.getCode(),
+ fragment.getChildNodes());
+ }
+
+ /**
+ * Add arbitrary XML content to a DOM <code>DocumentFragment</code>.
+ *
+ * @param fragment The fragment to add the XML content to.
+ * @param anyOtherInfo The XML content to add.
+ */
+ private void addAnyOtherInfo(
+ DocumentFragment fragment,
+ NodeList anyOtherInfo) {
+
+ int i;
+
+ for (i = 0; i < anyOtherInfo.getLength(); i++) {
+ fragment.appendChild(responseDoc.importNode(anyOtherInfo.item(i), true));
+ }
+ }
+
+ /**
+ * Add the failed references as <code>FailedReference</code> DOM elements to
+ * the fragment.
+ *
+ * @param fragment The DOM document fragment to add the
+ * <code>FailedReference</code> elements to.
+ * @param failedReferences The indexes of the failed references.
+ */
+ private void addFailedReferences(
+ DocumentFragment fragment,
+ int[] failedReferences) {
+ Element failedReferenceElem;
+ int i;
+
+ for (i = 0; i < failedReferences.length; i++) {
+ failedReferenceElem =
+ responseDoc.createElementNS(MOA_NS_URI, "FailedReference");
+ failedReferenceElem.appendChild(
+ responseDoc.createTextNode(Integer.toString(failedReferences[i])));
+ fragment.appendChild(failedReferenceElem);
+ }
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureEnvironmentProfile.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureEnvironmentProfile.java
new file mode 100644
index 0000000..4b40b9c
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureEnvironmentProfile.java
@@ -0,0 +1,54 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+/**
+ * Base class for signature environment profile data used in XML signature
+ * creation.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface CreateSignatureEnvironmentProfile {
+ /**
+ * Indicates that the profile data is given explicitly.
+ */
+ public static int EXPLICIT_CREATESIGNATUREENVIRONMENTPROFILE = 0;
+ /**
+ * Indicates that the profile data is stored in the configuration and resolved
+ * using an ID.
+ */
+ public static int ID_CREATESIGNATUREENVIRONMENTPROFILE = 1;
+
+ /**
+ * Gets the type of this object.
+ *
+ * @return The type of <code>CreateSignatureEnvironmentProfile</code> denoted
+ * by this object. Either
+ * <code>EXPLICIT_CREATESIGNATUREENVIRONMENTPROFILE</code> or
+ * <code>ID_CREATESIGNATUREENVIRONMENTPROFILE</code>.
+ */
+ public int getCreateSignatureEnvironmentProfileType();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureEnvironmentProfileExplicit.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureEnvironmentProfileExplicit.java
new file mode 100644
index 0000000..0bce94c
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureEnvironmentProfileExplicit.java
@@ -0,0 +1,54 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+import java.util.List;
+
+/**
+ * A <code>CreateSignatureEnvironmentProfile</code> containing the profile
+ * data explicitly.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface CreateSignatureEnvironmentProfileExplicit
+ extends CreateSignatureEnvironmentProfile {
+
+ /**
+ * Gets the location and index of where to insert the signature into the
+ * signature environment.
+ *
+ * @return The location and index of the signature in the signature
+ * environment.
+ */
+ public CreateSignatureLocation getCreateSignatureLocation();
+ /**
+ * Gets the supplemental information.
+ *
+ * @return The supplemental information.
+ */
+ public List getSupplements();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureEnvironmentProfileID.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureEnvironmentProfileID.java
new file mode 100644
index 0000000..73e4f52
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureEnvironmentProfileID.java
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+/**
+ * A <code>CreateSignatureEnvironmentProfile</code> containing a profile ID
+ * pointing to locally stored profile data.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface CreateSignatureEnvironmentProfileID
+ extends CreateSignatureEnvironmentProfile {
+
+ /**
+ * Gets the profile ID.
+ *
+ * @return The profile ID.
+ */
+ public String getCreateSignatureEnvironmentProfileID();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureInfo.java
new file mode 100644
index 0000000..9363408
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureInfo.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+import at.gv.egovernment.moa.spss.api.common.Content;
+
+/**
+ * Encapsulates a signature object used during signature creation.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CreateSignatureInfo {
+ /**
+ * Gets the XML structure where the signature will be inserted.
+ *
+ * @return The XML structure where the signature will be inserted.
+ */
+ public Content getCreateSignatureEnvironment();
+ /**
+ * Gets the supplemental data for the signature environment.
+ *
+ * @return The supplemental data for the signature envoronment.
+ */
+ public CreateSignatureEnvironmentProfile getCreateSignatureEnvironmentProfile();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureLocation.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureLocation.java
new file mode 100644
index 0000000..9a0b798
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateSignatureLocation.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+import at.gv.egovernment.moa.spss.api.common.ElementSelector;
+
+/**
+ * Specifies where to insert the newly created signature.
+ *
+ * An XPath expression is used to select the signature parent element. An
+ * additional index specifies the node index after which to insert the
+ * signature into the parent element.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface CreateSignatureLocation extends ElementSelector {
+ /**
+ * Gets the node index, after which the signature will be inserted into the
+ * parent elemen.
+ *
+ * @return The index of the node after which the signature will be inserted.
+ */
+ public int getIndex();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfo.java
new file mode 100644
index 0000000..fbb0000
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfo.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+
+/**
+ * Encapsulates information used for the transformation of the data object.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CreateTransformsInfo {
+ /**
+ * Gets the XMLDSig transforms.
+ *
+ * @return A <code>List</code> of <code>Transform</code> objects.
+ */
+ public List getTransforms();
+ /**
+ * Gets meta information about the data resulting from the transformation.
+ *
+ * @return Meta information about the resulting data.
+ */
+ public MetaInfo getFinalDataMetaInfo();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfoProfile.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfoProfile.java
new file mode 100644
index 0000000..5babdae
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfoProfile.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+/**
+ * Base class for transformation informations used in signature creation.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CreateTransformsInfoProfile {
+ /**
+ * Indicates transformation information given explicitly.
+ */
+ public static final int EXPLICIT_CREATETRANSFORMSINFOPROFILE = 0;
+ /**
+ * Indicates transformation information given as an ID.
+ */
+ public static final int ID_CREATETRANSFORMSINFOPROFILE = 1;
+
+ /**
+ * Gets the type of profile information this object contains.
+ *
+ * @return The type of transformation information, either
+ * <code>EXPLICIT_CREATETRANSFORMSINFOPROFILE</code> or
+ * <code>ID_CREATETRANSFORMSINFOPROFILE</code>.
+ */
+ public int getCreateTransformsInfoProfileType();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfoProfileExplicit.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfoProfileExplicit.java
new file mode 100644
index 0000000..9aae8cb
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfoProfileExplicit.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+import java.util.List;
+
+/**
+ * Encapsulates explicit transformation informations.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CreateTransformsInfoProfileExplicit
+ extends CreateTransformsInfoProfile {
+ /**
+ * Gets the transformation information of the data object.
+ *
+ * @return Transformation information of the data object.
+ */
+ public CreateTransformsInfo getCreateTransformsInfo();
+ /**
+ * Gets the supplemental information.
+ *
+ * @return The supplemental information.
+ */
+ public List getSupplements();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfoProfileID.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfoProfileID.java
new file mode 100644
index 0000000..69c3629
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateTransformsInfoProfileID.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+/**
+ * Encapsulates transformation information given via an identifier.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CreateTransformsInfoProfileID
+ extends CreateTransformsInfoProfile {
+ /**
+ * Gets the ID of the transformation.
+ *
+ * @return The transformation profile ID.
+ */
+ public String getCreateTransformsInfoProfileID();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateXMLSignatureRequest.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateXMLSignatureRequest.java
new file mode 100644
index 0000000..351b16e
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateXMLSignatureRequest.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+import java.util.List;
+
+
+/**
+ * Object that encapsulates a request to create an XML Signature.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CreateXMLSignatureRequest {
+ /**
+ * Gets the identifier for the keys to be used for the signature.
+ *
+ * @return The identifier for the keys to be used.
+ */
+ public String getKeyIdentifier();
+ /**
+ * Gets the information of the singleSignatureInfo elements.
+ *
+ * @return The information of singleSignatureInfo elements.
+ */
+ public List getSingleSignatureInfos();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateXMLSignatureResponse.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateXMLSignatureResponse.java
new file mode 100644
index 0000000..c1b1c30
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateXMLSignatureResponse.java
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+import java.util.List;
+
+/**
+ * Object that encapsulates the response on to a
+ * <code>CreateXMLSignatureRequest</code> to create an XML signature.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CreateXMLSignatureResponse {
+ /**
+ * Gets the response elements.
+ *
+ * @return The response elements.
+ */
+ public List getResponseElements();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateXMLSignatureResponseElement.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateXMLSignatureResponseElement.java
new file mode 100644
index 0000000..b9bd334
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/CreateXMLSignatureResponseElement.java
@@ -0,0 +1,53 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+/**
+ * Base class for <code>SignatureEnvironmentResponse</code> and
+ * <code>ErrorResponse</code> elements in a
+ * <code>CreateXMLSignatureResponse</code>.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface CreateXMLSignatureResponseElement {
+ /**
+ * Indicates that this object contains a <code>SignatureEnvironment</code>.
+ */
+ public static final int SIGNATURE_ENVIRONMENT_RESPONSE = 0;
+ /**
+ * Indicates that this objet contains an <code>ErrorResponse</code>.
+ */
+ public static final int ERROR_RESPONSE = 1;
+
+ /**
+ * Gets the type of response object.
+ *
+ * @return The type of response object, either
+ * <code>SIGNATURE_ENVIRONMENT_RESPONSE</code> or <code>ERROR_RESPONSE</code>.
+ */
+ public int getResponseType();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/DataObjectInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/DataObjectInfo.java
new file mode 100644
index 0000000..620e3b3
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/DataObjectInfo.java
@@ -0,0 +1,72 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+import at.gv.egovernment.moa.spss.api.common.Content;
+
+/**
+ * Encapsulates information required to create a single signature.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface DataObjectInfo {
+ /**
+ * Indicates that a detached signature will be created.
+ */
+ public static final String STRUCTURE_DETACHED = "detached";
+ /**
+ * Indicates that an enveloping signature will be created.
+ */
+ public static final String STRUCTURE_ENVELOPING = "enveloping";
+
+ /**
+ * Gets the structure of the signature.
+ *
+ * @return The structure of the signature.
+ */
+ public String getStructure();
+ /**
+ * Checks whether a refercence will be placed in the signature itself or
+ * in the manifest.
+ *
+ * @return <code>true</code> if a reference will be placed in the manifest,
+ * <code>false</code> if it will be placed in the signature.
+ */
+ public boolean isChildOfManifest();
+ /**
+ * Gets information related to a single data object.
+ *
+ * @return Information related to a single data object.
+ */
+ public Content getDataObject();
+ /**
+ * Gets information for the transformation of the data object.
+ *
+ * @return The transformation information.
+ */
+ public CreateTransformsInfoProfile getCreateTransformsInfoProfile();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/ErrorResponse.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/ErrorResponse.java
new file mode 100644
index 0000000..6dfa843
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/ErrorResponse.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+
+/**
+ * Object containing detailed error information.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface ErrorResponse extends CreateXMLSignatureResponseElement {
+ /**
+ * Gets the error code.
+ *
+ * @return The error code.
+ */
+ public int getErrorCode();
+ /**
+ * Gets verbose error information.
+ *
+ * @return Verbose error information.
+ */
+ public String getInfo();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/SignatureEnvironmentResponse.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/SignatureEnvironmentResponse.java
new file mode 100644
index 0000000..47c4ce7
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/SignatureEnvironmentResponse.java
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+import org.w3c.dom.Element;
+
+/**
+ * Contains the signature if the signature creation was successful.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface SignatureEnvironmentResponse
+ extends CreateXMLSignatureResponseElement {
+ /**
+ * Gets the XML structure which contains the signature.
+ *
+ * @return A general XML structure containing the signature.
+ */
+ public Element getSignatureEnvironment();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/SingleSignatureInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/SingleSignatureInfo.java
new file mode 100644
index 0000000..3355739
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlsign/SingleSignatureInfo.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlsign;
+
+import java.util.List;
+
+/**
+ * Encapsulates data to create a single signature.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface SingleSignatureInfo {
+ /**
+ * Gets the dataObjectInfo information.
+ *
+ * @return The dataObjectInfo information.
+ */
+ public List getDataObjectInfos();
+ /**
+ * Gets the signature object.
+ *
+ * @return The signature object used during signature creation.
+ */
+ public CreateSignatureInfo getCreateSignatureInfo();
+ /**
+ * Check whether a Security Layer conform signature manifest will be created.
+ *
+ * @return <code>true</code>, if a Security Layer conform signature manifest
+ * will be created, <code>false</code> otherwise.
+ */
+ public boolean isSecurityLayerConform();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ManifestRefsCheckResult.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ManifestRefsCheckResult.java
new file mode 100644
index 0000000..8ff4617
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ManifestRefsCheckResult.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+
+/**
+ * Contains the results of manifest checks according to XMLDsig.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface ManifestRefsCheckResult {
+ /**
+ * Gets the check code.
+ *
+ * @return A numerical representation of the result of the manifest check.
+ */
+ public int getCode();
+ /**
+ * Gets the reference to the manifest.
+ *
+ * @return The reference to the manifest.
+ */
+ public ManifestRefsCheckResultInfo getInfo();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ManifestRefsCheckResultInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ManifestRefsCheckResultInfo.java
new file mode 100644
index 0000000..4b0a4fb
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ManifestRefsCheckResultInfo.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+
+/**
+ * Encapsulates information referring to the manifest of the check.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface ManifestRefsCheckResultInfo extends ReferencesCheckResultInfo {
+ /**
+ * Gets the position of the signature reference containing the
+ * reference to the manifest being described by this object.
+ *
+ * @return The position of the signature reference.
+ */
+ public int getReferringSignatureReference();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ReferenceInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ReferenceInfo.java
new file mode 100644
index 0000000..95a2b92
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ReferenceInfo.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+import java.util.List;
+
+/**
+ * Contains transformation parameters which are locally available.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface ReferenceInfo {
+ /**
+ * Gets the transformation info.
+ *
+ * @return The transformation info.
+ */
+ public List getVerifyTransformsInfoProfiles();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ReferencesCheckResult.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ReferencesCheckResult.java
new file mode 100644
index 0000000..dd1f482
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ReferencesCheckResult.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+/**
+ * Contains information about the verification status of references contained
+ * in the signature.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface ReferencesCheckResult {
+ /**
+ * Gets the check code.
+ *
+ * @return A numerical representation of the result of the reference check.
+ */
+ public int getCode();
+ /**
+ * Gets the additional information about the result.
+ *
+ * @return Additional information about the result.
+ */
+ public ReferencesCheckResultInfo getInfo();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ReferencesCheckResultInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ReferencesCheckResultInfo.java
new file mode 100644
index 0000000..fc87c98
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/ReferencesCheckResultInfo.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+import org.w3c.dom.NodeList;
+
+/**
+ * Additional information contained in a <code>ReferencesCheckResult</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface ReferencesCheckResultInfo {
+ /**
+ * Gets the additional info of the failed <code>dsig:reference</code> element.
+ *
+ * @return The info elements.
+ */
+ public NodeList getAnyOtherInfo();
+ /**
+ * Gets the positions of the failed signature references containing the
+ * references to the manifests being described by this object.
+ *
+ * @return The positions of the failed signature references.
+ */
+ public int[] getFailedReferences();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SignatureManifestCheckParams.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SignatureManifestCheckParams.java
new file mode 100644
index 0000000..524d4b8
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SignatureManifestCheckParams.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+import java.util.List;
+
+/**
+ * Contains parameters used to check the signature manifest.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface SignatureManifestCheckParams {
+ /**
+ * Gets the referential information.
+ *
+ * @return The referential information.
+ */
+ public List getReferenceInfos();
+ /**
+ * Gets information on whether signature source data should be returned.
+ *
+ * @return <code>true</code>, if signature source data should be returned,
+ * otherwise <code>false</code>.
+ */
+ public boolean getReturnReferenceInputData();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SupplementProfile.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SupplementProfile.java
new file mode 100644
index 0000000..934e7c6
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SupplementProfile.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+/**
+ * Base class for supplementary information.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface SupplementProfile {
+ /**
+ * Indicates that this object contains explicit supplementary information.
+ */
+ public static final int EXPLICIT_SUPPLEMENTPROFILE = 0;
+ /**
+ * Indicates that this object contains a profile id where supplementary
+ * information can be found.
+ */
+ public static final int ID_SUPPLEMENTPROFILE = 1;
+
+ /**
+ * Gets the type of supplementary information contained in this object.
+ *
+ * @return The type of supplementary information contained in this object,
+ * either <code>EXPLICIT_SUPPLEMENT</code> or <code>ID_SUPPLEMENT</code>.
+ */
+ public int getSupplementProfileType();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SupplementProfileExplicit.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SupplementProfileExplicit.java
new file mode 100644
index 0000000..d01abec
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SupplementProfileExplicit.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+
+/**
+ * Encapsulates explicit supplementary information.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface SupplementProfileExplicit extends SupplementProfile {
+ /**
+ * Gets the supplemental object.
+ *
+ * @return The supplemental object.
+ */
+ public XMLDataObjectAssociation getSupplementProfile();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SupplementProfileID.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SupplementProfileID.java
new file mode 100644
index 0000000..beeb2f0
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/SupplementProfileID.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+/**
+ * Encapsulates supplementary information stored in a profile.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface SupplementProfileID extends SupplementProfile {
+ /**
+ * Gets the id of the profile where the supplementary information can be
+ * found.
+ *
+ * @return The profile id.
+ */
+ public String getSupplementProfileID();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameter.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameter.java
new file mode 100644
index 0000000..7ecd1b8
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameter.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+/**
+ * Object encapsulating transform parameters either as a URI, binary or
+ * hashed.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface TransformParameter {
+ /**
+ * Indicates that this object contains a transform parameter given as
+ * a URI.
+ */
+ public static final int URI_TRANSFORMPARAMETER = 0;
+ /**
+ * Indicates that this object contains binary transform parameter.
+ */
+ public static final int BINARY_TRANSFORMPARAMETER = 1;
+ /**
+ * Indicatest that this object contains a binary hash of the transform
+ * parameter.
+ */
+ public static final int HASH_TRANSFORMPARAMETER = 2;
+
+ /**
+ * Gets the type of transform parameter contained in this object.
+ *
+ * @return The type of transform parameter, being one of
+ * <code>URI_TRANSFORMPARAMETER</code>, <code>BINARY_TRANSFORMPARAMETER</code>
+ * or <code>HASH_TRANSFORMPARAMETER</code>.
+ */
+ public int getTransformParameterType();
+ /**
+ * Gets the transform parameter URI.
+ *
+ * @return The transform parameter URI.
+ */
+ public String getURI();}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameterBinary.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameterBinary.java
new file mode 100644
index 0000000..388c5d0
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameterBinary.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+import java.io.InputStream;
+
+/**
+ * Encapsulates a binary transform parameter.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface TransformParameterBinary extends TransformParameter {
+ /**
+ * Gets the binary transform parameter.
+ *
+ * @return An <code>InputStream</code> from which the binary content can
+ * be read.
+ */
+ public InputStream getBinaryContent();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameterHash.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameterHash.java
new file mode 100644
index 0000000..2ff6f39
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameterHash.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+
+/**
+ * Contains a hash of the transform parameter.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface TransformParameterHash extends TransformParameter {
+ /**
+ * Gets the method used for calculating the digest value.
+ *
+ * @return The digest method.
+ */
+ public String getDigestMethod();
+ /**
+ * Gets the binary hash of the transform parameter.
+ *
+ * @return A binary representation of the hash.
+ */
+ public byte[] getDigestValue();
+
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameterURI.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameterURI.java
new file mode 100644
index 0000000..bc73e95
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/TransformParameterURI.java
@@ -0,0 +1,36 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+/**
+ * Encapsulates a transform parameter given as a URI.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface TransformParameterURI extends TransformParameter {
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifySignatureInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifySignatureInfo.java
new file mode 100644
index 0000000..5d6e0eb
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifySignatureInfo.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+import at.gv.egovernment.moa.spss.api.common.Content;
+
+/**
+ * Encapsulates a signature.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface VerifySignatureInfo {
+ /**
+ * Gets the content of the <code>VerifySignatureEnvironment</code> element.
+ *
+ * @return A <code>MOAElement</code> containing the
+ * <code>VerifySignatureEnvironment</code> in a DOM-like structure.
+ */
+ public Content getVerifySignatureEnvironment();
+ /**
+ * Gets the location of the signature.
+ *
+ * @return The location of the signature within the signature environment.
+ */
+ public VerifySignatureLocation getVerifySignatureLocation();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifySignatureLocation.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifySignatureLocation.java
new file mode 100644
index 0000000..56a2567
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifySignatureLocation.java
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+import at.gv.egovernment.moa.spss.api.common.ElementSelector;
+
+/**
+ * Specifies where to find the signature to be verified.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public interface VerifySignatureLocation extends ElementSelector {
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyTransformsInfoProfile.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyTransformsInfoProfile.java
new file mode 100644
index 0000000..a55d55e
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyTransformsInfoProfile.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+/**
+ * Object for explicitly specifying a transformation path.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface VerifyTransformsInfoProfile {
+ /**
+ * Indicates that this object contains the transformation path explicitly.
+ */
+ public static final int EXPLICIT_VERIFYTRANSFORMSINFOPROFILE = 0;
+ /**
+ * Indicatest that this object contains a transformation info id.
+ */
+ public static final int ID_VERIFYTRANSFORMSINFOPROFILE = 1;
+
+ /**
+ * Gets the type of transformation information contained in this object.
+ *
+ * @return The type of transformation information, either
+ * <code>EXPLICIT_VERIFYTRANSFORMSINFOPROFILE</code> or
+ * <code>ID_VERIFYTRANSFORMSINFOPROFILE</code>.
+ */
+ public int getVerifyTransformsInfoProfileType();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyTransformsInfoProfileExplicit.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyTransformsInfoProfileExplicit.java
new file mode 100644
index 0000000..cc29ace
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyTransformsInfoProfileExplicit.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+import java.util.List;
+
+/**
+ * Encapsulates explicit transformation information.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface VerifyTransformsInfoProfileExplicit extends VerifyTransformsInfoProfile {
+ /**
+ * Gets the XMLDSig transforms element.
+ *
+ * @return The <code>List</code> of <code>Transform</code>s.
+ */
+ public List getTransforms();
+ /**
+ * Gets the transformation parameters.
+ *
+ * @return The transformation parameters.
+ */
+ public List getTransformParameters();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyTransformsInfoProfileID.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyTransformsInfoProfileID.java
new file mode 100644
index 0000000..eeb28da
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyTransformsInfoProfileID.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+/**
+ * Encapsulates transformation info id for signature verification.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface VerifyTransformsInfoProfileID extends VerifyTransformsInfoProfile {
+ /**
+ * Gets the identifier referencing the transformation info.
+ *
+ * @return The identifier referencing the transformation info.
+ */
+ public String getVerifyTransformsInfoProfileID();
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureRequest.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureRequest.java
new file mode 100644
index 0000000..a6272d5
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureRequest.java
@@ -0,0 +1,79 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+import java.util.Date;
+import java.util.List;
+
+
+/**
+ * Object that encapsulates a request to verify an XML signature.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface VerifyXMLSignatureRequest {
+ /**
+ * Gets the date and time for which the signature verification has to
+ * be performed.
+ *
+ * @return Date and time for which the signature verification has
+ * to be performed.
+ */
+ public Date getDateTime();
+ /**
+ * Gets the signature to be verified.
+ *
+ * @return The signature to be verified.
+ */
+ public VerifySignatureInfo getSignatureInfo();
+ /**
+ * Gets the supplemental information.
+ *
+ * @return The supplemental information.
+ */
+ public List getSupplementProfiles();
+ /**
+ * Gets parameters for Security Layer signature verification.
+ *
+ * @return Parameters for Security Layer signature verification.
+ */
+ public SignatureManifestCheckParams getSignatureManifestCheckParams();
+ /**
+ * Checks, whether actually signed data shall be returned.
+ *
+ * @return <code>true</code>, if signed data will be returned,
+ * otherwise <code>false</code>.
+ */
+ public boolean getReturnHashInputData();
+ /**
+ * Gets the profile id of the set of trusted certificates to be used for
+ * signature verification.
+ *
+ * @return The id of the trusted certificates.
+ */
+ public String getTrustProfileId();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java
new file mode 100644
index 0000000..d107dc9
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java
@@ -0,0 +1,87 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlverify;
+
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+
+/**
+ * Object that encapsulates the response on a request to verify an XML
+ * signature.
+ *
+ * @author Patrick Peck
+ * @author Stephan Grill
+ * @version $Id$
+ */
+public interface VerifyXMLSignatureResponse {
+ /**
+ * Gets a <code>SignerInfo</code> element according to XMLDSig.
+ *
+ * @return A <code>SignerInfo</code> element according to XMLDSig.
+ */
+ public SignerInfo getSignerInfo();
+ /**
+ * Gets datas signed by the signatory.
+ *
+ * @return The signed datas.
+ */
+ public List getHashInputDatas();
+ /**
+ * Gets source datas elements.
+ *
+ * @return The source datas elements.
+ */
+ public List getReferenceInputDatas();
+ /**
+ * Gets the result of the signature verification.
+ *
+ * @return The result of the signature verification.
+ */
+ public ReferencesCheckResult getSignatureCheck();
+ /**
+ * Gets the result of the signature manifest verification.
+ *
+ * @return The result of the signature manifest verification.
+ */
+ public ReferencesCheckResult getSignatureManifestCheck();
+ /**
+ * Gets XMLDSigManifestCheck elements.
+ *
+ * @return The XMLDSigManifestCheck elements.
+ */
+ public List getXMLDsigManifestChecks();
+ /**
+ * Gets the result of the certification verification.
+ *
+ * @return The result of the certificate verification.
+ */
+ public CheckResult getCertificateCheck();
+
+
+
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/CRLDistributionPoint.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/CRLDistributionPoint.java
new file mode 100644
index 0000000..bb2589a
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/CRLDistributionPoint.java
@@ -0,0 +1,178 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.gv.egovernment.moa.spss.server.config;
+
+import iaik.asn1.structures.Name;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.utils.RFC2253NameParserException;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.StringTokenizer;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+
+/**
+ * A class representing a CRL distribution point.
+ *
+ * @author Sven Aigner
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CRLDistributionPoint extends DistributionPoint implements iaik.pki.revocation.CRLDistributionPoint {
+
+ private static Map RC_MAPPING = new HashMap();
+
+ static {
+
+ // create the mapping between reason code strings and their integer
+ // values
+ RC_MAPPING.put("unused", new Integer(iaik.asn1.structures.DistributionPoint.unused));
+ RC_MAPPING.put("keyCompromise", new Integer(iaik.asn1.structures.DistributionPoint.keyCompromise));
+ RC_MAPPING.put("cACompromise", new Integer(iaik.asn1.structures.DistributionPoint.cACompromise));
+ RC_MAPPING.put("affiliationChanged", new Integer(iaik.asn1.structures.DistributionPoint.affiliationChanged));
+ RC_MAPPING.put("superseded", new Integer(iaik.asn1.structures.DistributionPoint.superseded));
+ RC_MAPPING.put("cessationOfOperation",
+ new Integer(iaik.asn1.structures.DistributionPoint.cessationOfOperation));
+ RC_MAPPING.put("certificateHold", new Integer(iaik.asn1.structures.DistributionPoint.certificateHold));
+ RC_MAPPING.put("privilegeWithdrawn", new Integer(iaik.asn1.structures.DistributionPoint.privilegeWithdrawn));
+ RC_MAPPING.put("aACompromise", new Integer(iaik.asn1.structures.DistributionPoint.aACompromise));
+ }
+
+ /**
+ * The name of the CA issuing the CRL referred to by this DP.
+ */
+ private String issuerName_;
+
+ /**
+ * The reason codes applicable for the distribution point.
+ */
+ private int reasonCodes;
+
+ /**
+ * Create a <code>CRLDistributionPoint</code>.
+ *
+ * @param issuerName
+ * The name of the CA issuing the CRL referred to by this DP.
+ *
+ * @param uri
+ * The URI of the distribution point.
+ *
+ * @param reasonCodeStr
+ * A list of reason codes (a space-separated enumeration).
+ */
+ public CRLDistributionPoint(String issuerName, String uri, String reasonCodeStr) {
+ super(uri);
+ issuerName_ = issuerName;
+ this.reasonCodes = extractReasonCodes(reasonCodeStr);
+ }
+
+ /**
+ * @see DistributionPoint#getType()
+ */
+ public String getType() {
+ return RevocationSourceTypes.CRL;
+ }
+
+ /**
+ * Convert a list of reason codes provided as a <code>String</code> to a
+ * binary representation.
+ *
+ * @param reasonCodeStr
+ * A <code>String</code> containing a blank-separated, textual
+ * representation of reason codes.
+ * @return int A binary representation of reason codes.
+ * @see iaik.asn1.structures.DistributionPoint
+ */
+ private int extractReasonCodes(String reasonCodeStr) {
+ int codes = 0;
+ StringTokenizer tokenizer = new StringTokenizer(reasonCodeStr);
+ String token;
+ Integer reasonCode;
+
+ while (tokenizer.hasMoreTokens()) {
+ token = tokenizer.nextToken();
+ reasonCode = (Integer) RC_MAPPING.get(token);
+ if (reasonCode != null) {
+ codes |= reasonCode.intValue();
+ } else {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.warn(new LogMsg(msg.getMessage("config.07", new Object[] { token })));
+ }
+ }
+
+ // If reasonCodeStr is empty, set all possible reason codes
+ if (codes == 0)
+ codes = iaik.asn1.structures.DistributionPoint.unused | iaik.asn1.structures.DistributionPoint.keyCompromise
+ | iaik.asn1.structures.DistributionPoint.cACompromise
+ | iaik.asn1.structures.DistributionPoint.affiliationChanged
+ | iaik.asn1.structures.DistributionPoint.superseded
+ | iaik.asn1.structures.DistributionPoint.cessationOfOperation
+ | iaik.asn1.structures.DistributionPoint.certificateHold
+ | iaik.asn1.structures.DistributionPoint.privilegeWithdrawn
+ | iaik.asn1.structures.DistributionPoint.aACompromise;
+
+ return codes;
+ }
+
+ /**
+ * Return a binary representation of the reason codes of this distribution
+ * point.
+ *
+ * @return The binary representation of the reason codes.
+ */
+ public int getReasonCodes() {
+ return reasonCodes;
+ }
+
+ /**
+ * Return a <code>String</code> representation of this distribution point.
+ *
+ * @return The <code>String</code> representation of this distribution
+ * point.
+ * @see java.lang.Object#toString()
+ */
+ public String toString() {
+ return "(DistributionPoint - " + ("URI<" + getUri()) + ("> REASONCODES<" + getReasonCodes() + ">)");
+ }
+
+ /**
+ * @see iaik.pki.revocation.CRLDistributionPoint#getIssuerName()
+ */
+ public String getIssuerName() {
+ return issuerName_;
+ }
+
+ @Override
+ public Name getIssuerDN() {
+ try {
+ return new Name(this.issuerName_);
+ } catch (RFC2253NameParserException e) {
+ throw new RuntimeException(e);
+ }
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationException.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationException.java
new file mode 100644
index 0000000..6546e88
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationException.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+import at.gv.egovernment.moa.spss.MOASystemException;
+
+/**
+ * Exception signalling an error in the configuration.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ConfigurationException extends MOASystemException {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = -1934466124930228755L;
+
+/**
+ * Create a <code>ConfigurationException</code>.
+ *
+ * @see at.gv.egovernment.moa.spss.MOAException#MOAException(String, Object[])
+ */
+ public ConfigurationException(String messageId, Object[] parameters) {
+ super(messageId, parameters);
+ }
+
+ /**
+ * Create a <code>ConfigurationException</code>.
+ * @see at.gv.egovernment.moa.spss.MOAException#MOAException(String, Object[], Throwable)
+ */
+ public ConfigurationException(
+ String messageId,
+ Object[] parameters,
+ Throwable wrapped) {
+
+ super(messageId, parameters, wrapped);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
new file mode 100644
index 0000000..af67d30
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -0,0 +1,1825 @@
+/*
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+import iaik.asn1.structures.Name;
+//import iaik.ixsil.exceptions.URIException;
+//import iaik.ixsil.util.URI;
+import iaik.pki.pathvalidation.ChainingModes;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.server.modules.xml.BlackListEntry;
+import iaik.server.modules.xml.ExternalReferenceChecker;
+import iaik.server.modules.xml.WhiteListEntry;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+import iaik.xml.crypto.utils.URI;
+import iaik.xml.crypto.utils.URIException;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.math.BigInteger;
+import java.net.MalformedURLException;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Calendar;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import javax.xml.bind.DatatypeConverter;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.w3c.dom.Attr;
+import org.w3c.dom.Element;
+import org.w3c.dom.traversal.NodeIterator;
+import org.xml.sax.SAXException;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
+import at.gv.egovernment.moa.spss.api.impl.TSLConfigurationImpl;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.FileUtils;
+import at.gv.egovernment.moa.util.StringUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+/**
+ * A class that builds configuration data from a DOM based representation.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ConfigurationPartsBuilder {
+
+ //
+ // XPath namespace prefix shortcuts
+ //
+
+ private static final String CONF = Constants.MOA_CONFIG_PREFIX + ":";
+ private static final String DSIG = Constants.DSIG_PREFIX + ":";
+
+ //
+ // chaining mode constants appearing in the configuration file
+ //
+
+ private static final String CM_CHAINING = "chaining";
+ private static final String CM_PKIX = "pkix";
+
+ //
+ // XPath expressions to select certain parts of the configuration
+ //
+
+ private static final String ROOT = "/" + CONF + "MOAConfiguration/";
+
+ private static final String PDFAS_CONFIGURATION_XPATH =
+ ROOT + CONF + "PDFASConfig";
+
+ private static final String DIGEST_METHOD_XPATH =
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "XMLDSig/"
+ + CONF + "DigestMethodAlgorithm";
+ private static final String XADES_VERSION_XPATH =
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "XAdES/"
+ + CONF + "Version";
+ private static final String C14N_ALGORITHM_XPATH =
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "XMLDSig/"
+ + CONF + "CanonicalizationAlgorithm";
+ private static final String HARDWARE_CRYPTO_MODULE_XPATH =
+ ROOT + CONF + "Common/"
+ + CONF + "HardwareCryptoModule";
+ private static final String PERMIT_EXTERNAL_URIS_XPATH =
+ ROOT + CONF + "Common/"
+ + CONF + "PermitExternalUris";
+ private static final String BLACK_LIST_URIS_XPATH =
+ ROOT + CONF + "Common/"
+ + CONF + "PermitExternalUris/"
+ + CONF + "BlackListUri";
+ private static final String FORBID_EXTERNAL_URIS_XPATH =
+ ROOT + CONF + "Common/"
+ + CONF + "ForbidExternalUris";
+ private static final String WHITE_LIST_URIS_XPATH =
+ ROOT + CONF + "Common/"
+ + CONF + "ForbidExternalUris/"
+ + CONF + "WhiteListUri";
+
+ private static final String HARDWARE_KEY_XPATH =
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "KeyModules/"
+ + CONF + "HardwareKeyModule";
+ private static final String SOFTWARE_KEY_XPATH =
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "KeyModules/"
+ + CONF + "SoftwareKeyModule";
+ private static final String KEYGROUP_XPATH =
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "KeyGroup";
+ private static final String KEYGROUP_MAPPING_XPATH =
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "KeyGroupMapping";
+ private static final String ISSUER_XPATH =
+ DSIG + "X509IssuerName";
+ private static final String SERIAL_XPATH =
+ DSIG + "X509SerialNumber";
+ private static final String CERTSTORE_LOCATION_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathConstruction/"
+ + CONF + "CertificateStore/"
+ + CONF + "DirectoryStore/"
+ + CONF + "Location";
+ private static final String AUTO_ADD_CERTIFICATES_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathConstruction/"
+ + CONF + "AutoAddCertificates";
+ private static final String USE_AUTHORITY_INFO_ACCESS_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathConstruction/"
+ + CONF + "UseAuthorityInformationAccess";
+ private static final String CHAINING_MODES_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathValidation/"
+ + CONF + "ChainingMode";
+ private static final String CHAINING_MODES_DEFAULT_XPATH =
+ CHAINING_MODES_XPATH + "/"
+ + CONF + "DefaultMode";
+ private static final String TRUST_ANCHOR_XPATH =
+ CHAINING_MODES_XPATH + "/"
+ + CONF + "TrustAnchor";
+ private static final String TRUST_PROFILE_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathValidation/"
+ + CONF + "TrustProfile";
+ private static final String DISTRIBUTION_POINTS_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "DistributionPoint";
+ private static final String CRL_RETENTION_INTERVALS_CA_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "CrlRetentionIntervals/"
+ + CONF + "CA";
+ private static final String ENABLE_REVOCATION_CHECKING_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "EnableChecking";
+ private static final String MAX_REVOCATION_AGE_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "MaxRevocationAge";
+ private static final String REVOCATION_SERVICEORDER_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "ServiceOrder/"
+ + CONF + "Service";
+ private static final String ENABLE_ARCHIVING_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "Archiving/"
+ + CONF + "EnableArchiving";
+ private static final String CRL_ARCHIVE_DURATION_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "Archiving/"
+ + CONF + "ArchiveDuration";
+ private static final String ACHIVE_JDBC_URL_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "Archiving/"
+ + CONF + "Archive/"
+ + CONF + "DatabaseArchive/"
+ + CONF + "JDBCURL";
+ private static final String ACHIVE_JDBC_DRIVER_CLASS_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "Archiving/"
+ + CONF + "Archive/"
+ + CONF + "DatabaseArchive/"
+ + CONF + "JDBCDriverClassName";
+ private static final String CREATE_TRANSFORMS_INFO_PROFILE_XPATH =
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "CreateTransformsInfoProfile";
+ private static final String CREATE_SIGNATURE_ENVIRONMENT_PROFILE_XPATH =
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "CreateSignatureEnvironmentProfile";
+ private static final String VERIFY_TRANSFORMS_INFO_PROFILE_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "VerifyTransformsInfoProfile";
+ private static final String SUPPLEMENT_PROFILE_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "SupplementProfile";
+ private static final String PERMIT_FILE_URIS_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "PermitFileURIs";
+
+ private static final String TSL_CONFIGURATION_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "TSLConfiguration/";
+ //
+ // default values for configuration parameters
+ //
+
+ /** The accepted canonicalization algorithm URIs, as an array */
+ private static final String[] ACCEPTED_C14N_ALGORITHMS_ARRAY =
+ {
+ Constants.C14N_URI,
+ Constants.C14N_WITH_COMMENTS_URI,
+ Constants.EXC_C14N_URI,
+ Constants.EXC_C14N_WITH_COMMENTS_URI };
+
+ /** The accepted canonicalization algorithm URIs, as a Set */
+ private static final Set ACCEPTED_C14N_ALGORITHMS =
+ new HashSet(Arrays.asList(ACCEPTED_C14N_ALGORITHMS_ARRAY));
+
+ /** Default canonicalization algorithm, if none/illegal has been configured */
+ private static final String C14N_ALGORITHM_DEFAULT = Constants.C14N_URI;
+
+ /** The accepted digest method algorithm URIs, as an array */
+ private static final String[] ACCEPTED_DIGEST_ALGORITHMS_ARRAY =
+ { Constants.SHA1_URI,
+ Constants.SHA256_URI,
+ Constants.SHA384_URI,
+ Constants.SHA512_URI};
+
+ /** The accepted digest method algorithm URIs, as a Set */
+ private static final Set ACCEPTED_DIGEST_ALGORITHMS =
+ new HashSet(Arrays.asList(ACCEPTED_DIGEST_ALGORITHMS_ARRAY));
+
+
+ /** Default digest algorithm URI, if none/illegal has been configured (for XAdES 1.1.1) */
+ private static final String DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1 = Constants.SHA1_URI;
+
+ /** Default digest algorithm URI, if none/illegal has been configured (for XAdES 1.4.2) */
+ private static final String DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2 = Constants.SHA256_URI;
+
+ /** The root element of the MOA configuration */
+ private Element configElem;
+
+ /**
+ * The directory containing the underlying configuration file.
+ */
+ private File configRoot_;
+
+ /** Whether any warnings were encountered building the configuration. */
+ private List warnings = new ArrayList();
+
+ /**
+ * Create a new <code>ConfigurationPartsBuilder</code>.
+ *
+ * @param configElem The root element of the MOA configuration.
+ *
+ * @param configRoot The directory containing the underlying configuration file.
+ */
+ public ConfigurationPartsBuilder(Element configElem, File configRoot)
+ {
+ this.configElem = configElem;
+ configRoot_ = configRoot;
+ }
+
+ /**
+ * Returns the root element of the MOA configuration.
+ *
+ * @return The root element of the MOA configuration.
+ */
+ public Element getConfigElem() {
+ return configElem;
+ }
+
+ /**
+ * Returns the directory containing the underlying configuration file.
+ *
+ * @return the directory containing the underlying configuration file.
+ */
+ public File getConfigRoot()
+ {
+ return configRoot_;
+ }
+
+ /**
+ * Returns the warnings encountered during building the configuration.
+ *
+ * @return A <code>List</code> of <code>String</code>s, containing the
+ * warning messages.
+ */
+ public List getWarnings() {
+ return warnings;
+ }
+
+ /**
+ * Returns the digest method algorithm name.
+ *
+ * @return The digest method algorithm name from the configuration.
+ */
+ public String getDigestMethodAlgorithmName()
+ {
+ String digestMethod = getElementValue(getConfigElem(), DIGEST_METHOD_XPATH, null);
+
+ if (digestMethod == null || !ACCEPTED_DIGEST_ALGORITHMS.contains(digestMethod))
+ {
+ String xadesVersion = this.getXAdESVersion();
+ if (xadesVersion == null) {
+ info(
+ "config.23",
+ new Object[] { "DigestMethodAlgorithm", DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1 });
+ digestMethod = DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1;
+ }
+ else {
+ info(
+ "config.23",
+ new Object[] { "DigestMethodAlgorithm", DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2 });
+ digestMethod = DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2;
+ }
+
+
+ }
+
+ return digestMethod;
+ }
+
+ /**
+ * Returns the digest method algorithm name.
+ *
+ * @return The digest method algorithm name from the configuration.
+ */
+ public String getXAdESVersion()
+ {
+ String xadesVersion = getElementValue(getConfigElem(), XADES_VERSION_XPATH, null);
+
+ return xadesVersion;
+ }
+
+ /**
+ * Returns the digest method algorithm name.
+ *
+ * @return The digest method algorithm name from the configuration.
+ */
+ public String getPDFASConfiguration()
+ {
+ String pdfasConfiguration = getElementValue(getConfigElem(), PDFAS_CONFIGURATION_XPATH, null);
+
+ return pdfasConfiguration;
+ }
+
+
+ /**
+ * Returns the canonicalization algorithm name.
+ *
+ * @return The canonicalization algorithm name from the configuration.
+ */
+ public String getCanonicalizationAlgorithmName()
+ {
+ String c14nAlgorithm = getElementValue(getConfigElem(), C14N_ALGORITHM_XPATH, null);
+
+ if (c14nAlgorithm == null || !ACCEPTED_C14N_ALGORITHMS.contains(c14nAlgorithm))
+ {
+ info(
+ "config.23",
+ new Object[] { "CanonicalizationAlgorithm", C14N_ALGORITHM_DEFAULT });
+ c14nAlgorithm = C14N_ALGORITHM_DEFAULT;
+ }
+
+ return c14nAlgorithm;
+ }
+
+ /**
+ * Build the configured hardware crypto modules.
+ *
+ * @return The hardware crypto modules from the configuration.
+ */
+ public List buildHardwareCryptoModules()
+ {
+ List modules = new ArrayList();
+ NodeIterator modIter = XPathUtils.selectNodeIterator(
+ getConfigElem(),
+ HARDWARE_CRYPTO_MODULE_XPATH);
+
+ Element modElem;
+ while ((modElem = (Element) modIter.nextNode()) != null) {
+ String name = getElementValue(modElem, CONF + "Name", null);
+ String slotId = getElementValue(modElem, CONF + "SlotId", null);
+ String userPIN = getElementValue(modElem, CONF + "UserPIN", null);
+ HardwareCryptoModule module = new HardwareCryptoModule(name, slotId, userPIN);
+ modules.add(module);
+ }
+
+ return modules;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public boolean allowExternalUris() {
+ Element permitExtUris = (Element)XPathUtils.selectSingleNode(getConfigElem(), PERMIT_EXTERNAL_URIS_XPATH);
+
+ // if PermitExternalUris element does not exist - don't allow external uris
+ if (permitExtUris == null) {
+ // set permitExtUris for iaik-moa
+ ExternalReferenceChecker.setPermitExternalURLs(false);
+ return false;
+ }
+ else {
+ // set permitExtUris for iaik-moa
+ ExternalReferenceChecker.setPermitExternalURLs(true);
+ return true;
+ }
+ }
+
+
+ /**
+ *
+ * @return
+ */
+ public List buildPermitExternalUris() {
+
+ info("config.33", null);
+
+ List blacklist = new ArrayList();
+ List blackListIaikMoa = new ArrayList();
+
+ NodeIterator permitExtIter = XPathUtils.selectNodeIterator(
+ getConfigElem(),
+ BLACK_LIST_URIS_XPATH);
+
+ Element permitExtElem = null;
+ while ((permitExtElem = (Element) permitExtIter.nextNode()) != null) {
+ String host = getElementValue(permitExtElem, CONF + "IP", null);
+ String port = getElementValue(permitExtElem, CONF + "Port", null);
+
+ BlackListEntry entry =null;
+ if (port == null) {
+ entry = new BlackListEntry(host, -1);
+ info("config.34", new Object[]{host});
+ }
+ else {
+ entry = new BlackListEntry(host, new Integer(port).intValue());
+ info("config.34", new Object[]{host + ":" + port});
+ }
+
+ // add entry to iaik-moa blacklist
+ blackListIaikMoa.add(entry);
+
+
+ String array[] = new String[2];
+ array[0] = host;
+ array[1] = port;
+ blacklist.add(array);
+
+ }
+
+
+ // set blacklist for iaik-moa
+ ExternalReferenceChecker.setBlacklist(blackListIaikMoa);
+
+
+ if(blacklist.isEmpty()) // no blacklisted uris given
+ info("config.36", null);
+
+
+ return blacklist;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public List buildForbidExternalUris() {
+
+ //info("config.47", null);
+
+ List whitelist = new ArrayList();
+ List whiteListIaikMoa = new ArrayList();
+
+ NodeIterator forbidExtIter = XPathUtils.selectNodeIterator(
+ getConfigElem(),
+ WHITE_LIST_URIS_XPATH);
+
+ Element permitExtElem = null;
+ while ((permitExtElem = (Element) forbidExtIter.nextNode()) != null) {
+ String host = getElementValue(permitExtElem, CONF + "IP", null);
+ String port = getElementValue(permitExtElem, CONF + "Port", null);
+
+ // WhiteListeEntry
+ WhiteListEntry entry =null;
+ if (port == null) {
+ entry = new WhiteListEntry(host, -1);
+ info("config.49", new Object[]{host});
+ }
+ else {
+ entry = new WhiteListEntry(host, new Integer(port).intValue());
+ info("config.49", new Object[]{host + ":" + port});
+ }
+
+ // add entry to iaik-moa whitelist
+ whiteListIaikMoa.add(entry);
+
+
+ String array[] = new String[2];
+ array[0] = host;
+ array[1] = port;
+ whitelist.add(array);
+
+ }
+
+
+ // set whitelist for iaik-moa
+ ExternalReferenceChecker.setWhitelist(whiteListIaikMoa);
+
+
+ if(whitelist.isEmpty()) // no whitelisted uris given
+ info("config.48", null);
+
+
+ return whitelist;
+ }
+
+
+
+ /**
+ * Build the configured hardware keys.
+ *
+ * @param keyModules The keyModules that the configuration already knows about. To
+ * prevent multiple key modules with the same ID.
+ * @return The hardware keys contained in the configuration.
+ */
+ public List buildHardwareKeyModules(List keyModules)
+ {
+ Set existingIds = toIdSet(keyModules);
+ List hardwareKeys = new ArrayList();
+ NodeIterator hkIter =
+ XPathUtils.selectNodeIterator(getConfigElem(), HARDWARE_KEY_XPATH);
+ Element keyElem;
+
+ while ((keyElem = (Element) hkIter.nextNode()) != null)
+ {
+ String id = getElementValue(keyElem, CONF + "Id", null);
+ String name = getElementValue(keyElem, CONF + "Name", null);
+ String slotId = getElementValue(keyElem, CONF + "SlotId", null);
+ String userPIN = getElementValue(keyElem, CONF + "UserPIN", null);
+
+ if (existingIds.contains(id))
+ {
+ warn(
+ "config.04",
+ new Object[] { "Hardware- oder SoftwareKeyModule", id });
+ }
+ else
+ {
+ KeyModule key = new HardwareKeyModule(id, name, slotId, userPIN);
+ hardwareKeys.add(key);
+ existingIds.add(id);
+ }
+
+ }
+
+ return hardwareKeys;
+ }
+
+ /**
+ * Build the configured software keys.
+ *
+ * @param keyModules The keyModules that the configuration already knows about. To
+ * prevent multiple key modules with the same ID.
+ *
+ * @return The software keys contained in the configuration.
+ */
+ public List buildSoftwareKeyModules(List keyModules)
+ {
+ Set existingIds = toIdSet(keyModules);
+ List softwareKeys = new ArrayList();
+ NodeIterator skIter =
+ XPathUtils.selectNodeIterator(getConfigElem(), SOFTWARE_KEY_XPATH);
+
+ Element keyElem;
+ while ((keyElem = (Element) skIter.nextNode()) != null)
+ {
+ String id = getElementValue(keyElem, CONF + "Id", null);
+ String fileName = getElementValue(keyElem, CONF + "FileName", null);
+ String passWord = getElementValue(keyElem, CONF + "Password", null);
+
+ if (existingIds.contains(id))
+ {
+ warn(
+ "config.04",
+ new Object[] { "Hardware- oder SoftwareKeyModule", id });
+ }
+ else
+ {
+ File keyFile;
+ KeyModule key;
+
+ // make keyFile absolute
+ keyFile = new File(fileName);
+ if (!keyFile.isAbsolute()) {
+ keyFile = new File(configRoot_, fileName);
+ }
+
+ // check for existence
+ if (!keyFile.exists() || keyFile.isDirectory()) {
+ warn("config.25", new Object[] { id, keyFile.getAbsolutePath()});
+ } else {
+ // create a new key module
+ key = new SoftwareKeyModule(id, keyFile.getAbsolutePath(), passWord);
+ softwareKeys.add(key);
+ existingIds.add(id);
+ }
+ }
+ }
+
+ return softwareKeys;
+ }
+
+ /**
+ * Build the key group configuration.
+ *
+ * @param keyModules The <code>KeyModule</code>s that the configuration
+ * knows about. Used to check for errors in the configuration.
+ * @return The mapping between key group IDs and key groups.
+ */
+ public Map buildKeyGroups(List keyModules)
+ {
+ Set keyModuleIds = toIdSet(keyModules);
+ Map keyGroups = new HashMap();
+ NodeIterator kgIter;
+ Element keyGroupElem;
+
+ // select all KeyGroup elements and build the KeyGroup objects from them
+ kgIter = XPathUtils.selectNodeIterator(getConfigElem(), KEYGROUP_XPATH);
+ while ((keyGroupElem = (Element) kgIter.nextNode()) != null)
+ {
+ String keyGroupId = getElementValue(keyGroupElem, CONF + "Id", null);
+ String keyGroupDigestMethodAlgorithm = getElementValue(keyGroupElem, CONF + "DigestMethodAlgorithm", null);
+ Set keyGroupEntries =
+ buildKeyGroupEntries(keyGroupId, keyModuleIds, keyGroupElem);
+ KeyGroup keyGroup = new KeyGroup(keyGroupId, keyGroupEntries, keyGroupDigestMethodAlgorithm);
+
+ if (keyGroups.containsKey(keyGroupId))
+ {
+ warn("config.04", new Object[] { "KeyGroup", keyGroupId });
+ }
+ else
+ {
+ keyGroups.put(keyGroup.getId(), keyGroup);
+ }
+ }
+
+ return keyGroups;
+ }
+
+ /**
+ * Return the set of IDs contained in the given <code>KeyModule</code>s.
+ *
+ * @param keyModules The <code>KeyModule</code>s from which to extract the
+ * IDs.
+ * @return The IDs from the given <code>KeyModule</code>s.
+ */
+ private Set toIdSet(List keyModules) {
+ Set ids = new HashSet();
+ Iterator iter;
+
+ for (iter = keyModules.iterator(); iter.hasNext();) {
+ KeyModule keyModule = (KeyModule) iter.next();
+ ids.add(keyModule.getId());
+ }
+
+ return ids;
+ }
+
+ /**
+ * Build the key entries belonging to a key group.
+ *
+ * @param keyGroupId The ID of the key group we are building here. Passed
+ * for logging purposes.
+ * @param keyModuleIds The IDs of the <code>HardwareKeyModule</code>s and
+ * <code>SoftwareKeyModule</code>s that exist in the configuration.
+ * @param keyGroupElem The <code>KeyGroup</code> DOM element to parse.
+ * @return A <code>Set</code> of <code>KeyGroupEntry</code> objects.
+ */
+ private Set buildKeyGroupEntries(
+ String keyGroupId,
+ Set keyModuleIds,
+ Element keyGroupElem) {
+
+ Set entries = new HashSet();
+ NodeIterator keyEntryIter;
+ Element keyEntryElem;
+
+ // select all Key elements and put them into the Map
+ keyEntryIter = XPathUtils.selectNodeIterator(keyGroupElem, CONF + "Key");
+ while ((keyEntryElem = (Element) keyEntryIter.nextNode()) != null)
+ {
+ String keyModuleId = getElementValue(keyEntryElem, CONF + "KeyModuleId", "");
+ Element keyCertElem = (Element) XPathUtils.selectSingleNode(keyEntryElem, CONF + "KeyCertIssuerSerial");
+ IssuerAndSerial issuerSerial = buildIssuerAndSerial(keyCertElem);
+
+ if (!keyModuleIds.contains(keyModuleId)) {
+ warn("config.26", new Object[] { keyGroupId, keyModuleId });
+ } else if (issuerSerial != null) {
+ KeyGroupEntry entry = new KeyGroupEntry(keyModuleId, issuerSerial);
+ entries.add(entry);
+ }
+ }
+ return entries;
+ }
+
+ /**
+ * Build the key group mapping.
+ *
+ * @param keyGroups The available key groups.
+ * @param anonymous The <code>IssuerAndSerial</code> to be used for key group
+ * mappings not protected by a certificate.
+ * @return The key group mapping.
+ */
+ public Map buildKeyGroupMappings(Map keyGroups, IssuerAndSerial anonymous) {
+ Map mappings = new HashMap();
+ NodeIterator mappingIter;
+ Element mappingElem;
+
+ // select all KeyGroupMapping elements
+ mappingIter =
+ XPathUtils.selectNodeIterator(getConfigElem(), KEYGROUP_MAPPING_XPATH);
+
+ // build the mapping for each KeyGroupMapping element
+ while ((mappingElem = (Element) mappingIter.nextNode()) != null)
+ {
+ Element issuerSerialElem = (Element) XPathUtils.selectSingleNode(mappingElem, CONF + "CustomerId");
+
+ // build the IssuerAndSerial who has access to the key groups
+ IssuerAndSerial issuerAndSerial;
+ if (issuerSerialElem != null)
+ {
+ issuerAndSerial = buildIssuerAndSerial(issuerSerialElem);
+ }
+ else
+ {
+ // IssuerSerial element: the keygroup is generally available
+ issuerAndSerial = anonymous;
+ }
+
+ // add the key groups to the mappings
+ if (issuerAndSerial != null) {
+ Map groups = (Map) mappings.get(issuerAndSerial);
+ NodeIterator keyGroupIter;
+ Element keyGroupElem;
+
+ if (groups == null)
+ {
+ // no mapping exist -> build one
+ groups = new HashMap();
+ mappings.put(issuerAndSerial, groups);
+ }
+
+ // select the available key groups and add them to the mapping
+ keyGroupIter = XPathUtils.selectNodeIterator(mappingElem, CONF + "KeyGroupId");
+ while ((keyGroupElem = (Element) keyGroupIter.nextNode()) != null)
+ {
+ String keyGroupId = getElementValue(keyGroupElem, ".", null);
+ KeyGroup keyGroup = (KeyGroup) keyGroups.get(keyGroupId);
+
+ if (keyGroup != null)
+ {
+ groups.put(keyGroupId, keyGroup);
+ } else
+ {
+ warn("config.00", new Object[] { keyGroupId });
+ }
+ }
+ }
+ }
+
+ return mappings;
+ }
+
+ /**
+ * Returns the default chaining mode from the configuration.
+ *
+ * @return The default chaining mode.
+ */
+ public String getDefaultChainingMode()
+ {
+ String defaultChaining = getElementValue(
+ getConfigElem(),
+ CHAINING_MODES_DEFAULT_XPATH,
+ CM_PKIX);
+
+ return translateChainingMode(defaultChaining);
+
+ }
+
+ /**
+ * Build the chaining modes for all configured trust anchors.
+ *
+ * @return The mapping from trust anchors to chaining modes.
+ */
+ public Map buildChainingModes()
+ {
+ Map chainingModes = new HashMap();
+ NodeIterator trustIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_ANCHOR_XPATH);
+
+ Element trustAnchorElem;
+ while ((trustAnchorElem = (Element) trustIter.nextNode()) != null)
+ {
+ IssuerAndSerial issuerAndSerial = buildIssuerAndSerial(
+ (Element)XPathUtils.selectSingleNode(trustAnchorElem, CONF + "Identification"));
+ String mode = getElementValue(trustAnchorElem, CONF + "Mode", null);
+
+ if (issuerAndSerial != null)
+ {
+ chainingModes.put(issuerAndSerial, translateChainingMode(mode));
+ }
+ }
+
+ return chainingModes;
+ }
+
+ /**
+ * Build an <code>IssuerAndSerial</code> from the DOM representation.
+ *
+ * @param root The root element (being of type <code>dsig:
+ * X509IssuerSerialType</code>.
+ * @return The issuer and serial number contained in the <code>root</code>
+ * element or <code>null</code> if could not be built for any reason.
+ */
+ private IssuerAndSerial buildIssuerAndSerial(Element root) {
+ String issuer = getElementValue(root, ISSUER_XPATH, null);
+ String serial = getElementValue(root, SERIAL_XPATH, null);
+
+ if (issuer != null && serial != null) {
+ try {
+ RFC2253NameParser nameParser = new RFC2253NameParser(issuer);
+ Principal issuerDN = nameParser.parse();
+
+ return new IssuerAndSerial(issuerDN, new BigInteger(serial));
+ } catch (RFC2253NameParserException e) {
+ warn("config.16", new Object[] { issuer, serial }, e);
+ return null;
+ } catch (NumberFormatException e) {
+ warn("config.16", new Object[] { issuer, serial }, e);
+ return null;
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Translate the chaining mode from the configuration file to one used in the
+ * IAIK MOA API.
+ *
+ * @param chainingMode The chaining mode from the configuration.
+ * @return The chaining mode as provided by the <code>ChainingModes</code>
+ * interface.
+ * @see iaik.pki.pathvalidation.ChainingModes
+ */
+ private String translateChainingMode(String chainingMode) {
+ if (chainingMode.equals(CM_CHAINING)) {
+ return ChainingModes.CHAIN_MODE;
+ } else if (chainingMode.equals(CM_PKIX)) {
+ return ChainingModes.PKIX_MODE;
+ } else {
+ return ChainingModes.PKIX_MODE;
+ }
+ }
+
+ /**
+ * Build the distribution points mapping.
+ *
+ * @return The mapping from certificate authorities to distribution points.
+ */
+ public Map buildDistributionPoints()
+ {
+ Map dPs = new HashMap();
+ NodeIterator dPIter;
+ Element dPElem;
+
+ // select all DistributionPoint elements
+ dPIter = XPathUtils.selectNodeIterator(getConfigElem(), DISTRIBUTION_POINTS_XPATH);
+
+ // build the mapping of CA name to distribution points
+ while ((dPElem = (Element) dPIter.nextNode()) != null) {
+ String caIssuerDNText = getElementValue(dPElem, CONF + "CAIssuerDN", "");
+ RFC2253NameParser nameParser = new RFC2253NameParser(caIssuerDNText);
+ NodeIterator cRLDPIter = XPathUtils.selectNodeIterator(dPElem, CONF + "CRLDP");
+ NodeIterator oCSPDPPIter = XPathUtils.selectNodeIterator(dPElem, CONF + "OCSPDP");
+
+ try
+ {
+ String caIssuerDN = nameParser.parse().getName();
+
+ // check, if a mapping exists or make a new mapping
+ Set dPsForCA = (Set) dPs.get(caIssuerDN);
+ if (dPsForCA == null)
+ {
+ dPsForCA = new HashSet();
+ dPs.put(caIssuerDN, dPsForCA);
+ }
+
+ // add the CRL distribution points of this CA to the set
+ Element cRLDPElem;
+ while ((cRLDPElem = (Element) cRLDPIter.nextNode()) != null)
+ {
+ CRLDistributionPoint cRLDP = (CRLDistributionPoint) buildDistributionPoint(cRLDPElem, caIssuerDN);
+ dPsForCA.add(cRLDP);
+ }
+
+ // add the OCSP distribution points of this CA to the set
+ Element oCSPPElem;
+ while ((oCSPPElem = (Element) oCSPDPPIter.nextNode()) != null)
+ {
+ OCSPDistributionPoint oCSPDP = (OCSPDistributionPoint) buildDistributionPoint(oCSPPElem, null);
+ dPsForCA.add(oCSPDP);
+ }
+}
+ catch (RFC2253NameParserException e)
+ {
+ warn("config.13", new Object[] { caIssuerDNText }, e);
+ }
+
+ }
+
+ return dPs;
+ }
+
+ /**
+ * Build a distribution point from the DOM representation.
+ *
+ * @param dpElem The root element of the distribution point.
+ *
+ * @param issuerName The name of the CA issuing the CRL referred to by this DP, or <code>null</code>
+ * if this DP refers to an OCSP responder.
+ *
+ * @return The distribution point.
+ */
+ private DistributionPoint buildDistributionPoint(Element dpElem, String issuerName)
+ {
+ String uri = getElementValue(dpElem, CONF + "Location", null);
+
+ if ("CRLDP".equals(dpElem.getLocalName()))
+ {
+ NodeIterator reasonCodesIter = XPathUtils.selectNodeIterator(dpElem, CONF + "ReasonCode");
+ Element reasonCodeElem;
+ StringBuffer reasonCodesSB = new StringBuffer();
+ while ((reasonCodeElem = (Element)reasonCodesIter.nextNode()) != null)
+ {
+ if (reasonCodesSB.length() > 0) reasonCodesSB.append(" ");
+ reasonCodesSB.append(getElementValue(reasonCodeElem, ".", "").trim());
+ }
+ return new CRLDistributionPoint(issuerName, uri, reasonCodesSB.toString());
+ }
+ else
+ {
+ return new OCSPDistributionPoint(uri);
+ }
+ }
+
+ /**
+ * Return the CRL archive duration.
+ *
+ * @return The value of the CRL archive duration setting from the configuration, or <code>0</code> if
+ * no value is set in the configuration.
+ */
+ public int getRevocationArchiveDuration()
+ {
+ String archiveDuration = getElementValue(getConfigElem(), CRL_ARCHIVE_DURATION_XPATH, null);
+ try
+ {
+ return Integer.parseInt(archiveDuration);
+ }
+ catch (NumberFormatException e)
+ {
+ warn("config.01", null);
+ return 365;
+ }
+ }
+
+ /**
+ * Build the <code>CreateTransformsInfoProfile</code>s.
+ *
+ * @return The mapping from profile ID to profile.
+ */
+ public Map buildCreateTransformsInfoProfiles()
+ {
+ return loadProfiles(CREATE_TRANSFORMS_INFO_PROFILE_XPATH, "CreateTransformsInfoProfile");
+ }
+
+ /**
+ * Build the <code>CreateSignatureEnvironmentProfile</code>s.
+ *
+ * @return The mapping from profile ID to profile.
+ */
+ public Map buildCreateSignatureEnvironmentProfiles()
+ {
+ return loadProfiles(CREATE_SIGNATURE_ENVIRONMENT_PROFILE_XPATH, "CreateSignatureEnvironmentProfile");
+ }
+
+ /**
+ * Build the <code>VerifyTransformsInfoProfile</code>s.
+ *
+ * @return The mapping from profile ID to profile.
+ */
+ public Map buildVerifyTransformsInfoProfiles()
+ {
+ return loadProfiles(VERIFY_TRANSFORMS_INFO_PROFILE_XPATH, "VerifyTransformsInfoProfile");
+ }
+
+ /**
+ * Build the <code>SupplementProfile</code>s.
+ *
+ * @return The mapping from profile ID to profile.
+ */
+ public Map buildSupplementProfiles()
+ {
+ return loadProfiles(SUPPLEMENT_PROFILE_XPATH, "SupplementProfile");
+ }
+
+ /**
+ * Load a profile mapping.
+ *
+ * @param xpath The XPath to select the profiles from the configuration.
+ *
+ * @param profileRoot The name of the profile root element.
+ *
+ * @return Map The profile ID to profile mapping.
+ */
+ private Map loadProfiles(String xpath, String profileRoot)
+ {
+ Map profiles = new HashMap();
+ NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), xpath);
+ Element profileElem;
+
+ while ((profileElem = (Element) profileIter.nextNode()) != null)
+ {
+ String id = getElementValue(profileElem, CONF + "Id", null);
+ String fileName = getElementValue(profileElem, CONF + "Location", null);
+
+ if (profiles.containsKey(id))
+ {
+ warn("config.04", new Object[] { profileRoot, id });
+ }
+ else
+ {
+ try
+ {
+ File profileFile = new File(fileName);
+
+ // make profileFile absolute
+ if (!profileFile.isAbsolute()) profileFile = new File(configRoot_, fileName);
+
+ // load the profile
+ info("config.22", new Object[] { profileRoot, id, profileFile.getAbsoluteFile()});
+ Element profile = loadProfile(profileFile);
+
+ if (Constants.MOA_NS_URI.equals(profile.getNamespaceURI()) &&
+ profile.getLocalName().equals(profileRoot))
+ {
+ profiles.put(id, profile);
+ }
+ else
+ {
+ warn("config.02", new Object[] { profileRoot, id, fileName });
+ }
+ } catch (ConfigurationException e) {
+ warn("config.03", new Object[] { profileRoot, id });
+ }
+ }
+ }
+
+ return profiles;
+ }
+
+ /**
+ * Load a profile from a file.
+ *
+ * @param root The absolute directory path of the main configuration file.
+ * @param profileFile The file containing the profile.
+ * @return The profile in its DOM representation.
+ * @throws ConfigurationException An error occurred loading the profile.
+ */
+ private Element loadProfile(File profileFile) throws ConfigurationException {
+
+ Element profile;
+
+ try {
+ profile = parseXml(new FileInputStream(profileFile));
+ } catch (Exception e) {
+ throw new ConfigurationException("config.12", null, e);
+ }
+
+ return profile;
+ }
+
+ /**
+ * Build the trust profile mapping.
+ *
+ * @return The profile ID to profile mapping.
+ */
+ public Map buildTrustProfiles(String tslWorkingDir)
+ {
+ Map trustProfiles = new HashMap();
+ NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_PROFILE_XPATH);
+ Element profileElem;
+
+ while ((profileElem = (Element) profileIter.nextNode()) != null)
+ {
+ String id = getElementValue(profileElem, CONF + "Id", null);
+ String trustAnchorsLocStr = getElementValue(profileElem, CONF + "TrustAnchorsLocation", null);
+ String signerCertsLocStr = getElementValue(profileElem, CONF + "SignerCertsLocation", null);
+ Element eutslElem = (Element) XPathUtils.selectSingleNode(profileElem, CONF + "EUTSL");
+ boolean tslEnabled = false;
+ if (eutslElem != null) //EUTSL element found --> TSL enabled
+ tslEnabled = true;
+
+ String countries = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF + "CountrySelection", null);
+
+ URI trustAnchorsLocURI = null;
+ try
+ {
+ trustAnchorsLocURI = new URI(trustAnchorsLocStr);
+ if (!trustAnchorsLocURI.isAbsolute()) { // make it absolute to the config file
+ trustAnchorsLocURI = new URI(configRoot_.toURL() + trustAnchorsLocStr);
+ }
+ }
+ catch (URIException e) {
+ warn("config.14", new Object[] { "uri", id, trustAnchorsLocStr }, e);
+ continue;
+ }
+ catch (MalformedURLException e)
+ {
+ warn("config.15", new Object[] {id}, e);
+ continue;
+ }
+
+ File profileDir = new File(trustAnchorsLocURI.getPath());
+ if (!profileDir.exists() || !profileDir.isDirectory()) {
+ warn("config.27", new Object[] { "uri", id });
+ continue;
+ }
+
+
+
+ if (trustProfiles.containsKey(id)) {
+ warn("config.04", new Object[] { "TrustProfile", id });
+ continue;
+ }
+
+ URI signerCertsLocURI = null;
+ if (signerCertsLocStr != null && !"".equals(signerCertsLocStr))
+ {
+ try
+ {
+ signerCertsLocURI = new URI(signerCertsLocStr);
+ if (!signerCertsLocURI.isAbsolute()) signerCertsLocURI = new URI(configRoot_.toURL() + signerCertsLocStr);
+
+ File signerCertsDir = new File(signerCertsLocURI.getPath());
+ if (!signerCertsDir.exists() || !signerCertsDir.isDirectory()) {
+ warn("config.27", new Object[] { "signerCertsUri", id });
+ continue;
+ }
+ }
+ catch (URIException e) {
+ warn("config.14", new Object[] { "signerCertsUri", id, trustAnchorsLocStr }, e);
+ continue;
+ }
+ catch (MalformedURLException e) {
+ warn("config.15", new Object[] {id}, e);
+ continue;
+ }
+ }
+
+ signerCertsLocStr = (signerCertsLocURI != null) ? signerCertsLocURI.toString() : null;
+
+ TrustProfile profile = null;
+
+ if (tslEnabled) {
+ // create new trust anchor location (=tslworking trust profile)
+ File fTslWorkingDir = new File(tslWorkingDir);
+ File tp = new File(fTslWorkingDir, "trustprofiles");
+ if (!tp.exists())
+ tp.mkdir();
+ if (!tp.isDirectory()) {
+ error("config.50", new Object[] { tp.getPath() });
+ }
+
+ File tpid = new File(tp, id);
+ if (!tpid.exists())
+ tpid.mkdir();
+ if (!tpid.isDirectory()) {
+ error("config.50", new Object[] { tpid.getPath() });
+ }
+
+
+ // create profile
+ profile = new TrustProfile(id, tpid.getAbsolutePath(), signerCertsLocStr, tslEnabled, countries);
+
+ // set original uri (save original trust anchor location)
+ profile.setUriOrig(trustAnchorsLocURI.getPath());
+
+ // delete files in tslworking trust profile
+ File[] files = tpid.listFiles();
+ for (File file : files)
+ file.delete();
+
+ // copy files from trustAnchorsLocURI into tslworking trust profile kopieren
+ File src = new File(trustAnchorsLocURI.getPath());
+ files = src.listFiles();
+ for (File file : files) {
+ FileUtils.copyFile(file, new File(tpid, file.getName()));
+ }
+
+
+ } else {
+
+ profile = new TrustProfile(id, trustAnchorsLocURI.toString(), signerCertsLocStr, tslEnabled, countries);
+
+ }
+
+ trustProfiles.put(id, profile);
+
+ }
+
+ return trustProfiles;
+ }
+
+ /**
+ * Build the trust profile mapping.
+ *
+ * @return The profile ID to profile mapping.
+ */
+ public Map buildTrustProfiles()
+ {
+ Map trustProfiles = new HashMap();
+ NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_PROFILE_XPATH);
+ Element profileElem;
+
+ while ((profileElem = (Element) profileIter.nextNode()) != null)
+ {
+ String id = getElementValue(profileElem, CONF + "Id", null);
+ String trustAnchorsLocStr = getElementValue(profileElem, CONF + "TrustAnchorsLocation", null);
+ String signerCertsLocStr = getElementValue(profileElem, CONF + "SignerCertsLocation", null);
+
+ URI trustAnchorsLocURI = null;
+ try
+ {
+ trustAnchorsLocURI = new URI(trustAnchorsLocStr);
+ if (!trustAnchorsLocURI.isAbsolute()) { // make it absolute to the config file
+ trustAnchorsLocURI = new URI(configRoot_.toURL() + trustAnchorsLocStr);
+ }
+ }
+ catch (URIException e) {
+ warn("config.14", new Object[] { "uri", id, trustAnchorsLocStr }, e);
+ continue;
+ }
+ catch (MalformedURLException e)
+ {
+ warn("config.15", new Object[] {id}, e);
+ continue;
+ }
+
+ File profileDir = new File(trustAnchorsLocURI.getPath());
+ if (!profileDir.exists() || !profileDir.isDirectory()) {
+ warn("config.27", new Object[] { "uri", id });
+ continue;
+ }
+
+
+
+ if (trustProfiles.containsKey(id)) {
+ warn("config.04", new Object[] { "TrustProfile", id });
+ continue;
+ }
+
+ URI signerCertsLocURI = null;
+ if (signerCertsLocStr != null && !"".equals(signerCertsLocStr))
+ {
+ try
+ {
+ signerCertsLocURI = new URI(signerCertsLocStr);
+ if (!signerCertsLocURI.isAbsolute()) signerCertsLocURI = new URI(configRoot_.toURL() + signerCertsLocStr);
+
+ File signerCertsDir = new File(signerCertsLocURI.getPath());
+ if (!signerCertsDir.exists() || !signerCertsDir.isDirectory()) {
+ warn("config.27", new Object[] { "signerCertsUri", id });
+ continue;
+ }
+ }
+ catch (URIException e) {
+ warn("config.14", new Object[] { "signerCertsUri", id, trustAnchorsLocStr }, e);
+ continue;
+ }
+ catch (MalformedURLException e) {
+ warn("config.15", new Object[] {id}, e);
+ continue;
+ }
+ }
+
+ signerCertsLocStr = (signerCertsLocURI != null) ? signerCertsLocURI.toString() : null;
+
+ TrustProfile profile = null;
+
+ profile = new TrustProfile(id, trustAnchorsLocURI.toString(), signerCertsLocStr, false, null);
+
+ trustProfiles.put(id, profile);
+
+ }
+
+ return trustProfiles;
+ }
+
+ /**
+ * checks if a trustprofile with TSL support is enabled
+ *
+ * @return true if TSL support is enabled in at least one trustprofile, else false
+ */
+ public boolean checkTrustProfilesTSLenabled()
+ {
+ NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_PROFILE_XPATH);
+ Element profileElem;
+
+ boolean tslSupportEnabled = false;
+ while ((profileElem = (Element) profileIter.nextNode()) != null) {
+ Element eutslElem = (Element) XPathUtils.selectSingleNode(profileElem, CONF + "EUTSL");
+ if (eutslElem != null) //EUTSL element found --> TSL enabled
+ tslSupportEnabled = true;
+ }
+
+ return tslSupportEnabled;
+ }
+
+ /**
+ * Returns the location of the certificate store.
+ *
+ * @return the location of the certificate store.
+ */
+ public String getCertStoreLocation()
+ {
+ String certStoreLocStr = getElementValue(getConfigElem(), CERTSTORE_LOCATION_XPATH, null);
+ File certStoreLocFile;
+
+ // No value specified in configuration file: Set it to a reasonable (absolute) default
+ if (certStoreLocStr == null)
+ return new File(configRoot_, "certstore").getAbsolutePath();
+
+ // Make cert store location an absolute value
+ certStoreLocFile = new File(certStoreLocStr);
+ if (!certStoreLocFile.isAbsolute())
+ {
+ certStoreLocFile = new File(configRoot_, certStoreLocStr);
+ }
+
+ // Check if cert store location exists, eventually try to create it
+ if (!certStoreLocFile.isDirectory())
+ {
+ boolean created = false;
+ try
+ {
+ created = certStoreLocFile.mkdirs();
+ }
+ finally
+ {
+ if (!created)
+ {
+ warn("config.32", new Object[] { certStoreLocFile.getAbsolutePath() });
+ }
+ }
+ }
+
+ return certStoreLocFile.getAbsolutePath();
+ }
+
+ //
+ // various utility methods
+ //
+
+ /**
+ * Parse a configuration XML file.
+ *
+ * @param inputStream The stream from which to read the XML data.
+ * @return The DOM representation of the XML data.
+ * @throws ParserConfigurationException XML parser not configured properly.
+ * @throws SAXException An error parsing the XML file.
+ * @throws IOException An error reading the stream.
+ */
+ private static Element parseXml(InputStream inputStream)
+ throws ParserConfigurationException, SAXException, IOException {
+ return DOMUtils
+ .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null)
+ .getDocumentElement();
+ }
+
+ /**
+ * Return the value of an element located by an XPath.
+ *
+ * @param root The root element from which to evaluate the <code>xpath</code>.
+ * @param xpath The XPath pointing to the element.
+ * @param def The default value, if no element can be found with the given
+ * <code>xpath</code>.
+ * @return The element value or <code>def</code>, if the element cannot be
+ * found.
+ */
+ private String getElementValue(Element root, String xpath, String def) {
+
+ Element elem = (Element) XPathUtils.selectSingleNode(root, xpath);
+ return elem != null ? DOMUtils.getText(elem) : def;
+ }
+
+ /**
+ * Return the value of an attribute located by an XPath.
+ *
+ * @param root The root element from which to evaluate the <code>xpath</code>.
+ * @param xpath The XPath pointing to the attribute.
+ * @param def The default value, if no attribute can be found with the given
+ * <code>xpath</code>.
+ * @return The element value or <code>def</code>, if the attribute cannot be
+ * found.
+ */
+ private String getAttributeValue(Element root, String xpath, String def) {
+ Attr attr = (Attr) XPathUtils.selectSingleNode(root, xpath);
+ return attr != null ? attr.getValue() : def;
+ }
+
+ /**
+ * Log an info message.
+ *
+ * @param messageId The message ID.
+ * @param parameters Additional parameters for the message.
+ * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+ */
+ private static void info(String messageId, Object[] parameters) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.info(new LogMsg(msg.getMessage(messageId, parameters)));
+ }
+
+ /**
+ * Log a warning.
+ *
+ * @param messageId The message ID.
+ * @param args Additional parameters for the message.
+ * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+ */
+ private void warn(String messageId, Object[] args) {
+ MessageProvider msg = MessageProvider.getInstance();
+ String txt = msg.getMessage(messageId, args);
+
+ Logger.warn(new LogMsg(txt));
+ warnings.add(txt);
+ }
+
+ /**
+ * Log a warning.
+ *
+ * @param messageId The message ID.
+ * @param args Additional parameters for the message.
+ * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+ */
+ private void debug(String messageId, Object[] args) {
+ MessageProvider msg = MessageProvider.getInstance();
+ String txt = msg.getMessage(messageId, args);
+
+ Logger.debug(new LogMsg(txt));
+
+ }
+
+
+ /**
+ * Log a debug message.
+ *
+ * @param messageId The message ID.
+ * @param args Additional parameters for the message.
+ * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+ */
+ private void debug(String message) {
+ Logger.debug(new LogMsg(message));
+
+ }
+
+ /**
+ * Log a warning.
+ *
+ * @param messageId The message ID.
+ * @param args Additional parameters for the message.
+ * @param t An exception being the cause of the warning.
+ * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+ */
+ private void warn(String messageId, Object[] args, Throwable t) {
+ MessageProvider msg = MessageProvider.getInstance();
+ String txt = msg.getMessage(messageId, args);
+
+ Logger.warn(new LogMsg(txt), t);
+ warnings.add(txt);
+ }
+
+ /**
+ * Log an error.
+ *
+ * @param messageId The message ID.
+ * @param args Additional parameters for the message.
+ * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+ */
+ private void error(String messageId, Object[] args) {
+ MessageProvider msg = MessageProvider.getInstance();
+ String txt = msg.getMessage(messageId, args);
+
+ Logger.error(new LogMsg(txt));
+ warnings.add(txt);
+ }
+
+ /**
+ * Log an error.
+ *
+ * @param messageId The message ID.
+ * @param args Additional parameters for the message.
+ * @param t An exception being the cause of the warning.
+ * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+ */
+ private void error(String messageId, Object[] args, Throwable t) {
+ MessageProvider msg = MessageProvider.getInstance();
+ String txt = msg.getMessage(messageId, args);
+
+ Logger.error(new LogMsg(txt), t);
+ warnings.add(txt);
+ }
+
+ /**
+ * Returns whether revocation information should be archived.
+ *
+ * @return whether revocation information should be archived.
+ */
+ public boolean getEnableRevocationArchiving()
+ {
+ String enableArchiving = getElementValue(getConfigElem(), ENABLE_ARCHIVING_XPATH, null);
+ return Boolean.valueOf(enableArchiving).booleanValue();
+ }
+
+ /**
+ * Returns the JDBC URL for the revocation archive database.
+ *
+ * @return the JDBC URL for the revocation archive database, or <code>null</code, if the corresponding
+ * parameter is not set in the configuration.
+ */
+ public String getRevocationArchiveJDBCURL()
+ {
+ String jDBCURL = getElementValue(getConfigElem(), ACHIVE_JDBC_URL_, null);
+ return jDBCURL;
+ }
+
+ /**
+ * Returns the JDBC driver class name for the revocation archive database.
+ *
+ * @return the JDBC driver class name for the revocation archive database, or <code>null</code,
+ * if the corresponding parameter is not set in the configuration.
+ */
+ public String getRevocationArchiveJDBCDriverClass()
+ {
+ String jDBCDriverClass = getElementValue(getConfigElem(), ACHIVE_JDBC_DRIVER_CLASS_, null);
+ return jDBCDriverClass;
+ }
+
+ /**
+ * Returns whether revocation information should be archived.
+ */
+ public boolean getEnableRevocationChecking()
+ {
+ String enableChecking = getElementValue(getConfigElem(), ENABLE_REVOCATION_CHECKING_XPATH_, null);
+ return Boolean.valueOf(enableChecking).booleanValue();
+ }
+
+ /**
+ * Returns the maximum age of a revocation information for considering it
+ * still as valid.
+ *
+ * @return the maximum age of a revocation information for considering it
+ * still as valid.
+ */
+ public long getMaxRevocationAge()
+ {
+ String maxRevocationAge = getElementValue(getConfigElem(), MAX_REVOCATION_AGE_XPATH_, null);
+ if (maxRevocationAge == null) return 0;
+ return Long.valueOf(maxRevocationAge).longValue();
+ }
+
+ /**
+ * Returns the service order for revocation checking.
+ *
+ * @return the service order for revocation checking. Valid array entries are
+ * {@link RevocationSourceTypes#OCSP} and {@link RevocationSourceTypes#CRL}.
+ * An empty array will be returned if no service order is specified in the
+ * configuration.
+ */
+ public String[] getServiceOrder()
+ {
+ ArrayList list = new ArrayList();
+ NodeIterator serviceIter = XPathUtils.selectNodeIterator(getConfigElem(), REVOCATION_SERVICEORDER_XPATH_);
+ Element currentServiceNode;
+ while ((currentServiceNode = (Element)serviceIter.nextNode()) != null)
+ {
+ list.add(getElementValue(currentServiceNode, ".", null));
+ }
+ Object[] serviceOrder = list.toArray();
+ String[] returnValue = new String[serviceOrder.length];
+ for (int i = 0; i < serviceOrder.length; i++)
+ {
+ if (((String)serviceOrder[i]).equalsIgnoreCase(RevocationSourceTypes.CRL)) {
+ returnValue[i] = RevocationSourceTypes.CRL;
+ } else if (((String)serviceOrder[i]).equalsIgnoreCase(RevocationSourceTypes.OCSP)) {
+ returnValue[i] = RevocationSourceTypes.OCSP;
+ }
+
+ }
+ return returnValue;
+ }
+
+ /**
+ * Returns whether the certificate extension Authority Info Access should
+ * be used during certificate path construction.
+ *
+ * @return whether the certificate extension Authority Info Access should
+ * be used during certificate path construction.
+ */
+ public boolean getUseAuthorityInfoAccess()
+ {
+ String useAIA = getElementValue(getConfigElem(), USE_AUTHORITY_INFO_ACCESS_XPATH_, null);
+ return Boolean.valueOf(useAIA).booleanValue();
+ }
+
+ /**
+ * Returns whether certificates found during certificate path construction
+ * should be added to the certificate store.
+ *
+ * @return whether certificates found during certificate path construction
+ * should be added to the certificate store.
+ */
+ public boolean getAutoAddCertificates()
+ {
+ String autoAdd = getElementValue(getConfigElem(), AUTO_ADD_CERTIFICATES_XPATH_, null);
+ return Boolean.valueOf(autoAdd).booleanValue();
+ }
+
+ /**
+ * Returns whether file URIs are permitted
+ * @return whether file URIs are permitted
+ */
+ public boolean getPermitFileURIs()
+ {
+ String permitFileURIs = getElementValue(getConfigElem(), PERMIT_FILE_URIS_XPATH, "false");
+ return Boolean.valueOf(permitFileURIs).booleanValue();
+ }
+
+ /**
+ * Returns the TSL configuration from the config file
+ * @return
+ */
+ public TSLConfiguration getTSLConfiguration() {
+ TSLConfigurationImpl tslconfiguration = new TSLConfigurationImpl();
+
+
+ String euTSLUrl = getElementValue(getConfigElem(), TSL_CONFIGURATION_XPATH + CONF + "EUTSLUrl", null);
+ if (StringUtils.isEmpty(euTSLUrl)) {
+ euTSLUrl = TSLConfiguration.DEFAULT_EU_TSL_URL;
+ debug("config.39", new Object[] { "EUTSL", euTSLUrl });
+ }
+
+ String updateSchedulePeriod = getElementValue(getConfigElem(), TSL_CONFIGURATION_XPATH + CONF + "UpdateSchedule/" + CONF + "Period" , null);
+
+ if (StringUtils.isEmpty(updateSchedulePeriod)) {
+ updateSchedulePeriod = TSLConfiguration.DEFAULT_UPDATE_SCHEDULE_PERIOD;
+ debug("config.39", new Object[] { "UpdateSchedule/Period", updateSchedulePeriod });
+ }
+
+ String updateScheduleStartTime = getElementValue(getConfigElem(), TSL_CONFIGURATION_XPATH + CONF + "UpdateSchedule/" + CONF + "StartTime", null);
+ if (StringUtils.isEmpty(updateScheduleStartTime)) {
+ updateScheduleStartTime = TSLConfiguration.DEFAULT_UPDATE_SCHEDULE_STARTTIME;
+ debug("config.39", new Object[] { "UpdateSchedule/StartTime", updateScheduleStartTime });
+
+ }
+
+ String workingDirectoryStr = getElementValue(getConfigElem(), TSL_CONFIGURATION_XPATH + CONF + "WorkingDirectory", null);
+ if (StringUtils.isEmpty(workingDirectoryStr)) {
+ workingDirectoryStr = TSLConfiguration.DEFAULT_WORKING_DIR;
+ debug("config.39", new Object[] { "WorkingDirectory", workingDirectoryStr });
+ }
+
+ // convert update schedule starting time to Date object
+ Calendar Cal = DatatypeConverter.parseDateTime(updateScheduleStartTime);
+ Date updateScheduleStartTimeDate = Cal.getTime();
+
+ // convert working directory
+ URI workingDirectoryURI = null;
+ try
+ {
+ workingDirectoryURI = new URI(workingDirectoryStr);
+ if (!workingDirectoryURI.isAbsolute()) { // make it absolute to the config file
+ workingDirectoryURI = new URI(configRoot_.toURL() + workingDirectoryStr);
+ }
+ }
+ catch (URIException e) {
+ warn("config.37", new Object[] { workingDirectoryStr }, e);
+ workingDirectoryStr = TSLConfiguration.DEFAULT_WORKING_DIR;
+ warn("config.39", new Object[] { "WorkingDirectory", workingDirectoryStr });
+ }
+ catch (MalformedURLException e)
+ {
+ warn("config.37", new Object[] { workingDirectoryStr }, e);
+ workingDirectoryStr = TSLConfiguration.DEFAULT_WORKING_DIR;
+ warn("config.39", new Object[] { "WorkingDirectory", workingDirectoryStr });
+ }
+
+ File tslWorkingDir = new File(workingDirectoryURI.getPath());
+ if (!tslWorkingDir.exists()) {
+ tslWorkingDir.mkdir();
+ }
+ if (!tslWorkingDir.isDirectory()) {
+ error("config.38", new Object[] { workingDirectoryStr });
+ return null;
+ }
+
+
+ debug("TSL Konfiguration - EUTSLUrl: " + euTSLUrl);
+ debug("TSL Konfiguration - UpdateSchedule/Period: " + updateSchedulePeriod);
+ debug("TSL Konfiguration - UpdateSchedule/StartTime: " + updateScheduleStartTime);
+ debug("TSL Konfiguration - TSLWorkingDirectory: " + tslWorkingDir.getAbsolutePath());
+
+
+ // set TSL configuration
+ tslconfiguration.setEuTSLUrl(euTSLUrl);
+ tslconfiguration.setUpdateSchedulePeriod(Long.valueOf(updateSchedulePeriod).longValue());
+ tslconfiguration.setUpdateScheduleStartTime(updateScheduleStartTimeDate);
+ tslconfiguration.setWorkingDirectory(tslWorkingDir.getAbsolutePath());
+ tslconfiguration.setWorkingDirectoryURI(workingDirectoryURI);
+
+ return tslconfiguration;
+ }
+
+ /**
+ * Returns a map of CRL retention intervals
+ * @return
+ */
+ public Map getCrlRetentionIntervals() {
+ Map map = new HashMap();
+ NodeIterator modIter = XPathUtils.selectNodeIterator(
+ getConfigElem(),
+ CRL_RETENTION_INTERVALS_CA_XPATH);
+
+ Element modElem;
+ while ((modElem = (Element) modIter.nextNode()) != null) {
+ String x509IssuerName = getElementValue(modElem, CONF + "X509IssuerName", null);
+ String i = getElementValue(modElem, CONF + "Interval", null);
+ Integer interval = new Integer(i);
+ try {
+ RFC2253NameParser parser = new RFC2253NameParser(x509IssuerName);
+ Name name = parser.parse();
+ map.put(name.getRFC2253String(), interval);
+ } catch (RFC2253NameParserException e) {
+ map.put(x509IssuerName, interval);
+ }
+
+ }
+
+ return map;
+ }
+
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
new file mode 100644
index 0000000..6c1a192
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
@@ -0,0 +1,975 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+import iaik.asn1.structures.Name;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.net.URL;
+import java.security.Principal;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.Set;
+
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.util.DOMUtils;
+
+/**
+ * A class providing access to the MOA configuration data.
+ *
+ * <p>Configuration data is read from an XML file, whose location is given by
+ * the <code>moa.spss.server.configuration</code> system property.</p>
+ * <p>This class implements the Singleton pattern. The <code>reload()</code>
+ * method can be used to update the configuration data. Therefore, it is not
+ * guaranteed that consecutive calls to <code>getInstance()</code> will return
+ * the same <code>ConfigurationProvider</code> all the time. During the
+ * processing of a web service request, the current
+ * <code>TransactionContext</code> should be used to obtain the
+ * <code>ConfigurationProvider</code> local to that request.</p>
+ *
+ * @author Patrick Peck
+ * @author Sven Aigner
+ * @version $Id$
+ */
+public class ConfigurationProvider
+{
+ /**
+ * The name of the system property which contains the file name of the
+ * configuration file.
+ */
+ public static final String CONFIG_PROPERTY_NAME =
+ "moa.spss.server.configuration";
+
+ /**
+ * A fake <code>IssuerAndSerial</code> object for storing KeyGroup information
+ * accessible by all clients.
+ */
+ private static final IssuerAndSerial ANONYMOUS_ISSUER_SERIAL =
+ new IssuerAndSerial(new Name(), new BigInteger("0"));
+
+ /** Singleton instance. <code>null</code>, if none has been created. */
+ private static ConfigurationProvider instance;
+
+ //
+ // configuration data
+ //
+
+ /** The warnings generated when building the configuration. */
+ private List warnings = new ArrayList();
+
+ /** The default digest method algorithm name */
+ private String digestMethodAlgorithmName;
+
+ /** The default canonicalization algorithm name */
+ private String canonicalizationAlgorithmName;
+
+ /** The XAdES version used for signature creation */
+ private String xadesVersion;
+
+ /** PDF AS Configuration */
+ private String pdfAsConfiguration;
+
+ /**
+ * A <code>List</code> of <code>HardwareCryptoModule</code> objects for
+ * configuring hardware modules.
+ */
+ private List hardwareCryptoModules;
+
+ /**
+ * A <code>List</code> of <code>HardwareKey</code> objects containing the
+ * configuration data for hardware keys.
+ */
+ private List hardwareKeyModules;
+
+ /**
+ * A <code>List</code> of <code>SoftwareKey</code> objects containing the
+ * configuration data for software keys.
+ */
+ private List softwareKeyModules;
+
+ /**
+ * A <code>Map</code> which contains a KeyGroupId (a <code>String</code>) to
+ * KeyGroup mapping.
+ */
+ private Map keyGroups;
+
+ /**
+ * A <code>Map</code> which contains the <code>IssuerAndSerial</code> to
+ * <code>KeyGroup</code> mapping.
+ */
+ private Map keyGroupMappings;
+
+ /** The default chaining mode. */
+ private String defaultChainingMode;
+
+ /**
+ * A <code>Map</code> which contains the <code>IssuerAndSerial</code> to
+ * chaining mode (a <code>String</code>) mapping.
+ */
+ private Map chainingModes;
+
+ /**
+ * A <code>Map</code> which contains the CAIssuerDN (a <code>String</code>)
+ * to distribution points (a <code>Set</code> of
+ * <code>DistributionPoint</code>s) mapping.
+ */
+
+ private Map distributionPoints;
+ /**
+ * The CRL archive duration.
+ */
+ private int cRLArchiveDuration;
+
+ /**
+ * Indicates whether revocation information should be archived.
+ */
+ private boolean enableRevocationArchiving_;
+
+ /**
+ * The location of the certificate store.
+ */
+ private String certStoreLocation_;
+
+ /**
+ * A <code>Map</code> which contains a mapping from
+ * CreateSignatureEnvironmentProfile Ids (<code>String</code>) to
+ * CreateSignatureEnvironmentProfile elements (an <code>Element</code>).
+ */
+ private Map createSignatureEnvironmentProfiles;
+
+ /**
+ * A <code>Map</code> which contains a mapping from
+ * CreateTransformsInfoProfile Ids (<code>String</code>) to
+ * CreateTransformsInfoProfile elements (an <code>Element</code>).
+ */
+ private Map createTransformsInfoProfiles;
+
+ /**
+ * A <code>Map</code> which contains a mapping from
+ * VerifyTransformsInfoProfile Ids (<code>String</code>) to
+ * VerifyTransformsInfoProfile elements (an <code>Element</code>).
+ */
+ private Map verifyTransformsInfoProfiles;
+
+ /**
+ * A <code>Map</code> which contains a mapping from
+ * SupplementProfile Ids (<code>String</code>) to SupplementProfile elements
+ * (an <code>Element</code>).
+ */
+ private Map supplementProfiles;
+
+ /**
+ * A <code>Map</code> which contains a TrustProfile Id (a <code>String</code>
+ * to trust profile (a <code>TrustProfile</code>) mapping.
+ */
+ private Map trustProfiles;
+
+ /**
+ * The JDBC URL for the revocation archive database.
+ */
+ private String revocationArchiveJDBCURL_;
+
+ /**
+ * The JDBC driver class name for the revocation archive database.
+ */
+ private String revocationArchiveJDBCDriverClass_;
+
+ /**
+ * Indicates whether revocation checking should be done.
+ */
+ private boolean enableRevocationChecking_;
+
+ /**
+ * The maximum age of a revocation information for considering it still as valid.
+ */
+ private long maxRevocationAge_;
+
+ /**
+ * The service order for revocation checking.
+ */
+ private String[] serviceOrder_;
+
+ /**
+ * Indicates whether certificates found during certificate path construction
+ * should be added to the certificate store.
+ */
+ private boolean autoAddCertificates_;
+
+ /**
+ * Indicates whether the certificate extension Authority Info Access should
+ * be used during certificate path construction.
+ */
+ private boolean useAuthorityInfoAccess_;
+ /**
+ * Indicates whether file URIs are allowed or not
+ */
+ private boolean permitFileURIs;
+
+ /**
+ * Indicates the CRL retention intervals
+ */
+ private Map crlRetentionIntervals;
+
+ /**
+ * Indicates wether external URIs are allowed or not
+ */
+ private boolean allowExternalUris_;
+
+ /**
+ * A <code>List</code> of black listed URIs (host and port)
+ */
+ private List blackListedUris_;
+
+ /**
+ * A <code>List</code> of white listed URIs (host and port)
+ */
+ private List whiteListedUris_;
+
+ /**
+ * A <code>TSLConfiguration</code> that represents the global TSL configuration
+ */
+ private TSLConfiguration tslconfiguration_;
+
+
+ /**
+ * Return the single instance of configuration data.
+ *
+ * @return MOAConfigurationProvider The current configuration data.
+ * @throws ConfigurationException Failure to load the configuration data.
+ */
+ public static synchronized ConfigurationProvider getInstance()
+ throws ConfigurationException {
+
+ if (instance == null) {
+ reload();
+ }
+ return instance;
+ }
+
+ /**
+ * Reload the configuration data and set it if successful.
+ *
+ * @return MOAConfigurationProvider The loaded configuration data.
+ * @throws ConfigurationException Failure to load the configuration data.
+ */
+ public static synchronized ConfigurationProvider reload()
+ throws ConfigurationException {
+ String fileName = System.getProperty(CONFIG_PROPERTY_NAME);
+
+ if (fileName == null) {
+ // find out where we are running and use the configuration provided
+ // under WEB-INF/conf/moa-spss/MOA-SPSSConfiguration
+ URL url = ConfigurationProvider.class.getResource("/");
+ fileName =
+ new File(url.getPath()).getParent()
+ + "/conf/moa-spss/MOA-SPSSConfiguration.xml";
+ info("config.05", new Object[] { CONFIG_PROPERTY_NAME });
+ }
+
+ instance = new ConfigurationProvider(fileName);
+ return instance;
+ }
+
+ /**
+ * Constructor for ConfigurationProvider.
+ *
+ * @param fileName The name of the configuration file.
+ * @throws ConfigurationException An error occurred loading the configuration.
+ */
+ public ConfigurationProvider(String fileName) throws ConfigurationException {
+ load(fileName);
+ }
+
+ /**
+ * Load the configuration data from XML file with the given name and build
+ * the internal data structures representing the MOA configuration.
+ *
+ * @param fileName The name of the XML file to load.
+ * @throws ConfigurationException The MOA configuration could not be
+ * read/built.
+ */
+ private void load(String fileName) throws ConfigurationException {
+ FileInputStream stream = null;
+ File configFile;
+ File configRoot;
+ Element configElem;
+ ConfigurationPartsBuilder builder;
+ List allKeyModules;
+
+
+ // load the main config file
+ try {
+ configFile = new File(fileName);
+ configRoot = new File(configFile.getParent());
+ info("config.21", new Object[] { configFile.getAbsoluteFile()});
+ stream = new FileInputStream(fileName);
+ configElem = DOMUtils.parseXmlValidating(new FileInputStream(fileName));
+ } catch (Throwable t) {
+ throw new ConfigurationException("config.10", null, t);
+ }
+
+ // build the internal datastructures
+ try {
+ builder = new ConfigurationPartsBuilder(configElem, configRoot);
+
+ if (builder.checkTrustProfilesTSLenabled()) {
+ debug("TSL support enabled for at least one trustprofile.");
+ tslconfiguration_ = builder.getTSLConfiguration();
+ trustProfiles = builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory());
+ }
+ else {
+ tslconfiguration_ = null;
+ trustProfiles = builder.buildTrustProfiles();
+ }
+
+ digestMethodAlgorithmName = builder.getDigestMethodAlgorithmName();
+ canonicalizationAlgorithmName =
+ builder.getCanonicalizationAlgorithmName();
+ hardwareCryptoModules = builder.buildHardwareCryptoModules();
+ hardwareKeyModules =
+ builder.buildHardwareKeyModules(Collections.EMPTY_LIST);
+ softwareKeyModules =
+ builder.buildSoftwareKeyModules(hardwareKeyModules);
+ allKeyModules = new ArrayList(hardwareKeyModules);
+ allKeyModules.addAll(softwareKeyModules);
+ keyGroups = builder.buildKeyGroups(allKeyModules);
+ keyGroupMappings =
+ builder.buildKeyGroupMappings(keyGroups, ANONYMOUS_ISSUER_SERIAL);
+
+ pdfAsConfiguration = builder.getPDFASConfiguration();
+ xadesVersion = builder.getXAdESVersion();
+ defaultChainingMode = builder.getDefaultChainingMode();
+ chainingModes = builder.buildChainingModes();
+ useAuthorityInfoAccess_ = builder.getUseAuthorityInfoAccess();
+ autoAddCertificates_ = builder.getAutoAddCertificates();
+ //trustProfiles = builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory());
+
+
+ distributionPoints = builder.buildDistributionPoints();
+ enableRevocationChecking_ = builder.getEnableRevocationChecking();
+ maxRevocationAge_ = builder.getMaxRevocationAge();
+ serviceOrder_ = builder.getServiceOrder();
+ enableRevocationArchiving_ = builder.getEnableRevocationArchiving();
+ cRLArchiveDuration = builder.getRevocationArchiveDuration();
+ revocationArchiveJDBCURL_ = builder.getRevocationArchiveJDBCURL();
+ revocationArchiveJDBCDriverClass_ = builder.getRevocationArchiveJDBCDriverClass();
+
+
+
+ //check TSL configuration
+ checkTSLConfiguration();
+
+
+
+ certStoreLocation_ = builder.getCertStoreLocation();
+ createTransformsInfoProfiles = builder.buildCreateTransformsInfoProfiles();
+ createSignatureEnvironmentProfiles = builder.buildCreateSignatureEnvironmentProfiles();
+ verifyTransformsInfoProfiles = builder.buildVerifyTransformsInfoProfiles();
+ supplementProfiles = builder.buildSupplementProfiles();
+ warnings = new ArrayList(builder.getWarnings());
+ permitFileURIs = builder.getPermitFileURIs();
+ crlRetentionIntervals = builder.getCrlRetentionIntervals();
+
+ allowExternalUris_= builder.allowExternalUris();
+
+ if (allowExternalUris_) {
+ blackListedUris_ = builder.buildPermitExternalUris();
+ whiteListedUris_ = null;
+ }
+ else {
+ info("config.35", null);
+ blackListedUris_ = null;
+ whiteListedUris_ = builder.buildForbidExternalUris();
+ }
+
+
+
+// Set set = crlRetentionIntervals.entrySet();
+// Iterator i = set.iterator();
+// while(i.hasNext()){
+// Map.Entry me = (Map.Entry)i.next();
+// System.out.println("Key: " + me.getKey() + " - Value: " + me.getValue() );
+// }
+
+
+ } catch (Throwable t) {
+ throw new ConfigurationException("config.11", null, t);
+ } finally {
+ try {
+ if (stream != null) {
+ stream.close();
+ }
+ } catch (IOException e) {
+ // don't complain about this
+ }
+ }
+ }
+
+ private boolean checkTSLenableTrustprofilesExist()throws ConfigurationException {
+ boolean bTSLEnabledTPExist = false;
+ Iterator it = trustProfiles.entrySet().iterator();
+ while (it.hasNext()) {
+ Map.Entry pairs = (Map.Entry)it.next();
+ TrustProfile tp = (TrustProfile) pairs.getValue();
+ if (tp.isTSLEnabled())
+ bTSLEnabledTPExist = bTSLEnabledTPExist || true;
+ }
+
+ return bTSLEnabledTPExist;
+
+ }
+
+ private void checkTSLConfiguration() throws ConfigurationException {
+ boolean bTSLEnabledTPExist = false;
+ Iterator it = trustProfiles.entrySet().iterator();
+ while (it.hasNext()) {
+ Map.Entry pairs = (Map.Entry)it.next();
+ TrustProfile tp = (TrustProfile) pairs.getValue();
+ if (tp.isTSLEnabled())
+ bTSLEnabledTPExist = bTSLEnabledTPExist || true;
+ }
+
+ if (!bTSLEnabledTPExist) {
+ // if no trustprofile has TSL support enabled, delete TSL configuration
+ tslconfiguration_ = null;
+ return;
+ }
+
+ if (bTSLEnabledTPExist && (tslconfiguration_ == null)) {
+ error("config.40", null);
+ throw new ConfigurationException("config.40", null);
+ }
+
+ File workingDir = new File(tslconfiguration_.getWorkingDirectory());
+ File eu_trust = new File(workingDir.getAbsolutePath() + "/trust/eu");
+ if (!eu_trust.exists()) {
+ error("config.51", new Object[] {"Verzeichnis \"trust/eu\" existiert nicht"});
+ throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" existiert nicht"});
+ }
+ else {
+ File[] eutrustFiles = eu_trust.listFiles();
+ if (eutrustFiles == null) {
+ error("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"});
+ throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"});
+ }
+ else {
+ if (eutrustFiles.length == 0) {
+ error("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"});
+ throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"});
+ }
+ }
+
+ }
+
+ File hashcache = new File(tslconfiguration_.getWorkingDirectory(), "hashcache");
+ if (!hashcache.exists()) {
+ hashcache.mkdir();
+ }
+ if (!hashcache.isDirectory()) {
+ error("config.38", new Object[] { hashcache.getAbsolutePath() });
+ return;
+ }
+
+ System.setProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR", hashcache.getAbsolutePath());
+// String hashcachedir = System.getProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR");
+// System.out.println("Hashcache: " + hashcachedir);
+
+
+ Logger.debug("TSL Konfiguration - Hashcache: " + hashcache.getAbsolutePath());
+
+
+ }
+
+
+ /**
+ * Returns the warnings encountered during building the configuration.
+ *
+ * @return A <code>List</code> of <code>String</code>s, containing the
+ * warning messages.
+ */
+ public List getWarnings() {
+ return warnings;
+ }
+
+ /**
+ * Return the name of the digest algorithm used during signature creation.
+ *
+ * @return The digest method algorithm name, or an empty <code>String</code>,
+ * if none has been configured.
+ */
+ public String getDigestMethodAlgorithmName() {
+ return digestMethodAlgorithmName;
+ }
+
+ /**
+ * Return the XAdES version used for signature creation.
+ *
+ * @return The XAdES version used for signature creation, or an empty <code>String</code>,
+ * if none has been configured.
+ */
+ public String getXAdESVersion() {
+ return xadesVersion;
+ }
+
+ public String getPDFASConfiguration() {
+ return pdfAsConfiguration;
+ }
+
+ public boolean getAllowExternalUris() {
+ return this.allowExternalUris_;
+ }
+
+ public List getBlackListedUris() {
+ return this.blackListedUris_;
+ }
+ public List getWhiteListedUris() {
+ return this.whiteListedUris_;
+ }
+
+ /**
+ * Return the name of the canonicalization algorithm used during signature
+ * creation.
+ *
+ * @return The canonicalization algorithm name, or an empty
+ * <code>String</code> if none has been configured.
+ */
+ public String getCanonicalizationAlgorithmName() {
+ return canonicalizationAlgorithmName;
+ }
+
+ /**
+ * Return the configured hardware crypto modules.
+ *
+ * @return A <code>List</code> of <code>HardwareCryptoModule</code> objects
+ * containing the hardware crypto module configurations.
+ */
+ public List getHardwareCryptoModules() {
+ return hardwareCryptoModules;
+ }
+
+ /**
+ * Return the hardware key modules configuration.
+ *
+ * @return A <code>List</code> of <code>HardwareKeyModule</code> objects
+ * containing the configuration of the hardware key modules.
+ */
+ public List getHardwareKeyModules() {
+ return hardwareKeyModules;
+ }
+
+ /**
+ * Return the software key module configuration.
+ *
+ * @return A <code>List</code> of <code>SoftwareKeyModule</code> objects
+ * containing the configuration of the software key modules.
+ */
+ public List getSoftwareKeyModules() {
+ return softwareKeyModules;
+ }
+
+ /**
+ * Return the key group mapping.
+ *
+ * @return A mapping from key group ID (a <code>String</code>) to
+ * <code>KeyGroup</code> mapping.
+ */
+ public Map getKeyGroups() {
+ return keyGroups;
+ }
+
+ public KeyGroup getKeyGroup(String keyGroupId) {
+ KeyGroup keyGroup = (KeyGroup) keyGroups.get(keyGroupId);
+ return keyGroup;
+ }
+
+ /**
+ * Return the set of <code>KeyGroupEntry</code>s of a given key group, which a
+ * client (identified by an issuer/serial pair) may access.
+ *
+ * @param issuer The issuer of the client certificate.
+ * @param serial The serial number of the client certificate.
+ * @param keyGroupId The ID of the key group.
+ * @return A <code>Set</code> of all the <code>KeyGroupEntry</code>s in the
+ * given key group, if the user may access them. Returns <code>null</code>, if
+ * the user may not access the given key group or if the key group does not
+ * exist.
+ */
+ public Set getKeyGroupEntries(
+ Principal issuer,
+ BigInteger serial,
+ String keyGroupId) {
+
+ IssuerAndSerial issuerAndSerial;
+ Map mapping;
+
+ if (issuer == null && serial == null) {
+ issuerAndSerial = ANONYMOUS_ISSUER_SERIAL;
+ } else {
+ issuerAndSerial = new IssuerAndSerial(issuer, serial);
+ }
+
+// System.out.println("Issuer: " + issuer);
+// System.out.println("serial: " + serial);
+//
+// Iterator entries = keyGroupMappings.entrySet().iterator();
+// while (entries.hasNext()) {
+// Entry thisEntry = (Entry) entries.next();
+// System.out.println("Entry: " + thisEntry.getKey());
+// System.out.println("Value: " + thisEntry.getValue());
+// }
+
+ mapping = (Map) keyGroupMappings.get(issuerAndSerial);
+ if (mapping != null) {
+ KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId);
+
+ if (keyGroup != null) {
+ return keyGroup.getKeyGroupEntries();
+ }
+ }
+
+ // If no key group is available for a client identified by a certificate,
+ // try to find a key group in the anonymous key group mapping
+ if (issuer != null || serial != null)
+ {
+ mapping = (Map) keyGroupMappings.get(ANONYMOUS_ISSUER_SERIAL);
+ if (mapping != null)
+ {
+ KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId);
+ if (keyGroup != null) return keyGroup.getKeyGroupEntries();
+ }
+ }
+
+ return null;
+ }
+
+ /**
+ * Return the chaining mode for a given trust anchor.
+ *
+ * @param trustAnchor The trust anchor for which the chaining mode should be
+ * returned.
+ * @return The chaining mode for the given trust anchor. If the trust anchor
+ * has not been configured separately, the system default will be returned.
+ */
+ public String getChainingMode(X509Certificate trustAnchor) {
+ Principal issuer = trustAnchor.getIssuerDN();
+ BigInteger serial = trustAnchor.getSerialNumber();
+ IssuerAndSerial issuerAndSerial = new IssuerAndSerial(issuer, serial);
+
+ String mode = (String) chainingModes.get(issuerAndSerial);
+ return mode != null ? mode : defaultChainingMode;
+ }
+
+ /**
+ * Return the distribution points for a given CA.
+ *
+ * @param cert The certificate for which the distribution points should be
+ * looked up. The issuer information is used to perform the lookup.
+ *
+ * @return A <code>Set</code> of <code>DistributionPoint</code> objects. The
+ * set will be empty, if no distribution points have been configured
+ * for this certificate.
+ */
+ public Set getDistributionPoints(X509Certificate cert)
+ {
+ try {
+ RFC2253NameParser nameParser =
+ new RFC2253NameParser(cert.getIssuerDN().toString());
+ String caIssuerDN = nameParser.parse().getName();
+ Set dps = (Set) distributionPoints.get(caIssuerDN);
+
+ if (dps == null) {
+ return Collections.EMPTY_SET;
+ }
+ return dps;
+ } catch (RFC2253NameParserException e) {
+ return Collections.EMPTY_SET;
+ }
+ }
+
+ /**
+ * Return the CRL archive duration.
+ *
+ * @return The duration of how long to keep CRL archive entries (measured in
+ * days).
+ */
+ public int getCRLArchiveDuration() {
+ return cRLArchiveDuration;
+ }
+
+ /**
+ * Returns whether revocation information should be archived.
+ *
+ * @return whether revocation information should be archived.
+ */
+ public boolean getEnableRevocationArchiving()
+ {
+ return enableRevocationArchiving_;
+ }
+
+ /**
+ * Returns the location of the certificate store.
+ *
+ * @return the location of the certificate store.
+ */
+ public String getCertStoreLocation()
+ {
+ return certStoreLocation_;
+ }
+
+ /**
+ * Return a <code>CreateTransformsInfoProfile</code> with the given ID.
+ *
+ * @param id The <code>CreateTransformsInfoProfile</code> ID.
+ * @return The <code>CreateTransformsInfoProfile</code> with the given
+ * ID or <code>null</code>, if none exists.
+ */
+ public Element getCreateTransformsInfoProfile(String id) {
+ return (Element) createTransformsInfoProfiles.get(id);
+ }
+
+ /**
+ * Return a <code>CreateSignatureEnvironmentProfile</code> with the given ID.
+ *
+ * @param id The <code>CreateSignatureEnvironmentProfile</code> ID.
+ * @return The <code>CreateSignatureEnvironmentProfile</code> with the given
+ * ID or <code>null</code>, if none exists.
+ */
+ public Element getCreateSignatureEnvironmentProfile(String id) {
+ return (Element) createSignatureEnvironmentProfiles.get(id);
+ }
+
+ /**
+ * Return a <code>VerifyTransformsInfoProfile</code> with the given ID.
+ *
+ * @param id The <code>VerifyTransformsInfoProfile</code> ID.
+ * @return The <code>VerifyTransformsInfoProfile</code> with the given ID or
+ * <code>null</code>, if none exists.
+ */
+ public Element getVerifyTransformsInfoProfile(String id) {
+ return (Element) verifyTransformsInfoProfiles.get(id);
+ }
+
+ /**
+ * Return a <code>SupplementProfile</code> with the given ID.
+ *
+ * @param id The <code>SupplementProfile</code> ID.
+ * @return The <code>SupplementProfile</code> with the given ID or
+ * <code>null</code>, if none exists.
+ */
+ public Element getSupplementProfile(String id) {
+ return (Element) supplementProfiles.get(id);
+ }
+
+ /**
+ * Return a <code>TrustProfile</code> with the given ID.
+ *
+ * @param id The <code>TrustProfile</code> ID.
+ * @return The <code>TrustProfile</code> with the given ID or
+ * <code>null</code>, if none exists.
+ */
+ public TrustProfile getTrustProfile(String id) {
+ return (TrustProfile) trustProfiles.get(id);
+ }
+
+ /**
+ * Returns a map of <code>TrustProfiles</code>
+ * @return
+ */
+ public Map getTrustProfiles() {
+ return trustProfiles;
+ }
+
+ /**
+ * Log a warning.
+ *
+ * @param messageId The message ID.
+ * @param parameters Additional parameters for the message.
+ * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+ */
+ private static void info(String messageId, Object[] parameters) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.info(new LogMsg(msg.getMessage(messageId, parameters)));
+ }
+
+ /**
+ * Log a debug message.
+ *
+ * @param messageId The message ID.
+ * @param parameters Additional parameters for the message.
+ * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+ */
+ private static void debug(String message) {
+ Logger.debug(message);
+ }
+
+ /**
+ * Log a warning.
+ *
+ * @param messageId The message ID.
+ * @param args Additional parameters for the message.
+ * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+ */
+ private void warn(String messageId, Object[] args) {
+ MessageProvider msg = MessageProvider.getInstance();
+ String txt = msg.getMessage(messageId, args);
+
+ Logger.warn(new LogMsg(txt));
+ warnings.add(txt);
+ }
+
+ /**
+ * Log an error.
+ *
+ * @param messageId The message ID.
+ * @param args Additional parameters for the message.
+ * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+ */
+ private void error(String messageId, Object[] args) {
+ MessageProvider msg = MessageProvider.getInstance();
+ String txt = msg.getMessage(messageId, args);
+
+ Logger.warn(new LogMsg(txt));
+// warnings.add(txt);
+ }
+
+ /**
+ * Returns the JDBC URL for the revocation archive database.
+ *
+ * @return the JDBC URL for the revocation archive database.
+ */
+ public String getRevocationArchiveJDBCURL()
+ {
+ return revocationArchiveJDBCURL_;
+ }
+
+ /**
+ * Returns the JDBC driver class name for the revocation archive database.
+ *
+ * @return the JDBC driver class name for the revocation archive database.
+ */
+ public String getRevocationArchiveJDBCDriverClass()
+ {
+ return revocationArchiveJDBCDriverClass_;
+ }
+
+ /**
+ * Returns whether revocation checking should be done.
+ *
+ * @return whether revocation checking should be done.
+ */
+ public boolean getEnableRevocationChecking()
+ {
+ return enableRevocationChecking_;
+ }
+
+ /**
+ * Returns the maximum age of a revocation information for considering it
+ * still as valid.
+ *
+ * @return the maximum age of a revocation information for considering it
+ * still as valid.
+ */
+ public long getMaxRevocationAge()
+ {
+ return maxRevocationAge_;
+ }
+
+ /**
+ * Returns the service order for revocation checking.
+ *
+ * @return the service order for revocation checking. Valid array entries are
+ * {@link RevocationSourceTypes#OCSP} and {@link RevocationSourceTypes#CRL}.
+ */
+ public String[] getServiceOrder()
+ {
+ return serviceOrder_;
+ }
+
+ /**
+ * Returns whether certificates found during certificate path construction
+ * should be added to the certificate store.
+ *
+ * @return whether certificates found during certificate path construction
+ * should be added to the certificate store.
+ */
+ public boolean getAutoAddCertificates()
+ {
+ return autoAddCertificates_;
+ }
+
+ /**
+ * Returns whether the certificate extension Authority Info Access should
+ * be used during certificate path construction.
+ *
+ * @return whether the certificate extension Authority Info Access should
+ * be used during certificate path construction.
+ */
+ public boolean getUseAuthorityInfoAccess()
+ {
+ return useAuthorityInfoAccess_;
+ }
+
+ /**
+ * Returns whether the file URIs are permitted or not
+ * @return whether the file URIs are permitted or not
+ */
+ public boolean getPermitFileURIs()
+ {
+ return permitFileURIs;
+ }
+
+ /**
+ * Returns the map of retention intervals
+ * @return The map of retention intervals
+ */
+ public Map getCrlRetentionIntervals() {
+ return crlRetentionIntervals;
+ }
+
+ /**
+ * Returns the global TSL configuration
+ * @return The global TSL configuration
+ */
+ public TSLConfiguration getTSLConfiguration() {
+ return tslconfiguration_;
+ }
+
+} \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/DistributionPoint.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/DistributionPoint.java
new file mode 100644
index 0000000..a2e5b93
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/DistributionPoint.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+/**
+ * Abstract base class for distribution points.
+ *
+ * @author Gregor Karlinger
+ * @version $Id$
+ * */
+public abstract class DistributionPoint implements iaik.pki.revocation.DistributionPoint
+{
+ /**
+ * The distribution point URI.
+ */
+ private String uri_;
+
+ /**
+ * Create a <code>DistributionPoint</code> with a URI.
+ *
+ * @param uri The URI of the distribution point.
+ */
+ public DistributionPoint(String uri)
+ {
+ uri_ = uri;
+ }
+
+ /**
+ * @see iaik.pki.revocation.DistributionPoint#getType()
+ */
+ public abstract String getType();
+
+ /**
+ * @see iaik.pki.revocation.DistributionPoint#getUri()
+ */
+ public String getUri()
+ {
+ return uri_;
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareCryptoModule.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareCryptoModule.java
new file mode 100644
index 0000000..c0487f6
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareCryptoModule.java
@@ -0,0 +1,84 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+/**
+ * Contains configuration data for a hardware crypto module.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class HardwareCryptoModule {
+ /** The name of the module. */
+ private String name;
+ /** The slod ID of the module. */
+ private String slotID;
+ /** The user PIN of the module. */
+ private String userPIN;
+
+ /**
+ * Create a new <code>HardwareCryptoModule</code>.
+ *
+ * @param name The name of this <code>HardwareCryptoModule</code>.
+ * @param slotID The slot ID of this <code>HardwareCryptoModule</code>.
+ * @param userPIN The user PIN to access this
+ * <code>HardwareCryptoModule</code>.
+ */
+ public HardwareCryptoModule(String name, String slotID, String userPIN) {
+ this.name = name;
+ this.slotID = slotID;
+ this.userPIN = userPIN;
+ }
+
+ /**
+ * Returns the name of this <code>HardwareCryptoModule</code>.
+ *
+ * @return The name of this <code>HardwareCryptoModule</code>.
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Returns the slot ID of this <code>HardwareCryptoModule</code>.
+ *
+ * @return The slot ID.
+ */
+ public String getSlotID() {
+ return slotID;
+ }
+
+
+ /**
+ * Returns the user PIN of this <code>HardwareCryptoModule</code>.
+ *
+ * @return The user PIN used to access the module.
+ */
+ public String getUserPIN() {
+ return userPIN;
+ }
+
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareKeyModule.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareKeyModule.java
new file mode 100644
index 0000000..18fd085
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareKeyModule.java
@@ -0,0 +1,83 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+/**
+ * A class that contains information about a hardware key module.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class HardwareKeyModule extends KeyModule {
+ /** The name of the module. */
+ private String name;
+ /** The slod ID of the module. */
+ private String slotID;
+ /** The user PIN of the module. */
+ private String userPIN;
+
+ /**
+ * Create a new <code>HardwareKey</code>.
+ *
+ * @param id The key module ID.
+ * @param name The name of the key.
+ * @param slotID The slot ID of the key within the hardware module. May be
+ * <code>null</code>.
+ * @param userPIN The user PIN to access the key.
+ */
+ public HardwareKeyModule(String id, String name, String slotID, String userPIN) {
+ super(id);
+ this.name = name;
+ this.slotID = slotID;
+ this.userPIN = userPIN;
+ }
+
+ /**
+ * Return the name of this <code>HardwareKey</code>.
+ *
+ * @return The name of this <code>HardwareKey</code>.
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Return the slot ID of this <code>HardwareKey</code>.
+ *
+ * @return The slot ID of this <code>HardwareKey</code>.
+ */
+ public String getSlotID() {
+ return slotID;
+ }
+
+ /**
+ * Return the user PIN to access this <code>HardwareKey</code>.
+ *
+ * @return The user PIN to access this <code>HardwareKey</code>.
+ */
+ public String getUserPIN() {
+ return userPIN;
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/IssuerAndSerial.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/IssuerAndSerial.java
new file mode 100644
index 0000000..38a3ae9
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/IssuerAndSerial.java
@@ -0,0 +1,149 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+import java.math.BigInteger;
+import java.security.Principal;
+
+import iaik.asn1.structures.Name;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+
+/**
+ * A class containing the issuer and serial number of a certificate, which can
+ * be used to uniquely identify the certificate.
+ *
+ * The issuer is contained as an RFC2253 encoded <code>String</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class IssuerAndSerial {
+
+ /** The issuer distinguished name. */
+ private String issuerDN;
+ /** The certificate serial number. */
+ private BigInteger serial;
+
+ /**
+ * Create an <code>IssuerAndSerial</code> object.
+ *
+ * The name of the issuer is converted to RFC2253. If it cannot be parsed, the
+ * DN contained in the <code>issuer</code> is set.
+ *
+ * @param issuer The isser of a certificate.
+ * @param serial The serial number of the certificate.
+ */
+ public IssuerAndSerial(Principal issuer, BigInteger serial) {
+ String issuerDN = null;
+ if (issuer instanceof Name) {
+ try {
+ issuerDN = ((Name)issuer).getRFC2253String();
+ } catch (RFC2253NameParserException e) {
+ // do nothing
+ }
+ }
+ if (issuerDN == null) {
+ RFC2253NameParser parser = new RFC2253NameParser(issuer.getName());
+ try {
+ issuerDN = ((Name)parser.parse()).getRFC2253String();
+ } catch (RFC2253NameParserException e) {
+ issuerDN = issuer.getName();
+ }
+ }
+ this.serial = serial;
+ this.issuerDN = issuerDN;
+ }
+
+ /**
+ * Create an <code>IssuerAndSerial</code> object.
+ *
+ * @param issuerDN The issuer distinguished name. Should be an RFC2253 name.
+ * @param serial The serial number of the certificate.
+ */
+ public IssuerAndSerial(String issuerDN, BigInteger serial) {
+ this.issuerDN = issuerDN;
+ this.serial = serial;
+ }
+
+ /**
+ * Return the issuer DN in RFC2253 format.
+ *
+ * @return The issuer part of this object.
+ */
+ public String getIssuerDN() {
+ return issuerDN;
+ }
+
+ /**
+ * Return the serial number.
+ *
+ * @return The serial number of this object.
+ */
+ public BigInteger getSerial() {
+ return serial;
+ }
+
+ /**
+ * Compare this <code>IssuerAndSerial</code> to another object.
+ *
+ * @param other The object to compare this <code>IssuerAndSerial</code> to.
+ * @return <code>true</code>, if <code>other</code> is an
+ * <code>IssuerAndSerial</code> object and the <code>issuer</code> and
+ * <code>serial</code> fields are both equal. <code>false</code> otherwise.
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ public boolean equals(Object other) {
+ if (other instanceof IssuerAndSerial) {
+ IssuerAndSerial ias = (IssuerAndSerial) other;
+ return getIssuerDN().equals(ias.getIssuerDN())
+ && getSerial().equals(ias.getSerial());
+ }
+ return false;
+ }
+
+ /**
+ * Return the hash code of this <code>IssuerAndSerial</code>.
+ *
+ * @return The hash code of this <code>IssuerAndSerial</code>.
+ * @see java.lang.Object#hashCode()
+ */
+ public int hashCode() {
+ return issuerDN.hashCode() ^ serial.hashCode();
+ }
+
+ /**
+ * Return a <code>String</code> representation of this
+ * <code>IssuerAndSerial</code> object.
+ *
+ * @return The <code>String</code> representation.
+ * @see java.lang.Object#toString()
+ */
+ public String toString() {
+ return ("(IssuerAndSerial - Issuer<" + getIssuerDN())
+ + ("> Serial<" + serial.toString() + ">)");
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroup.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroup.java
new file mode 100644
index 0000000..c2490f9
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroup.java
@@ -0,0 +1,105 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+import java.util.Iterator;
+import java.util.Set;
+
+/**
+ * A collection of <code>KeyGroupEntry</code>s with its own ID.
+ *
+ * @author Sven Aigner
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class KeyGroup {
+
+ /** The keys belonging to this key group. */
+ private Set keyGroupEntries;
+ /** The key group ID. */
+ private String id;
+ /** The digest method algorithm for the key group */
+ private String digestMethodAlgorithm;
+
+ /**
+ * Create a <code>KeyGroup</code>.
+ *
+ * @param id The ID of this <code>KeyGroup</code>.
+ * @param keyGroupEntries The keys belonging to this <code>KeyGroup</code>.
+ * @param digestMethodAlgorithm The signature algorithm used for this key group
+ */
+ public KeyGroup(String id, Set keyGroupEntries, String digestMethodAlgorithm) {
+ this.id = id;
+ this.keyGroupEntries = keyGroupEntries;
+ this.digestMethodAlgorithm = digestMethodAlgorithm;
+ }
+
+ /**
+ * Return the <code>KeyEntry</code>s contained in this <code>KeyGroup</code>.
+ *
+ * @return The <code>KeyEntry</code>s contained in this <code>KeyGroup</code>.
+ */
+ public Set getKeyGroupEntries() {
+ return keyGroupEntries;
+ }
+
+ /**
+ * Returnd the digest method algorithm used for this key group
+ * @return The digest method signature algorithm used for this key group
+ */
+ public String getDigestMethodAlgorithm() {
+ return digestMethodAlgorithm;
+ }
+
+ /**
+ * Return the ID of this <code>KeyGroup</code>.
+ *
+ * @return The <code>KeyGroup</code> ID.
+ */
+ public String getId() {
+ return id;
+ }
+
+ /**
+ * Return a <code>String</code> representation of this <code>KeyGroup</code>.
+ *
+ * @return The <code>String</code> representation.
+ * @see java.lang.Object#toString()
+ */
+ public String toString() {
+ StringBuffer sb = new StringBuffer();
+ Iterator i;
+
+ if (getKeyGroupEntries() != null) {
+ i = getKeyGroupEntries().iterator();
+
+ while (i.hasNext()) {
+ sb.append(" " + i.next());
+ }
+ }
+ return "(KeyGroup - ID:" + id + " " + sb.toString() + ")" + "DigestMethodAlgorithm: " + digestMethodAlgorithm;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroupEntry.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroupEntry.java
new file mode 100644
index 0000000..fcedfb0
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroupEntry.java
@@ -0,0 +1,130 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+import java.math.BigInteger;
+
+/**
+ * A class containing information about an entry in a key group.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class KeyGroupEntry {
+ /** The module ID of the key. */
+ private String moduleID;
+ /** The issuer DN of the certificate identifying the key. */
+ private String issuerDN;
+ /** The serial number of the certificate identifying the key. */
+ private BigInteger serialNumber;
+
+ /**
+ * Create a new <code>KeyGroupEntry</code>.
+ *
+ * @param moduleID The key module ID to which this entry belongs to.
+ * @param issuerAndSerial The issuer and serial number which uniquely
+ * identifies a certificate within the key module.
+ */
+ public KeyGroupEntry(String moduleID, IssuerAndSerial issuerAndSerial) {
+ this.moduleID = moduleID;
+ this.issuerDN = issuerAndSerial.getIssuerDN();
+ this.serialNumber = issuerAndSerial.getSerial();
+ }
+
+ /**
+ * Create a new <code>KeyGroupEntry</code>.
+ *
+ * @param moduleID The key module ID to which this entry belongs to.
+ * @param issuerDN The isser DN of the certificate within the key module.
+ * @param serialNumber The serial number of the certificate within the key
+ * module.
+ */
+ public KeyGroupEntry(
+ String moduleID,
+ String issuerDN,
+ BigInteger serialNumber) {
+ this.moduleID = moduleID;
+ this.issuerDN = issuerDN;
+ this.serialNumber = serialNumber;
+ }
+
+ /**
+ * Return the key module ID to which this <code>KeyGroupEntry</code> belongs
+ * to.
+ *
+ * @return The key module ID.
+ */
+ public String getModuleID() {
+ return moduleID;
+ }
+
+ /**
+ * Return the issuer DN of this <code>KeyGroupEntry</code> for identifying the
+ * certificate within the key module.
+ *
+ * @return The issuer DN of the certificate.
+ */
+ public String getIssuerDN() {
+ return issuerDN;
+ }
+
+ /**
+ * Return the serial number of this <code>KeyGroupEntry</code> for identifying
+ * the certificate within the key module.
+ *
+ * @return The serial number of the certificate.
+ */
+ public BigInteger getSerialNumber() {
+ return serialNumber;
+ }
+
+ /**
+ * Compare this <code>KeyGroupEntry</code> to another.
+ *
+ * @param other The <code>KeyGroupEntry</code> to compare to.
+ * @return <code>true</code>, if module ID, isser DN and serial number of
+ * <code>other</code> match the ones contained in this object, otherwise
+ * <code>false</code>.
+ * @see java.lang.Object#equals(Object)
+ */
+ public boolean equals(Object other) {
+ if (other instanceof KeyGroupEntry) {
+ KeyGroupEntry entry = (KeyGroupEntry) other;
+ return getModuleID().equals(entry.getModuleID())
+ && getIssuerDN().equals(entry.getIssuerDN())
+ && getSerialNumber().equals(entry.getSerialNumber());
+ }
+ return false;
+ }
+
+ /**
+ * @see java.lang.Object#hashCode()
+ */
+ public int hashCode() {
+ return getModuleID().hashCode()
+ ^ getIssuerDN().hashCode()
+ ^ getSerialNumber().hashCode();
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyModule.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyModule.java
new file mode 100644
index 0000000..45d8d7e
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyModule.java
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+/**
+ * A class that contains information about a key module.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class KeyModule {
+
+ /** The key module ID. */
+ private String id;
+
+ /**
+ * Create a <code>Key</code> object.
+ *
+ * @param id The key module ID.
+ */
+ public KeyModule(String id) {
+ this.id = id;
+ }
+
+ /**
+ * Return the key ID.
+ *
+ * @return The key ID.
+ */
+ public String getId() {
+ return id;
+ }
+
+ /**
+ * Return a <code>String</code> representation of this <code>Key</code>.
+ *
+ * @return The <code>String</code> representation.
+ * @see java.lang.Object#toString()
+ */
+ public String toString() {
+ return "(Key - Id<" + id + ">)";
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/OCSPDistributionPoint.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/OCSPDistributionPoint.java
new file mode 100644
index 0000000..2e91c6b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/OCSPDistributionPoint.java
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+import iaik.pki.revocation.RevocationSourceTypes;
+
+/**
+ * A class representing a CRL distribution point.
+ *
+ * @author Gregor Karlinger
+ * @version $Id$
+ */
+public class OCSPDistributionPoint
+ extends DistributionPoint
+ implements iaik.pki.revocation.DistributionPoint
+{
+ /**
+ * Create a <code>OCSPDistributionPoint</code> with a URI.
+ *
+ * @param uri The URI of the ocsp distribution point.
+ */
+ public OCSPDistributionPoint(String uri)
+ {
+ super(uri);
+ }
+
+ /**
+ * @see iaik.pki.revocation.DistributionPoint#getType()
+ */
+ public String getType()
+ {
+ return RevocationSourceTypes.OCSP;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/SoftwareKeyModule.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/SoftwareKeyModule.java
new file mode 100644
index 0000000..0ed83bb
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/SoftwareKeyModule.java
@@ -0,0 +1,72 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+/**
+ * A class containing information about a software key, stored in PKCS12 format.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class SoftwareKeyModule extends KeyModule {
+ /** The name of the file containing the keys. */
+ private String fileName;
+ /** The password for accessing the file. */
+ private String passWord;
+
+ /**
+ * Create a new <code>SoftwareKey</code>.
+ *
+ * @param id The key ID.
+ * @param fileName The name of the PKCS12 keystore file containing the key.
+ * @param passWord The password to access the keystore file.
+ */
+ public SoftwareKeyModule(String id, String fileName, String passWord) {
+ super(id);
+ this.fileName = fileName;
+ this.passWord = passWord;
+ }
+
+ /**
+ * Return the name of the PKCS12 keystore file containing this
+ * <code>SoftwareKey</code>.
+ *
+ * @return The name of the PKCS12 keystore file.
+ */
+ public String getFileName() {
+ return fileName;
+ }
+
+ /**
+ * Return the password to access the keystore file.
+ *
+ * @return The password to access the keystore file.
+ */
+ public String getPassWord() {
+ return passWord;
+ }
+
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java
new file mode 100644
index 0000000..21063c7
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java
@@ -0,0 +1,132 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.config;
+
+import iaik.x509.X509Certificate;
+
+/**
+ * Information about a trust profile.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class TrustProfile {
+ /** The ID of the trust profile. */
+ private String id;
+ /** The URI giving the location of the trust profile. */
+ private String uri;
+ /** The URI giving the location of the allowed signer certificates. */
+ private String signerCertsUri;
+ /** Defines if Trustprofile makes use of EU TSL*/
+ private boolean tslEnabled;
+ /** The original URI (out of the configuration) giving the location of the trust profile (used when TSL is enabled) */
+ private String uriOrig;
+ /** The countries given */
+ private String countries;
+ /** */
+ private X509Certificate[] certificatesToBeRemoved;
+
+ /**
+ * Create a <code>TrustProfile</code>.
+ *
+ * @param id The ID of the <code>TrustProfile</code> to create.
+ * @param uri The URI of the <code>TrustProfile</code> to create.
+ * @param signerCertsUri The URI of the location of the allowed signer
+ * certificates of the <code>TrustProfile</code> to create.
+ */
+ public TrustProfile(String id, String uri, String signerCertsUri, boolean tslEnabled, String countries) {
+ this.id = id;
+ this.uri = uri;
+ this.signerCertsUri = signerCertsUri;
+ this.tslEnabled = tslEnabled;
+ this.countries = countries;
+ this.certificatesToBeRemoved = new X509Certificate[0];
+ }
+
+ /**
+ * Return the ID of this <code>TrustProfile</code>.
+ *
+ * @return The <code>TrustProfile</code> ID.
+ */
+ public String getId() {
+ return id;
+ }
+
+ /**
+ * Return the URI of this <code>TrustProfile</code>.
+ *
+ * @return The URI of <code>TrustProfile</code>.
+ */
+ public String getUri() {
+ return uri;
+ }
+
+ /**
+ * Return the original URI of this <code>TrustProfile</code>.
+ *
+ * @return The original URI of <code>TrustProfile</code>.
+ */
+ public String getUriOrig() {
+ return uriOrig;
+ }
+
+ /**
+ * Return the URI giving the location of the allowed signer certificates
+ * of this <code>TrustProfile</code>.
+ *
+ * @return The URI of <code>TrustProfile</code>.
+ */
+ public String getSignerCertsUri() {
+ return signerCertsUri;
+ }
+ /**
+ * Returns if Trustprofile is TSL enabled
+ * @return
+ */
+ public boolean isTSLEnabled() {
+ return tslEnabled;
+ }
+ /**
+ * Returns the given countries
+ * @return Given countries
+ */
+ public String getCountries() {
+ if (!tslEnabled)
+ return null;
+ else
+ return countries;
+ }
+
+
+ /**
+ * Sets the original URI of this <code>TrustProfile</code>.
+ *
+ * @return The original URI of <code>TrustProfile</code>.
+ */
+ public void setUriOrig(String uriOrig) {
+ this.uriOrig = uriOrig;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java
new file mode 100644
index 0000000..49e5ecc
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java
@@ -0,0 +1,249 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.cmssign;
+
+import iaik.server.modules.algorithms.SignatureAlgorithms;
+import iaik.server.modules.cmssign.CMSSignatureCreationProfile;
+import iaik.server.modules.keys.AlgorithmUnavailableException;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
+import iaik.server.modules.keys.UnknownKeyException;
+
+import java.util.List;
+import java.util.Set;
+
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+
+/**
+ * An object providing auxiliary information for creating a CMS signature.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CMSSignatureCreationProfileImpl
+ implements CMSSignatureCreationProfile {
+
+ /** The set of keys available to the signing process. */
+ private Set keySet;
+ /** The MIME type of the data to be signed*/
+ private String mimeType;
+ /** Whether the created signature is to be Security Layer conform. */
+ private boolean securityLayerConform;
+ /** Properties to be signed during signature creation. */
+ private List signedProperties;
+ /** Specifies whether the content data shall be included in the CMS SignedData or shall be not included. */
+ private boolean includeData;
+ /** Digest Method algorithm */
+ private String digestMethod;
+
+
+ /**
+ * Create a new <code>XMLSignatureCreationProfileImpl</code>.
+ *
+ * @param createProfileCount Provides external information about the
+ * number of calls to the signature creation module, using the same request.
+ * @param reservedIDs The set of IDs that must not be used while generating
+ * new IDs.
+ */
+ public CMSSignatureCreationProfileImpl(
+ Set keySet,
+ String digestMethod,
+ List signedProperties,
+ boolean securityLayerConform,
+ boolean includeData,
+ String mimeType) {
+ this.keySet = keySet;
+ this.signedProperties = signedProperties;
+ this.securityLayerConform = securityLayerConform;
+ this.includeData = includeData;
+ this.mimeType = mimeType;
+ this.digestMethod = digestMethod;
+
+ }
+
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getKeySet()
+ */
+ public Set getKeySet() {
+ return keySet;
+ }
+
+ /**
+ * Set the set of <code>KeyEntryID</code>s which may be used for signature
+ * creation.
+ *
+ * @param keySet The set of <code>KeyEntryID</code>s to set.
+ */
+ public void setKeySet(Set keySet) {
+ this.keySet = keySet;
+ }
+
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureAlgorithmName(KeyEntryID)
+ */
+ public String getSignatureAlgorithmName(KeyEntryID selectedKeyID)
+ throws AlgorithmUnavailableException {
+
+
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ TransactionId tid = new TransactionId(context.getTransactionID());
+ KeyModule module = KeyModuleFactory.getInstance(tid);
+ Set algorithms;
+
+ try {
+ algorithms = module.getSupportedSignatureAlgorithms(selectedKeyID);
+ } catch (UnknownKeyException e) {
+ throw new AlgorithmUnavailableException(
+ "Unknown key entry: " + selectedKeyID,
+ e,
+ null);
+ }
+
+ if (digestMethod.compareTo("SHA-1") == 0) {
+ Logger.warn("SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)");
+
+ if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) {
+ return SignatureAlgorithms.SHA1_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) {
+ return SignatureAlgorithms.ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+
+ } else if (digestMethod.compareTo("SHA-256") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
+ return SignatureAlgorithms.SHA256_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA256_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else if (digestMethod.compareTo("SHA-384") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) {
+ return SignatureAlgorithms.SHA384_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA384_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else if (digestMethod.compareTo("SHA-512") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) {
+ return SignatureAlgorithms.SHA512_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA512_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ }
+ else {
+ throw new AlgorithmUnavailableException(
+ "No signature algorithm found for digest algorithm '" + digestMethod,
+ null,
+ null);
+ }
+
+
+ }
+
+
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedProperties()
+ */
+ public List getSignedProperties() {
+ return signedProperties;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#isSecurityLayerConform()
+ */
+ public boolean isSecurityLayerConform() {
+ return securityLayerConform;
+ }
+
+ /**
+ * Sets the security layer conformity.
+ *
+ * @param securityLayerConform <code>true</code>, if the created signature
+ * is to be conform to the Security Layer specification.
+ */
+ public void setSecurityLayerConform(boolean securityLayerConform) {
+ this.securityLayerConform = securityLayerConform;
+ }
+
+
+ public void setDigestMethod(String digestMethod) {
+ this.digestMethod = digestMethod;
+ }
+
+
+ public String getMimeType() {
+ return mimeType;
+ }
+
+ public boolean includeData() {
+ return this.includeData;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java
new file mode 100644
index 0000000..972b540
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.cmsverify;
+
+import iaik.pki.PKIProfile;
+import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
+
+/**
+ * An implementation of the <code>CMSSignatureVerificationProfile</code>
+ * interface.
+ *
+ * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CMSSignatureVerificationProfileImpl
+ implements CMSSignatureVerificationProfile {
+
+ /** The profile for validating the certificate. */
+ private PKIProfile certificateValidationProfile;
+
+ /**
+ * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile#getCertificateValidationProfile()
+ */
+ public PKIProfile getCertificateValidationProfile() {
+ return certificateValidationProfile;
+ }
+
+ /**
+ * Sets the profile for validating the signer certificate.
+ *
+ * @param certificateValidationProfile The certificate validation profile to
+ * set.
+ */
+ public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) {
+ this.certificateValidationProfile = certificateValidationProfile;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java
new file mode 100644
index 0000000..90e6793
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.server.modules.keys.KeyModuleConfiguration;
+
+/**
+ * Base implementation class for the <code>KeyModuleConfiguration</code>
+ * interface and the interfaces derived from it.
+ *
+ * @see iaik.server.modules.keys.KeyModuleConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class AbstractKeyModuleConfigurationImpl
+ implements KeyModuleConfiguration {
+
+ /** The module ID. */
+ private String moduleID;
+
+ /**
+ * Creata new <code>AbstractKeyModuleConfigurationImpl</code>.
+ *
+ * @param moduleID The key module ID of this
+ * <code>KeyModuleConfiguration</code>.
+ */
+ public AbstractKeyModuleConfigurationImpl(String moduleID) {
+ this.moduleID = moduleID;
+ }
+
+ /**
+ * @see iaik.server.modules.keys.KeyModuleConfiguration#getModuleID()
+ */
+ public String getModuleID() {
+ return moduleID;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java
new file mode 100644
index 0000000..e2d828b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java
@@ -0,0 +1,72 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import iaik.pki.store.observer.NotificationData;
+import iaik.pki.store.observer.Observable;
+import iaik.pki.store.observer.Observer;
+
+/**
+ * A base class for observable configuration data.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class AbstractObservableConfiguration implements Observable {
+
+ /** The observers registered with this <code>Observable</code>. */
+ private List observers = new ArrayList();
+
+ /**
+ * @see iaik.pki.store.observer.Observable#addObserver(iaik.pki.store.observer.Observer)
+ */
+ public void addObserver(Observer observer) {
+ observers.add(observer);
+ }
+
+ /**
+ * @see iaik.pki.store.observer.Observable#removeObserver(iaik.pki.store.observer.Observer)
+ */
+ public boolean removeObserver(Observer observer) {
+ return observers.remove(observer);
+ }
+
+ /**
+ * @see iaik.pki.store.observer.Observable#notify(iaik.pki.store.observer.NotificationData)
+ */
+ public void notify(NotificationData data) {
+ Iterator iter = observers.iterator();
+
+ for (iter = observers.iterator(); iter.hasNext();) {
+ Observer observer = (Observer) iter.next();
+ observer.notify(data);
+ }
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java
new file mode 100644
index 0000000..4a300a2
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java
@@ -0,0 +1,121 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.pki.store.revocation.archive.ArchiveConfiguration;
+import iaik.pki.store.revocation.archive.ArchiveParameters;
+import iaik.pki.store.revocation.archive.ArchiveTypes;
+
+import java.sql.Driver;
+import java.sql.DriverManager;
+import java.util.Enumeration;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>ArchiveConfiguration</code> interface
+ * using configuration data provided by the MOA configuration file.
+ *
+ * @see iaik.pki.store.revocation.archive.ArchiveConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ArchiveConfigurationImpl
+ extends AbstractObservableConfiguration
+ implements ArchiveConfiguration {
+
+ /** The configuration parameters of the archive. */
+ private ArchiveParameters archiveParameters;
+
+ /**
+ * Create a new <code>ArchiveConfigurationImpl</code>.
+ *
+ * @param config The MOA configuration from which the configuration data is being read.
+ */
+ public ArchiveConfigurationImpl(ConfigurationProvider config)
+ {
+ String jdbcUrl = config.getRevocationArchiveJDBCURL();
+ this.archiveParameters = new DataBaseArchiveParameterImpl(jdbcUrl);
+
+ // Register JDBC driver class
+ if (jdbcUrl != null)
+ {
+ String jdbcDriverClass = config.getRevocationArchiveJDBCDriverClass();
+ try
+ {
+ Class.forName(jdbcDriverClass);
+ }
+ catch (ClassNotFoundException e)
+ {
+ // TODO 20030709 GK Improve exception handling
+ throw new RuntimeException("JDBC driver class \"" + jdbcDriverClass + " could not be found.");
+ }
+
+ Enumeration regDrivers = DriverManager.getDrivers();
+ boolean isRegistered = false;
+ while (regDrivers.hasMoreElements())
+ {
+ Object currentDriver = regDrivers.nextElement();
+ if (jdbcDriverClass.equals(currentDriver.getClass().getName())) isRegistered = true;
+ }
+ if (!isRegistered)
+ {
+ // Workaround for a driver which does not register itselve at invocation of Class.forName(drvname)
+ try
+ {
+ DriverManager.registerDriver((Driver)Class.forName(jdbcDriverClass).newInstance());
+ }
+ catch (Exception e)
+ {
+ // TODO 20030709 GK Improve exception handling
+ throw new RuntimeException("Registering JDBC driver \"" + jdbcDriverClass + " failed.");
+ }
+ }
+ }
+ }
+
+ /**
+ * Return the type of archive.
+ *
+ * This will always return <code>ArchiveTypes.DATABASE</code>.
+ * @return <code>ArchiveTypes.DATABASE</code>.
+ * @see iaik.pki.store.revocation.archive.ArchiveConfiguration#getType()
+ */
+ public String getType() {
+ return ArchiveTypes.DATABASE;
+ }
+
+ /**
+ * Return the <code>ArchiveParameters</code> describing this
+ * <code>ArchiveConfiguration</code>.
+ *
+ * @return The archive parameters.
+ * @see iaik.pki.store.revocation.archive.ArchiveConfiguration#getArchiveParameters()
+ */
+ public ArchiveParameters getArchiveParameters() {
+ return archiveParameters;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
new file mode 100644
index 0000000..981ea05
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
@@ -0,0 +1,93 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.logging.TransactionId;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.pki.store.revocation.RevocationInfoRetriever;
+import iaik.pki.store.revocation.RevocationSource;
+import iaik.pki.store.revocation.RevocationStoreException;
+import iaik.pki.ldap.Handler;
+
+import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLStreamHandler;
+import java.util.Collection;
+import java.util.Date;
+
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * A customized implementation of
+ * {@link iaik.pki.store.revocation.RevocationInfoRetriever}. Will be used
+ * instead of the default implementation
+ * {@link iaik.pki.store.revocation.CRLRetriever} to overcome a classloader
+ * problem in connection with the {@link java.net.URL} class in a Tomcat
+ * deployment environment.
+ *
+ * @author Gregor Karlinger
+ * @version $$
+ */
+public class CRLRetriever implements RevocationInfoRetriever {
+ public void update(RevocationSource source, Collection supplementalRequestData, TransactionId tid)
+ throws RevocationStoreException {
+ if (source == null) {
+ throw new NullPointerException("RevocationSource parameter mustn't be null.");
+ }
+ Logger.info("Downloading crl from " + source.getUri());
+ if (!source.getType().equals(RevocationSourceTypes.CRL)) {
+ throw new RevocationStoreException(source.getType() + " not supported", null, getClass().getName() + ":1");
+ }
+ try {
+ URL crlUrl;
+ try {
+ crlUrl = new URL(source.getUri());
+ } catch (MalformedURLException e) {
+ // Workaround for classloader problem with deployment in Tomcat
+ // 4.1
+ URLStreamHandler handler = new Handler();
+ crlUrl = new URL(null, source.getUri(), handler);
+ }
+
+ InputStream crlInputStream = crlUrl.openStream();
+ source.readFrom(crlInputStream, tid);
+ source.setDownloadTime(new Date());
+ crlInputStream.close();
+ } catch (Exception iox) {
+ Logger.warn("Cannot retrieve crl", iox);
+ throw new RevocationStoreException("Cannot retrieve CRL", iox, getClass().getName() + ":1");
+ }
+ }
+
+ @Override
+ public void setConnectTimeout(int arg0) {
+ // TODO AFITZEK TODO IMPLEMENT THIS METHOD
+ }
+
+ @Override
+ public void setReadTimeout(int arg0) {
+ // TODO AFITZEK TODO IMPLEMENT THIS METHOD
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java
new file mode 100644
index 0000000..a4f7660
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java
@@ -0,0 +1,81 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.io.File;
+import java.io.IOException;
+
+import org.apache.commons.io.FileUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.logging.IaikLog;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import iaik.logging.Log;
+import iaik.pki.store.certstore.CertStoreConfiguration;
+import iaik.pki.store.certstore.CertStoreParameters;
+import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters;
+import iaik.pki.store.certstore.directory.DirectoryStoreException;
+import iaik.pki.store.certstore.utils.DirectoryCertStoreConverter;
+
+/**
+ * An implementation of the <code>CertStoreConfiguration</code> interface based
+ * on MOA configuration data.
+ *
+ * @see iaik.pki.store.certstore.CertStoreConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CertStoreConfigurationImpl extends AbstractObservableConfiguration implements CertStoreConfiguration {
+
+ private static final Logger logger = LoggerFactory.getLogger(CertStoreConfigurationImpl.class);
+
+ /** The configuration parameters of the <code>CertStore</code>. */
+ private CertStoreParameters[] parameters;
+
+ /**
+ * Create a new <code>CertStoreConfigurationImpl</code>.
+ *
+ * @param config
+ * The MOA configuration from which the configuration data is
+ * being read.
+ */
+ public CertStoreConfigurationImpl(ConfigurationProvider config) {
+ String certStoreRoot = config.getCertStoreLocation();
+
+ DirectoryCertStoreParameters dirParameters = new DirectoryCertStoreParametersImpl("MOA Directory CertStore",
+ certStoreRoot, true, false);
+
+ parameters = new CertStoreParameters[] { dirParameters };
+ }
+
+ /**
+ * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters()
+ */
+ public CertStoreParameters[] getParameters() {
+ return parameters;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java
new file mode 100644
index 0000000..dff78d6
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java
@@ -0,0 +1,145 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import iaik.logging.LoggerConfig;
+import iaik.pki.PKIConfiguration;
+import iaik.server.ConfigurationData;
+
+import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule;
+import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule;
+
+/**
+ * An implementation of the <code>ConfigurationData</code> interface using
+ * MOA configuration data.
+ *
+ * @see iaik.server.ConfigurationData
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ConfigurationDataImpl implements ConfigurationData {
+ /** PKI configuration data. */
+ private PKIConfiguration pkiConfiguration;
+ /** Crypto modules configuration data. */
+ private List cryptoModuleConfigurations;
+ /** Key modules configuration data. */
+ private List keyModuleConfigurations;
+ /** Logging configuration data. */
+ private LoggerConfig loggerConfig;
+
+ /**
+ * Create a new <code>ConfigurationDataImpl</code>.
+ *
+ * @param config The underlying MOA configuration data.
+ */
+ public ConfigurationDataImpl(ConfigurationProvider config) {
+ this.pkiConfiguration = new PKIConfigurationImpl(config);
+ this.cryptoModuleConfigurations = buildCryptoModuleConfigurations(config);
+ this.keyModuleConfigurations = buildKeyModuleConfigurations(config);
+ this.loggerConfig = new LoggerConfigImpl();
+ }
+
+ /**
+ * Build the list of <code>CryptoModuleConfiguration</code>s.
+ *
+ * @param config The underlying MOA configuration data.
+ * @return The list of <code>CryptoModuleConfiguration</code>s configured in
+ * the MOA configuration.
+ */
+ private List buildCryptoModuleConfigurations(ConfigurationProvider config) {
+ List modules = new ArrayList();
+ Iterator iter = config.getHardwareCryptoModules().iterator();
+
+ while (iter.hasNext()) {
+ HardwareCryptoModule module = (HardwareCryptoModule) iter.next();
+ modules.add(new HardwareCryptoModuleConfigurationImpl(module));
+ }
+
+ return modules;
+ }
+
+ /**
+ * Build the list of <code>KeyModuleConfiguration</code>s.
+ *
+ * @param config The underlying MOA configuration data.
+ * @return The list of <code>KeyModuleConfiguration</code>s configured in the
+ * MOA configuration.
+ */
+ private List buildKeyModuleConfigurations(ConfigurationProvider config) {
+ List keys = new ArrayList();
+ Iterator iter;
+
+ // add the hardware keys
+ iter = config.getHardwareKeyModules().iterator();
+ while (iter.hasNext()) {
+ HardwareKeyModule key = (HardwareKeyModule) iter.next();
+ keys.add(new HardwareKeyModuleConfigurationImpl(key));
+ }
+
+ // add the software keys
+ iter = config.getSoftwareKeyModules().iterator();
+ while (iter.hasNext()) {
+ SoftwareKeyModule key = (SoftwareKeyModule) iter.next();
+ keys.add(new SoftwareKeyModuleConfigurationImpl(key));
+ }
+
+ return keys;
+ }
+
+ /**
+ * @see iaik.server.ConfigurationData#getPKIConfiguration()
+ */
+ public PKIConfiguration getPKIConfiguration() {
+ return pkiConfiguration;
+ }
+
+ /**
+ * @see iaik.server.ConfigurationData#getCryptoModuleConfigurations()
+ */
+ public List getCryptoModuleConfigurations() {
+ return cryptoModuleConfigurations;
+ }
+
+ /**
+ * @see iaik.server.ConfigurationData#getKeyModuleConfigurations()
+ */
+ public List getKeyModuleConfigurations() {
+ return keyModuleConfigurations;
+ }
+
+ /**
+ * @see iaik.server.ConfigurationData#getLoggerConfig()
+ */
+ public LoggerConfig getLoggerConfig() {
+ return loggerConfig;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java
new file mode 100644
index 0000000..f4658a2
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.pki.store.revocation.archive.DataBaseArchiveParameters;
+
+/**
+ * An implementation of the <code>DataBaseArchiveParameter</code> interface.
+ *
+ * @see iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class DataBaseArchiveParameterImpl implements DataBaseArchiveParameters {
+
+ /** The JDBC URL for accessing the archive. */
+ private String jDBCUrl;
+
+ /**
+ * Create a new <code>DataBaseArchiveParameterImpl</code>.
+ *
+ * @param jDBCUrl The JDBC URL of the archive.
+ */
+ public DataBaseArchiveParameterImpl(String jDBCUrl) {
+ this.jDBCUrl = jDBCUrl;
+ }
+
+ /**
+ * @see iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter#getJDBCUrl()
+ */
+ public String getJDBCUrl() {
+ return jDBCUrl;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java
new file mode 100644
index 0000000..9dd0ffe
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java
@@ -0,0 +1,115 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.util.Collections;
+import java.util.Set;
+
+import iaik.pki.store.certstore.CertStoreParameters;
+import iaik.pki.store.certstore.CertStoreTypes;
+import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters;
+
+/**
+ * An implementation of the <code>DirectoryCertStoreParameters</code> interface.
+ *
+ * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class DirectoryCertStoreParametersImpl
+ implements DirectoryCertStoreParameters {
+
+ /** The root directory of the <code>CertStore</code>. */
+ private String rootDirectory;
+ /** Whether a new directory may be created. */
+ private boolean createNew;
+ /** The <code>CertStore</code> ID. */
+ private String id;
+ /** Whether the <code>CertStore</code> is read-only. */
+ private boolean readOnly;
+
+ /**
+ * Create a new <code>DirectoryCertStoreParameterImpl</code>.
+ *
+ * @param id The <code>CertStore</code> ID.
+ * @param rootDirectory The root directory of the <code>CertStore</code>.
+ * @param createNew Whether a new directory may be created.
+ * @param readOnly Whether the <code>CertStore</code> is read-only.
+ */
+ public DirectoryCertStoreParametersImpl(
+ String id,
+ String rootDirectory,
+ boolean createNew,
+ boolean readOnly) {
+
+ this.id = id;
+ this.rootDirectory = rootDirectory;
+ this.createNew = createNew;
+ this.readOnly = readOnly;
+ }
+
+ /**
+ * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getRootDirectory()
+ */
+ public String getRootDirectory() {
+ return rootDirectory;
+ }
+
+ /**
+ * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew()
+ */
+ public boolean createNew() {
+ return createNew;
+ }
+
+ /**
+ * @see iaik.pki.store.certstore.CertStoreParameters#getId()
+ */
+ public String getId() {
+ return id;
+ }
+
+ /**
+ * @see iaik.pki.store.certstore.CertStoreParameters#isReadOnly()
+ */
+ public boolean isReadOnly() {
+ return readOnly;
+ }
+
+ /**
+ * @return <code>CertStoreTypes.DIRECTORY</code>
+ * @see iaik.pki.store.certstore.CertStoreParameters#getType()
+ */
+ public String getType() {
+ return CertStoreTypes.DIRECTORY;
+ }
+
+@Override
+public Set getVirtualStores() {
+ // TODO AFITZEK TODO IMPLEMENT THIS METHOD
+ return Collections.EMPTY_SET;
+}
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java
new file mode 100644
index 0000000..c9904c5
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java
@@ -0,0 +1,75 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.server.modules.crypto.HardwareCryptoModuleConfiguration;
+
+import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule;
+
+/**
+ * An implementation of the <code>HardwareCryptoModuleConfiguration</code>
+ * wrapping a <code>HardwareCryptoModule</code> from the MOA configuration.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class HardwareCryptoModuleConfigurationImpl
+ implements HardwareCryptoModuleConfiguration {
+
+ /** The wrapped <code>HardwareCryptoModule</code>. */
+ private HardwareCryptoModule module;
+
+ /**
+ * Create a new <code>HardwareCryptoModuleConfigurationImpl</code>.
+ *
+ * @param module The <code>HardwareCryptoModule</code> from the underlying MOA
+ * configuration.
+ */
+ public HardwareCryptoModuleConfigurationImpl(HardwareCryptoModule module) {
+ this.module = module;
+ }
+
+ /**
+ * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getModuleName()
+ */
+ public String getModuleName() {
+ return module.getName();
+ }
+
+ /**
+ * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getSlotID()
+ */
+ public String getSlotID() {
+ return module.getSlotID();
+ }
+
+ /**
+ * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getUserPIN()
+ */
+ public char[] getUserPIN() {
+ return module.getUserPIN().toCharArray();
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java
new file mode 100644
index 0000000..05f5633
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java
@@ -0,0 +1,79 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.server.modules.keys.HardwareKeyModuleConfiguration;
+
+import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule;
+
+/**
+ * An implementation of the <code>HardwareKeyModuleConfiguration</code>
+ * interface wrapping a <code>HardwareKeyModule</code> from the MOA
+ * configuration.
+ *
+ * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class HardwareKeyModuleConfigurationImpl
+ extends AbstractKeyModuleConfigurationImpl
+ implements HardwareKeyModuleConfiguration {
+
+ /** The wrapped <code>HardwareKeyModule</code>. */
+ private HardwareKeyModule keyModule;
+
+ /**
+ * Create a new <code>HardwareKeyModuleConfigurationImpl</code>.
+ *
+ * @param keyModule The <code>HardwareKeyModule</code> from the underlying
+ * MOA configuration.
+ */
+ public HardwareKeyModuleConfigurationImpl(HardwareKeyModule keyModule) {
+ super(keyModule.getId());
+ this.keyModule = keyModule;
+ }
+
+ /**
+ * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getModuleName()
+ */
+ public String getModuleName() {
+ return keyModule.getName();
+ }
+
+ /**
+ * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getSlotID()
+ */
+ public String getSlotID() {
+ return keyModule.getSlotID();
+ }
+
+ /**
+ * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getUserPIN()
+ */
+ public char[] getUserPIN() {
+ return keyModule.getUserPIN().toCharArray();
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
new file mode 100644
index 0000000..87dd572
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
@@ -0,0 +1,217 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.pki.store.revocation.RevocationFactory;
+import iaik.pki.store.revocation.RevocationSourceStore;
+import iaik.pki.store.truststore.TrustStoreFactory;
+import iaik.security.ec.provider.ECCelerate;
+import iaik.server.ConfigurationData;
+import iaik.server.Configurator;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
+
+import java.security.Security;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.config.KeyGroup;
+import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.util.CertStoreConverter;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.spss.util.SecProviderUtils;
+
+/**
+ * A class responsible for configuring the IAIK MOA modules.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class IaikConfigurator {
+
+ /** The warnings encountered during configuration. */
+ private List warnings = new ArrayList();
+
+ /**
+ * Configure the IAIK MOA subsystem.
+ *
+ *
+ * @param moaConfig The underlying MOA configuration.
+ * @return Returns the config data of the underlying MOA subsystem
+ * @throws ConfigurationException An error occurred configuring the IAIK
+ * MOA subsystem.
+ */
+ public ConfigurationData configure(ConfigurationProvider moaConfig)
+ throws ConfigurationException {
+ ConfigurationData configData = new ConfigurationDataImpl(moaConfig);
+
+ warnings = new ArrayList();
+
+ try {
+ TransactionId transId = new TransactionId("IaikConfigurator");
+
+ //SecProviderUtils.dumpSecProviders("Starting configuration");
+
+ try {
+ iaik.pki.Configurator.initCommon(configData.getLoggerConfig(),
+ transId);
+ //SecProviderUtils.dumpSecProviders("initCommon");
+ String certStoreRoot = moaConfig.getCertStoreLocation();
+ CertStoreConverter.convert(certStoreRoot, transId);
+ } finally {
+ //Security.removeProvider(ECCelerate.getInstance().getName());
+ }
+
+ Configurator.init(configData, transId);
+
+ SecProviderUtils.dumpSecProviders("Fully configured!");
+
+ // Set customized CRL retriever to overcome a classloader problem when MOA is deployed in Tomcat
+ RevocationSourceStore rss = RevocationFactory.getInstance(transId).getRevocationSourceStore();
+ //rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL);
+ if ((moaConfig.getSoftwareKeyModules().size() > 0) || (moaConfig.getHardwareKeyModules().size() > 0)) {
+ dumpKeyEntryIDs();
+ }
+ checkKeyGroupConfig(moaConfig);
+ TrustStoreFactory.reset();
+
+ return configData;
+ } catch (iaik.server.ConfigurationException e) {
+ throw new ConfigurationException("config.08", null, e);
+ } catch (Throwable t) {
+ throw new ConfigurationException("config.08", null, t);
+ }
+ }
+
+ /**
+ * Return the warnings encountered during configuration.
+ *
+ * @return The warnings.
+ */
+ public List getWarnings() {
+ return warnings;
+ }
+
+ /**
+ * Dump all <code>KeyEntryID</code>s contained in the configured
+ * <code>KeyModule</code>s to the log file.
+ */
+ private void dumpKeyEntryIDs() {
+ MessageProvider msg = MessageProvider.getInstance();
+ KeyModule module = KeyModuleFactory.getInstance(new TransactionId("dump"));
+ Set keyEntryIds = module.getPrivateKeyEntryIDs();
+ Iterator iter;
+
+ for (iter = keyEntryIds.iterator(); iter.hasNext();) {
+ KeyEntryID keyEntryId = (KeyEntryID) iter.next();
+ Logger.info(
+ new LogMsg(msg.getMessage("config.19", new Object[] { keyEntryId })));
+ }
+ }
+
+ /**
+ * Check that each key group entry in each key group can be resolved to a
+ * KeyEntryID.
+ *
+ * Logs a warning for each key group entry that cannot be resolved.
+ *
+ * @param moaConfig The MOA configuration to check.
+ */
+ private void checkKeyGroupConfig(ConfigurationProvider moaConfig) {
+ Map keyGroups = moaConfig.getKeyGroups();
+ Iterator iter;
+
+ for (iter = keyGroups.values().iterator(); iter.hasNext();) {
+ KeyGroup keyGroup = (KeyGroup) iter.next();
+ Set keyGroupEntries = keyGroup.getKeyGroupEntries();
+ Iterator kgIter;
+
+ for (kgIter = keyGroupEntries.iterator(); kgIter.hasNext();) {
+ KeyGroupEntry entry = (KeyGroupEntry) kgIter.next();
+
+ if (!findKeyEntryID(entry)) {
+ warn(
+ "config.31",
+ new Object[] {
+ keyGroup.getId(),
+ entry.getModuleID(),
+ entry.getIssuerDN(),
+ entry.getSerialNumber()});
+ }
+ }
+ }
+ }
+
+ /**
+ * Find out that a certain KeyGroupEntry could be resolved to a KeyEntryID
+ * by the Configurator.
+ *
+ * @param keyGroupEntry The key group entry to find.
+ * @return <code>true</code>, if the <code>keyGroupEntry</code> could be
+ * resolved to a <code>KeyEntryID</code>; otherwise <code>false</code>.
+ */
+ private boolean findKeyEntryID(KeyGroupEntry keyGroupEntry) {
+ KeyModule module = KeyModuleFactory.getInstance(new TransactionId("check"));
+ Set keyEntryIDs = module.getPrivateKeyEntryIDs();
+ Iterator iter;
+
+ for (iter = keyEntryIDs.iterator(); iter.hasNext();) {
+ KeyEntryID entry = (KeyEntryID) iter.next();
+
+ if (entry.getCertificateIssuer().equals(keyGroupEntry.getIssuerDN())
+ && entry.getCertificateSerialNumber().equals(
+ keyGroupEntry.getSerialNumber())
+ && entry.getModuleID().equals(keyGroupEntry.getModuleID())) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Log a warning.
+ *
+ * @param messageId The message ID.
+ * @param args Additional parameters for the message.
+ * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+ */
+ private void warn(String messageId, Object[] args) {
+ MessageProvider msg = MessageProvider.getInstance();
+ String txt = msg.getMessage(messageId, args);
+
+ Logger.warn(new LogMsg(txt));
+ warnings.add(txt);
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java
new file mode 100644
index 0000000..3fb842f
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.util.Properties;
+
+import iaik.logging.LogConfigurationException;
+import iaik.logging.LoggerConfig;
+
+import at.gv.egovernment.moa.logging.LoggingContextManager;
+
+/**
+ * Default implementation of the <code>LoggerConfig</code> interface.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class LoggerConfigImpl implements LoggerConfig {
+
+ /** The implementation of iaik.logging.LogFactory. */
+ private static final String DEFAULT_IMPLEMENTATION =
+ "at.gv.egovernment.moa.spss.server.logging.IaikLogFactory";
+
+ public String getFactory() {
+ return DEFAULT_IMPLEMENTATION;
+ }
+
+ public Properties getProperties() throws LogConfigurationException {
+ return new Properties();
+ }
+
+ public String getNodeId() {
+ return LoggingContextManager.getInstance().getLoggingContext().getNodeID();
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
new file mode 100644
index 0000000..5e29b5c
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
@@ -0,0 +1,113 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.pki.PKIConfiguration;
+import iaik.pki.pathvalidation.ValidationConfiguration;
+import iaik.pki.revocation.RevocationConfiguration;
+import iaik.pki.store.certstore.CertStoreConfiguration;
+import iaik.pki.store.revocation.archive.ArchiveConfiguration;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>PKIConfiguration</code> interface using data
+ * from the MOA configuration.
+ *
+ * @see iaik.pki.PKIConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class PKIConfigurationImpl implements PKIConfiguration {
+ /** The <code>CertStore</code> configuration. */
+ private CertStoreConfiguration certStoreConfiguration;
+ /** The revocation checking configuration. */
+ private RevocationConfiguration revocationConfiguration;
+ /** The revocation archive configuration. */
+ private ArchiveConfiguration archiveConfiguration;
+ /** The certificate validation configuration. */
+ private ValidationConfiguration validationConfiguration;
+
+ /**
+ * Create a new <code>PKIConfigurationImpl</code>.
+ *
+ * @param config
+ * The underlying MOA configuration which will be used to build
+ * the configuration data contained in this object.
+ */
+ public PKIConfigurationImpl(ConfigurationProvider config) {
+
+ this.certStoreConfiguration = new CertStoreConfigurationImpl(config);
+ this.revocationConfiguration = new RevocationConfigurationImpl(config);
+
+ boolean archiveInfo = config.getEnableRevocationArchiving();
+ if (archiveInfo) {
+ this.archiveConfiguration = new ArchiveConfigurationImpl(config);
+ } else {
+ this.archiveConfiguration = null;
+ }
+
+ this.validationConfiguration = new ValidationConfigurationImpl(config);
+ }
+
+ /**
+ * @see iaik.pki.PKIConfiguration#getCertStoreConfiguration()
+ */
+ public CertStoreConfiguration getCertStoreConfiguration() {
+ return certStoreConfiguration;
+ }
+
+ /**
+ * @see iaik.pki.PKIConfiguration#getRevocationConfiguration()
+ */
+ public RevocationConfiguration getRevocationConfiguration() {
+ return revocationConfiguration;
+ }
+
+ /**
+ * @see iaik.pki.PKIConfiguration#getArchiveConfiguration()
+ */
+ public ArchiveConfiguration getArchiveConfiguration() {
+ return archiveConfiguration;
+ }
+
+ /**
+ * @see iaik.pki.PKIConfiguration#getValidationConfiguration()
+ */
+ public ValidationConfiguration getValidationConfiguration() {
+ return validationConfiguration;
+ }
+
+ @Override
+ public int getConnectTimeout() {
+ // TODO AFITZEK TODO IMPLEMENT THIS METHOD
+ return 0;
+ }
+
+ @Override
+ public int getReadTimeout() {
+ // TODO AFITZEK TODO IMPLEMENT THIS METHOD
+ return 0;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
new file mode 100644
index 0000000..b03c4a2
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
@@ -0,0 +1,112 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.pki.revocation.RevocationConfiguration;
+import iaik.pki.revocation.dbcrl.config.DBCrlConfig;
+
+import java.security.cert.X509Certificate;
+import java.util.Date;
+import java.util.Map;
+import java.util.Set;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>RevocationConfiguration</code> interface using
+ * MOA configuration data.
+ *
+ * @see iaik.pki.revocation.RevocationConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class RevocationConfigurationImpl extends AbstractObservableConfiguration implements RevocationConfiguration {
+
+ /**
+ * The <code>ConfigurationProvider</code> to read the configuration data
+ * from.
+ */
+ private ConfigurationProvider config;
+
+ /**
+ * Create a new <code>RevocationConfigurationImpl</code>.
+ *
+ * @param config
+ * The underlying MOA configuration containing the configuration
+ * data.
+ */
+ public RevocationConfigurationImpl(ConfigurationProvider config) {
+ this.config = config;
+ }
+
+ /**
+ * @see iaik.pki.revocation.RevocationConfiguration#getAlternativeDistributionPoints
+ */
+ public Set getAlternativeDistributionPoints(X509Certificate cert, X509Certificate issuer, Date date) {
+ return config.getDistributionPoints(cert);
+ }
+
+ /**
+ * @see iaik.pki.revocation.RevocationConfiguration#archiveRevocationInfo(java.lang.String,
+ * java.lang.String)
+ */
+ public boolean archiveRevocationInfo(String type, String uri) {
+ return config.getEnableRevocationArchiving();
+ }
+
+ /**
+ * @see iaik.pki.revocation.RevocationConfiguration#getCrlRetentionInterval(java.lang.String)
+ */
+ public Integer getCrlRetentionInterval(String issuername) {
+ Map map = config.getCrlRetentionIntervals();
+ Integer interval = (Integer) map.get(issuername);
+
+ return interval;
+ }
+
+ @Override
+ public DBCrlConfig getDataBaseCRLConfig() {
+ // TODO AFITZEK TODO IMPLEMENT THIS METHOD
+ return null;
+ }
+
+ @Override
+ public boolean getKeepRevocationInfo() {
+ // TODO AFITZEK TODO IMPLEMENT THIS METHOD
+ return false;
+ }
+
+ @Override
+ public Set getPositiveOCSPResponders() {
+ // TODO AFITZEK TODO IMPLEMENT THIS METHOD
+ return null;
+ }
+
+ @Override
+ public boolean skipIndirectCRLCheckForAlternativeDistributionPoints() {
+ // TODO AFITZEK TODO IMPLEMENT THIS METHOD
+ return false;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java
new file mode 100644
index 0000000..937f32f
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java
@@ -0,0 +1,99 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.InputStream;
+
+import iaik.server.modules.keys.ConfigurationException;
+import iaik.server.modules.keys.SoftwareKeyModuleConfiguration;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+
+import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+
+/**
+ * An implementation of the <code>SoftwareKeyModuleConfiguration</code> wrapping
+ * a <code>SoftwareKeyModule</code> from the MOA configuration.
+ *
+ * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class SoftwareKeyModuleConfigurationImpl
+ extends AbstractKeyModuleConfigurationImpl
+ implements SoftwareKeyModuleConfiguration {
+
+ /** The wrapped <code>SoftwareKeyModule</code>. */
+ private SoftwareKeyModule keyModule;
+
+ /**
+ * Create a new <code>SoftwareKeyModuleConfigurationImpl</code>.
+ *
+ * @param keyModule The <code>SoftwareKeyModule</code> from the underlying MOA
+ * configuration.
+ */
+ public SoftwareKeyModuleConfigurationImpl(SoftwareKeyModule keyModule) {
+ super(keyModule.getId());
+ this.keyModule = keyModule;
+ }
+
+ /**
+ * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreTypeName()
+ */
+ public String getKeyStoreTypeName() {
+ return KEY_STORE_TYPE_NAME_PKCS12;
+ }
+
+ /**
+ * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreAsStream()
+ */
+ public InputStream getKeyStoreAsStream() {
+ MessageProvider msg = MessageProvider.getInstance();
+
+ try {
+ String message =
+ msg.getMessage("config.18", new Object[] { keyModule.getFileName()});
+ Logger.info(new LogMsg(message));
+ return new FileInputStream(keyModule.getFileName());
+ } catch (FileNotFoundException e) {
+ String message =
+ msg.getMessage("config.09", new Object[] { keyModule.getFileName()});
+
+ throw new ConfigurationException(message, e, null);
+ }
+ }
+
+ /**
+ * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreAuthenticationData()
+ */
+ public char[] getKeyStoreAuthenticationData() {
+ return keyModule.getPassWord().toCharArray();
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java
new file mode 100644
index 0000000..9e26fb8
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java
@@ -0,0 +1,80 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.security.cert.X509Certificate;
+import java.security.spec.AlgorithmParameterSpec;
+
+import iaik.pki.pathvalidation.ValidationConfiguration;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>ValidationConfiguration</code> interface using
+ * MOA configuration data.
+ *
+ * @see iaik.pki.pathvalidation.ValidationConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ValidationConfigurationImpl
+ extends AbstractObservableConfiguration
+ implements ValidationConfiguration {
+
+ /** The <code>ConfigurationProvider</code> to read the configuration data
+ * from. */
+ private ConfigurationProvider config;
+
+ /**
+ * Create a new <code>ValidationConfigurationImpl</code>.
+ *
+ * @param config The underlying MOA configuration data.
+ */
+ public ValidationConfigurationImpl(ConfigurationProvider config) {
+ this.config = config;
+ }
+
+ /**
+ * @see iaik.pki.pathvalidation.ValidationConfiguration#getChainingMode(java.security.cert.X509Certificate)
+ */
+ public String getChainingMode(X509Certificate cert) {
+ return config.getChainingMode(cert);
+ }
+
+ /**
+ * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsSpec(java.security.cert.X509Certificate)
+ */
+ public AlgorithmParameterSpec getPublicKeyParamsAsSpec(X509Certificate cert) {
+ return null;
+ }
+
+ /**
+ * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsCert(java.security.cert.X509Certificate)
+ */
+ public X509Certificate getPublicKeyParamsAsCert(X509Certificate cert) {
+ return null;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
new file mode 100644
index 0000000..491986b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
@@ -0,0 +1,158 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.gv.egovernment.moa.spss.server.iaik.pki;
+
+import iaik.pki.PKIProfile;
+import iaik.pki.pathvalidation.ValidationProfile;
+import iaik.pki.revocation.RevocationProfile;
+import iaik.pki.store.truststore.TrustStoreProfile;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.iaik.pki.pathvalidation.ValidationProfileImpl;
+import at.gv.egovernment.moa.spss.server.iaik.pki.revocation.RevocationProfileImpl;
+import at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore.TrustStoreProfileImpl;
+
+/**
+ * Implementation of the <code>PKIProfile</code> interface containing
+ * information needed for certificate path validation. It uses configuration
+ * data from the MOA configuration.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class PKIProfileImpl implements PKIProfile {
+
+ /** Profile information for revocation checking. */
+ private RevocationProfile revocationProfile;
+ /** Profile information about the trust profile to use. */
+ private TrustStoreProfile trustStoreProfile;
+ /** Profile information about the certificate validation. */
+ private ValidationProfile validationProfile;
+ /**
+ * The <code>ConfigurationProvider</code> to read the MOA configuration data
+ * from.
+ */
+ private ConfigurationProvider config;
+
+ /**
+ * Create a new <code>PKIProfileImpl</code>.
+ *
+ * @param config
+ * The MOA configuration providing configuration data about
+ * certificate path validation.
+ * @param trustProfileID
+ * The trust profile ID denoting the location of the trust store.
+ * @throws MOAApplicationException
+ * An error occurred building the profile.
+ */
+ public PKIProfileImpl(ConfigurationProvider config, String trustProfileID) throws MOAApplicationException {
+
+ this.config = config;
+ setRevocationProfile(new RevocationProfileImpl(config));
+ setTrustStoreProfile(new TrustStoreProfileImpl(config, trustProfileID));
+ setValidationProfile(new ValidationProfileImpl(config));
+ }
+
+ /**
+ * @see iaik.pki.PKIProfile#autoAddCertificates()
+ */
+ /*public boolean autoAddCertificates() {
+ return useAuthorityInfoAccess() ? true : config.getAutoAddCertificates();
+ }*/
+
+ /**
+ * @see iaik.pki.PKIProfile#getRevocationProfile()
+ */
+ public RevocationProfile getRevocationProfile() {
+ return revocationProfile;
+ }
+
+ /**
+ * Sets the <code>RevocationProfile</code>.
+ *
+ * @param revocationProfile
+ * The <code>RevocationProfile</code> used for revocation
+ * checking.
+ */
+ protected void setRevocationProfile(RevocationProfile revocationProfile) {
+ this.revocationProfile = revocationProfile;
+ }
+
+ /**
+ * @see iaik.pki.PKIProfile#getTrustStoreProfile()
+ */
+ public TrustStoreProfile getTrustStoreProfile() {
+ return trustStoreProfile;
+ }
+
+ /**
+ * Sets the <code>TrustStoreProfile</code>.
+ *
+ * @param trustStoreProfile
+ * The <code>TrustStoreProfile</code>.
+ */
+ protected void setTrustStoreProfile(TrustStoreProfile trustStoreProfile) {
+ this.trustStoreProfile = trustStoreProfile;
+ }
+
+ /**
+ * @see iaik.pki.PKIProfile#getValidationProfile()
+ */
+ public ValidationProfile getValidationProfile() {
+ return validationProfile;
+ }
+
+ /**
+ * Sets the <code>ValidationProfile</code>.
+ *
+ * @param validationProfile
+ * The <code>ValidationProfile</code> to set.
+ */
+ protected void setValidationProfile(ValidationProfile validationProfile) {
+ this.validationProfile = validationProfile;
+ }
+
+ /**
+ * @see iaik.pki.PKIProfile#useAuthorityInfoAccess()
+ */
+ public boolean useAuthorityInfoAccess() {
+ return config.getUseAuthorityInfoAccess();
+ }
+
+ /**
+ * @see iaik.pki.PKIProfile#autoAddCertificates()
+ */
+ @Override
+ public int autoAddCertificates() {
+ // TODO AFITZEK TODO IMPLEMENT THIS METHOD
+ return 0;
+ }
+
+ @Override
+ public TrustStoreProfile getIndirectRevocationTrustStoreProfile() {
+ // TODO AFITZEK TODO IMPLEMENT THIS METHOD
+ return null;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java
new file mode 100644
index 0000000..7e62d60
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java
@@ -0,0 +1,131 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.pki.pathvalidation;
+
+import iaik.pki.pathvalidation.ValidationProfile;
+
+import java.util.Collections;
+import java.util.Set;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>ValidationProfile</code> interface providing
+ * information about certificat path validation.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ValidationProfileImpl implements ValidationProfile {
+
+ /** The <code>ConfigurationProvider</code> to read the configuration data
+ * from. */
+ private ConfigurationProvider config;
+ private boolean initialAnyPolicyInhibit;
+ private boolean initialExplicitPolicy;
+ private boolean initialPolicyMappingInhibit;
+ private Set initialPolicySet;
+ private boolean nameConstraintsProcessing;
+ private boolean policyProcessing;
+
+ /**
+ * Create a new <code>ValidationProfileImpl</code> object.
+ *
+ * This objects's fields are preset to the following values:
+ *
+ * <ul>
+ * <li><code>initialAnyPolicyInhibit = true</code></li>
+ * <li><code>initialExplicitPoliy = true</code></li>
+ * <li><code>initialPolicyMappingInhibit = true</code></li>
+ * <li><code>initialPolicySet = empty</code></li>
+ * <li><code>policyProcessing = false</code></li>
+ * <li><code>nameConstraintsProcessing = false</code></li>
+ * <li><code>revocationChecking = false</code></li>
+ * </ul>
+ *
+ * @param config MOA configuration data for additional configuration
+ * information (currently unused).
+ */
+ public ValidationProfileImpl(ConfigurationProvider config) {
+ this.config = config;
+ initialAnyPolicyInhibit = true;
+ initialExplicitPolicy = true;
+ initialPolicyMappingInhibit = true;
+ initialPolicySet = Collections.EMPTY_SET;
+ policyProcessing = false;
+ nameConstraintsProcessing = false;
+ }
+
+ /**
+ * @see iaik.pki.pathvalidation.ValidationProfile#getInitialAnyPolicyInhibit()
+ */
+ public boolean getInitialAnyPolicyInhibit() {
+ return initialAnyPolicyInhibit;
+ }
+
+ /**
+ * @see iaik.pki.pathvalidation.ValidationProfile#getInitialExplicitPolicy()
+ */
+ public boolean getInitialExplicitPolicy() {
+ return initialExplicitPolicy;
+ }
+
+ /**
+ * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicyMappingInhibit()
+ */
+ public boolean getInitialPolicyMappingInhibit() {
+ return initialPolicyMappingInhibit;
+ }
+
+ /**
+ * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicySet()
+ */
+ public Set getInitialPolicySet() {
+ return initialPolicySet;
+ }
+
+ /**
+ * @see iaik.pki.pathvalidation.ValidationProfile#getPolicyProcessing()
+ */
+ public boolean getPolicyProcessing() {
+ return policyProcessing;
+ }
+
+ /**
+ * @see iaik.pki.pathvalidation.ValidationProfile#getNameConstraintsProcessing()
+ */
+ public boolean getNameConstraintsProcessing() {
+ return nameConstraintsProcessing;
+ }
+
+ /**
+ * @see iaik.pki.pathvalidation.ValidationProfile#getRevocationChecking()
+ */
+ public boolean getRevocationChecking()
+ {
+ return config.getEnableRevocationChecking();
+ }
+
+} \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java
new file mode 100644
index 0000000..14627b2
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java
@@ -0,0 +1,88 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.pki.revocation;
+
+import java.security.cert.X509Certificate;
+
+import iaik.pki.revocation.RevocationProfile;
+import iaik.pki.revocation.RevocationSourceTypes;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>RevocationProfile</code> interface providing
+ * information about revocation status checking, based on MOA configuration
+ * data.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class RevocationProfileImpl implements RevocationProfile {
+ /** The default service order. */
+ private static final String[] DEFAULT_SERVICE_ORDER =
+ { RevocationSourceTypes.CRL, RevocationSourceTypes.OCSP };
+ /** The <code>ConfigurationProvider</code> to read the MOA configuration data
+ * from. */
+ private ConfigurationProvider config;
+ /** The OCSP request hash algorithm. Currently only "SHA" is supported. */
+ private static final String oCSPRequestHashAlgorithm = "SHA";
+
+ /**
+ * Create a new <code>RevocationProfileImpl</code>.
+ *
+ * @param config The MOA configuration data.
+ */
+ public RevocationProfileImpl(ConfigurationProvider config) {
+ this.config = config;
+ // currently only "SHA" is supported
+// this.oCSPRequestHashAlgorithm = "";
+ }
+
+ /**
+ * @see iaik.pki.revocation.RevocationProfile#getMaxRevocationAge(String)
+ */
+ public long getMaxRevocationAge(String distributionPointUri)
+ {
+ return config.getMaxRevocationAge();
+ }
+
+ /**
+ * @see iaik.pki.revocation.RevocationProfile#getOCSPRequestHashAlgorithm()
+ */
+ public String getOCSPRequestHashAlgorithm() {
+ return oCSPRequestHashAlgorithm;
+ }
+
+ /**
+ * @see iaik.pki.revocation.RevocationProfile#getPreferredServiceOrder(java.security.cert.X509Certificate)
+ */
+ public String[] getPreferredServiceOrder(X509Certificate cert)
+ {
+ String[] serviceOrder = config.getServiceOrder();
+ if (serviceOrder == null || serviceOrder.length == 0) return DEFAULT_SERVICE_ORDER;
+ return serviceOrder;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java
new file mode 100644
index 0000000..50f237a
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java
@@ -0,0 +1,159 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import iaik.pki.store.truststore.TrustStoreProfile;
+import iaik.pki.store.truststore.TrustStoreTypes;
+import iaik.pki.store.observer.NotificationData;
+import iaik.pki.store.observer.Observer;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.config.TrustProfile;
+
+/**
+ * An implementation of the <code>TrustStoreProfile</code> interface, using data
+ * from the MOA configuration.
+ *
+ * @see iaik.pki.store.truststore.TrustStoreProfile
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class TrustStoreProfileImpl implements TrustStoreProfile {
+
+ /** The observers of this profile. */
+ private List observers = new ArrayList();
+
+ /**
+ * The trust profile identifier.
+ */
+ private String id_;
+
+ /** The type of the trust profile. */
+ private String type;
+ /** The URI of the trust profile.*/
+ private String URI;
+
+ /**
+ * Create a new <code>TrustStoreProfileImpl</code>.
+ *
+ * @param config The MOA configuration data, from which trust store
+ * configuration data is read.
+ * @param trustProfileId The trust profile id on which this
+ * <code>TrustStoreProfile</code> is based.
+ * @throws MOAApplicationException The <code>trustProfileId</code> could not
+ * be found in the MOA configuration.
+ */
+ public TrustStoreProfileImpl(
+ ConfigurationProvider config,
+ String trustProfileId)
+ throws MOAApplicationException {
+
+ TrustProfile tp = (TrustProfile) config.getTrustProfile(trustProfileId);
+ if (tp != null)
+ {
+ id_ = trustProfileId;
+ setURI(tp.getUri());
+ setType(TrustStoreTypes.DIRECTORY);
+ }
+ else
+ {
+ throw new MOAApplicationException("2203", new Object[] { trustProfileId });
+ }
+ }
+
+ /**
+ * @see iaik.pki.store.truststore.TrustStoreProfile#getType()
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * Sets the the trust store type.
+ *
+ * @param type The trust store type to set.
+ */
+ protected void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @see iaik.pki.store.truststore.TrustStoreProfile#getURI()
+ */
+ public String getURI() {
+ return URI;
+ }
+
+ /**
+ * Sets the trust store URI.
+ *
+ * @param URI The trust store URI to set.
+ */
+ protected void setURI(String URI) {
+ this.URI = URI;
+ }
+
+ //
+ // Methods of iaik.pki.store.observer.Observable interface
+ //
+
+ /**
+ * @see iaik.pki.store.observer.Observable#addObserver(iaik.pki.store.observer.Observer)
+ */
+ public void addObserver(Observer observer) {
+ observers.add(observer);
+ }
+
+ /**
+ * @see iaik.pki.store.observer.Observable#removeObserver(iaik.pki.store.observer.Observer)
+ */
+ public boolean removeObserver(Observer observer) {
+ return observers.remove(observer);
+ }
+
+ /**
+ * @see iaik.pki.store.observer.Observable#notify(iaik.pki.store.observer.NotificationData)
+ */
+ public void notify(NotificationData notificationData) {
+ for (Iterator iter = observers.iterator(); iter.hasNext();) {
+ Observer observer = (Observer) iter.next();
+ observer.notify(notificationData);
+ }
+ }
+
+ /**
+ * @see iaik.pki.store.truststore.TrustStoreProfile#getId()
+ */
+ public String getId()
+ {
+ return id_;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java
new file mode 100644
index 0000000..cc12861
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import iaik.server.modules.xml.Base64Transformation;
+
+/**
+ * An implementation of the <code>Base64Transformation</code>
+ * <code>Transformation</code> type.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class Base64TransformationImpl
+ extends TransformationImpl
+ implements Base64Transformation {
+
+ /**
+ * Create a new <code>Base64TransformationImpl</code>.
+ *
+ * @see java.lang.Object#Object()
+ */
+ public Base64TransformationImpl() {
+ setAlgorithmURI(Base64Transformation.BASE64_DECODING);
+ }
+
+ /**
+ * Compare this <code>Base64Transformation</code> to another.
+ *
+ * @param other The object to compare this<code>Base64Transformation</code>
+ * to.
+ * @return <code>true</code>, if <code>other</code> is a
+ * <code>Base64Transformation</code> and the algorithm URIs match, otherwise
+ * <code>false</code>.
+ * @see java.lang.Object#equals(Object)
+ */
+ public boolean equals(Object other) {
+ if (other instanceof Base64Transformation) {
+ Base64Transformation transform = (Base64Transformation) other;
+ return getAlgorithmURI().equals(transform.getAlgorithmURI());
+ }
+ return false;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java
new file mode 100644
index 0000000..4d627d7
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java
@@ -0,0 +1,78 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+
+import iaik.server.modules.xml.BinaryDataObject;
+
+/**
+ * A <code>BinaryDataObject</code> encapsulating Base64 data.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ByteArrayDataObjectImpl
+ extends DataObjectImpl
+ implements BinaryDataObject {
+
+ /** The binary data contained in this <code>BinaryDataObject</code>. */
+ private byte[] bytes;
+
+ /**
+ * Create a new <code>ByteArrayDataObjectImpl</code>.
+ *
+ * @param bytes The binary data contained in this
+ * <code>BinaryDataObject</code>.
+ */
+ public ByteArrayDataObjectImpl(byte[] bytes) {
+ setBytes(bytes);
+ }
+
+ /**
+ * Set the Base64 data.
+ *
+ * @param bytes The binary data contained in this
+ * <code>BinaryDataObject</code>.
+ */
+ public void setBytes(byte[] bytes) {
+ this.bytes = bytes;
+ }
+
+ /**
+ * Return the binary data encoded in the Base64 <code>String</code> as a
+ * stream.
+ *
+ * @return The binary data contained in this object, as a
+ * <code>InputStream</code>. Repeated calls to this function will return a
+ * new stream to the Base64 data.
+ * @see iaik.server.modules.xml.BinaryDataObject#getInputStream()
+ */
+ public InputStream getInputStream() {
+ return new ByteArrayInputStream(bytes);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java
new file mode 100644
index 0000000..b982c8e
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java
@@ -0,0 +1,73 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.io.InputStream;
+
+import iaik.server.modules.xml.BinaryDataObject;
+
+/**
+ * A <code>BinaryDataObject</code> encapsulating binary data from a stream.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ByteStreamDataObjectImpl
+ extends DataObjectImpl
+ implements BinaryDataObject {
+
+ /** The <code>InputStream</code> containing the binary data. */
+ private InputStream inputStream;
+
+ /**
+ * Create a new <code>ByteStreamDataObjectImpl</code>.
+ *
+ * @param inputStream The stream from which to read the binary data.
+ */
+ public ByteStreamDataObjectImpl(InputStream inputStream) {
+ setInputStream(inputStream);
+ }
+
+ /**
+ * Set the input stream from which to read the binary data.
+ *
+ * @param inputStream The input stream from which to read the binary data.
+ */
+ public void setInputStream(InputStream inputStream) {
+ this.inputStream = inputStream;
+ }
+
+ /**
+ * Return the binary data from this object as a stream.
+ *
+ * @return The stream containing the binary data. Calling this function
+ * repeatedly will always return the same <code>InputStream</code>.
+ * @see iaik.server.modules.xml.BinaryDataObject#getInputStream()
+ */
+ public InputStream getInputStream() {
+ return inputStream;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java
new file mode 100644
index 0000000..0c3a8da
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import iaik.server.modules.xml.Canonicalization;
+
+/**
+ * An implementation of the <code>CanonicalizationTransform</code>
+ * <code>Transformation</code> type.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CanonicalizationImpl
+ extends TransformationImpl
+ implements Canonicalization {
+
+ /**
+ * Create a new <code>CanonicalizationTransformImpl</code> object.
+ *
+ * @param algorithmURI The canonicalization algorithm URI.
+ */
+ public CanonicalizationImpl(String algorithmURI) {
+ setAlgorithmURI(algorithmURI);
+ }
+
+ /**
+ * Compare this object to another <code>Canonicalization</code>.
+ *
+ * @param other The object to compare this
+ * <code>Canonicalization</code> to.
+ * @return <code>true</code>, if <code>other</code> is a
+ * <code>Canonicalization</code> and the algorithm URIs match, otherwise
+ * <code>false</code>.
+ * @see java.lang.Object#equals(Object)
+ */
+ public boolean equals(Object other) {
+ if (other instanceof Canonicalization) {
+ Canonicalization c14n = (Canonicalization) other;
+ return getAlgorithmURI().equals(c14n.getAlgorithmURI());
+ }
+ return false;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java
new file mode 100644
index 0000000..702caaf
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java
@@ -0,0 +1,111 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import iaik.server.modules.xml.DataObject;
+
+/**
+ * Abstract base implementation for the classes derived from
+ * <code>DataObject</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class DataObjectImpl implements DataObject {
+
+ /** The MIME type of the data object. */
+ private String mimeType;
+ /** The refernce ID. */
+ private String referenceID;
+ /** The URI of the type. */
+ private String typeURI;
+ /** The URI identifying the data. */
+ private String URI;
+
+ /**
+ * @see iaik.server.modules.xml.DataObject#getMimeType()
+ */
+ public String getMimeType() {
+ return mimeType;
+ }
+
+ /**
+ * Set the mime type.
+ *
+ * @param mimeType The mime type to set.
+ */
+ public void setMimeType(String mimeType) {
+ this.mimeType = mimeType;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.DataObject#getReferenceID()
+ */
+ public String getReferenceID() {
+ return referenceID;
+ }
+
+ /**
+ * Set the reference ID.
+ *
+ * @param referenceID The reference ID.
+ */
+ public void setReferenceID(String referenceID) {
+ this.referenceID = referenceID;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.DataObject#getTypeURI()
+ */
+ public String getTypeURI() {
+ return typeURI;
+ }
+
+ /**
+ * Set the type URI.
+ *
+ * @param typeURI The type URI.
+ */
+ public void setTypeURI(String typeURI) {
+ this.typeURI = typeURI;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.DataObject#getURI()
+ */
+ public String getURI() {
+ return URI;
+ }
+
+ /**
+ * Set the URI.
+ *
+ * @param URI The URI.
+ */
+ public void setURI(String URI) {
+ this.URI = URI;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java
new file mode 100644
index 0000000..d582594
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java
@@ -0,0 +1,66 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import iaik.server.modules.xml.EnvelopedSignatureTransformation;
+
+/**
+ * An implementation of the <code>EnvelopedSignatureTransformation</code>
+ * <code>Transformation</code> type.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class EnvelopedSignatureTransformationImpl
+ extends TransformationImpl
+ implements EnvelopedSignatureTransformation {
+
+ /**
+ * Create a new <code>EnvelopedSignatureTransformationImpl</code>.
+ */
+ public EnvelopedSignatureTransformationImpl() {
+ setAlgorithmURI(EnvelopedSignatureTransformation.ENVELOPED_SIGNATURE);
+ }
+
+ /**
+ * Compare this object to another <code>EnvelopedSignatureTransformation</code>.
+ *
+ * @param other The object to compare this
+ * <code>EnvelopedSignatureTransformation</code> to.
+ * @return <code>true</code>, if <code>other</code> is a
+ * <code>EnvelopedSignatureTransformation</code>, otherwise
+ * <code>false</code>.
+ * @see java.lang.Object#equals(Object)
+ */
+ public boolean equals(Object other) {
+ if (other instanceof EnvelopedSignatureTransformation) {
+ EnvelopedSignatureTransformation transform =
+ (EnvelopedSignatureTransformation) other;
+ return getAlgorithmURI().equals(transform.getAlgorithmURI());
+ }
+ return false;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java
new file mode 100644
index 0000000..dfadf0c
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java
@@ -0,0 +1,100 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.util.List;
+
+import iaik.server.modules.xml.ExclusiveCanonicalization;
+
+/**
+ * An implementation of the <code>ExclusiveCanonicalization</code> type
+ * of <code>Transformation</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ExclusiveCanonicalizationImpl
+ extends TransformationImpl
+ implements ExclusiveCanonicalization {
+
+ /** The prefixes of the namespaces to treat according to canonical XML. */
+ private List inclusiveNamespacePrefixes;
+
+ /**
+ * Create a new <code>ExclusiveCanonicalizationImpl</code> object.
+ *
+ * @param algorithmURI The exclusive canonicalization algorithm URI.
+ * @param inclusiveNamespacePrefixes The namespace prefixes to be processed
+ * according to canonical XML.
+ */
+ public ExclusiveCanonicalizationImpl(
+ String algorithmURI,
+ List inclusiveNamespacePrefixes) {
+ setAlgorithmURI(algorithmURI);
+ setInclusiveNamespacePrefixes(inclusiveNamespacePrefixes);
+ }
+
+ /**
+ * Sets the namespace prefixes to be processed according to canonical XML.
+ *
+ * @param inclusiveNamespacePrefixes The prefixes of the namespaces to treat
+ * according to canonical XML.
+ */
+ protected void setInclusiveNamespacePrefixes(List inclusiveNamespacePrefixes) {
+ this.inclusiveNamespacePrefixes = inclusiveNamespacePrefixes;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.ExclusiveCanonicalization#getInclusiveNamespacePrefixes()
+ */
+ public List getInclusiveNamespacePrefixes() {
+ return inclusiveNamespacePrefixes;
+ }
+
+ /**
+ * Compare this object to another <code>CanonicalizationTransform</code>.
+ *
+ * @param other The object to compare this
+ * <code>ExclusiveCanonicalization</code> to.
+ * @return <code>true</code>, if <code>other</code> is a
+ * <code>ExclusiveCanonicalization</code> and the algorithm URIs match,
+ * otherwise <code>false</code>.
+ * @see java.lang.Object#equals(Object)
+ */
+ public boolean equals(Object other) {
+ if (other instanceof ExclusiveCanonicalization) {
+ ExclusiveCanonicalization eC14n =
+ (ExclusiveCanonicalization) other;
+ boolean algURIEquals = getAlgorithmURI().equals(eC14n.getAlgorithmURI());
+ boolean inclNSPrefs =
+ (getInclusiveNamespacePrefixes() == null || getInclusiveNamespacePrefixes().isEmpty())
+ ? eC14n.getInclusiveNamespacePrefixes() == null || eC14n.getInclusiveNamespacePrefixes().isEmpty()
+ : getInclusiveNamespacePrefixes().equals(eC14n.getInclusiveNamespacePrefixes());
+ return algURIEquals && inclNSPrefs;
+ }
+ return false;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java
new file mode 100644
index 0000000..9026d33
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.util.Date;
+
+import iaik.server.modules.xml.SigningTime;
+
+/**
+ * An implementation of the <code>SigningTime</code> <code>Property</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class SigningTimeImpl implements SigningTime {
+
+ /** The signing time. */
+ private Date signingTime;
+
+ /**
+ * Create a new <code>SigningTimeImpl</code>.
+ *
+ * @param signingTime The signing time.
+ */
+ public SigningTimeImpl(Date signingTime) {
+ this.signingTime = signingTime;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.SigningTime#getSigningTime()
+ */
+ public Date getSigningTime() {
+ return signingTime;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java
new file mode 100644
index 0000000..1595446
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import iaik.server.modules.xml.Transformation;
+
+/**
+ * Base implementation class for <code>Transformation</code> derived classes.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class TransformationImpl implements Transformation {
+
+ /** The algorithm URI identifying the transformation algorithm. */
+ private String algorithmURI;
+
+ /**
+ * @see iaik.server.modules.xml.Transformation#getAlgorithmURI()
+ */
+ public String getAlgorithmURI() {
+ return algorithmURI;
+ }
+
+ /**
+ * Sets the algorithm URI.
+ *
+ * @param algorithmURI The algorithm URI to set.
+ */
+ protected void setAlgorithmURI(String algorithmURI) {
+ this.algorithmURI = algorithmURI;
+ }
+
+ /**
+ * Returns the hash code of the algorithm URI. Should be overridden if a
+ * transformation distinguishes itself from others by more than just the
+ * algorithm URI.
+ *
+ * @see java.lang.Object#hashCode()
+ */
+ public int hashCode() {
+ return getAlgorithmURI().hashCode();
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java
new file mode 100644
index 0000000..e8444b9
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java
@@ -0,0 +1,70 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import org.w3c.dom.Element;
+
+import iaik.server.modules.xml.XMLDataObject;
+
+/**
+ * A <code>DataObject</code> containing a single DOM element.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLDataObjectImpl
+ extends DataObjectImpl
+ implements XMLDataObject {
+
+ /** The XML data contained in this <code>XMLDataObject</code>. */
+ private Element element;
+
+ /**
+ * Create a new <code>XMLDataObjectImpl</code>.
+ *
+ * @param element The DOM element contained in this
+ * <code>XMLDataObject</code>.
+ */
+ public XMLDataObjectImpl(Element element) {
+ setElement(element);
+ }
+
+ /**
+ * @see iaik.server.modules.xml.XMLDataObject#getElement()
+ */
+ public Element getElement() {
+ return element;
+ }
+
+ /**
+ * Set the DOM element contained in this <code>XMLDataObject</code>.
+ *
+ * @param element The DOM element to set.
+ */
+ public void setElement(Element element) {
+ this.element = element;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java
new file mode 100644
index 0000000..2fb9df9
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import org.w3c.dom.NodeList;
+
+import iaik.server.modules.xml.XMLNodeListDataObject;
+
+/**
+ * A <code>DataObject</code> containing a list of DOM nodes.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLNodeListDataObjectImpl
+ extends DataObjectImpl
+ implements XMLNodeListDataObject {
+
+ /** The nodes contained in this <code>XMLNodeListDataObject</code>. */
+ private NodeList nodeList;
+
+ /**
+ * Create a new <code>XMLNodeListDataObjectImpl</code>.
+ *
+ * @param nodeList The list of DOM nodes contained in this
+ * <code>XMLNodeListDataObject</code>.
+ */
+ public XMLNodeListDataObjectImpl(NodeList nodeList) {
+ setNodeList(nodeList);
+ }
+
+ /**
+ * Set the list of DOM nodes contained in this
+ * <code>XMLNodeListDataObject</code>.
+ *
+ * @param nodeList The list of DOM nodes to set.
+ */
+ public void setNodeList(NodeList nodeList) {
+ this.nodeList = nodeList;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.XMLNodeListDataObject#getNodeList()
+ */
+ public NodeList getNodeList() {
+ return nodeList;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java
new file mode 100644
index 0000000..0774726
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import org.w3c.dom.Element;
+
+import iaik.server.modules.xml.XMLSignature;
+
+/**
+ * An object containing an XMLDsig signature in the form of a
+ * <code>dsig:Signature</code> DOM element.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLSignatureImpl implements XMLSignature {
+ /** The signature DOM element. */
+ private Element element;
+
+ /**
+ * Create a new <code>XMLSignatureImpl</code>.
+ *
+ * @param element The <code>dsig:Signature</code> DOM element.
+ */
+ public XMLSignatureImpl(Element element) {
+ setElement(element);
+ }
+
+ /**
+ * Set the <code>dsig:Signature</code> DOM element.
+ *
+ * @param element The <code>dsig:Signature</code> element to set.
+ */
+ public void setElement(Element element) {
+ this.element = element;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.XMLSignature#getElement()
+ */
+ public Element getElement() {
+ return element;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java
new file mode 100644
index 0000000..d309302
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java
@@ -0,0 +1,140 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.util.Map;
+
+import iaik.server.modules.xml.XPath2Transformation;
+import iaik.server.modules.xml.XPath2Transformation.XPath2Filter;
+
+/**
+ * An object encapsulating an XPath-Filter2 expression.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XPath2FilterImpl implements XPath2Filter {
+
+ /** The type of this filter. */
+ private String filterType;
+ /** The XPath expression of this filter. */
+ private String xPathExpression;
+ /** The namespace prefix to URI mapping to use for evaluating the XPath. */
+ private Map namespaceDeclarations;
+
+ /**
+ * Create a new <code>XPath2FilterImpl</code> object.
+ *
+ * @param filterType The type of filter. Must be one of the filter type
+ * constants declared in <code>iaik.server.modules.xml.XPath2Transformation.XPath2Filter</code>
+ * @param xPathExpression The XPath expression belonging to this filter.
+ * @param namespaceDeclarations The namespace declarations visible for this
+ * XPath2Filter.
+ */
+ public XPath2FilterImpl(
+ String filterType,
+ String xPathExpression,
+ Map namespaceDeclarations) {
+
+ setFilterType(filterType);
+ setXPathExpression(xPathExpression);
+ setNamespaceDeclarations(namespaceDeclarations);
+ }
+
+ /**
+ * @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getFilterType()
+ */
+ public String getFilterType() {
+ return filterType;
+ }
+
+ /**
+ * Set the filter type.
+ *
+ * @param filterType The filter type to set.
+ */
+ protected void setFilterType(String filterType) {
+ this.filterType = filterType;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getXPathExpression()
+ */
+ public String getXPathExpression() {
+ return xPathExpression;
+ }
+
+ /**
+ * Set the XPath expression.
+ *
+ * @param xPathExpression The XPath expression to set.
+ */
+ protected void setXPathExpression(String xPathExpression) {
+ this.xPathExpression = xPathExpression;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getNamespaceDeclarations()
+ */
+ public Map getNamespaceDeclarations() {
+ return namespaceDeclarations;
+ }
+
+ /**
+ * Set the namespace declarations.
+ *
+ * @param namespaceDeclarations The mapping between namespace prefixes and
+ * their associated URI.
+ */
+ protected void setNamespaceDeclarations(Map namespaceDeclarations) {
+ this.namespaceDeclarations = namespaceDeclarations;
+ }
+
+ /**
+ * Compare this object to another.
+ *
+ * @param other The object to compare this <code>XPath2Filter</code> to.
+ * @return <code>true</code>, if <code>other</code> is a
+ * <code>XPath2Filter</code> and the filter types match and the XPath
+ * expressions match. Otherwise <code>false</code> is returned.
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ public boolean equals(Object other) {
+ if (other instanceof XPath2Transformation.XPath2Filter) {
+ XPath2Filter filter = (XPath2Transformation.XPath2Filter) other;
+ return getFilterType().equals(filter.getFilterType())
+ && getXPathExpression().equals(filter.getXPathExpression());
+ }
+ return false;
+ }
+
+ /**
+ * @see java.lang.Object#hashCode()
+ */
+ public int hashCode() {
+ return getXPathExpression().hashCode() * 31 + getFilterType().hashCode();
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java
new file mode 100644
index 0000000..f483b18
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java
@@ -0,0 +1,106 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import iaik.server.modules.xml.XPath2Transformation;
+
+/**
+ * An object encapsulating a <code>Transformation</code> containing several
+ * XPath-Filter2 expressions.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XPath2TransformationImpl
+ extends TransformationImpl
+ implements XPath2Transformation {
+
+ /** The filters contained in this <code>XPath2Transformation</code> */
+ private List xPathFilters = new ArrayList();
+
+ /**
+ * Create a new <code>XPath2TransformationImpl</code>.
+ *
+ * The list of XPath-Filter2 expression is initially empty.
+ */
+ public XPath2TransformationImpl() {
+ setAlgorithmURI(XPath2Transformation.XPATH2);
+ }
+
+ /**
+ * @see iaik.server.modules.xml.XPath2Transformation#getXPathFilters()
+ */
+ public List getXPathFilters() {
+ return xPathFilters;
+ }
+
+ /**
+ * Add an XPath-Filter2 expression to the list of filters.
+ *
+ * @param filter The filter to add.
+ */
+ public void addXPathFilter(XPath2Filter filter) {
+ xPathFilters.add(filter);
+ }
+
+ /**
+ * Compare this <code>XPath2Transformation</code> to another.
+ *
+ * @param other The object to compare this
+ * <code>XPath2Transformation</code> to.
+ * @return <code>true</code>, if <code>other</code> is an
+ * <code>XPath2Transformation</code> and <code>getXPathFilters()</code> equals
+ * <code>other.getXPathFilters()</code>. Otherwise <code>false</code> is
+ * returned.
+ * @see java.lang.Object#equals(Object)
+ */
+ public boolean equals(Object other) {
+ if (other instanceof XPath2Transformation) {
+ XPath2Transformation transform = (XPath2Transformation) other;
+
+ return getXPathFilters().equals(transform.getXPathFilters());
+ }
+ return false;
+ }
+
+ /**
+ * @see java.lang.Object#hashCode()
+ */
+ public int hashCode() {
+ Iterator iter = getXPathFilters().iterator();
+ int hashCode = 0;
+
+ while (iter.hasNext()) {
+ hashCode ^= iter.next().hashCode();
+ }
+
+ return hashCode;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java
new file mode 100644
index 0000000..06cc319
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java
@@ -0,0 +1,122 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.util.Map;
+
+import iaik.server.modules.xml.XPathTransformation;
+
+/**
+ * A <code>Transformation</code> containing an XPath expression.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XPathTransformationImpl
+ extends TransformationImpl
+ implements XPathTransformation {
+
+ /** The XPath expression. */
+ private String xPathExpression;
+ /** The namespace prefix to URI mapping to use for XPath evaluation. */
+ private Map namespaceDeclarations;
+
+ /**
+ * Create a new <code>XPathTransformationImpl</code>.
+ *
+ * The namespace declarations are initialized empty.
+ *
+ * @param xPathExpression The XPath expression this object will contain.
+ * @param namespaceDeclarations The namespace declarations visible for this
+ * XPath.
+ */
+ public XPathTransformationImpl(
+ String xPathExpression,
+ Map namespaceDeclarations) {
+
+ setAlgorithmURI(XPathTransformation.XPATH);
+ setXPathExpression(xPathExpression);
+ setNamespaceDeclarations(namespaceDeclarations);
+ }
+
+ /**
+ * Set the XPath expression.
+ *
+ * @param xPathExpression The XPath expression.
+ */
+ protected void setXPathExpression(String xPathExpression) {
+ this.xPathExpression = xPathExpression;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.XPathTransformation#getXPathExpression()
+ */
+ public String getXPathExpression() {
+ return xPathExpression;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.XPathTransformation#getNamespaceDeclarations()
+ */
+ public Map getNamespaceDeclarations() {
+ return namespaceDeclarations;
+ }
+
+ /**
+ * Set the namespace declarations.
+ *
+ * @param namespaceDeclarations The mapping between namespace prefixes and
+ * their associated URI.
+ */
+ protected void setNamespaceDeclarations(Map namespaceDeclarations) {
+ this.namespaceDeclarations = namespaceDeclarations;
+ }
+
+ /**
+ * Compare this <code>XPathTransformation</code> to another.
+ *
+ * @param other The object to compare this
+ * <code>XPathTransformation</code> to.
+ * @return <code>true</code>, if <code>other</code> is an
+ * <code>XPathTransformation</code> and if this object contains the same XPath
+ * expression as <code>other</code>. Otherwise <code>false</code> is returned.
+ * @see java.lang.Object#equals(Object)
+ */
+ public boolean equals(Object other) {
+ if (other instanceof XPathTransformation) {
+ XPathTransformation transform = (XPathTransformation) other;
+ return getXPathExpression().equals(transform.getXPathExpression());
+ }
+ return false;
+ }
+
+ /**
+ * @see java.lang.Object#hashCode()
+ */
+ public int hashCode() {
+ return getXPathExpression().hashCode();
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java
new file mode 100644
index 0000000..1c5d26a
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java
@@ -0,0 +1,217 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Collections;
+
+import javax.xml.crypto.dsig.CanonicalizationMethod;
+import javax.xml.crypto.dsig.TransformException;
+import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.spss.util.NodeListToNodeSetDataAdapter;
+import at.gv.egovernment.moa.util.NodeListAdapter;
+import at.gv.egovernment.moa.util.StreamUtils;
+import at.gv.egovernment.moa.util.XPathException;
+import at.gv.egovernment.moa.util.XPathUtils;
+import iaik.server.modules.xml.XSLTTransformation;
+import iaik.xml.crypto.dsig.XMLSignatureFactory;
+
+/**
+ * A <code>Transformation</code> containing an XSLT transformation.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XSLTTransformationImpl extends TransformationImpl implements XSLTTransformation {
+
+ /** The XSLT stylesheet. */
+ private Element styleSheetElement;
+ /**
+ * The hash code of the canonicalized stylesheet. If calculated, this value
+ * should be != 0.
+ */
+ private int hashCode;
+
+ /**
+ * Create a new <code>XSLTTransformationImpl</code> object.
+ *
+ * @param styleSheetElement
+ * The XSLT stylesheet element.
+ */
+ public XSLTTransformationImpl(Element styleSheetElement) {
+ setAlgorithmURI(XSLTTransformation.XSLT);
+ setStyleSheetElement(styleSheetElement);
+ }
+
+ /**
+ * Set the XSLT stylesheet element.
+ *
+ * @param styleSheetElement
+ * The XSLT stylesheet element to set.
+ */
+ protected void setStyleSheetElement(Element styleSheetElement) {
+ this.styleSheetElement = styleSheetElement;
+ this.hashCode = 0;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.XSLTTransformation#getStylesheetElement()
+ */
+ public Element getStylesheetElement() {
+ return styleSheetElement;
+ }
+
+ /**
+ * Compare this <code>XSLTTransformation</code> to another.
+ *
+ * @param other
+ * The object to compare this <code>XSLTTransformation</code> to.
+ * @return <code>true</code>, if <code>other</code> is an
+ * <code>XSLTTransformation</code> and if the canonicalized
+ * representations of the stylesheets contained in <code>this</code>
+ * and <code>other</code> match. Otherwise, <code>false</code> is
+ * returned.
+ * @see java.lang.Object#equals(Object)
+ */
+ public boolean equals(Object other) {
+ if (other instanceof XSLTTransformation) {
+ XSLTTransformation xslt = (XSLTTransformation) other;
+
+ return compareElements(getStylesheetElement(), xslt.getStylesheetElement());
+ }
+ return false;
+ }
+
+ /**
+ * @see java.lang.Object#hashCode()
+ */
+ public int hashCode() {
+ if (hashCode == 0) {
+ hashCode = calculateHashCode(getStylesheetElement());
+ }
+ return hashCode;
+ }
+
+ /**
+ * Calculate the hash code for a DOM element by canonicalizing it.
+ *
+ * @param element
+ * The DOM element for which the hash code is to be calculated.
+ * @return int The hash code, or <code>0</code>, if it could not be
+ * calculated.
+ */
+ private static int calculateHashCode(Element element) {
+ try {
+ InputStream is = canonicalize(element);
+ byte[] buf = new byte[256];
+ int hashCode = 1;
+ int length;
+ int i;
+
+ while ((length = is.read(buf)) > 0) {
+ for (i = 0; i < length; i++) {
+ hashCode += buf[i] * 31 + i;
+ }
+ }
+ is.close();
+ return hashCode;
+ } catch (IOException e) {
+ return 0;
+ } catch (NoSuchAlgorithmException e) {
+ return 0;
+ } catch (InvalidAlgorithmParameterException e) {
+ return 0;
+ } catch (TransformException e) {
+ return 0;
+ }
+ }
+
+ /**
+ * Compare two DOM elements by canonicalizing their contents and comparing
+ * the resulting byte stream.
+ *
+ * @param elem1
+ * The 1st element to compare.
+ * @param elem2
+ * The 2nd element to compare.
+ * @return boolean <code>true</code>, if the elements are considered equal
+ * after canonicalization. Otherwise <code>false</code> is returned.
+ */
+ private static boolean compareElements(Element elem1, Element elem2) {
+ try {
+ InputStream is1 = canonicalize(elem1);
+ InputStream is2 = canonicalize(elem2);
+ return StreamUtils.compareStreams(is1, is2);
+ } catch (IOException e) {
+ return false;
+ } catch (NoSuchAlgorithmException e) {
+ return false;
+ } catch (InvalidAlgorithmParameterException e) {
+ return false;
+ } catch (TransformException e) {
+ return false;
+ }
+ }
+
+ /**
+ * Canonicalize a DOM element.
+ *
+ * @param element The element to canonicalize.
+ * @return InputStream A stream with the canonicalized data.
+ * @throws InvalidAlgorithmParameterException
+ * @throws IOException
+ * @throws TransformException
+ * @throws AlgorithmException An error occurred canonicalizing the element.
+ */
+ private static InputStream canonicalize(Element element)
+ throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, IOException, TransformException {
+ CanonicalizationMethod canonicalizationMethod = XMLSignatureFactory.getInstance().newCanonicalizationMethod(
+ CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec());
+
+ //CanonicalizationAlgorithm c14n =
+ // new CanonicalizationAlgorithmImplExclusiveCanonicalXML();
+ NodeList nodeList;
+
+ try {
+ nodeList = XPathUtils.selectNodeList(element, XPathUtils.ALL_NODES_XPATH);
+ } catch (XPathException e) {
+ nodeList = new NodeListAdapter(Collections.EMPTY_LIST);
+ }
+ //c14n.setInput(nodeList);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ canonicalizationMethod.transform(new NodeListToNodeSetDataAdapter(nodeList), null, baos);
+ baos.close();
+ return new ByteArrayInputStream(baos.toByteArray());
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java
new file mode 100644
index 0000000..310f2dd
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java
@@ -0,0 +1,174 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xmlsign;
+
+import java.util.List;
+
+import iaik.server.modules.xmlsign.DataObjectTreatment;
+
+import at.gv.egovernment.moa.spss.server.util.IdGenerator;
+
+/**
+ * An object encapsulating how to treat an associated <code>DataObject</code>
+ * when creating a signature.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class DataObjectTreatmentImpl implements DataObjectTreatment {
+ /** The final content MIME type. */
+ private String finalContentType;
+ /** The name of the hash algorithm. */
+ private String hashAlgorithmName;
+ /** This transformations to apply to the associated data object. */
+ private List transformationList;
+ /** Supplemental information for the transformations. */
+ private List transformationSupplements;
+ /** Whether to include the associated data object in the signature. */
+ private boolean includedInSignature;
+ /** Whether to include the associated data object in the manifest. */
+ private boolean referenceInManifest;
+ /** The object ID generator. */
+ private IdGenerator objIdGen;
+
+ /**
+ * Create a new <code>DataObjectTreatmentImpl</code>.
+ *
+ * @param objIdGen The <code>IdGenerator</code> for unique object IDs.
+ */
+ public DataObjectTreatmentImpl(IdGenerator objIdGen) {
+ this.objIdGen = objIdGen;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.DataObjectTreatment#getFinalContentType()
+ */
+ public String getFinalContentType() {
+ return finalContentType;
+ }
+
+ /**
+ * Sets the final content type.
+ *
+ * @param finalContentType The final content type to set (a MIME-type type of
+ * <code>String</code>).
+ */
+ public void setFinalContentType(String finalContentType) {
+ this.finalContentType = finalContentType;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.DataObjectTreatment#getHashAlgorithmName()
+ */
+ public String getHashAlgorithmName() {
+ return hashAlgorithmName;
+ }
+
+ /**
+ * Sets the hash algorithm name.
+ *
+ * @param hashAlgorithmName The hash algorithm name to set.
+ */
+ public void setHashAlgorithmName(String hashAlgorithmName) {
+ this.hashAlgorithmName = hashAlgorithmName;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.DataObjectTreatment#isIncludedInSignature()
+ */
+ public boolean isIncludedInSignature() {
+ return includedInSignature;
+ }
+
+ /**
+ * Sets whether the associated <code>DataObject</code> is to be included in
+ * the signature.
+ *
+ * @param includedInSignature If <code>true</code>, the associated
+ * <code>DataObject</code> will be included in the signature, otherwise not.
+ */
+ public void setIncludedInSignature(boolean includedInSignature) {
+ this.includedInSignature = includedInSignature;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.DataObjectTreatment#isReferenceInManifest()
+ */
+ public boolean isReferenceInManifest() {
+ return referenceInManifest;
+ }
+
+ /**
+ * Sets whether the associated <code>DataObject</code> is
+ * to be included in the <code>dsig:Manifest</code>.
+ *
+ * @param referenceInManifest If <code>true</code>, the associated
+ * <code>DataObject</code> will be included in the manifest, otherwise not.
+ */
+ public void setReferenceInManifest(boolean referenceInManifest) {
+ this.referenceInManifest = referenceInManifest;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.DataObjectTreatment#getTransformationList()
+ */
+ public List getTransformationList() {
+ return transformationList;
+ }
+
+ /**
+ * Set the list of transformations for the associated <code>DataObject</code>.
+ *
+ * @param transformationList The transformations to set.
+ */
+ public void setTransformationList(List transformationList) {
+ this.transformationList = transformationList;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.DataObjectTreatment#getTransformationSupplements()
+ */
+ public List getTransformationSupplements() {
+ return transformationSupplements;
+ }
+
+ /**
+ * Sets the transformation supplements for the associated
+ * <code>DataObject</code>.
+ *
+ * @param transformationSupplements The transformation supplements to set.
+ */
+ public void setTransformationSupplements(List transformationSupplements) {
+ this.transformationSupplements = transformationSupplements;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.DataObjectTreatment#getDsigDataObjectID()
+ */
+ public String getDsigDataObjectID() {
+ return objIdGen.uniqueId();
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
new file mode 100644
index 0000000..7d0c5a0
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
@@ -0,0 +1,399 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xmlsign;
+
+import iaik.server.modules.algorithms.SignatureAlgorithms;
+import iaik.server.modules.keys.AlgorithmUnavailableException;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
+import iaik.server.modules.keys.UnknownKeyException;
+import iaik.server.modules.xml.Canonicalization;
+import iaik.server.modules.xmlsign.XMLSignatureCreationProfile;
+import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation;
+
+import java.util.List;
+import java.util.Set;
+
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.server.util.IdGenerator;
+
+/**
+ * An object providing auxiliary information for creating an XML signature.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLSignatureCreationProfileImpl
+ implements XMLSignatureCreationProfile {
+
+ /** The transformations to apply to a data object. */
+ private List dataObjectTreatmentList;
+ /** The set of keys available to the signing process. */
+ private Set keySet;
+ /** The type URI of the signature manifest. */
+ private String securityLayerManifestTypeURI;
+ /** Whether the created signature is to be Security Layer conform. */
+ private boolean securityLayerConform;
+ /** Where to insert the signature into the signature environment. */
+ private XMLSignatureInsertionLocation signatureInsertionLocation;
+ /** The signature structur type. */
+ private String signatureStructureType;
+ /** The type of <code>Canonicalization</code> to use for the signed info. */
+ private Canonicalization signedInfoCanonicalization;
+ /** Properties to be signed during signature creation. */
+ private List signedProperties;
+ /** The ID generator for signature IDs. */
+ private IdGenerator signatureIDGenerator;
+ /** The ID generator for manifst IDs. */
+ private IdGenerator manifestIDGenerator;
+ /** The ID generator for XMLDsig manifest IDs. */
+ private IdGenerator dsigManifestIDGenerator;
+ /** The ID generator for signed property IDs. */
+ private IdGenerator propertyIDGenerator;
+ /** The selected digest method algorithm if XAdES 1.4.2 is used */
+ private String digestMethodXAdES142;
+
+
+ /**
+ * Create a new <code>XMLSignatureCreationProfileImpl</code>.
+ *
+ * @param createProfileCount Provides external information about the
+ * number of calls to the signature creation module, using the same request.
+ * @param reservedIDs The set of IDs that must not be used while generating
+ * new IDs.
+ */
+ public XMLSignatureCreationProfileImpl(
+ int createProfileCount,
+ Set reservedIDs,
+ String digestMethodXAdES142) {
+ signatureIDGenerator =
+ new IdGenerator("signature-" + createProfileCount, reservedIDs);
+ manifestIDGenerator =
+ new IdGenerator("manifest-" + createProfileCount, reservedIDs);
+ dsigManifestIDGenerator =
+ new IdGenerator("dsig-manifest-" + createProfileCount, reservedIDs);
+ propertyIDGenerator =
+ new IdGenerator("etsi-signed-" + createProfileCount, reservedIDs);
+ this.digestMethodXAdES142 = digestMethodXAdES142;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getDataObjectTreatmentList()
+ */
+ public List getDataObjectTreatmentList() {
+ return dataObjectTreatmentList;
+ }
+
+ /**
+ * Sets the list of <code>DataObjectTreatment</code>s.
+ *
+ * @param dataObjectTreatmentList The <code>DataObjectTreatment</code>s to
+ * set.
+ */
+ public void setDataObjectTreatmentList(List dataObjectTreatmentList) {
+ this.dataObjectTreatmentList = dataObjectTreatmentList;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getKeySet()
+ */
+ public Set getKeySet() {
+ return keySet;
+ }
+
+ /**
+ * Set the set of <code>KeyEntryID</code>s which may be used for signature
+ * creation.
+ *
+ * @param keySet The set of <code>KeyEntryID</code>s to set.
+ */
+ public void setKeySet(Set keySet) {
+ this.keySet = keySet;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSecurityLayerManifestTypeURI()
+ */
+ public String getSecurityLayerManifestTypeURI() {
+ return securityLayerManifestTypeURI;
+ }
+
+ /**
+ * Set the SecurityLayerManifestTypeURI.
+ *
+ * @param securityLayerManifestTypeURI The SecurityLayerManifestTypeURI to
+ * set.
+ */
+ public void setSecurityLayerManifestTypeURI(String securityLayerManifestTypeURI) {
+ this.securityLayerManifestTypeURI = securityLayerManifestTypeURI;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureAlgorithmName(KeyEntryID)
+ */
+ public String getSignatureAlgorithmName(KeyEntryID selectedKeyID)
+ throws AlgorithmUnavailableException {
+
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ TransactionId tid = new TransactionId(context.getTransactionID());
+ KeyModule module = KeyModuleFactory.getInstance(tid);
+ Set algorithms;
+
+ try {
+ algorithms = module.getSupportedSignatureAlgorithms(selectedKeyID);
+ } catch (UnknownKeyException e) {
+ throw new AlgorithmUnavailableException(
+ "Unknown key entry: " + selectedKeyID,
+ e,
+ null);
+ }
+
+ if (digestMethodXAdES142 == null) {
+ // XAdES 1.4.2 not enabled - legacy MOA
+ if (algorithms.contains(SignatureAlgorithms.MD2_WITH_RSA)
+ || algorithms.contains(SignatureAlgorithms.MD5_WITH_RSA)
+ || algorithms.contains(SignatureAlgorithms.RIPEMD128_WITH_RSA)
+ || algorithms.contains(SignatureAlgorithms.RIPEMD160_WITH_RSA)
+ || algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)
+ || algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
+
+ return SignatureAlgorithms.SHA1_WITH_RSA;
+ } else if (
+ algorithms.contains(SignatureAlgorithms.ECDSA)) {
+ return SignatureAlgorithms.ECDSA;
+ } else if (
+ algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ }
+ else {
+ // XAdES 1.4.2 is enabled: select signature algorithm according to selected digest method
+ if (digestMethodXAdES142.compareTo("SHA-1") == 0) {
+ Logger.warn("XAdES version 1.4.2 is enabled, but SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)");
+
+ if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) {
+ return SignatureAlgorithms.SHA1_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) {
+ return SignatureAlgorithms.ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+
+ } else if (digestMethodXAdES142.compareTo("SHA-256") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
+ return SignatureAlgorithms.SHA256_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA256_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else if (digestMethodXAdES142.compareTo("SHA-384") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) {
+ return SignatureAlgorithms.SHA384_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA384_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else if (digestMethodXAdES142.compareTo("SHA-512") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) {
+ return SignatureAlgorithms.SHA512_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA512_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ }
+ else {
+ throw new AlgorithmUnavailableException(
+ "No signature algorithm found for digest algorithm '" + digestMethodXAdES142,
+ null,
+ null);
+ }
+
+ }
+
+
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureInsertionLocation()
+ */
+ public XMLSignatureInsertionLocation getSignatureInsertionLocation() {
+ return signatureInsertionLocation;
+ }
+
+ /**
+ * Set the location where the signature is to be inserted into the signature
+ * parent.
+ *
+ * @param signatureInsertionLocation The location to set.
+ */
+ public void setSignatureInsertionLocation(XMLSignatureInsertionLocation signatureInsertionLocation) {
+ this.signatureInsertionLocation = signatureInsertionLocation;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureStructureType()
+ */
+ public String getSignatureStructureType() {
+ return signatureStructureType;
+ }
+
+ /**
+ * Set the signature structure type.
+ * @param signatureStructureType The signature structure type to set.
+ */
+ public void setSignatureStructureType(String signatureStructureType) {
+ this.signatureStructureType = signatureStructureType;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedInfoCanonicalization()
+ */
+ public Canonicalization getSignedInfoCanonicalization() {
+ return signedInfoCanonicalization;
+ }
+
+ /**
+ * Sets the canonicalization method to use for the SignedInfo object.
+ *
+ * @param signedInfoCanonicalization The canonicalization method to set.
+ */
+ public void setSignedInfoCanonicalization(Canonicalization signedInfoCanonicalization) {
+ this.signedInfoCanonicalization = signedInfoCanonicalization;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedProperties()
+ */
+ public List getSignedProperties() {
+ return signedProperties;
+ }
+
+ /**
+ * Set the signed properties.
+ *
+ * @param signedProperties The signed properties to set.
+ */
+ public void setSignedProperties(List signedProperties) {
+ this.signedProperties = signedProperties;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#isSecurityLayerConform()
+ */
+ public boolean isSecurityLayerConform() {
+ return securityLayerConform;
+ }
+
+ /**
+ * Sets the security layer conformity.
+ *
+ * @param securityLayerConform <code>true</code>, if the created signature
+ * is to be conform to the Security Layer specification.
+ */
+ public void setSecurityLayerConform(boolean securityLayerConform) {
+ this.securityLayerConform = securityLayerConform;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureID()
+ */
+ public String getSignatureID() {
+ return signatureIDGenerator.uniqueId();
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSecurityLayerManifestID()
+ */
+ public String getSecurityLayerManifestID() {
+ return manifestIDGenerator.uniqueId();
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getDsigManifestID()
+ */
+ public String getDsigManifestID() {
+ return dsigManifestIDGenerator.uniqueId();
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedPropertiesID()
+ */
+ public String getSignedPropertiesID() {
+ return propertyIDGenerator.uniqueId();
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getPermitFileURIs()
+ */
+ public boolean getPermitFileURIs() {
+ return false;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java
new file mode 100644
index 0000000..90c1f49
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xmlsign;
+
+import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation;
+
+/**
+ * An object giving the location of where the signature will be
+ * inserted into the parent element.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLSignatureInsertionLocationImpl
+ implements XMLSignatureInsertionLocation {
+
+ /** Where to put the signature into the signature parent element. */
+ private int signatureChildIndex;
+
+ /**
+ * Create a new <code>XMLSignatureInsertLocationImpl</code>.
+ *
+ * @param signatureChildIndex The position index at which to append the
+ * signature to the parent element.
+ */
+ public XMLSignatureInsertionLocationImpl(int signatureChildIndex) {
+ setSignatureChildIndex(signatureChildIndex);
+ }
+
+ /**
+ * @see iaik.server.modules.xmlsign.XMLSignatureInsertionLocation#getSignatureChildIndex()
+ */
+ public int getSignatureChildIndex() {
+ return signatureChildIndex;
+ }
+
+ /**
+ * Sets the position index at which to append the signature to the parent
+ * element.
+ *
+ * @param signatureChildIndex The position index to set.
+ */
+ public void setSignatureChildIndex(int signatureChildIndex) {
+ this.signatureChildIndex = signatureChildIndex;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java
new file mode 100644
index 0000000..f4c9126
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java
@@ -0,0 +1,177 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.xmlverify;
+
+import java.util.List;
+
+import iaik.pki.PKIProfile;
+import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile;
+
+/**
+ * An object providing auxiliary information for verifying an XML signature.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLSignatureVerificationProfileImpl
+ implements XMLSignatureVerificationProfile {
+
+ /** Whether to check the Security Layer manifest. */
+ private boolean checkSecurityLayerManifest;
+ /** Whether to check the XMLDsig manifest. */
+ private boolean checkXMLDsigManifests;
+ /** The profile for validating the signer certificate. */
+ private PKIProfile certificateValidationProfile;
+ /** Supplements for the transformations. */
+ private List transformationSupplements;
+ /** Whether to include hash input data in the response. */
+ private boolean includeHashInputData;
+ /** Whether to include reference input data in the response. */
+ private boolean includeReferenceInputData;
+ /** Whether the file URIs are permitted */
+ private boolean permitFileURIs;
+ /**
+ * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#checkSecurityLayerManifest()
+ */
+ public boolean checkSecurityLayerManifest() {
+ return checkSecurityLayerManifest;
+ }
+
+ /**
+ * Set whether to check the references in the Security Layer manifest.
+ *
+ * @param checkSecurityLayerManifest <code>true</code>, if the references
+ * in the Security Layer manifest must be checked.
+ */
+ public void setCheckSecurityLayerManifest(boolean checkSecurityLayerManifest) {
+ this.checkSecurityLayerManifest = checkSecurityLayerManifest;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#checkXMLDsigManifests()
+ */
+ public boolean checkXMLDsigManifests() {
+ return checkXMLDsigManifests;
+ }
+
+ /**
+ * Sets whether to check the references of all XML Dsig manifests.
+ *
+ * @param checkXMLDSigManifests <code>true</code>, if the references in the
+ * XML Dsig manifest must be checked.
+ */
+ public void setCheckXMLDsigManifests(boolean checkXMLDSigManifests) {
+ this.checkXMLDsigManifests = checkXMLDSigManifests;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getCertificateValidationProfile()
+ */
+ public PKIProfile getCertificateValidationProfile() {
+ return certificateValidationProfile;
+ }
+
+ /**
+ * Sets the profile for validating the signer certificate.
+ *
+ * @param certificateValidationProfile The certificate validation profile to
+ * set.
+ */
+ public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) {
+ this.certificateValidationProfile = certificateValidationProfile;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getTransformationSupplements()
+ */
+ public List getTransformationSupplements() {
+ return transformationSupplements;
+ }
+
+ /**
+ * Sets the transformation supplements.
+ *
+ * @param transformationSupplements The transformation supplements to set.
+ */
+ public void setTransformationSupplements(List transformationSupplements) {
+ this.transformationSupplements = transformationSupplements;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#includeHashInputData()
+ */
+ public boolean includeHashInputData() {
+ return includeHashInputData;
+ }
+
+ /**
+ * Set whether to include the hash input data in the result.
+ *
+ * @param includeHashInputData If <code>true</code>, the hash input data
+ * will be returned in the result.
+ */
+ public void setIncludeHashInputData(boolean includeHashInputData) {
+ this.includeHashInputData = includeHashInputData;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#includeReferenceInputData()
+ */
+ public boolean includeReferenceInputData() {
+ return includeReferenceInputData;
+ }
+
+ /**
+ * Set whether to include the reference input data in the result.
+ *
+ * @param includeReferenceInputData If <code>true</code>, the reference
+ * input data will be included in the result.
+ */
+ public void setIncludeReferenceInputData(boolean includeReferenceInputData) {
+ this.includeReferenceInputData = includeReferenceInputData;
+ }
+
+ /**
+ * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getPermitFileURIs()
+ */
+ public boolean getPermitFileURIs() {
+ return permitFileURIs;
+ }
+
+ /**
+ * Set whether the file URIs are permitted or not
+ *
+ * @param permitFileURIs whether the file URIs are permitted or not
+ */
+ public void setPermitFileURIs(boolean permitFileURIs)
+ {
+ this.permitFileURIs = permitFileURIs;
+ }
+
+ @Override
+ public String getTargetLevel() {
+ return XMLSignatureVerificationProfile.LEVEL_B;
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ConfiguratorImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ConfiguratorImpl.java
new file mode 100644
index 0000000..8ab01d6
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ConfiguratorImpl.java
@@ -0,0 +1,66 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.init;
+
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.Configurator;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
+
+/**
+ * Default implementation of <code>Configurator</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ConfiguratorImpl extends Configurator {
+ /** whether the configuration has been initialized */
+ private boolean initialized = false;
+
+ public void init() throws MOAException {
+ if (!initialized) {
+ SystemInitializer.init();
+ initialized = true;
+ }
+ }
+
+ public void update() throws MOAException {
+ if (!initialized) {
+ return;
+ }
+
+ try {
+ // reconfigure the system
+ ConfigurationProvider config = ConfigurationProvider.reload();
+ new IaikConfigurator().configure(config);
+ } catch (MOAException e) {
+ throw e;
+ } catch (Throwable t) {
+ throw new ConfigurationException("", null, t);
+ }
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ExternalInitializer.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ExternalInitializer.java
new file mode 100644
index 0000000..692ee53
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ExternalInitializer.java
@@ -0,0 +1,7 @@
+package at.gv.egovernment.moa.spss.server.init;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+public interface ExternalInitializer {
+ public void initialize(ConfigurationProvider configurationProvider);
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
new file mode 100644
index 0000000..f2663cf
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
@@ -0,0 +1,253 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.init;
+
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.security.cert.CertificateException;
+import java.util.Calendar;
+import java.util.Date;
+import java.util.GregorianCalendar;
+import java.util.Iterator;
+import java.util.ServiceLoader;
+import java.util.Timer;
+
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.logging.LoggingContext;
+import at.gv.egovernment.moa.logging.LoggingContextManager;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
+import at.gv.egovernment.moa.spss.server.service.RevocationArchiveCleaner;
+import at.gv.egovernment.moa.spss.tsl.connector.TSLConnector;
+import at.gv.egovernment.moa.spss.tsl.timer.TSLUpdaterTimerTask;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import iaik.pki.store.certstore.CertStoreException;
+import iaik.pki.store.truststore.TrustStoreException;
+import iaik.server.ConfigurationData;
+import iaik.xml.crypto.tsl.ex.TSLEngineDiedException;
+import iaik.xml.crypto.tsl.ex.TSLSearchException;
+
+/**
+ * MOA SP/SS web service initialization.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class SystemInitializer {
+ /** Interval between archive cleanups in seconds */
+ private static final long ARCHIVE_CLEANUP_INTERVAL = 60 * 60; // 1h
+ /** The MOA SP/SS logging hierarchy. */
+ private static final String LOGGING_HIERARCHY = "moa.spss.server";
+ /** Whether XML schema grammars have been initialized. */
+ private static boolean grammarsInitialized = false;
+
+ private static final org.slf4j.Logger logger = LoggerFactory.getLogger(SystemInitializer.class);
+
+ private static ServiceLoader<ExternalInitializer> initializerServices =
+ ServiceLoader.load(ExternalInitializer.class);
+
+
+ private static void runInitializer(ConfigurationProvider configurationProvider) {
+ Iterator<ExternalInitializer> initializerIterator = initializerServices.iterator();
+
+ while(initializerIterator.hasNext()) {
+ ExternalInitializer externalInitializer = initializerIterator.next();
+ externalInitializer.initialize(configurationProvider);
+ }
+ }
+
+ /**
+ * Initialize the MOA SP/SS webservice.
+ */
+ public static void init() {
+
+ logger.info("##############################################################################");
+ logger.info("##############################################################################");
+ logger.info("### ###");
+ logger.info("### LOADING MOA-SIG ###");
+ logger.info("### =============== ###");
+ logger.info("### ###");
+ logger.info("##############################################################################");
+ logger.info("##############################################################################");
+
+ MessageProvider msg = MessageProvider.getInstance();
+
+ Thread archiveCleaner;
+
+ // set up the MOA SPSS logging hierarchy
+ Logger.setHierarchy(LOGGING_HIERARCHY);
+
+ // set up a logging context for logging the startup
+ LoggingContextManager.getInstance().setLoggingContext(
+ new LoggingContext("startup"));
+
+// AxisProperties.setProperty("enableNamespacePrefixOptimization","false");
+// AxisProperties.setProperty("disablePrettyXML", "true");
+// AxisProperties.setProperty("axis.doAutoTypes", "true");
+
+ // initialize preparsed Xerces grammar pool for faster XML
+ // parsing/validating
+ try {
+ if (!grammarsInitialized) {
+ Class clazz = SystemInitializer.class;
+ // preparse XML schema
+ DOMUtils.addSchemaToPool(
+ clazz.getResourceAsStream(Constants.XML_SCHEMA_LOCATION),
+ Constants.XML_NS_URI);
+ // preparse XMLDsig Filter2 schema
+ DOMUtils.addSchemaToPool(
+ clazz.getResourceAsStream(Constants.DSIG_FILTER2_SCHEMA_LOCATION),
+ Constants.DSIG_FILTER2_NS_URI);
+ // preparse XMLDsig schema
+ DOMUtils.addSchemaToPool(
+ clazz.getResourceAsStream(Constants.DSIG_SCHEMA_LOCATION),
+ Constants.DSIG_NS_URI);
+ // preparse MOA schema
+ DOMUtils.addSchemaToPool(
+ clazz.getResourceAsStream(Constants.MOA_SCHEMA_LOCATION),
+ Constants.MOA_NS_URI);
+ grammarsInitialized = true;
+ }
+ } catch (IOException e) {
+ Logger.warn(new LogMsg(msg.getMessage("init.04", null)), e);
+ }
+
+ // initialize configuration
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ Logger.info("Building ConfigurationData");
+ ConfigurationData configData = new IaikConfigurator().configure(config);
+
+ //initialize TSL module
+ TSLConfiguration tslconfig = config.getTSLConfiguration();
+
+ TSLConnector tslconnector = new TSLConnector();
+ if (tslconfig != null) {
+ //Logger.info(new LogMsg(msg.getMessage("init.01", null)));
+ Logger.info(new LogMsg(msg.getMessage("config.41", null)));
+ tslconnector.initialize(tslconfig.getEuTSLUrl(), tslconfig.getWorkingDirectory(), null, null);
+
+ }
+
+ //start TSL Update
+ TSLUpdaterTimerTask.tslconnector_ = tslconnector;
+ TSLUpdaterTimerTask.configData_ = configData;
+ TSLUpdaterTimerTask.update();
+
+ //initialize TSL Update Task
+ initTSLUpdateTask(tslconfig);
+
+ runInitializer(config);
+
+ Logger.info(new LogMsg(msg.getMessage("init.01", null)));
+ } catch (MOAException e) {
+ Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
+ }
+ catch (TSLEngineDiedException e) {
+ Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
+ }
+ catch (TSLSearchException e) {
+ Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
+ }
+ catch (CertStoreException e) {
+ Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
+ } catch (TrustStoreException e) {
+ Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
+ } catch (FileNotFoundException e) {
+ Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
+ } catch (IOException e) {
+ Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
+ } catch (CertificateException e) {
+ Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
+ }
+
+
+
+ // CHANGE IXSIL to XSECT
+ // set IXSIL debug output
+ //IXSILInit.setPrintDebugLog(
+ // Logger.isDebugEnabled(IaikLog.IAIK_LOG_HIERARCHY));
+ //Logger.info("Registering XSECT");
+ //XSecProvider.addAsProvider(true);
+
+ // start the archive cleanup thread
+ archiveCleaner =
+ new Thread(new RevocationArchiveCleaner(ARCHIVE_CLEANUP_INTERVAL));
+ archiveCleaner.setName("RevocationArchiveCleaner");
+ archiveCleaner.setDaemon(true);
+ archiveCleaner.setPriority(Thread.MIN_PRIORITY);
+ archiveCleaner.start();
+
+ // unset the startup logging context
+ LoggingContextManager.getInstance().setLoggingContext(null);
+ logger.info("==============================================================================");
+ logger.info("=== CONFIGURATION DONE ===");
+ logger.info("==============================================================================");
+ }
+
+ private static void initTSLUpdateTask(TSLConfiguration tslconfig) {
+ MessageProvider msg = MessageProvider.getInstance();
+ if (tslconfig != null) {
+ // get start time and period from config
+ long period = tslconfig.getUpdateSchedulePeriod();
+ Date startConfig = tslconfig.getUpdateScheduleStartTime();
+
+ // get hh:mm:ss from config date
+ Calendar calendar = GregorianCalendar.getInstance(); // creates a new calendar instance
+ calendar.setTime(startConfig); // assigns calendar to given date
+ int hour = calendar.get(Calendar.HOUR_OF_DAY);
+ int min = calendar.get(Calendar.MINUTE);
+ int sec = calendar.get(Calendar.SECOND);
+
+ // create date with today and time from config
+ Calendar cal = Calendar.getInstance();
+ Date now = cal.getTime();
+ cal.set(Calendar.HOUR_OF_DAY, hour);
+ cal.set(Calendar.MINUTE, min);
+ cal.set(Calendar.SECOND, sec);
+
+ // proposed start time
+ Date start = cal.getTime();
+
+ // if start time has already passed today - add one day (86400000 milliseconds = 1 day)
+ if (start.before(now))
+ start = new Date(start.getTime() + 86400000);
+
+ Logger.debug(new LogMsg(msg.getMessage("config.46", new String[]{start.toString(), "" + period})));
+
+ // start TSL updater task
+ Timer timer = new Timer();
+ timer.schedule(new TSLUpdaterTimerTask(), start, period);
+ }
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
new file mode 100644
index 0000000..718673a
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
@@ -0,0 +1,437 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import iaik.server.modules.algorithms.HashAlgorithms;
+import iaik.server.modules.cmssign.CMSSignature;
+import iaik.server.modules.cmssign.CMSSignatureCreationException;
+import iaik.server.modules.cmssign.CMSSignatureCreationModule;
+import iaik.server.modules.cmssign.CMSSignatureCreationModuleFactory;
+import iaik.server.modules.cmssign.CMSSignatureCreationProfile;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.math.BigDecimal;
+import java.math.BigInteger;
+import java.security.Principal;
+import java.security.cert.X509Certificate;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo;
+import at.gv.egovernment.moa.spss.api.cmssign.SingleSignatureInfo;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentExcplicit;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentReference;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+import at.gv.egovernment.moa.spss.api.impl.CreateCMSSignatureResponseImpl;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry;
+import at.gv.egovernment.moa.spss.server.iaik.cmssign.CMSSignatureCreationProfileImpl;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.util.Constants;
+
+/**
+ * A class providing an API based interface to the
+ * <code>CMSSignatureCreationModule</code>.
+ *
+ * This class performs the invocation of the
+ * <code>iaik.server.modules.cmssign.CMSSignatureCreationModule</code> from a
+ * <code>CreateCMSSignatureRequest</code> given as an API object. The result of
+ * the invocation is integrated into a <code>CreateCMSSignatureResponse</code>
+ * and returned.
+ *
+ * @version $Id$
+ */
+public class CMSSignatureCreationInvoker {
+
+ private static Map HASH_ALGORITHM_MAPPING;
+
+ static {
+ HASH_ALGORITHM_MAPPING = new HashMap();
+ HASH_ALGORITHM_MAPPING.put(Constants.SHA1_URI, HashAlgorithms.SHA1);
+ HASH_ALGORITHM_MAPPING.put(Constants.SHA256_URI, HashAlgorithms.SHA256);
+ HASH_ALGORITHM_MAPPING.put(Constants.SHA384_URI, HashAlgorithms.SHA384);
+ HASH_ALGORITHM_MAPPING.put(Constants.SHA512_URI, HashAlgorithms.SHA512);
+ }
+
+
+ /** The single instance of this class. */
+ private static CMSSignatureCreationInvoker instance = null;
+
+ /**
+ * Get the only instance of this class.
+ *
+ * @return The only instance of this class.
+ */
+ public static synchronized CMSSignatureCreationInvoker getInstance() {
+ if (instance == null) {
+ instance = new CMSSignatureCreationInvoker();
+ }
+ return instance;
+ }
+
+ /**
+ * Create a new <code>CMSSignatureCreationInvoker</code>.
+ *
+ * Protected to disallow multiple instances.
+ */
+ protected CMSSignatureCreationInvoker() {
+ }
+
+
+
+ /**
+ * Process the <code>CreateCMSSignatureRequest<code> message and invoke the
+ * <code>XMLSignatureCreationModule</code> for every
+ * <code>SingleSignatureInfo</code> contained in the request.
+ *
+ * @param request A <code>CreateCMSSignatureRequest<code> API object
+ * containing the information for creating the signature(s).
+ * @param reserved A <code>Set</code> of reserved object IDs.
+ *
+ * @return A <code>CreateCMSSignatureResponse</code> API object containing
+ * the created signature(s). The response contains either a
+ * <code>SignatureEnvironment</code> or a <code>ErrorResponse</code>
+ * for each <code>SingleSignatureInfo</code> in the request.
+ * @throws MOAException An error occurred during signature creation.
+ */
+ public CreateCMSSignatureResponse createCMSSignature(
+ CreateCMSSignatureRequest request,
+ Set reserved)
+ throws MOAException {
+
+ TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ //LoggingContext loggingCtx = LoggingContextManager.getInstance().getLoggingContext();
+
+ CreateCMSSignatureResponseBuilder responseBuilder = new CreateCMSSignatureResponseBuilder();
+ CreateCMSSignatureResponse response = new CreateCMSSignatureResponseImpl();
+
+ boolean isSecurityLayerConform = false;
+ String structure = null;
+ String mimetype = null;
+
+ // select the SingleSignatureInfo elements
+ Iterator singleSignatureInfoIter = request.getSingleSignatureInfos().iterator();
+
+ // iterate over all the SingleSignatureInfo elements in the request
+ while (singleSignatureInfoIter.hasNext()) {
+ SingleSignatureInfo singleSignatureInfo = (SingleSignatureInfo) singleSignatureInfoIter.next();
+ isSecurityLayerConform = singleSignatureInfo.isSecurityLayerConform();
+
+
+ DataObjectInfo dataObjectInfo = singleSignatureInfo.getDataObjectInfo();
+ structure = dataObjectInfo.getStructure();
+
+ CMSDataObject dataobject = dataObjectInfo.getDataObject();
+ MetaInfo metainfo = dataobject.getMetaInfo();
+ mimetype = metainfo.getMimeType();
+
+ CMSContent content = dataobject.getContent();
+ InputStream contentIs = null;
+ // build the content data
+ switch (content.getContentType()) {
+ case CMSContent.EXPLICIT_CONTENT :
+ contentIs = ((CMSContentExcplicit) content).getBinaryContent();
+ break;
+ case CMSContent.REFERENCE_CONTENT :
+ String reference = ((CMSContentReference) content).getReference();
+ if (!"".equals(reference)) {
+ ExternalURIResolver resolver = new ExternalURIResolver();
+ contentIs = resolver.resolve(reference);
+ } else {
+ throw new MOAApplicationException("2301", null);
+ }
+ break;
+ default : {
+ throw new MOAApplicationException("2301", null);
+ }
+ }
+
+ // create CMSSignatureCreationModuleFactory
+ CMSSignatureCreationModule module = CMSSignatureCreationModuleFactory.getInstance();
+
+ List signedProperties = null;
+ boolean includeData = true;
+ if (structure.compareTo("enveloping") == 0)
+ includeData = true;
+ if (structure.compareTo("detached") == 0)
+ includeData = false;
+
+ ConfigurationProvider config = context.getConfiguration();
+
+ // get the key group id
+ String keyGroupID = request.getKeyIdentifier();
+ // set the key set
+ Set keySet = buildKeySet(keyGroupID);
+ if (keySet == null) {
+ throw new MOAApplicationException("2231", null);
+ } else if (keySet.size() == 0) {
+ throw new MOAApplicationException("2232", null);
+ }
+
+ // get digest algorithm
+ String digestAlgorithm = getDigestAlgorithm(config, keyGroupID);
+
+ // create CMSSignatureCreation profile:
+ CMSSignatureCreationProfile profile = new CMSSignatureCreationProfileImpl(
+ keySet,
+ digestAlgorithm,
+ signedProperties,
+ isSecurityLayerConform,
+ includeData,
+ mimetype);
+
+ // create CMSSignature from the CMSSignatureCreationModule
+ // build the additionalSignedProperties
+ List additionalSignedProperties = buildAdditionalSignedProperties();
+ TransactionId tid = new TransactionId(context.getTransactionID());
+ try {
+ CMSSignature signature = module.createSignature(profile, additionalSignedProperties, tid);
+ ByteArrayOutputStream out = new ByteArrayOutputStream();
+ // get CMS SignedData output stream from the CMSSignature and wrap it around out
+ boolean base64 = true;
+ OutputStream signedDataStream = signature.getSignature(out, base64);
+
+ // now write the data to be signed to the signedDataStream
+
+ int byteRead;
+ BigDecimal counter = new BigDecimal("0");
+ BigDecimal one = new BigDecimal("1");
+
+ while ((byteRead=contentIs.read()) >= 0) {
+ //System.out.println("counterXX: " + counter);
+
+ if (inRange(counter, dataobject)) {
+ //System.out.println("Lösche...");
+ // set byte to 0x00
+ signedDataStream.write(0);
+ }
+ else
+ signedDataStream.write(byteRead);
+
+ counter = counter.add(one);
+ }
+
+
+// byte[] buf = new byte[4096];
+// int bytesRead;
+// while ((bytesRead = contentIs.read(buf)) >= 0) {
+// signedDataStream.write(buf, 0, bytesRead);
+// }
+//
+ // finish SignedData processing by closing signedDataStream
+ signedDataStream.close();
+ String base64value = out.toString();
+
+ responseBuilder.addCMSSignature(base64value);
+
+
+ } catch (CMSSignatureCreationException e) {
+ MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+
+ responseBuilder.addError(
+ moaException.getMessageId(),
+ moaException.getMessage());
+ Logger.warn(moaException.getMessage(), e);
+
+ }
+ catch (IOException e) {
+ throw new MOAApplicationException("2301", null, e);
+ }
+
+ }
+
+
+ return responseBuilder.getResponse();
+ }
+
+ private boolean inRange(BigDecimal counter, CMSDataObject dataobject) {
+ BigDecimal from = dataobject.getExcludeByteRangeFrom();
+ BigDecimal to = dataobject.getExcludeByteRangeTo();
+
+ if ( (from == null) || (to == null))
+ return false;
+
+ int compare = counter.compareTo(from);
+ if (compare == -1)
+ return false;
+ else {
+ compare = counter.compareTo(to);
+ if (compare == 1)
+ return false;
+ else
+ return true;
+ }
+
+
+
+ }
+
+
+ private String getDigestAlgorithm(ConfigurationProvider config, String keyGroupID) throws MOASystemException {
+ // get digest method on key group level (if configured)
+ String configDigestMethodKG = config.getKeyGroup(keyGroupID).getDigestMethodAlgorithm();
+ // get default digest method (if configured)
+ String configDigestMethod = config.getDigestMethodAlgorithmName();
+
+
+ String digestMethod = null;
+ if (configDigestMethodKG != null) {
+ // if KG specific digest method is configured
+ digestMethod = (String) HASH_ALGORITHM_MAPPING.get(configDigestMethodKG);
+ if (digestMethod == null) {
+ error(
+ "config.17",
+ new Object[] { configDigestMethodKG});
+ throw new MOASystemException("2900", null);
+ }
+ Logger.debug("Digest algorithm: " + digestMethod + "(configured in KeyGroup)");
+ }
+ else {
+ // else get default configured digest method
+ digestMethod = (String) HASH_ALGORITHM_MAPPING.get(configDigestMethod);
+ if (digestMethod == null) {
+ error(
+ "config.17",
+ new Object[] { configDigestMethod});
+ throw new MOASystemException("2900", null);
+ }
+ Logger.debug("Digest algorithm: " + digestMethod + "(default)");
+
+ }
+ return digestMethod;
+ }
+
+ /**
+ * Utility function to issue an error message to the log.
+ *
+ * @param messageId The ID of the message to log.
+ * @param parameters Additional message parameters.
+ */
+ private static void error(String messageId, Object[] parameters) {
+ MessageProvider msg = MessageProvider.getInstance();
+
+ Logger.error(new LogMsg(msg.getMessage(messageId, parameters)));
+ }
+
+ /**
+ * Build the set of <code>KeyEntryID</code>s available to the given
+ * <code>keyGroupID</code>.
+ *
+ * @param keyGroupID The keygroup ID for which the available keys should be
+ * returned.
+ * @return The <code>Set</code> of <code>KeyEntryID</code>s
+ * identifying the available keys.
+ */
+ private Set buildKeySet(String keyGroupID) {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ Set keyGroupEntries;
+
+ // get the KeyGroup entries from the configuration
+ if (context.getClientCertificate() != null) {
+ X509Certificate cert = context.getClientCertificate()[0];
+ Principal issuer = cert.getIssuerDN();
+ BigInteger serialNumber = cert.getSerialNumber();
+
+ keyGroupEntries =
+ config.getKeyGroupEntries(issuer, serialNumber, keyGroupID);
+ } else {
+ keyGroupEntries = config.getKeyGroupEntries(null, null, keyGroupID);
+ }
+
+ // map the KeyGroup entries to a set of KeyEntryIDs
+ if (keyGroupEntries == null) {
+ return null;
+ } else if (keyGroupEntries.size() == 0) {
+ return Collections.EMPTY_SET;
+ } else {
+ KeyModule module =
+ KeyModuleFactory.getInstance(
+ new TransactionId(context.getTransactionID()));
+ Set keyEntryIDs = module.getPrivateKeyEntryIDs();
+ Set keySet = new HashSet();
+ Iterator iter;
+
+ // filter out the keys that do not exist in the IAIK configuration
+ // by walking through the key entries and checking if the exist in the
+ // keyGroupEntries
+ for (iter = keyEntryIDs.iterator(); iter.hasNext();) {
+ KeyEntryID entryID = (KeyEntryID) iter.next();
+ KeyGroupEntry entry =
+ new KeyGroupEntry(
+ entryID.getModuleID(),
+ entryID.getCertificateIssuer(),
+ entryID.getCertificateSerialNumber());
+ if (keyGroupEntries.contains(entry)) {
+ keySet.add(entryID);
+ }
+ }
+ return keySet;
+ }
+ }
+
+ /**
+ * Build the list of additional signed properties.
+ *
+ * Based on the generic configuration setting
+ * <code>ConfigurationProvider.TEST_SIGNING_TIME_PROPERTY</code>, a
+ * constant <code>SigningTime</code> will be added to the properties.
+ *
+ * @return The <code>List</code> of additional signed properties.
+ */
+ private List buildAdditionalSignedProperties() {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ List additionalSignedProperties = Collections.EMPTY_LIST;
+
+ return additionalSignedProperties;
+ }
+
+} \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
new file mode 100644
index 0000000..aca6f58
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
@@ -0,0 +1,371 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import iaik.server.modules.IAIKException;
+import iaik.server.modules.IAIKRuntimeException;
+import iaik.server.modules.cmsverify.CMSSignatureVerificationModule;
+import iaik.server.modules.cmsverify.CMSSignatureVerificationModuleFactory;
+import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
+import iaik.server.modules.cmsverify.CMSSignatureVerificationResult;
+import iaik.x509.X509Certificate;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.math.BigDecimal;
+import java.util.Date;
+import java.util.Iterator;
+import java.util.List;
+
+import at.gv.egovernment.moa.logging.LoggingContext;
+import at.gv.egovernment.moa.logging.LoggingContextManager;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentExcplicit;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentReference;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.server.config.TrustProfile;
+import at.gv.egovernment.moa.spss.server.logging.IaikLog;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.util.CertificateUtils;
+import at.gv.egovernment.moa.spss.util.QCSSCDResult;
+
+/**
+ * A class providing an interface to the
+ * <code>CMSSignatureVerificationModule</code>.
+ *
+ * This class performs the invocation of the
+ * <code>iaik.server.modules.cmsverify.CMSSignatureVerificationModule</code>
+ * from a <code>VerifyCMSSignatureRequest</code>. The result of the invocation
+ * is integrated into a <code>VerifyCMSSignatureResponse</code> returned.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CMSSignatureVerificationInvoker {
+
+ /** The single instance of this class. */
+ private static CMSSignatureVerificationInvoker instance = null;
+
+ /**
+ * Return the only instance of this class.
+ *
+ * @return The only instance of this class.
+ */
+ public static synchronized CMSSignatureVerificationInvoker getInstance() {
+ if (instance == null) {
+ instance = new CMSSignatureVerificationInvoker();
+ }
+ return instance;
+ }
+
+ /**
+ * Create a new <code>CMSSignatureVerificationInvoker</code>.
+ *
+ * Protected to disallow multiple instances.
+ */
+ protected CMSSignatureVerificationInvoker() {
+ }
+
+ /**
+ * Verify a CMS signature.
+ *
+ * @param request The <code>VerifyCMSSignatureRequest</code> containing the
+ * CMS signature, as well as additional data needed for verification.
+ * @return Element A <code>VerifyCMSSignatureResponse</code> containing the
+ * answer to the <code>VerifyCMSSignatureRequest</code>.
+ * @throws MOAException An error occurred while processing the request.
+ */
+ public VerifyCMSSignatureResponse verifyCMSSignature(VerifyCMSSignatureRequest request)
+ throws MOAException {
+
+ CMSSignatureVerificationProfileFactory profileFactory =
+ new CMSSignatureVerificationProfileFactory(request);
+ VerifyCMSSignatureResponseBuilder responseBuilder =
+ new VerifyCMSSignatureResponseBuilder();
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ LoggingContext loggingCtx =
+ LoggingContextManager.getInstance().getLoggingContext();
+ InputStream signature;
+ InputStream signedContent = null;
+ CMSSignatureVerificationProfile profile;
+ Date signingTime;
+ List results;
+ CMSSignatureVerificationResult result;
+ int[] signatories;
+ InputStream input;
+ byte[] buf = new byte[256];
+
+ // get the signature
+ signature = request.getCMSSignature();
+
+ // get the actual trustprofile
+ TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId());
+
+ try {
+ // get the signed content
+ signedContent = getSignedContent(request);
+
+ // build the profile
+ profile = profileFactory.createProfile();
+
+ // get the signing time
+ signingTime = request.getDateTime();
+
+ // verify the signature
+ CMSSignatureVerificationModule module =
+ CMSSignatureVerificationModuleFactory.getInstance();
+
+ module.setLog(new IaikLog(loggingCtx.getNodeID()));
+
+ module.init(
+ signature,
+ signedContent,
+ profile,
+ new TransactionId(context.getTransactionID()));
+ input = module.getInputStream();
+
+ while (input.read(buf) > 0);
+ results = module.verifySignature(signingTime);
+
+
+ } catch (IAIKException e) {
+ MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+ throw moaException;
+ } catch (IAIKRuntimeException e) {
+ MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+ throw moaException;
+ } catch (IOException e) {
+ throw new MOAApplicationException("2244", null, e);
+ } catch (MOAException e)
+ {
+ throw e;
+ }
+ finally
+ {
+ try
+ {
+ if (signedContent != null) signedContent.close();
+ }
+ catch (Throwable t)
+ {
+ // Intentionally do nothing here
+ }
+ }
+
+ QCSSCDResult qcsscdresult = new QCSSCDResult();
+
+ // build the response: for each signatory add the result to the response
+ signatories = request.getSignatories();
+ if (signatories == VerifyCMSSignatureRequest.ALL_SIGNATORIES) {
+ Iterator resultIter;
+
+ for (resultIter = results.iterator(); resultIter.hasNext();) {
+ result = (CMSSignatureVerificationResult) resultIter.next();
+ String issuerCountryCode = null;
+ // QC/SSCD check
+ List list = result.getCertificateValidationResult().getCertificateChain();
+ if (list != null) {
+ X509Certificate[] chain = new X509Certificate[list.size()];
+
+ Iterator it = list.iterator();
+ int i = 0;
+ while(it.hasNext()) {
+ chain[i] = (X509Certificate)it.next();
+ i++;
+ }
+
+
+ qcsscdresult = CertificateUtils.checkQCSSCD(chain, trustProfile.isTSLEnabled());
+
+ // get signer certificate issuer country code
+ issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate)list.get(0));
+
+ }
+
+ responseBuilder.addResult(result, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode);
+ }
+ } else {
+ int i;
+
+ for (i = 0; i < signatories.length; i++) {
+ int sigIndex = signatories[i] - 1;
+
+ try {
+ result =
+ (CMSSignatureVerificationResult) results.get(signatories[i] - 1);
+
+ String issuerCountryCode = null;
+ // QC/SSCD check
+ List list = result.getCertificateValidationResult().getCertificateChain();
+ if (list != null) {
+ X509Certificate[] chain = new X509Certificate[list.size()];
+
+ Iterator it = list.iterator();
+ int j = 0;
+ while(it.hasNext()) {
+ chain[j] = (X509Certificate)it.next();
+ j++;
+ }
+
+
+ qcsscdresult = CertificateUtils.checkQCSSCD(chain, trustProfile.isTSLEnabled());
+
+ issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate)list.get(0));
+ }
+
+ responseBuilder.addResult(result, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode);
+ } catch (IndexOutOfBoundsException e) {
+ throw new MOAApplicationException(
+ "2249",
+ new Object[] { new Integer(sigIndex)});
+ }
+ }
+ }
+
+ return responseBuilder.getResponse();
+ }
+
+
+ /**
+ * Get the signed content contained either in the request itself or given as a
+ * reference to external data.
+ *
+ * @param request The <code>VerifyCMSSignatureRequest</code> containing the
+ * signed content (or the reference to the signed content).
+ * @return InputStream A stream providing the signed content data, or
+ * <code>null</code> if no signed content was provided with the request.
+ * @throws MOAApplicationException An error occurred building the stream.
+ */
+ private InputStream getSignedContent(VerifyCMSSignatureRequest request)
+ throws MOAApplicationException {
+
+ InputStream is = null;
+ CMSDataObject dataObj;
+ CMSContent content;
+
+ // select the Content element
+ dataObj = request.getDataObject();
+ if (dataObj == null) {
+ return null;
+ }
+ content = dataObj.getContent();
+
+ // build the content data
+ switch (content.getContentType()) {
+ case CMSContent.EXPLICIT_CONTENT :
+ is = ((CMSContentExcplicit) content).getBinaryContent();
+ is = excludeByteRange(is, request);
+ return is;
+ case CMSContent.REFERENCE_CONTENT :
+ String reference = ((CMSContentReference) content).getReference();
+ if (!"".equals(reference)) {
+ ExternalURIResolver resolver = new ExternalURIResolver();
+ is = resolver.resolve(reference);
+ is = excludeByteRange(is, request);
+ return is;
+ } else {
+ return null;
+ }
+ default :
+ return null;
+ }
+
+
+
+ }
+
+ private InputStream excludeByteRange(InputStream contentIs, VerifyCMSSignatureRequest request) throws MOAApplicationException {
+
+ int byteRead;
+
+ ByteArrayOutputStream contentOs = new ByteArrayOutputStream();
+
+ CMSDataObject dataobject = request.getDataObject();
+ BigDecimal from = dataobject.getExcludeByteRangeFrom();
+ BigDecimal to = dataobject.getExcludeByteRangeTo();
+
+ if ( (from == null) || (to == null))
+ return contentIs;
+
+ BigDecimal counter = new BigDecimal("0");
+ BigDecimal one = new BigDecimal("1");
+
+ try {
+ while ((byteRead=contentIs.read()) >= 0) {
+
+ if (inRange(counter, dataobject)) {
+ // if byte is in byte range, set byte to 0x00
+ contentOs.write(0);
+ }
+ else
+ contentOs.write(byteRead);
+
+ counter = counter.add(one);
+ }
+
+ InputStream is = new ByteArrayInputStream(contentOs.toByteArray());
+
+ return is;
+
+
+ } catch (IOException e) {
+ throw new MOAApplicationException("2301", null, e);
+ }
+
+ }
+
+
+ private boolean inRange(BigDecimal counter, CMSDataObject dataobject) {
+ BigDecimal from = dataobject.getExcludeByteRangeFrom();
+ BigDecimal to = dataobject.getExcludeByteRangeTo();
+
+ if ( (from == null) || (to == null))
+ return false;
+
+ int compare = counter.compareTo(from);
+ if (compare == -1)
+ return false;
+ else {
+ compare = counter.compareTo(to);
+ if (compare == 1)
+ return false;
+ else
+ return true;
+ }
+
+
+
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java
new file mode 100644
index 0000000..5f459ac
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java
@@ -0,0 +1,85 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
+
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.iaik.cmsverify.CMSSignatureVerificationProfileImpl;
+import at.gv.egovernment.moa.spss.server.iaik.pki.PKIProfileImpl;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+
+/**
+ * A factory to create a <code>CMSSignatureVerificationProfile</code> from a
+ * <code>VerifyCMSSignatureRequest</code> and the current MOA configuration
+ * data.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CMSSignatureVerificationProfileFactory {
+
+ /** The <code>VerifyCMSSignatureRequest</code> to draw profile data from. */
+ private VerifyCMSSignatureRequest request;
+
+ /**
+ * Create a new <code>CMSSignatureVerificationProfileFactory</code>.
+ *
+ * @param request The <code>VerifyCMSSignatureRequest</code> to draw profile
+ * data from.
+ */
+ public CMSSignatureVerificationProfileFactory(VerifyCMSSignatureRequest request) {
+ this.request = request;
+ }
+
+ /**
+ * Create a <code>CMSSignatureVerificationProfile</code> from the given
+ * request and the current MOA configuration.
+ *
+ * @return The <code>CMSSignatureVerificationProfile</code> for the
+ * <code>request</code>, based on the current configuration.
+ * @throws MOAException An error occurred creating the profile.
+ */
+ public CMSSignatureVerificationProfile createProfile()
+ throws MOAException {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ CMSSignatureVerificationProfileImpl profile =
+ new CMSSignatureVerificationProfileImpl();
+ String trustProfileID;
+
+ // set the certificate validation profile
+ trustProfileID = request.getTrustProfileId();
+ profile.setCertificateValidationProfile(
+ new PKIProfileImpl(config, trustProfileID));
+
+ return profile;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateCMSSignatureResponseBuilder.java
new file mode 100644
index 0000000..aa52fe0
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateCMSSignatureResponseBuilder.java
@@ -0,0 +1,93 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.cmssign.CMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
+
+/**
+ * A class to build a <code>CreateCMSSignatureResponse</code>.
+ *
+ * <p>The methods <code>addSignature()</code> and <code>addError()</code> may be
+ * called in any combination to add <code>CMSignature</code> and
+ * <code>ErrorResponse</code> elements to the response. One of these functions
+ * must be called at least once to produce a
+ * <code>CreateCMSSignatureResponse</code>.</p>
+ *
+ * <p>The <code>getResponseElement()</code> method then returns the
+ * <code>CreateXMLSignatureResponse</code> built so far.</p>
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CreateCMSSignatureResponseBuilder {
+
+ /** The <code>SPSSFactory</code> for creating API objects. */
+ private SPSSFactory factory = SPSSFactory.getInstance();
+ /** The elements to add to the response. */
+ private List responseElements = new ArrayList();
+
+ /**
+ * Get the <code>CreateCMSSignatureResponse</code> built so far.
+ *
+ * @return The <code>CreateCMSSignatureResponse</code> built so far.
+ */
+ public CreateCMSSignatureResponse getResponse() {
+ return factory.createCreateCMSSignatureResponse(responseElements);
+ }
+
+ /**
+ * Add a <code>SignatureEnvironment</code> element to the response.
+ *
+ * @param signatureEnvironment The content to put under the
+ * <code>SignatureEnvironment</code> element. This should either be a
+ * <code>dsig:Signature</code> element (in case of a detached signature) or
+ * the signature environment containing the signature (in case of
+ * an enveloping signature).
+ */
+ public void addCMSSignature(String base64value) {
+ CMSSignatureResponse responseElement =
+ factory.createCMSSignatureResponse(base64value);
+ responseElements.add(responseElement);
+ }
+
+ /**
+ * Add a <code>ErrorResponse</code> element to the response.
+ *
+ * @param errorCode The error code.
+ * @param info Additional information about the error.
+ */
+ public void addError(String errorCode, String info) {
+ ErrorResponse errorResponse =
+ factory.createErrorResponse(Integer.parseInt(errorCode), info);
+ responseElements.add(errorResponse);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateXMLSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateXMLSignatureResponseBuilder.java
new file mode 100644
index 0000000..7a7161d
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateXMLSignatureResponseBuilder.java
@@ -0,0 +1,95 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.SignatureEnvironmentResponse;
+
+/**
+ * A class to build a <code>CreateXMLSignatureResponse</code>.
+ *
+ * <p>The methods <code>addSignature()</code> and <code>addError()</code> may be
+ * called in any combination to add <code>SignatureEnvironment</code> and
+ * <code>ErrorResponse</code> elements to the response. One of these functions
+ * must be called at least once to produce a
+ * <code>CreateXMLSignatureResponse</code>.</p>
+ *
+ * <p>The <code>getResponseElement()</code> method then returns the
+ * <code>CreateXMLSignatureResponse</code> built so far.</p>
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CreateXMLSignatureResponseBuilder {
+
+ /** The <code>SPSSFactory</code> for creating API objects. */
+ private SPSSFactory factory = SPSSFactory.getInstance();
+ /** The elements to add to the response. */
+ private List responseElements = new ArrayList();
+
+ /**
+ * Get the <code>CreateXMLSignatureResponse</code> built so far.
+ *
+ * @return The <code>CreateXMLSignatureResponse</code> built so far.
+ */
+ public CreateXMLSignatureResponse getResponse() {
+ return factory.createCreateXMLSignatureResponse(responseElements);
+ }
+
+ /**
+ * Add a <code>SignatureEnvironment</code> element to the response.
+ *
+ * @param signatureEnvironment The content to put under the
+ * <code>SignatureEnvironment</code> element. This should either be a
+ * <code>dsig:Signature</code> element (in case of a detached signature) or
+ * the signature environment containing the signature (in case of
+ * an enveloping signature).
+ */
+ public void addSignatureEnvironment(Element signatureEnvironment) {
+ SignatureEnvironmentResponse responseElement =
+ factory.createSignatureEnvironmentResponse(signatureEnvironment);
+ responseElements.add(responseElement);
+ }
+
+ /**
+ * Add a <code>ErrorResponse</code> element to the response.
+ *
+ * @param errorCode The error code.
+ * @param info Additional information about the error.
+ */
+ public void addError(String errorCode, String info) {
+ ErrorResponse errorResponse =
+ factory.createErrorResponse(Integer.parseInt(errorCode), info);
+ responseElements.add(errorResponse);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java
new file mode 100644
index 0000000..d775fdb
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java
@@ -0,0 +1,1039 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.crypto.Data;
+import javax.xml.crypto.NodeSetData;
+import javax.xml.crypto.OctetStreamData;
+import javax.xml.crypto.URIReference;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.apache.xerces.dom.CoreDocumentImpl;
+import org.w3c.dom.Attr;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.xml.sax.EntityResolver;
+import org.xml.sax.SAXException;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.ContentBinary;
+import at.gv.egovernment.moa.spss.api.common.ContentLocRef;
+import at.gv.egovernment.moa.spss.api.common.ContentXML;
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameter;
+import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameterBinary;
+import at.gv.egovernment.moa.spss.server.iaik.xml.ByteArrayDataObjectImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xml.ByteStreamDataObjectImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xml.DataObjectImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xml.XMLDataObjectImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xml.XMLNodeListDataObjectImpl;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.util.MOASPSSEntityResolver;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.EntityResolverChain;
+import at.gv.egovernment.moa.util.MOAErrorHandler;
+import at.gv.egovernment.moa.util.StreamEntityResolver;
+import at.gv.egovernment.moa.util.StreamUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
+import iaik.server.modules.xml.DataObject;
+import iaik.server.modules.xml.NodeListImplementation;
+import iaik.server.modules.xml.URIReferenceImpl;
+import iaik.server.modules.xml.XMLDataObject;
+import iaik.xml.crypto.utils.URIDereferencerImpl;
+
+/**
+ * A class to create <code>DataObject</code>s contained in different
+ * locations of the MOA XML request format.
+ *
+ * @author Patrick Peck
+ * @author Gregor Karlinger
+ * @version $Id$
+ */
+public class DataObjectFactory {
+
+ /**
+ * XPATH for registering ID attributes of known schemas if
+ * validating parsing fails.
+ */
+ private static final String XPATH =
+ "descendant-or-self::node()[" +
+ "namespace-uri()='http://www.w3.org/2000/09/xmldsig#' " +
+ "or namespace-uri()='http://reference.e-government.gv.at/namespace/persondata/20020228#' " +
+ "or starts-with(namespace-uri(), 'http://uri.etsi.org/01903/')" +
+ "]/attribute::Id";
+
+ /** The single instance of this class. */
+ private static DataObjectFactory instance = null;
+
+ /**
+ * Return the only instance of this class.
+ *
+ * @return The only instance of this class.
+ */
+ public static synchronized DataObjectFactory getInstance() {
+ if (instance == null) {
+ instance = new DataObjectFactory();
+ }
+ return instance;
+ }
+
+ /**
+ * Create a new <code>DataObjectFactory</code>.
+ *
+ * Protected to disallow multiple instances.
+ */
+ protected DataObjectFactory() {
+ }
+
+ /**
+ * Return the signature environment, i.e., the root element of the
+ * document, into which the signature will be inserted (if created) or which
+ * contains the signature (if verified).
+ *
+ * @param content The <code>Content</code> object containing the signature
+ * environment.
+ * @param supplements Additional schema or DTD information.
+ * @return The signature environment or <code>null</code>, if no
+ * signature environment exists.
+ * @throws MOASystemException A system error occurred building the signature
+ * environment (see message for details).
+ * @throws MOAApplicationException An error occurred building the signature
+ * environment (see message for details).
+ */
+ public XMLDataObject createSignatureEnvironment(
+ Content content,
+ List supplements)
+ throws MOASystemException, MOAApplicationException {
+
+ String reference = content.getReference();
+ EntityResolver entityResolver;
+ byte[] contentBytes;
+
+ // check for content and reference not being set at the same time
+ checkAllowContentAndReference(content, false);
+
+ // build the EntityResolver for validating parsing
+ if ((supplements == null) || supplements.isEmpty()) {
+ entityResolver = new MOASPSSEntityResolver();
+ } else {
+ EntityResolverChain chain = new EntityResolverChain();
+
+ chain.addEntityResolver(buildSupplementEntityResolver(supplements));
+ chain.addEntityResolver(new MOASPSSEntityResolver());
+ entityResolver = chain;
+ }
+
+ // convert the content into a byte array
+ try {
+ switch (content.getContentType()) {
+ case Content.BINARY_CONTENT :
+ {
+ InputStream is = ((ContentBinary) content).getBinaryContent();
+ contentBytes = StreamUtils.readStream(is);
+ break;
+ }
+ case Content.LOCREF_CONTENT:
+ {
+ String locRefURI = ((ContentLocRef) content).getLocationReferenceURI();
+ InputStream is = null;
+ try
+ {
+ TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ is = context.ResolveURI(locRefURI);
+ if (is == null) {
+ ExternalURIResolver uriResolver = new ExternalURIResolver();
+ is = uriResolver.resolve(locRefURI);
+ }
+ contentBytes = StreamUtils.readStream(is);
+ }
+ catch (MOAApplicationException e)
+ {
+ throw new MOAApplicationException("3203", new Object[]{reference, locRefURI}, e);
+ }
+ finally
+ {
+ closeInputStream(is);
+ }
+ break;
+ }
+ case Content.REFERENCE_CONTENT :
+ {
+ ExternalURIResolver uriResolver = new ExternalURIResolver();
+ InputStream is = null;
+ try
+ {
+ is = uriResolver.resolve(reference);
+ contentBytes = StreamUtils.readStream(is);
+ }
+ catch (Exception e)
+ {
+ throw e;
+ }
+ finally
+ {
+ closeInputStream(is);
+ }
+ break;
+ }
+ case Content.XML_CONTENT :
+ {
+ Element element =
+ checkForSingleElement(((ContentXML) content).getXMLContent());
+ contentBytes = DOMUtils.serializeNode(element, "UTF-8");
+
+ break;
+ }
+ default : {
+ contentBytes = null; // this will not happen
+ }
+ }
+ } catch (MOAApplicationException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new MOAApplicationException("2219", null);
+ }
+
+ if (Logger.isTraceEnabled()) {
+ // For logging in Debug-Mode: Mask baseid with xxx
+ String logString = new String(contentBytes);
+ // TODO use RegExp
+ String startS = "<pr:Identification><pr:Value>";
+ String endS = "</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type>";
+ String logWithMaskedBaseid = logString;
+ int start = logString.indexOf(startS);
+ if (start > -1) {
+ int end = logString.indexOf(endS);
+ if (end > -1) {
+ logWithMaskedBaseid = logString.substring(0, start);
+ logWithMaskedBaseid += startS;
+ logWithMaskedBaseid += "xxxxxxxxxxxxxxxxxxxxxxxx";
+ logWithMaskedBaseid += logString.substring(end, logString.length());
+ }
+ }
+
+ // try to parse validating
+ Logger.trace(">>> parsing the following content: \n" + logWithMaskedBaseid);
+ }
+ try {
+ ByteArrayInputStream is = new ByteArrayInputStream(contentBytes);
+ Document doc =
+ DOMUtils.parseDocument(
+ is,
+ true,
+ Constants.ALL_SCHEMA_LOCATIONS,
+ null,
+ entityResolver,
+ new MOAErrorHandler());
+ Logger.trace("<<< parsed");
+
+ return new XMLDataObjectImpl(doc.getDocumentElement());
+ } catch (Exception e) {
+ // never mind, we'll try non-validating
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.info(new LogMsg(msg.getMessage("invoker.00", null)));
+ }
+
+ // try to parse non-validating
+ try {
+ ByteArrayInputStream is = new ByteArrayInputStream(contentBytes);
+ Document doc = DOMUtils.parseDocument(is, false, null, null);
+ // Since the parse tree will not contain any post schema validation information,
+ // we need to register any attributes known to be of type xsd:Id manually.
+ NodeList idAttributes = XPathUtils.selectNodeList(doc.getDocumentElement(), XPATH);
+ for (int i = 0; i < idAttributes.getLength(); i++) {
+ Node item = idAttributes.item(i);
+ if (item instanceof Attr) {
+ Attr attr = (Attr) item;
+ Element owner = attr.getOwnerElement();
+ // Only available in DOM-Level 3 (Java 1.5):
+ // owner.setIdAttributeNode(attr, true);
+ if (doc instanceof CoreDocumentImpl) {
+ ((CoreDocumentImpl) doc).putIdentifier(attr.getValue(), owner);
+ }
+ }
+ }
+ return new XMLDataObjectImpl(doc.getDocumentElement());
+ } catch (Exception e) {
+ throw new MOAApplicationException("2218", null);
+ }
+ }
+
+ /**
+ * Create an <code>XMLDataObject</code> from the given signature environment.
+ *
+ * @param signatureEnvironment The signature environment contained in the
+ * result.
+ * @param uri The URI identifying the data. This must be either the empty
+ * URI, an URI starting with <code>"#xpointer"</code>, <code>"#xmlns"</code>
+ * or <code>"#element"</code>; or an URI starting with <code>"#"</code> and
+ * followed by an element ID.
+ * @param referenceID The reference ID to set for the data object.
+ * @return A data object containing the signature environment.
+ */
+ public DataObject createFromSignatureEnvironment(
+ Element signatureEnvironment,
+ String uri,
+ String referenceID)
+ throws MOAApplicationException {
+
+ DataObjectImpl dataObject = null;
+
+ if ("".equals(uri)) {
+ dataObject = new XMLDataObjectImpl(signatureEnvironment);
+ } else if (
+ uri.startsWith("#xpointer")
+ || uri.startsWith("#xmlns")
+ || uri.startsWith("#element")) {
+ try {
+ // CHANGE IXSIL to XSECT
+ // maybe use URIDereferencerImpl or XPath ...??
+ //XPointerReferenceResolver resolver = new XPointerReferenceResolver();
+ URIDereferencerImpl uriDereferencer = new URIDereferencerImpl();
+ URIReference uriReference = new URIReferenceImpl(uri, null, signatureEnvironment);
+ Data returnedData = uriDereferencer.dereference(uriReference, null);
+
+ if(returnedData instanceof NodeSetData) {
+ NodeSetData nodeSetData = (NodeSetData)returnedData;
+ Iterator nodesIterator = nodeSetData.iterator();
+ List nodeList = new ArrayList();
+
+ while(nodesIterator.hasNext()) {
+ nodeList.add(nodesIterator.next());
+ }
+
+ NodeList nodes = new NodeListImplementation(nodeList);
+ dataObject = new XMLNodeListDataObjectImpl(nodes);
+ } else if(returnedData instanceof OctetStreamData) {
+ OctetStreamData streamData = (OctetStreamData)returnedData;
+ dataObject = new ByteStreamDataObjectImpl(streamData.getOctetStream());
+ } else {
+ throw new MOAApplicationException("2237", new Object[] { uri });
+ }
+
+ //URI uriObj = new URI(uri);
+ //NodeList nodes =
+ // resolver.resolveForest(
+ // uriObj,
+ // signatureEnvironment.getOwnerDocument(),
+ // null);
+
+ } catch (Exception e) {
+ throw new MOAApplicationException("2237", new Object[] { uri });
+ }
+ } else if (uri.startsWith("#")) {
+ String id = uri.substring(1);
+ Element refElem =
+ signatureEnvironment.getOwnerDocument().getElementById(id);
+
+ if (refElem == null) {
+ throw new MOAApplicationException("2237", new Object[] { id });
+ }
+ dataObject = new XMLDataObjectImpl(refElem);
+ }
+
+ dataObject.setReferenceID(referenceID);
+ dataObject.setURI(uri);
+
+ return dataObject;
+ }
+
+ /**
+ * Build a <code>StreamEntityResolver</code> from a <code>List</code> of
+ * supplements.
+ *
+ * @param supplements The supplements, given as
+ * <code>XMLDataObjectAssociation</code>s.
+ * @return A <code>StreamEntityResolver</code> mapping the supplements by
+ * their reference URI to an <code>InputStream</code> of their respective
+ * content.
+ */
+ private static StreamEntityResolver buildSupplementEntityResolver(List supplements)
+ throws MOAApplicationException
+ {
+ Map entities = new HashMap();
+ Iterator iter;
+
+ for (iter = supplements.iterator(); iter.hasNext();) {
+ XMLDataObjectAssociation supplement =
+ (XMLDataObjectAssociation) iter.next();
+ Content content = supplement.getContent();
+ String reference = content.getReference();
+
+ switch (content.getContentType()) {
+ case Content.BINARY_CONTENT :
+ {
+ entities.put(reference, ((ContentBinary) content).getBinaryContent());
+ break;
+ }
+ case Content.LOCREF_CONTENT:
+ {
+ String locRefURI = ((ContentLocRef) content).getLocationReferenceURI();
+
+ TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ if (context.FindResolvedEntity(locRefURI)==null) {
+
+ ExternalURIResolver uriResolver = new ExternalURIResolver();
+ InputStream uriStream = null;
+ byte[] contentBytes;
+ String contentType = null;
+ try
+ {
+ uriStream = uriResolver.resolve(locRefURI);
+ contentBytes = StreamUtils.readStream(uriStream);
+ contentType = uriResolver.getContentType();
+ }
+ catch (Exception e)
+ {
+ throw new MOAApplicationException("3202", new Object[]{reference, locRefURI}, e);
+ }
+ finally
+ {
+ closeInputStream(uriStream);
+ }
+ context.PutResolvedEntity(locRefURI, contentBytes, contentType);
+ }
+ InputStream contentIS = context.ResolveURI(locRefURI);
+ entities.put(reference, contentIS);
+ break;
+ }
+ case Content.XML_CONTENT :
+ {
+ // serialize the first element node that is found in the supplement
+ // and make it available as a stream
+ NodeList nodes = ((ContentXML) content).getXMLContent();
+ int i = 0;
+
+ // find the first element node
+ while ((i < nodes.getLength())
+ && (nodes.item(i).getNodeType() != Node.ELEMENT_NODE)) {
+ i++;
+ }
+
+ // serialize the node
+ if (i < nodes.getLength()) {
+ try
+ {
+ byte[] serialized = DOMUtils.serializeNode(nodes.item(i), "UTF-8");
+ entities.put(reference, new ByteArrayInputStream(serialized));
+ }
+ catch (Exception e)
+ {
+ throw new MOAApplicationException("2281", new Object[]{reference}, e);
+ }
+ }
+ break;
+ }
+ }
+ }
+
+ return new StreamEntityResolver(entities);
+ }
+
+ /**
+ * Create a <code>DataObject</code> from a <code>Content</code> object.
+ *
+ * @param content The <code>Content</code> object containing the data.
+ * @param finalDataMetaInfo The meta information corresponding with <code>content</code>.
+ * @param referenceID The reference ID to set in the resulting
+ * <code>DataObject</code>. May be <code>null</code>.
+ * @param allowContentAndReference If <code>true</code>, then
+ * <code>content</code> is allowed to contain both a <code>Reference</code>
+ * attribute and content. Otherwise, either a <code>Reference</code>
+ * attribute or content must be set.
+ * @param binaryAsXml If <code>true</code>, a content child given as
+ * <code>Base64Content</code> must contain XML data.
+ * @param xmlAsNodeList If <code>true</code>, the children of a
+ * <code>XMLContent</code> child element are returned as a
+ * <code>XMLNodeListDataObject</code>. Otherwise, <code>XMLContent</code> may
+ * only contain a single child node, which must be an element and which is
+ * returned as an <code>XMLDataObject</code>.
+ * @param referenceAsXml If <code>true</code>, then content loaded from the
+ * URI given as the <code>Reference</code> attribute must be XML data.
+ * If <code>false</code>, an attempt is made to parse the data as XML and
+ * return an <code>XMLDataObject</code> but if this fails, a
+ * <code>BinaryDataObject</code> is returned containing a byte stream to the
+ * data.
+ * @return A <code>DataObject</code> representing the data in
+ * <code>content</code>. If <code>base64AsXml==true</code> and
+ * <code>xmlAsNodeList==false</code> and <code>referenceAsXml==true</code>,
+ * then the result can safely be cast to an <code>XMLDataObject</code>.
+ * @throws MOASystemException An error indicating an internal problem. See the
+ * wrapped exception for details.
+ * @throws MOAApplicationException An error occurred handling the content
+ * (probably while opening a reference or parsing the data). See the wrapped
+ * exception for details.
+ */
+ public DataObject createFromContentOptionalRefType(
+ Content content,
+ MetaInfo finalDataMetaInfo,
+ String referenceID,
+ boolean allowContentAndReference,
+ boolean binaryAsXml,
+ boolean xmlAsNodeList,
+ boolean referenceAsXml)
+ throws MOASystemException, MOAApplicationException {
+
+ String reference = content.getReference();
+ DataObjectImpl dataObject = null;
+
+ checkAllowContentAndReference(content, allowContentAndReference);
+
+ // ok, build the data object; use content first, if available
+ switch (content.getContentType())
+ {
+ case Content.XML_CONTENT :
+ {
+ ContentXML contentXml = (ContentXML) content;
+ dataObject = createFromXmlContent(contentXml, xmlAsNodeList);
+ break;
+ }
+ case Content.BINARY_CONTENT :
+ {
+ ContentBinary contentBinary = (ContentBinary) content;
+ dataObject = createFromBinaryContent(contentBinary, binaryAsXml, false);
+ break;
+ }
+ case Content.LOCREF_CONTENT :
+ {
+ String locRefURI = ((ContentLocRef) content).getLocationReferenceURI();
+ try
+ {
+ dataObject = createFromURIImpl(locRefURI, referenceAsXml);
+ }
+ catch (MOAApplicationException e)
+ {
+ throw new MOAApplicationException("3201", new Object[]{reference, locRefURI}, e);
+ }
+ break;
+ }
+ case Content.REFERENCE_CONTENT :
+ {
+ dataObject = createFromURIImpl(reference, referenceAsXml);
+ break;
+ }
+ }
+
+ // set URI and reference ID
+ dataObject.setURI(reference);
+ dataObject.setReferenceID(referenceID);
+
+ // set Type gathered from corresponding meta information
+ dataObject.setTypeURI(finalDataMetaInfo.getType());
+
+ return dataObject;
+ }
+
+ /**
+ * Check, if content and reference URIs are allowed in the content an throw
+ * an exception if an illegal combination of the two occurs.
+ *
+ * @param content The <code>Content</code> to check.
+ * @param allowContentAndReference Whether explicit content and a reference
+ * are allowed at the same time.
+ * @throws MOAApplicationException If <code>allowContentAndRefernece</code>
+ * is <code>false</code> and both explicit content and reference are set,
+ * an exception is thrown.
+ */
+ private static void checkAllowContentAndReference(
+ Content content,
+ boolean allowContentAndReference)
+ throws MOAApplicationException {
+ String reference = content.getReference();
+
+ // check for content and reference not being set
+ if ((content.getContentType() == Content.REFERENCE_CONTENT)
+ && (reference == null)) {
+ String errorCode = allowContentAndReference ? "1111" : "1110";
+ throw new MOAApplicationException(errorCode, null);
+ }
+
+ // if we only allow either content or reference being set at once, check
+ if (!allowContentAndReference
+ && (content.getContentType() != Content.REFERENCE_CONTENT)
+ && (reference != null)) {
+ throw new MOAApplicationException("1110", null);
+ }
+ }
+
+ /**
+ * Create a <code>DataObject</code> from a
+ * <code>XMLDataObjectAssociation</code> object.
+ *
+ * @param xmlDataObjAssoc The <code>XMLDataObjectAssociation</code> object.
+ * @param xmlContentAllowed Whether the content contained in the
+ * <code>xmlDataObjAssoc</code> is allowed to be of type
+ * <code>XML_CONTENT</code>.
+ * @param binaryContentRepeatable If binary content must be provided as a
+ * <code>DataObject</code> that can be read multiple times.
+ * @return A <code>DataObject</code> representing the data in
+ * <code>xmlDataObjAssoc</code>.
+ * @throws MOASystemException An error indicating an internal problem. See the
+ * wrapped exception for details.
+ * @throws MOAApplicationException An error occurred handling the content
+ * (probably while parsing the data). See the wrapped exception for details.
+ */
+ public DataObject createFromXmlDataObjectAssociation(
+ XMLDataObjectAssociation xmlDataObjAssoc,
+ boolean xmlContentAllowed,
+ boolean binaryContentRepeatable)
+ throws MOASystemException, MOAApplicationException {
+
+ Content content = xmlDataObjAssoc.getContent();
+ MetaInfo metaInfo = xmlDataObjAssoc.getMetaInfo();
+ String mimeType = metaInfo != null ? metaInfo.getMimeType() : null;
+ DataObjectImpl dataObject = null;
+
+ switch (content.getContentType())
+ {
+ case Content.XML_CONTENT :
+ {
+ if (xmlContentAllowed)
+ {
+ dataObject = createFromXmlContent((ContentXML) content, true);
+ }
+ else
+ {
+ throw new MOAApplicationException("2280", null);
+ }
+ break;
+ }
+ case Content.BINARY_CONTENT :
+ {
+ dataObject = createFromBinaryContent(
+ (ContentBinary) content,
+ false,
+ binaryContentRepeatable);
+ break;
+ }
+ case Content.LOCREF_CONTENT :
+ {
+ String locRefURI = ((ContentLocRef) content).getLocationReferenceURI();
+ try
+ {
+ dataObject = createFromURIImpl(locRefURI, false);
+ }
+ catch (MOAApplicationException e)
+ {
+ throw new MOAApplicationException("3201", new Object[]{content.getReference(), locRefURI}, e);
+ }
+ break;
+ }
+ }
+
+ dataObject.setURI(content.getReference());
+ dataObject.setMimeType(mimeType);
+ return dataObject;
+ }
+
+ /**
+ * Create a <code>DataObject</code> from a <code>TransformParameter</code>
+ * object.
+ *
+ * @param transformParameter The <code>TransformParameter</code> object
+ * containing the data.
+ * @return A <code>DataObject</code> representing the data in
+ * <code>root</code>.
+ * @throws MOASystemException An error indicating an internal problem. See the
+ * wrapped exception for details.
+ * @throws MOAApplicationException An error occurred handling the content
+ * (probably while opening a reference or parsing the data). See the wrapped
+ * exception for details.
+ */
+ public DataObject createFromTransformParameter(TransformParameter transformParameter)
+ throws MOASystemException, MOAApplicationException {
+
+ DataObjectImpl dataObject;
+
+ switch (transformParameter.getTransformParameterType()) {
+ case TransformParameter.BINARY_TRANSFORMPARAMETER :
+ TransformParameterBinary tpBinary =
+ (TransformParameterBinary) transformParameter;
+
+ try {
+ //dataObject = new ByteArrayDataObjectImpl(Base64Utils.encode(tpBinary.getBinaryContent()));
+ dataObject =
+ new ByteArrayDataObjectImpl(
+ StreamUtils.readStream(tpBinary.getBinaryContent()));
+ } catch (Exception e) {
+ return null;
+ }
+ //dataObject = new ByteStreamDataObjectImpl(tpBinary.getBinaryContent());
+ break;
+ default :
+ // resolve uri and build the content
+ ExternalURIResolver resolver = new ExternalURIResolver();
+ InputStream is = resolver.resolve(transformParameter.getURI());
+ ByteArrayInputStream bis;
+ try
+ {
+ bis = new ByteArrayInputStream(StreamUtils.readStream(is));
+ }
+ catch (IOException e)
+ {
+ throw new MOAApplicationException("2238", new Object[] {transformParameter.getURI()}, e);
+ }
+ finally
+ {
+ closeInputStream(is);
+ }
+ String contentType = resolver.getContentType();
+ dataObject = new ByteStreamDataObjectImpl(bis);
+ dataObject.setMimeType(contentType);
+ break;
+ }
+
+ dataObject.setURI(transformParameter.getURI());
+
+ return dataObject;
+ }
+
+ /**
+ * Create a <code>DataObject</code> from data located at the given URI.
+ *
+ * @param uri The <code>URI</code> where the data is located. This method uses
+ * an <code>ExternalURIResolver</code> to resolve URIs.
+ * @param asXml If <code>true</code>, a <code>DataObject</code> is only
+ * returned, if the content consists of XML data. If it does not consist of
+ * XML data, an <code>MOAApplicationException</code> will be thrown. If this
+ * parameter is <code>false</code> and the content consists of XML data, this
+ * method will still attempt to parse it.
+ * @return The <code>DataObject</code> contained at the URI.
+ * @throws MOASystemException A system error parsing the XML content.
+ * @throws MOAApplicationException An error occurred on opening, reading or
+ * parsing the data behind the URI.
+ */
+ public DataObject createFromURI(String uri, boolean asXml)
+ throws MOASystemException, MOAApplicationException {
+ return createFromURIImpl(uri, asXml);
+ }
+
+ /**
+ * Create a <code>DataObject</code> from data located at the given URI.
+ *
+ * @param uri The <code>URI</code> where the data is located. This method uses
+ * an <code>ExternalURIResolver</code> to resolve URIs.
+ * @param asXml If <code>true</code>, a <code>DataObject</code> is only
+ * returned, if the content consists of XML data. If it does not consist of
+ * XML data, an <code>MOAApplicationException</code> will be thrown. If this
+ * parameter is <code>false</code> and the content type is detected as being
+ * XML data, this method will still attemt to parse it.
+ * @return The <code>DataObject</code> contained at the URI.
+ * @throws MOASystemException A system error parsing the XML content.
+ * @throws MOAApplicationException An error occurred on opening, reading or
+ * parsing the data behind the URI.
+ */
+ private DataObjectImpl createFromURIImpl(String uri, boolean asXml)
+ throws MOASystemException, MOAApplicationException {
+
+ Logger.trace(">>> resolving uri \"" + uri + "\"");
+
+ ExternalURIResolver resolver = new ExternalURIResolver();
+
+ TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ InputStream is = context.ResolveURI(uri);
+ String contentType = null;
+ boolean foundURI = false;
+ if (is == null) {
+ is = resolver.resolve(uri);
+ contentType = resolver.getContentType();
+ } else {
+ foundURI = true;
+ contentType = (String) context.FindResolvedEntity(uri).get(1);
+ Logger.trace("found \"" + uri + "\" InputStream in preread Supplements!, do not read any more. Content=" + contentType);
+ }
+
+ DataObjectImpl dataObject;
+
+ // read the content
+ if ((contentType != null) && contentTypeIsXml(contentType)) {
+ Document doc;
+
+ if (asXml) {
+ try {
+ // try parsing non-validating: this has to succeed or we
+ // bail out by throwing an exception
+ is = resolver.resolve(uri);
+ doc = DOMUtils.parseDocument(is, false, null, null);
+ dataObject = new XMLDataObjectImpl(doc.getDocumentElement());
+ } catch (ParserConfigurationException e) {
+ throw new MOASystemException("1106", null, e);
+ } catch (SAXException e) {
+ throw new MOAApplicationException("2209", null, e);
+ } catch (IOException e) {
+ throw new MOAApplicationException("2210", null, e);
+ }
+ finally
+ {
+ closeInputStream(is);
+ }
+ } else {
+ try {
+ // try parsing non-validating: need not succeed
+ is = resolver.resolve(uri);
+ doc = DOMUtils.parseDocument(is, false, null, null);
+ closeInputStream(is);
+ dataObject = new XMLDataObjectImpl(doc.getDocumentElement());
+ } catch (Exception e) {
+ // this is the last chance: return the data as a byte stream
+ Logger.trace(">>> reading stream for \"" + uri + "\"");
+ is = resolver.resolve(uri);
+ ByteArrayInputStream bis;
+ try
+ {
+ bis = new ByteArrayInputStream(StreamUtils.readStream(is));
+ dataObject = new ByteStreamDataObjectImpl(bis);
+ }
+ catch (IOException e1)
+ {
+ throw new MOAApplicationException("2210", new Object[] { uri }, e1);
+ }
+ finally
+ {
+ closeInputStream(is);
+ }
+ Logger.trace(">>> read stream for \"" + uri + "\"");
+ }
+ }
+ }
+
+ else if (asXml)
+ {
+ // if we need XML data, we're in the wrong place here
+ closeInputStream(is);
+ throw new MOAApplicationException("2211", new Object[] { uri });
+ }
+ else
+ {
+ // content is binary: make it available as a binary input stream
+ Logger.trace(">>> getting binary input for \"" + uri + "\"");
+ byte[] contentBytes;
+ ByteArrayInputStream bis;
+ try
+ {
+ contentBytes = StreamUtils.readStream(is);
+ bis = new ByteArrayInputStream(contentBytes);
+ }
+ catch (IOException e)
+ {
+ throw new MOAApplicationException("2210", null, e);
+ }
+ finally
+ {
+ closeInputStream(is);
+ }
+ if (!foundURI) {
+ context.PutResolvedEntity(uri, contentBytes, contentType);
+ }
+ dataObject = new ByteStreamDataObjectImpl(bis);
+ Logger.trace("<<< got binary input for \"" + uri + "\"");
+ }
+
+ dataObject.setMimeType(contentType);
+ dataObject.setURI(uri);
+
+ Logger.trace("<<< resolved uri \"" + uri + "\"");
+
+ return dataObject;
+ }
+
+ /**
+ * Savely closes the specified input stream.
+ *
+ * @param is The input stream to be closed.
+ */
+ private static void closeInputStream(InputStream is)
+ {
+ try
+ {
+ if (is != null) {
+ is.close();
+ }
+ }
+ catch (Throwable t)
+ {
+ // Intentionally do nothing here
+ }
+ }
+
+ /**
+ * Determine whether the content type is XML.
+ *
+ * Content types recognized as XML start with <code>text/xml</code> and
+ * <code>application/xml</code>.
+ *
+ * @param contentType The content MIME type.
+ * @return boolean If <code>true</code>, the content type is XML, otherwise
+ * not.
+ */
+ private static boolean contentTypeIsXml(String contentType) {
+ return contentType.startsWith("text/xml")
+ || (contentType.startsWith("application/xml"));
+ }
+
+ /**
+ * Create a <code>DataObject</code> from a <code>ContentXML</code> object.
+ *
+ * @param xmlContent The <code>ContentXML</code> object from
+ * which the <code>DataObject</code> is to be built.
+ * @param xmlAsNodeList If <code>true</code>, the children of
+ * <code>xmlContent</code> are returned as a
+ * <code>XMLNodeListDataObject</code>. Otherwise,
+ * <code>xmlContent</code> may only contain a single child node, which must be
+ * an element and which is returned as an <code>XMLDataObject</code>.
+ * @return A <code>DataObject</code> representing the XML content in
+ * <code>xmlContent</code>.
+ * @throws MOAApplicationException If <code>xmlAsNodeList</code> is
+ * <code>false</code> and <code>xmlContent</code> does not have a single child
+ * element.
+ */
+ private DataObjectImpl createFromXmlContent(
+ ContentXML xmlContent,
+ boolean xmlAsNodeList)
+ throws MOAApplicationException {
+
+ DataObjectImpl dataObject;
+
+ if (xmlAsNodeList) {
+ dataObject = new XMLNodeListDataObjectImpl(xmlContent.getXMLContent());
+ } else {
+ NodeList nodes = xmlContent.getXMLContent();
+ Element element = checkForSingleElement(nodes);
+
+ // build the XMLDataObject
+ dataObject = new XMLDataObjectImpl(element);
+ }
+ return dataObject;
+ }
+
+ /**
+ * Check, that the given <code>NodeList</code> contains a single DOM element
+ * node and return it, otherwise throw an exception.
+ *
+ * @param nodes The <code>NodeList</code> to check for a single element.
+ * @return The single element contained in <code>nodes</code>.
+ * @throws MOAApplicationException Thrown, if <code>nodes</code> does not
+ * contain exactly 1 element node.
+ */
+ private Element checkForSingleElement(NodeList nodes)
+ throws MOAApplicationException {
+
+ Element element = null;
+ int i;
+
+ // check for a single element node
+ for (i = 0; i < nodes.getLength(); i++) {
+ if (nodes.item(i).getNodeType() == Node.ELEMENT_NODE) {
+ if (element == null) {
+ element = (Element) nodes.item(i);
+ } else {
+ throw new MOAApplicationException("1109", null);
+ }
+ }
+ }
+
+ // return the element node
+ if (element == null) {
+ throw new MOAApplicationException("1107", null);
+ } else {
+ return element;
+ }
+ }
+
+ /**
+ * Create a <code>DataObject</code> from a <code>ContentBinary</code> object.
+ *
+ * @param binaryContent The <code>ContentBinary</code> object containing the
+ * data.
+ * @param asXml If <code>true</code>, <code>binaryContent</code> must
+ * contain XML data. Otherwise, a <code>BinaryDataObject</code> will be
+ * returned containing a byte stream to the decoded Base64 data.
+ * @param repeatable If multiple calls to <code>getInputStream()</code> must
+ * repeatedly return the content of the data object.
+ * @return A <code>DataObject</code> representing the content contained in
+ * <code>binaryContent</code>.
+ * @throws MOASystemException An error indicating an internal problem. See the
+ * wrapped exception for details.
+ * @throws MOAApplicationException An error occurred handling the content
+ * (probably while parsing the data). See the wrapped exception for details.
+ */
+ private DataObjectImpl createFromBinaryContent(
+ ContentBinary binaryContent,
+ boolean asXml,
+ boolean repeatable)
+ throws MOASystemException, MOAApplicationException {
+
+ InputStream byteStream = binaryContent.getBinaryContent();
+ DataObjectImpl dataObject;
+
+ if (asXml) {
+ Document doc;
+
+ try {
+ doc = DOMUtils.parseDocument(byteStream, false, null, null);
+ dataObject = new XMLDataObjectImpl(doc.getDocumentElement());
+ } catch (ParserConfigurationException e) {
+ throw new MOASystemException("1106", null, e);
+ } catch (SAXException e) {
+ throw new MOAApplicationException("2209", null, e);
+ } catch (IOException e) {
+ throw new MOAApplicationException("2210", null, e);
+ }
+ } else {
+ if (repeatable) {
+ try {
+ dataObject =
+ new ByteArrayDataObjectImpl(StreamUtils.readStream(byteStream));
+ } catch (IOException e) {
+ throw new MOAApplicationException("2210", null);
+ }
+ } else {
+ dataObject = new ByteStreamDataObjectImpl(byteStream);
+ }
+ }
+
+ return dataObject;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ExternalURIResolver.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ExternalURIResolver.java
new file mode 100644
index 0000000..933d058
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ExternalURIResolver.java
@@ -0,0 +1,177 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import iaik.xml.crypto.utils.URI;
+import iaik.xml.crypto.utils.URIException;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.HttpURLConnection;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLConnection;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.util.ExternalURIVerifier;
+
+/**
+ * Resolve external URIs and provide them as a stream.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ExternalURIResolver {
+
+ /** The MIME type of the content currently resolved. */
+ private String contentType;
+
+ /**
+ * Return a stream to data at the given URI.
+ *
+ * This method will try to open an <code>URLConnection</code> to the given
+ * URI. Access to the file system is disallowed.
+ *
+ * @param uriStr The URI to resolve.
+ * @return InputStream The data contained at the URI.
+ * @throws MOAApplicationException An error occurred resolving the URI (e.g.,
+ * the URI is syntactically incorrect or the stream could not be opened).
+ */
+ public InputStream resolve(String uriStr) throws MOAApplicationException {
+ URI uri;
+ URL url;
+ URLConnection connection;
+ InputStream is;
+
+ // build the URI
+ try {
+ uri = new URI(uriStr);
+ } catch (URIException e) {
+ throw new MOAApplicationException("2207", new Object[] { uriStr });
+ }
+
+ // disallow access to local file system
+ if ("".equals(uri.getScheme()) || "file".equals(uri.getScheme())) {
+ throw new MOAApplicationException("2213", new Object[] { uriStr });
+ }
+
+ // if we have local content (SOAP with attachments)
+ if ("formdata".equals(uri.getScheme())) {
+ TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ if (context==null) {
+ //no transaction
+ throw new MOAApplicationException("2282", new Object[] { uri });
+ } else {
+ InputStream attachmentIs = context.getAttachmentInputStream(uri);
+ if (attachmentIs != null) {
+ setContentType(context.getAttachmentContentType(uri.getPath()));
+ return attachmentIs;
+ } else {
+ //maybe attachments provided but no suiting attachment found
+ throw new MOAApplicationException("2282", new Object[] { uri });
+ }
+ }
+ }
+
+ // convert URI to URL
+ try {
+ // create the URL
+ url = new URL(uriStr);
+ //System.out.println("ExternalURIResolver: " + url);
+ ExternalURIVerifier.verify(url.getHost(), url.getPort());
+
+ } catch (MalformedURLException e) {
+ throw new MOAApplicationException("2214", new Object[] { uriStr });
+ }
+
+ // build the URLConnection
+ try {
+ connection = url.openConnection();
+ if ("http".equals(url.getProtocol())) {
+ HttpURLConnection httpConnection = (HttpURLConnection) connection;
+ // disallow redirects
+ httpConnection.setInstanceFollowRedirects(false);
+
+ httpConnection.connect();
+ if (httpConnection.getResponseCode() != HttpURLConnection.HTTP_OK) {
+ throw new MOAApplicationException("2208", new Object[] { uri });
+ }
+ } else if ("https".equals(url.getProtocol())) {
+ /*
+ * this doesn't work because of some interaction between the IAIK
+ * JCE and Sun JSSE that results in an "Invalid AVA format" exception
+ */
+
+ /*
+ HttpsURLConnection httpsConnection = (HttpsURLConnection) connection;
+ InputStream trustStore =
+ getClass().getResourceAsStream(DEFAULT_TRUST_STORE);
+ SSLSocketFactory factory =
+ SSLUtils.getSSLSocketFactory("jks", trustStore, "changeit");
+ httpsConnection.setSSLSocketFactory(factory);
+ httpsConnection.connect();
+ if (httpConnection.getResponseCode() != HttpURLConnection.HTTP_OK) {
+ throw new MOAApplicationException("2208", new Object[] { uri });
+ }
+ */
+ connection.connect();
+ } else {
+ connection.connect();
+ }
+ is = connection.getInputStream();
+ } catch (IOException e) {
+ throw new MOAApplicationException("2208", new Object[] { uri }, e);
+ } /*catch (GeneralSecurityException e) {
+ throw new MOAApplicationException("2208", new Object[] { uri }, e);
+ }*/
+
+ // set the content type
+ setContentType(connection.getContentType());
+
+ return is;
+ }
+
+ /**
+ * Set the content type of the data at the URI.
+ *
+ * @param contentType The content type to set.
+ */
+ protected void setContentType(String contentType) {
+ this.contentType = contentType;
+ }
+
+ /**
+ * Return the content type of the data detected at the URI from the previous
+ * call of <code>resolve()</code>.
+ *
+ * @return String The content type.
+ */
+ public String getContentType() {
+ return contentType;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java
new file mode 100644
index 0000000..1136ff2
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java
@@ -0,0 +1,318 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import iaik.server.modules.IAIKException;
+import iaik.server.modules.IAIKRuntimeException;
+
+import java.lang.reflect.Constructor;
+import java.util.HashMap;
+import java.util.Map;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+
+
+/**
+ * Map an exception from the <code>iaik</code> namespace to a
+ * <code>MOAException</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class IaikExceptionMapper {
+
+ /** The argument classes for <code>MOAException</code>s. */
+ private static final Class[] CONSTRUCTOR_ARGS =
+ new Class[] { String.class, Object[].class, Throwable.class };
+ /** The exception mapping, as an array. */
+ private static final Object[][] MESSAGES =
+ {
+ { iaik.server.modules.IAIKException.class, "9900", MOASystemException.class },
+ { iaik.server.modules.IAIKRuntimeException.class, "9901", MOASystemException.class },
+ { iaik.server.modules.xmlsign.XMLSignatureCreationException.class, "2220", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.XMLSignatureCreationRuntimeException.class, "2220", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.InvalidKeyException.class, "2221", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.ManifestException.class, "2222", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.ReferenceException.class, "2223", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.HashUnavailableException.class, "2224", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.SignatureAlgorithmException.class, "2225", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.SignatureEmbeddingException.class, "2226", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.SignatureValueException.class, "2227", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.SignedPropertyException.class, "2228", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.SignerCertificateUnavailableException.class, "2229", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.SupplementException.class, "2230", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.TransformationException.class, "2233", MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.CMSSignatureVerificationException.class, "2240", MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.CMSSignatureVerificationRuntimeException.class, "2240", MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.AlgorithmNotSupportedException.class, "2241", MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.CMSSignatureParsingException.class, "2242", MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.SignerCertificateUnavailableException.class, "2243", MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.CMSSignatureVerificationRuntimeException.class, "2247", MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.InitException.class, "2248", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.XMLSignatureVerificationException.class, "2240", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.XMLSignatureVerificationRuntimeException.class, "2240", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.AlgorithmNotSupportedException.class, "2241", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.ManifestException.class, "2262", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.PropertiesException.class, "2263", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.ReferenceException.class, "2264", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.HashUnavailableException.class, "2224", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.SignerCertificateUnavailableException.class, "2243", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.SupplementException.class, "2230", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.TransformationException.class, "2265", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.TransformationParsingException.class, "2269", MOAApplicationException.class },
+ { iaik.xml.crypto.tsl.ex.TSLEngineDiedException.class, "2290", MOAApplicationException.class },
+ { iaik.xml.crypto.tsl.ex.TSLSearchException.class, "2290", MOAApplicationException.class } ,
+ { iaik.server.modules.cmssign.CMSSignatureCreationException.class, "2300", MOAApplicationException.class } ,
+
+
+ };
+
+ /** The single instance of this class. */
+ private static IaikExceptionMapper instance;
+ /** The exception mapping, as a <code>Map</code> for fast lookup. */
+ private Map messages = new HashMap();
+
+ /**
+ * Get the single instance of this class.
+ *
+ * @return The single instance of this class.
+ */
+ public static synchronized IaikExceptionMapper getInstance() {
+ if (instance == null) {
+ instance = new IaikExceptionMapper();
+ }
+ return instance;
+ }
+
+ /**
+ * Create a new <code>IaikExceptionMapper</code>.
+ *
+ * Protected to disallow multple instances.
+ */
+ protected IaikExceptionMapper() {
+ registerMessages();
+ }
+
+ /**
+ * Build the complete <code>IAIKException</code> to message code mapping.
+ */
+ protected void registerMessages() {
+ int i;
+
+ for (i = 0; i < MESSAGES.length; i++) {
+ registerMessage(
+ (Class) MESSAGES[i][0],
+ (String) MESSAGES[i][1],
+ (Class) MESSAGES[i][2]);
+ }
+ }
+
+ /**
+ * Register a single <code>IAIKException</code> to message mapping.
+ *
+ * @param iaikExceptionClass An exception from the <code>iaik</code> package.
+ * @param messageId The corresponding error message id.
+ * @param moaExceptionClass The type of <code>MOAException</code> that the
+ * <code>IAIKException</code> is mapped to (usually
+ * <code>MOAApplicationException</code> or <code>MOASystemException</code>).
+ */
+ protected void registerMessage(
+ Class iaikExceptionClass,
+ String messageId,
+ Class moaExceptionClass) {
+
+ messages.put(
+ iaikExceptionClass,
+ new ExceptionMappingInfo(messageId, moaExceptionClass));
+ }
+
+ /**
+ * Map an <code>iaik.xml.crypto.tsl.ex.TSLSearchException</code> to a <code>MOAException</code>.
+ *
+ * @param tslSearchException The <code>iaik.xml.crypto.tsl.ex.TSLSearchException</code> to map.
+ * @return A <code>MOAException</code> containing the message for the
+ * given <code>IAIKException</code>.
+ */
+ public MOAException map(iaik.xml.crypto.tsl.ex.TSLSearchException tslSearchException) {
+ return mapImpl(tslSearchException);
+ }
+
+ /**
+ * Map an <code>iaik.xml.crypto.tsl.ex.TSLEngineDiedException</code> to a <code>MOAException</code>.
+ *
+ * @param tslEngineDiedException The <code>iaik.xml.crypto.tsl.ex.TSLEngineDiedException</code> to map.
+ * @return A <code>MOAException</code> containing the message for the
+ * given <code>IAIKException</code>.
+ */
+ public MOAException map(iaik.xml.crypto.tsl.ex.TSLEngineDiedException tslEngineDiedException) {
+ return mapImpl(tslEngineDiedException);
+ }
+
+ /**
+ * Map an <code>IAIKException</code> to a <code>MOAException</code>.
+ *
+ * @param iaikException The <code>IAIKException</code> to map.
+ * @return A <code>MOAException</code> containing the message for the
+ * given <code>IAIKException</code>.
+ */
+ public MOAException map(IAIKException iaikException) {
+ return mapImpl(iaikException);
+ }
+
+ /**
+ * Map an <code>IAIKRuntimeException</code> to a <code>MOAException</code>.
+ *
+ * @param iaikException The <code>IAIKException</code> to map.
+ * @return A <code>MOAException</code> containing the message for the
+ * given <code>IAIKRuntimeException</code>.
+ */
+ public MOAException map(IAIKRuntimeException iaikException) {
+ return mapImpl(iaikException);
+ }
+
+ /**
+ * Map an <code>IAIKException</code> or <code>IAIKRuntimeException</code> to a
+ * <code>MOAException</code>.
+ *
+ * @param iaikException The <code>IAIKException</code> or
+ * <code>IAIKRuntimeException</code> to map.
+ * @return A <code>MOAException</code> containing the message for the
+ * given <code>IAIKRuntimeException</code>.
+ */
+ private MOAException mapImpl(Exception iaikException) {
+ MOAException moaException = createMoaException(iaikException);
+
+ if (moaException == null) {
+ return new MOASystemException("9999", null, iaikException);
+ }
+ return moaException;
+ }
+
+ /**
+ * Create a <code>MOAException</code> from a given <code>IAIKException</code>
+ * by looking it up in the mapping.
+ *
+ * @param iaikException The <code>IAIKException</code> to map.
+ * @return A <code>MOAException</code> with an error code corresponding to
+ * the given <code>IAIKException</code>. Returns <code>null</code>, if no
+ * mapping could be found.
+ */
+ protected MOAException createMoaException(Exception iaikException) {
+ ExceptionMappingInfo info = lookupMessage(iaikException.getClass());
+ Constructor constructor;
+
+ if (info == null) {
+ return null;
+ }
+
+ // instantiate the proper MOAException and return it
+ try {
+ constructor =
+ info.getMoaExceptionClass().getConstructor(CONSTRUCTOR_ARGS);
+ return (MOAException) constructor.newInstance(
+ new Object[] {
+ info.getMessageId(),
+ new Object[] { iaikException.getMessage()},
+ iaikException });
+ } catch (Exception e) {
+ return null;
+ }
+ }
+
+ /**
+ * Recursively look up the message associated with an
+ * <code>IAIKException</code>.
+ *
+ * This method walks up the exception inheritance hierarchy until it finds a
+ * mapping.
+ *
+ * @param iaikExceptionClass The <code>IAIKException</code> to look up.
+ * @return Information about the message id and
+ * <code>MOAException</code> class that the <code>iaikExceptionClass</code>
+ * maps to. If no mapping could be found, <code>null</code> is returned.
+ */
+ protected ExceptionMappingInfo lookupMessage(Class iaikExceptionClass) {
+ ExceptionMappingInfo info;
+
+ // break if
+ if (iaikExceptionClass.equals(Exception.class)) {
+ return null;
+ }
+
+ // look up the exception class
+ info = (ExceptionMappingInfo) messages.get(iaikExceptionClass);
+ if (info == null) {
+ return lookupMessage(iaikExceptionClass.getSuperclass());
+ }
+ return info;
+ }
+
+}
+
+/**
+ * A class containing a mapping from an error message ID to a
+ * <code>MOAException</code> class.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+class ExceptionMappingInfo {
+ /** The message ID. */
+ private String messageId;
+ /** The <code>MOAException</code> class. */
+ private Class moaExceptionClass;
+
+ /**
+ * Create a new <code>ExceptionMappingInfo</code>.
+ *
+ * @param messageId The message ID.
+ * @param moaExceptionClass The <code>MOAException</code> class.
+ */
+ public ExceptionMappingInfo(String messageId, Class moaExceptionClass) {
+ this.messageId = messageId;
+ this.moaExceptionClass = moaExceptionClass;
+ }
+
+ /**
+ * Return the message ID.
+ *
+ * @return The message ID.
+ */
+ public String getMessageId() {
+ return messageId;
+ }
+
+ /**
+ * Returns the <code>MOAException</code> class that the message ID maps to.
+ *
+ * @return The <code>MOAException</code> class.
+ */
+ public Class getMoaExceptionClass() {
+ return moaExceptionClass;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/InvokerUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/InvokerUtils.java
new file mode 100644
index 0000000..0bca8ae
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/InvokerUtils.java
@@ -0,0 +1,87 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.util.XPathException;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.common.ElementSelector;
+
+/**
+ * Utility methods for invoking the IAIK MOA modules.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class InvokerUtils {
+
+ /**
+ * Select the signature parent element.
+ *
+ * @param root The root DOM element which contains the signature parent
+ * element somewhere in its subtree.
+ * @param location The <code>ElementSelector</code> containing the XPath
+ * expression to select the signature parent element from the document.
+ * It is also contains the namespace prefix to URI mapping.
+ * @return Element The signature parent element.
+ * @throws MOAApplicationException An error occurred evaluating the
+ * <code>location</code>.
+ */
+ public static Element evaluateSignatureLocation(
+ Element root,
+ ElementSelector location)
+ throws MOAApplicationException {
+
+ NodeList nodes;
+
+ try {
+ nodes =
+ XPathUtils.selectNodeList(
+ root,
+ location.getNamespaceDeclarations(),
+ location.getXPathExpression());
+ } catch (XPathException e) {
+ throw new MOAApplicationException(
+ "2212",
+ new Object[] { location.getXPathExpression()},
+ e);
+ }
+
+ if (nodes.getLength() != 1
+ || !(nodes.item(0).getNodeType() == Node.ELEMENT_NODE)) {
+ throw new MOAApplicationException(
+ "2212",
+ new Object[] { location.getXPathExpression()});
+ }
+ return (Element) nodes.item(0);
+ }
+
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ProfileMapper.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ProfileMapper.java
new file mode 100644
index 0000000..c6eaa4f
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ProfileMapper.java
@@ -0,0 +1,273 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.xmlbind.ProfileParser;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfileExplicit;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfileID;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfileExplicit;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfileID;
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfileExplicit;
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfileID;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfileExplicit;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfileID;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * Map ProfileID objects to their explicit represantation.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ProfileMapper {
+
+ /** The parser to parse the profiles. */
+ private static ProfileParser profileParser = new ProfileParser();
+
+ /**
+ * Map a <code>CreateTransformsInfoProfile</code> to a
+ * <code>CreateTransformsInfoProfileExplicit</code>.
+ *
+ * @param profile The profile object to map.
+ * @param config The MOA configuration to use for looking up the profile.
+ * @return <code>profile</code>, if the given profile is of type
+ * <code>EXPLICIT_CREATETRANSFORMSINFOPROFILE</code>, otherwise the profile
+ * that is looked up and parsed from the configuration.
+ * @throws MOAApplicationException An error occurred parsing the profile.
+ */
+ public static CreateTransformsInfoProfileExplicit mapCreateTransformsInfoProfile(
+ CreateTransformsInfoProfile profile,
+ ConfigurationProvider config)
+ throws MOAApplicationException {
+
+ switch (profile.getCreateTransformsInfoProfileType()) {
+ case CreateTransformsInfoProfile.EXPLICIT_CREATETRANSFORMSINFOPROFILE :
+ return (CreateTransformsInfoProfileExplicit) profile;
+
+ case CreateTransformsInfoProfile.ID_CREATETRANSFORMSINFOPROFILE :
+ CreateTransformsInfoProfileID profileIdObj =
+ (CreateTransformsInfoProfileID) profile;
+ String profileID = profileIdObj.getCreateTransformsInfoProfileID();
+ Element profileElem = config.getCreateTransformsInfoProfile(profileID);
+
+ if (profileElem == null) {
+ throw new MOAApplicationException("2234", new Object[] { profileID });
+ }
+
+ return (
+ CreateTransformsInfoProfileExplicit) profileParser
+ .parseCreateTransformsInfoProfile(
+ profileElem);
+ }
+ return null; // this will not happen
+ }
+
+ /**
+ * Map a <code>CreateSignatureEnvironmentProfile</code> to a
+ * <code>CreateSignatureEnvironmentProfileExplicit</code>.
+ *
+ * @param profile The profile object to map.
+ * @param config The MOA configuration to use for looking up the profile.
+ * @return <code>profile</code>, if the given profile is of type
+ * <code>EXPLICIT_CREATESIGNATUREENVIRONMENTPROFILE</code>, otherwise the
+ * profile that is looked up and parsed from the configuration.
+ * @throws MOAApplicationException An error occurred parsing the profile.
+ */
+ public static CreateSignatureEnvironmentProfileExplicit mapCreateSignatureEnvironmentProfile(
+ CreateSignatureEnvironmentProfile profile,
+ ConfigurationProvider config)
+ throws MOAApplicationException {
+
+ switch (profile.getCreateSignatureEnvironmentProfileType()) {
+ case CreateSignatureEnvironmentProfile
+ .EXPLICIT_CREATESIGNATUREENVIRONMENTPROFILE :
+
+ return (CreateSignatureEnvironmentProfileExplicit) profile;
+
+ case CreateSignatureEnvironmentProfile
+ .ID_CREATESIGNATUREENVIRONMENTPROFILE :
+
+ CreateSignatureEnvironmentProfileID profileIdObj =
+ (CreateSignatureEnvironmentProfileID) profile;
+ String profileID =
+ profileIdObj.getCreateSignatureEnvironmentProfileID();
+ Element profileElem =
+ config.getCreateSignatureEnvironmentProfile(profileID);
+
+ if (profileElem == null) {
+ throw new MOAApplicationException("2236", new Object[] { profileID });
+ }
+
+ return (
+ CreateSignatureEnvironmentProfileExplicit) profileParser
+ .parseCreateSignatureEnvironmentProfile(
+ profileElem);
+
+ }
+ return null;
+
+ }
+
+ /**
+ * Map a <code>List</code> of <code>SupplementProfile</code>s to their
+ * explicit representation.
+ *
+ * @param profiles The profiles to map.
+ * @param config The MOA configuration to use for looking up profiles.
+ * @return The mapped profiles.
+ * @throws MOAApplicationException An error occurred mapping one of the
+ * profiles.
+ */
+ public static List mapSupplementProfiles(
+ List profiles,
+ ConfigurationProvider config)
+ throws MOAApplicationException {
+
+ List mappedProfiles = new ArrayList();
+ Iterator iter;
+
+ for (iter = profiles.iterator(); iter.hasNext();) {
+ SupplementProfile profile = (SupplementProfile) iter.next();
+ mappedProfiles.add(mapSupplementProfile(profile, config));
+ }
+
+ return mappedProfiles;
+ }
+
+ /**
+ * Map a <code>SupplementProfile</code> to a
+ * <code>SupplementProfileExplicit</code>.
+ *
+ * @param profile The profile object to map.
+ * @param config The MOA configuration to use for looking up the profile.
+ * @return <code>profile</code>, if the given profile is of type
+ * <code>EXPLICIT_SUPPLEMENTPROFILE</code>, otherwise the
+ * profile that is looked up and parsed from the configuration.
+ * @throws MOAApplicationException An error occurred parsing the profile.
+ */
+ public static SupplementProfileExplicit mapSupplementProfile(
+ SupplementProfile profile,
+ ConfigurationProvider config)
+ throws MOAApplicationException {
+
+ switch (profile.getSupplementProfileType()) {
+ case SupplementProfile.EXPLICIT_SUPPLEMENTPROFILE :
+ return (SupplementProfileExplicit) profile;
+
+ case SupplementProfile.ID_SUPPLEMENTPROFILE :
+ SupplementProfileID profileIdObj = (SupplementProfileID) profile;
+ String profileID = profileIdObj.getSupplementProfileID();
+ Element profileElem = config.getSupplementProfile(profileID);
+
+ if (profileElem == null) {
+ throw new MOAApplicationException("2267", new Object[] { profileID });
+ }
+
+ return (
+ SupplementProfileExplicit) profileParser.parseSupplementProfile(
+ profileElem);
+ }
+
+ return null;
+ }
+
+ /**
+ * Map a <code>List</code> of <code>VerifyTransformsInfoProfile</code>s to
+ * their explicit representation.
+ *
+ * @param profiles The profiles to map.
+ * @param config The MOA configuration to use for looking up profiles.
+ * @return The mapped profiles.
+ * @throws MOAApplicationException An error occurred mapping one of the
+ * profiles.
+ */
+ public static List mapVerifyTransformsInfoProfiles(
+ List profiles,
+ ConfigurationProvider config)
+ throws MOAApplicationException {
+
+ List mappedProfiles = new ArrayList();
+ Iterator iter;
+
+ for (iter = profiles.iterator(); iter.hasNext();) {
+ VerifyTransformsInfoProfile profile =
+ (VerifyTransformsInfoProfile) iter.next();
+ mappedProfiles.add(mapVerifyTransformsInfoProfile(profile, config));
+ }
+
+ return mappedProfiles;
+ }
+
+ /**
+ * Map a <code>VerifyTransformsInfoProfile</code> to a
+ * <code>VerifyTransformsInfoProfileExplicit</code>.
+ *
+ * @param profile The profile object to map.
+ * @param config The MOA configuration to use for looking up the profile.
+ * @return <code>profile</code>, if the given profile is of type
+ * <code>EXPLICIT_VERIFYTRANSFORMSINFOPROFILE</code>, otherwise the
+ * profile that is looked up and parsed from the configuration.
+ * @throws MOAApplicationException An error occurred parsing the profile.
+ */
+ public static VerifyTransformsInfoProfileExplicit mapVerifyTransformsInfoProfile(
+ VerifyTransformsInfoProfile profile,
+ ConfigurationProvider config)
+ throws MOAApplicationException {
+
+ switch (profile.getVerifyTransformsInfoProfileType()) {
+ case VerifyTransformsInfoProfile.EXPLICIT_VERIFYTRANSFORMSINFOPROFILE :
+ return (VerifyTransformsInfoProfileExplicit) profile;
+
+ case VerifyTransformsInfoProfile.ID_VERIFYTRANSFORMSINFOPROFILE :
+ VerifyTransformsInfoProfileID profileIdObj =
+ (VerifyTransformsInfoProfileID) profile;
+ String profileID = profileIdObj.getVerifyTransformsInfoProfileID();
+ Element profileElem =
+ config.getVerifyTransformsInfoProfile(profileID);
+
+ if (profileElem == null) {
+ throw new MOAApplicationException("2268", new Object[] { profileID });
+ }
+
+ return (
+ VerifyTransformsInfoProfileExplicit) profileParser
+ .parseVerifyTransformsInfoProfile(
+ profileElem);
+ }
+
+ return null;
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ServiceContextUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ServiceContextUtils.java
new file mode 100644
index 0000000..8f3c075
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ServiceContextUtils.java
@@ -0,0 +1,75 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import at.gv.egovernment.moa.logging.LoggingContext;
+import at.gv.egovernment.moa.logging.LoggingContextManager;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+
+/**
+ * A utility class for setting up and tearing down thread-local context
+ * information needed for calling the <code>Invoker</code> classes.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ServiceContextUtils {
+
+ /**
+ * Set up the thread-local context information needed for calling the various
+ * <code>Invoker</code> classes.
+ *
+ * @throws ConfigurationException An error occurred setting up the
+ * configuration in the <code>TransactionContext</code>.
+ */
+ public static void setUpContexts() throws ConfigurationException {
+ TransactionContextManager txMgr = TransactionContextManager.getInstance();
+ LoggingContextManager logMgr = LoggingContextManager.getInstance();
+ String transactionID = Thread.currentThread().getName();
+
+ if (txMgr.getTransactionContext() == null) {
+ TransactionContext ctx = new TransactionContext(transactionID, null, ConfigurationProvider.getInstance());
+ txMgr.setTransactionContext(ctx);
+ }
+
+ if (logMgr.getLoggingContext() == null) {
+ LoggingContext ctx = new LoggingContext(transactionID);
+ logMgr.setLoggingContext(ctx);
+ }
+ }
+
+ /**
+ * Tear down thread-local context information.
+ */
+ public static void tearDownContexts() {
+ TransactionContextManager.getInstance().setTransactionContext(null);
+ LoggingContextManager.getInstance().setLoggingContext(null);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureCreationServiceImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureCreationServiceImpl.java
new file mode 100644
index 0000000..b746333
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureCreationServiceImpl.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import java.util.Collections;
+
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.Configurator;
+import at.gv.egovernment.moa.spss.api.SignatureCreationService;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse;
+
+/**
+ * An implementation of the <code>SignatureCreationService</code>, using
+ * the <code>XMLSignatureCreationInvoker</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class SignatureCreationServiceImpl extends SignatureCreationService {
+
+ /**
+ * Create an XML signature.
+ *
+ * @param request The <code>CreateXMLSignatureRequest</code> containing
+ * information about the signature(s) to create.
+ * @return The created signature(s).
+ * @throws MOAException An error occurred creating the signature(s).
+ */
+ public CreateXMLSignatureResponse createXMLSignature(CreateXMLSignatureRequest request)
+ throws MOAException {
+
+ XMLSignatureCreationInvoker invoker =
+ XMLSignatureCreationInvoker.getInstance();
+ CreateXMLSignatureResponse response;
+
+ try {
+
+ Configurator.getInstance().init();
+ ServiceContextUtils.setUpContexts();
+ response = invoker.createXMLSignature(request, Collections.EMPTY_SET);
+
+ return response;
+ } finally {
+ ServiceContextUtils.tearDownContexts();
+ }
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureVerificationServiceImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureVerificationServiceImpl.java
new file mode 100644
index 0000000..5b6033c
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureVerificationServiceImpl.java
@@ -0,0 +1,100 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.Configurator;
+import at.gv.egovernment.moa.spss.api.SignatureVerificationService;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+
+/**
+ * An implementation of the <code>SignatureVerificationService</code> using
+ * the <code>XMLSignatureVerificationInvoker</code> and the
+ * <code>CMSSignatureVerificationInvoker</code>.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class SignatureVerificationServiceImpl
+ extends SignatureVerificationService {
+
+ /**
+ * Verify a CMS signature.
+ *
+ * @param request The <code>VerifyCMSSignatureRequest</code> containing
+ * information about the signature verification.
+ * @return The result of the signature verification.
+ * @throws MOAException An error occurred during signature verification.
+ */
+ public VerifyCMSSignatureResponse verifyCMSSignature(VerifyCMSSignatureRequest request)
+ throws MOAException {
+
+ CMSSignatureVerificationInvoker invoker =
+ CMSSignatureVerificationInvoker.getInstance();
+ VerifyCMSSignatureResponse response;
+
+ try {
+ Configurator.getInstance().init();
+ ServiceContextUtils.setUpContexts();
+ response = invoker.verifyCMSSignature(request);
+
+ return response;
+ } finally {
+ ServiceContextUtils.tearDownContexts();
+ }
+ }
+
+ /**
+ * Verify an XML signature.
+ *
+ * @param request The <code>VerifyXMLSignatureRequest</code> containinig
+ * information about the signature verification.
+ * @return The result of the signature verification.
+ * @throws MOAException An error occurred during signature verification.
+ */
+ public VerifyXMLSignatureResponse verifyXMLSignature(VerifyXMLSignatureRequest request)
+ throws MOAException {
+
+ XMLSignatureVerificationInvoker invoker =
+ XMLSignatureVerificationInvoker.getInstance();
+ VerifyXMLSignatureResponse response;
+
+ try {
+
+
+ Configurator.getInstance().init();
+ ServiceContextUtils.setUpContexts();
+ response = invoker.verifyXMLSignature(request);
+
+ return response;
+ } finally {
+ ServiceContextUtils.tearDownContexts();
+ }
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/TransformationFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/TransformationFactory.java
new file mode 100644
index 0000000..7842f14
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/TransformationFactory.java
@@ -0,0 +1,282 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import iaik.server.modules.xml.Base64Transformation;
+import iaik.server.modules.xml.Canonicalization;
+import iaik.server.modules.xml.EnvelopedSignatureTransformation;
+import iaik.server.modules.xml.Transformation;
+import iaik.server.modules.xml.XPath2Transformation;
+import iaik.server.modules.xml.XPathTransformation;
+import iaik.server.modules.xml.XSLTTransformation;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.common.ExclusiveCanonicalizationTransform;
+import at.gv.egovernment.moa.spss.api.common.Transform;
+import at.gv.egovernment.moa.spss.api.common.XPathFilter;
+import at.gv.egovernment.moa.spss.api.common.XPathFilter2Transform;
+import at.gv.egovernment.moa.spss.api.common.XPathTransform;
+import at.gv.egovernment.moa.spss.api.common.XSLTTransform;
+import at.gv.egovernment.moa.spss.server.iaik.xml.Base64TransformationImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xml.CanonicalizationImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xml.EnvelopedSignatureTransformationImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xml.ExclusiveCanonicalizationImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xml.XPath2FilterImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xml.XPath2TransformationImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xml.XPathTransformationImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xml.XSLTTransformationImpl;
+
+/**
+ * A factory to create <code>Transformation</code> objects from
+ * <code>Transform</code> objects.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class TransformationFactory {
+
+
+ /** The single instance of this class. */
+ private static TransformationFactory instance = null;
+
+ /** Maps <code>XPathFilter</code> filter types to
+ * <code>XPath2Transformation</code> filter types. */
+ private static Map FILTER_TYPE_MAPPING;
+
+ static {
+ FILTER_TYPE_MAPPING = new HashMap();
+
+ FILTER_TYPE_MAPPING.put(
+ XPathFilter.INTERSECT_TYPE,
+ XPath2Transformation.XPath2Filter.INTERSECTION);
+ FILTER_TYPE_MAPPING.put(
+ XPathFilter.SUBTRACT_TYPE,
+ XPath2Transformation.XPath2Filter.SUBTRACTION);
+ FILTER_TYPE_MAPPING.put(
+ XPathFilter.UNION_TYPE,
+ XPath2Transformation.XPath2Filter.UNION);
+ }
+
+ /**
+ * Get the single instance of the factory.
+ *
+ * @return TransformationFactory The single instance.
+ */
+ public static synchronized TransformationFactory getInstance() {
+ if (instance == null) {
+ instance = new TransformationFactory();
+ }
+ return instance;
+ }
+
+ /**
+ * Create a new <code>TransformationFactory</code>.
+ *
+ * Protected to disallow multiple instances.
+ */
+ protected TransformationFactory() {
+ }
+
+ /**
+ * Create a <code>Transformation</code> based on a
+ * <code>Transform</code> object.
+ *
+ * @param transform The <code>Transform</code> object to extract
+ * transformation data from.
+ * @return The transformation contained in the <code>transform</code>
+ * object.
+ * @throws MOAApplicationException An error occured creating the
+ * <code>Transformation</code>. See exception message for details.
+ */
+ public Transformation createTransformation(Transform transform)
+ throws MOAApplicationException {
+ String algorithmUri = transform.getAlgorithmURI();
+
+ if (Canonicalization.CANONICAL_XML.equals(algorithmUri)
+ || Canonicalization.CANONICAL_XML_WITH_COMMENTS.equals(algorithmUri)) {
+ return createC14nTransformation(algorithmUri);
+ } else if (
+ Canonicalization.EXCLUSIVE_CANONICAL_XML.equals(algorithmUri)
+ || Canonicalization.EXCLUSIVE_CANONICAL_XML_WITH_COMMENTS.equals(
+ algorithmUri)) {
+
+ return createExclusiveC14nTransformation(
+ (ExclusiveCanonicalizationTransform) transform);
+
+ } else if (Base64Transformation.ALL.contains(algorithmUri)) {
+ return createBase64Transformation();
+ } else if (EnvelopedSignatureTransformation.ALL.contains(algorithmUri)) {
+ return createEnvelopedSignatureTransformation();
+ } else if (XPathTransformation.ALL.contains(algorithmUri)) {
+ return createXPathTransformation((XPathTransform) transform);
+ } else if (XPath2Transformation.ALL.contains(algorithmUri)) {
+ return createXPath2Transformation((XPathFilter2Transform) transform);
+ } else if (XSLTTransformation.ALL.contains(algorithmUri)) {
+ return createXSLTTransformation((XSLTTransform) transform);
+ } else {
+ throw new MOAApplicationException("1108", new Object[] { algorithmUri });
+ }
+ }
+
+ /**
+ * Create a <code>List</code> of <code>Transformation</code>s from a
+ * <code>List</code> of <code>Transform</code>s.
+ *
+ * @param transforms The <code>List</code> containing the
+ * <code>Transform</code>s.
+ * @return The <code>List</code> of <code>Transformation</code>s corresponding
+ * to the <code>transforms</code>.
+ * @throws MOAApplicationException An error occurred building one of the
+ * transformations. See exception message for details.
+ */
+ public List createTransformationList(List transforms)
+ throws MOAApplicationException {
+ List transformationList = new ArrayList();
+ Iterator trIter;
+
+ for (trIter = transforms.iterator(); trIter.hasNext();) {
+ Transform transform = (Transform) trIter.next();
+ transformationList.add(createTransformation(transform));
+ }
+
+ return transformationList;
+ }
+
+ /**
+ * Create a <code>Canonicalization</code>.
+ *
+ * @param algorithmUri The algorithm URI of the canonicalization.
+ * @return The <code>Canonicalization</code>.
+ */
+ private Transformation createC14nTransformation(String algorithmUri) {
+ return new CanonicalizationImpl(algorithmUri);
+ }
+
+ /**
+ * Create a <code>ExclusiveCanonicalization</code>.
+ *
+ * @param transform The <code>ExclusiveCanonicalizationTransform</code>
+ * containing the transformation data.
+ * @return The <code>ExclusiveCanonicalization</code>.
+ */
+ private Transformation createExclusiveC14nTransformation(ExclusiveCanonicalizationTransform transform) {
+ return new ExclusiveCanonicalizationImpl(
+ transform.getAlgorithmURI(),
+ transform.getInclusiveNamespacePrefixes());
+ }
+
+ /**
+ * Create a <code>Base64Transformation</code>.
+ *
+ * @return The <code></code>
+ */
+ private Transformation createBase64Transformation() {
+ return new Base64TransformationImpl();
+ }
+
+ /**
+ * Create an <code>EnvelopedSignatureTransformation</code>.
+ *
+ * @return An <code>EnvelopedSignatureTransformation</code>.
+ */
+ private Transformation createEnvelopedSignatureTransformation() {
+ return new EnvelopedSignatureTransformationImpl();
+ }
+
+ /**
+ * Create an <code>XPathTransformation</code>.
+ *
+ * @param transform The <code>Transform</code> object containing the
+ * XPath transformation.
+ * @return An <code>XPathTransformation</code> corresponding the
+ * transformation given in <code>transform</code>.
+ * @throws MOAApplicationException An error occurred creating the
+ * <code>Transformation</code>.
+ */
+ private Transformation createXPathTransformation(XPathTransform transform)
+ throws MOAApplicationException {
+
+ return new XPathTransformationImpl(
+ transform.getXPathExpression(),
+ transform.getNamespaceDeclarations());
+ }
+
+ /**
+ * Create an <code>XPath2Transformation</code>.
+ *
+ * @param transform The <code>Transform</code> object containing the
+ * XPath filter transformation.
+ * @return An <code>XPath2Transformation</code> corresponding the
+ * transformation given in <code>transform</code>.
+ * @throws MOAApplicationException An error occurred creating the
+ * <code>Transformation</code>.
+ */
+ private Transformation createXPath2Transformation(XPathFilter2Transform transform)
+ throws MOAApplicationException {
+
+ XPath2TransformationImpl xpath2 = new XPath2TransformationImpl();
+ Iterator iter;
+
+ for (iter = transform.getFilters().iterator(); iter.hasNext();) {
+ XPathFilter filter = (XPathFilter) iter.next();
+ String mappedFilterType =
+ (String) FILTER_TYPE_MAPPING.get(filter.getFilterType());
+ XPath2FilterImpl mappedFilter =
+ new XPath2FilterImpl(
+ mappedFilterType,
+ filter.getXPathExpression(),
+ filter.getNamespaceDeclarations());
+ xpath2.addXPathFilter(mappedFilter);
+ }
+
+ if (xpath2.getXPathFilters().size() == 0) {
+ throw new MOAApplicationException("2216", null);
+ }
+
+ return xpath2;
+ }
+
+ /**
+ * Create an <code>XSLTTransformation</code>.
+ *
+ * @param transform The <code>Transform</code> containing the XSLT stylesheet.
+ * @return An <code>XSLTTransformation</code> corresponding the transformation
+ * given in <code>transform</code>.
+ * @throws MOAApplicationException An error occurred creating the
+ * <code>Transformation</code>.
+ */
+ private Transformation createXSLTTransformation(XSLTTransform transform)
+ throws MOAApplicationException {
+
+ return new XSLTTransformationImpl(transform.getStylesheet());
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
new file mode 100644
index 0000000..1ea10cb
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
@@ -0,0 +1,127 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import iaik.server.modules.cmsverify.CMSSignatureVerificationResult;
+import iaik.server.modules.cmsverify.CertificateValidationResult;
+
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+import at.gv.egovernment.moa.spss.server.config.TrustProfile;
+
+/**
+ * A class to build a <code>VerifyCMSSignatureResponse</code> object.
+ *
+ * <p>Via subsequent calls to <code>addResult()</code> a number of results from
+ * a CMS signature verification can be added to the response.</p>
+ *
+ * <p>The <code>getResponseElement()</code> method then returns the
+ * <code>VerifyCMSSignatureResponse</code> built so far.</p>
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class VerifyCMSSignatureResponseBuilder {
+ /** The <code>SPSSFactory</code> for creating API objects. */
+ private SPSSFactory factory = SPSSFactory.getInstance();
+ /** The elements making up the response. */
+ private List responseElements = new ArrayList();
+
+ /**
+ * Get the <code>VerifyCMSSignatureResponse</code> built so far.
+ *
+ * @return The <code>VerifyCMSSignatureResponse</code> built so far.
+ */
+ public VerifyCMSSignatureResponse getResponse() {
+ return factory.createVerifyCMSSignatureResponse(responseElements);
+ }
+
+ /**
+ * Add a verification result to the response.
+ *
+ * @param result The result to add.
+ * @param trustprofile The actual trustprofile
+ * @param checkQCFromTSL <code>true</code>, if the TSL check verifies the
+ * certificate as qualified, otherwise <code>false</code>.
+ * @param checkSSCD <code>true</code>, if the TSL check verifies the
+ * signature based on a SSDC, otherwise <code>false</code>.
+ * @param sscdSourceTSL <code>true</code>, if the SSCD information comes from the TSL,
+ * otherwise <code>false</code>.
+ * @throws MOAException
+ */
+ public void addResult(CMSSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode)
+ throws MOAException {
+
+ CertificateValidationResult certResult =
+ result.getCertificateValidationResult();
+ int signatureCheckCode =
+ result.getSignatureValueVerificationCode().intValue();
+ int certificateCheckCode = certResult.getValidationResultCode().intValue();
+
+ VerifyCMSSignatureResponseElement responseElement;
+ SignerInfo signerInfo;
+ CheckResult signatureCheck;
+ CheckResult certificateCheck;
+
+ boolean qualifiedCertificate = checkQC;
+
+ // add SignerInfo element
+ signerInfo =
+ factory.createSignerInfo(
+ (X509Certificate) certResult.getCertificateChain().get(0),
+ qualifiedCertificate,
+ qcSourceTSL,
+ certResult.isPublicAuthorityCertificate(),
+ certResult.getPublicAuthorityID(),
+ checkSSCD,
+ sscdSourceTSL,
+ issuerCountryCode);
+
+ // add SignatureCheck element
+ signatureCheck = factory.createCheckResult(signatureCheckCode, null);
+
+ // add CertificateCheck element
+ certificateCheck = factory.createCheckResult(certificateCheckCode, null);
+
+ // build the response element
+ responseElement =
+ factory.createVerifyCMSSignatureResponseElement(
+ signerInfo,
+ signatureCheck,
+ certificateCheck);
+ responseElements.add(responseElement);
+ }
+
+
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
new file mode 100644
index 0000000..9021785
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
@@ -0,0 +1,501 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.xml.crypto.OctetStreamData;
+import javax.xml.crypto.dsig.CanonicalizationMethod;
+import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec;
+
+import org.w3c.dom.DocumentFragment;
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.InputData;
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+import at.gv.egovernment.moa.spss.api.impl.InputDataBinaryImpl;
+import at.gv.egovernment.moa.spss.api.impl.InputDataXMLImpl;
+import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResultInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResultInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.util.CollectionUtils;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.NodeListAdapter;
+import iaik.server.modules.xml.BinaryDataObject;
+import iaik.server.modules.xml.DataObject;
+import iaik.server.modules.xml.XMLDataObject;
+import iaik.server.modules.xml.XMLNodeListDataObject;
+import iaik.server.modules.xmlverify.CertificateValidationResult;
+import iaik.server.modules.xmlverify.DsigManifest;
+import iaik.server.modules.xmlverify.HashUnavailableException;
+import iaik.server.modules.xmlverify.ReferenceData;
+import iaik.server.modules.xmlverify.ReferenceInfo;
+import iaik.server.modules.xmlverify.SecurityLayerManifest;
+import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile;
+import iaik.server.modules.xmlverify.XMLSignatureVerificationResult;
+import iaik.x509.X509Certificate;
+import iaik.xml.crypto.alg.transform.C14NTransformService;
+import iaik.xml.crypto.dsig.CanonicalizationMethodImpl;
+
+/**
+ * A class to build a <code>VerifyXMLSignatureResponse</code> object.
+ *
+ * <p>Via a call to <code>addResult()</code> the only result of the
+ * signature verification must be added.</p>
+ *
+ * <p>The <code>getResponseElement()</code> method then returns the
+ * <code>VerifyXMLSignatureResponse</code> built so far.</p>
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class VerifyXMLSignatureResponseBuilder {
+
+ /** The <code>SPSSFactory</code> for creating API objects. */
+ private SPSSFactory factory = SPSSFactory.getInstance();
+
+ /** Information about the signer certificate. */
+ private SignerInfo signerInfo;
+ /** The hash input data. */
+ private List hashInputDatas;
+ /** The reference input data. */
+ private List referenceInputDatas;
+ /** The result of the signature check. */
+ private ReferencesCheckResult signatureCheck;
+ /** The result of the signature manifest check. */
+ private ReferencesCheckResult signatureManifestCheck;
+ /** The result of the XMLDsig manifest check. */
+ private List xmlDsigManifestChecks;
+ /** The result of the certificate check. */
+ private CheckResult certificateCheck;
+
+ /**
+ * Get the <code>VerifyMLSignatureResponse</code> built so far.
+ *
+ * @return The <code>VerifyXMLSignatureResponse</code> built so far.
+ */
+ public VerifyXMLSignatureResponse getResponse() {
+ return factory.createVerifyXMLSignatureResponse(
+ signerInfo,
+ hashInputDatas,
+ referenceInputDatas,
+ signatureCheck,
+ signatureManifestCheck,
+ xmlDsigManifestChecks,
+ certificateCheck);
+ }
+
+ /**
+ * Sets the verification result to the response.
+ *
+ * This method must be called exactly once to ensure a valid
+ * <code>VerifyXMLSignatureResponse</code>.
+ *
+ * @param result The result to set for the response.
+ * @param profile The profile used for verifying the signature.
+ * @param transformsSignatureManifestCheck The overall result for the signature
+ * manifest check.
+ * @param certificateCheck The overall result for the certificate check.
+ * @param checkQC <code>true</code>, if the certificate is QC, otherwise <code>false</code>.
+ * @param qcSourceTSL <code>true</code>, if the QC information comes from the TSL,
+ * otherwise <code>false</code>.
+ * @param checkSSCD <code>true</code>, if the signature is created by an SSCD, otherwise <code>false</code>.
+ * @param sscdSourceTSL <code>true</code>, if the SSCD information comes from the TSL,
+ * otherwise <code>false</code>.
+ * @throws MOAApplicationException An error occurred adding the result.
+ */
+ public void setResult(
+ XMLSignatureVerificationResult result,
+ XMLSignatureVerificationProfile profile,
+ ReferencesCheckResult transformsSignatureManifestCheck,
+ CheckResult certificateCheck,
+ boolean checkQC,
+ boolean qcSourceTSL,
+ boolean checkSSCD,
+ boolean sscdSourceTSL,
+ boolean isTSLEnabledTrustprofile,
+ String issuerCountryCode)
+ throws MOAApplicationException {
+
+ CertificateValidationResult certResult =
+ result.getCertificateValidationResult();
+ List referenceDataList;
+ ReferenceData referenceData;
+ List dsigManifestList;
+ ReferencesCheckResultInfo checkResultInfo;
+ int[] failedReferences;
+ Iterator iter;
+
+ boolean qualifiedCertificate = false;
+
+ qualifiedCertificate = checkQC;
+
+ // create the SignerInfo;
+ signerInfo =
+ factory.createSignerInfo(
+ (X509Certificate) certResult.getCertificateChain().get(0),
+ qualifiedCertificate,
+ qcSourceTSL,
+ certResult.isPublicAuthorityCertificate(),
+ certResult.getPublicAuthorityID(),
+ checkSSCD,
+ sscdSourceTSL,
+ issuerCountryCode);
+
+ // Create HashInputData Content objects
+ referenceDataList = result.getReferenceDataList();
+ if (profile.includeHashInputData()) {
+ hashInputDatas = new ArrayList();
+
+ // Include SignedInfo references
+ addHashInputDatas(
+ hashInputDatas,
+ referenceDataList,
+ InputData.CONTAINER_SIGNEDINFO_,
+ InputData.REFERER_NONE_);
+
+ // Include XMLDSIGManifest references
+ List xMLDSIGManifests = result.getDsigManifestList();
+ for (iter = xMLDSIGManifests.iterator(); iter.hasNext();)
+ {
+ DsigManifest currentMF = (DsigManifest) iter.next();
+ List xMLDSIGMFReferenceDataList = currentMF.getReferenceDataList();
+ addHashInputDatas(
+ hashInputDatas,
+ xMLDSIGMFReferenceDataList,
+ InputData.CONTAINER_XMLDSIGMANIFEST_,
+ currentMF.getReferringReferenceInfo().getReferenceIndex());
+ }
+ }
+
+ // Create the ReferenceInputData Content objects
+ if (profile.includeReferenceInputData()) {
+ referenceInputDatas = new ArrayList();
+
+ // Include SignedInfo references
+ addReferenceInputDatas(
+ referenceInputDatas,
+ referenceDataList,
+ InputData.CONTAINER_SIGNEDINFO_,
+ InputData.REFERER_NONE_);
+
+ // Include XMLDSIGManifest references
+ List xMLDSIGManifests = result.getDsigManifestList();
+ for (iter = xMLDSIGManifests.iterator(); iter.hasNext();)
+ {
+ DsigManifest currentMF = (DsigManifest) iter.next();
+ List xMLDSIGMFReferenceDataList = currentMF.getReferenceDataList();
+ addReferenceInputDatas(
+ referenceInputDatas,
+ xMLDSIGMFReferenceDataList,
+ InputData.CONTAINER_XMLDSIGMANIFEST_,
+ currentMF.getReferringReferenceInfo().getReferenceIndex());
+ }
+ }
+
+ // create the signature check
+ failedReferences = buildFailedReferences(result.getReferenceDataList());
+ checkResultInfo =
+ failedReferences != null
+ ? factory.createReferencesCheckResultInfo(null, failedReferences)
+ : null;
+ signatureCheck =
+ factory.createReferencesCheckResult(
+ result.getSignatureValueVerificationCode().intValue(),
+ checkResultInfo);
+
+ // create the signature manifest check
+ if (profile.checkSecurityLayerManifest())
+ {
+ if (transformsSignatureManifestCheck.getCode() == 1)
+ {
+ // checking the transforms failed
+ signatureManifestCheck = transformsSignatureManifestCheck;
+ }
+ else if (result.isSecurityLayerManifestRequired())
+ {
+ if (!result.containsSecurityLayerManifest())
+ {
+ // required security layer manifest is missing in signature
+ signatureManifestCheck = factory.createReferencesCheckResult(2, null);
+ }
+ else
+ {
+ // security layer manifest exists, so we have to check its validity
+ SecurityLayerManifest slManifest = result.getSecurityLayerManifest();
+ int verificationResult = slManifest.getManifestVerificationResult().intValue();
+
+ if (SecurityLayerManifest.CODE_MANIFEST_VALID.intValue() == verificationResult)
+ {
+ // security layer manifest exists and is free of errors
+ signatureManifestCheck = factory.createReferencesCheckResult(0, null);
+ }
+ else
+ {
+ // security layer manifest exists, but has errors
+ failedReferences = buildFailedReferences(slManifest.getReferenceDataList());
+ checkResultInfo = (failedReferences != null)
+ ? factory.createReferencesCheckResultInfo(null, failedReferences)
+ : null;
+ if (SecurityLayerManifest.CODE_MANIFEST_INCOMPLETE.intValue() == verificationResult)
+ {
+ signatureManifestCheck = factory.createReferencesCheckResult(3, checkResultInfo);
+ }
+ else if (SecurityLayerManifest.CODE_REFERENCE_HASH_INVALID.intValue() == verificationResult)
+ {
+ signatureManifestCheck = factory.createReferencesCheckResult(4, checkResultInfo);
+ }
+ else
+ {
+ // Should not happen
+ throw new RuntimeException("Unexpected result from security layer manifest verification.");
+ }
+ }
+ }
+ }
+ else
+ {
+ // no security layer manifest is required, so the signature manifest check is ok
+ signatureManifestCheck = factory.createReferencesCheckResult(0, null);
+ }
+ }
+
+ // create the xmlDsigManifestCheck
+ if (profile.checkXMLDsigManifests()) {
+ xmlDsigManifestChecks = new ArrayList();
+ dsigManifestList = result.getDsigManifestList();
+ for (iter = dsigManifestList.iterator(); iter.hasNext();) {
+ DsigManifest dsigManifest = (DsigManifest) iter.next();
+ int refIndex =
+ dsigManifest.getReferringReferenceInfo().getReferenceIndex();
+ ManifestRefsCheckResultInfo manifestCheckResultInfo;
+
+ failedReferences =
+ buildFailedReferences(dsigManifest.getReferenceDataList());
+ manifestCheckResultInfo =
+ factory.createManifestRefsCheckResultInfo(
+ null,
+ failedReferences,
+ refIndex);
+ xmlDsigManifestChecks.add(
+ factory.createManifestRefsCheckResult(
+ dsigManifest.getManifestVerificationResult().intValue(),
+ manifestCheckResultInfo));
+ }
+ }
+
+ // create the certificate check
+ this.certificateCheck = certificateCheck;
+
+
+
+ }
+
+ /**
+ * Adds {@link InputData} entries to the specified <code>inputDatas</code> list. The content of the entry will
+ * be created from {@link ReferenceData#getHashInputData()}.
+ *
+ * @param inputDatas The list to be amended.
+ *
+ * @param referenceDataList The list of {@link ReferenceData} objects to be investigated.
+ *
+ * @param containerType The type of container of the {@link InputData} objects to be created.
+ *
+ * @param refererNumber The number of the referring reference for the {@link InputData} objects to be created.
+ *
+ * @throws MOAApplicationException if creating an {@link InputData} fails.
+ */
+ private void addHashInputDatas(List inputDatas, List referenceDataList, String containerType, int refererNumber)
+ throws MOAApplicationException
+ {
+ for (Iterator iter = referenceDataList.iterator(); iter.hasNext();)
+ {
+ ReferenceData referenceData = (ReferenceData) iter.next();
+ inputDatas.add(buildInputData(
+ referenceData.getHashInputData(),
+ containerType,
+ refererNumber));
+ }
+ }
+
+ /**
+ * Adds {@link InputData} entries to the specified <code>inputDatas</code> list. The content of the entry will
+ * be created from {@link ReferenceData#getReferenceInputData()}.
+ *
+ * @param inputDatas The list to be amended.
+ *
+ * @param referenceDataList The list of {@link ReferenceData} objects to be investigated.
+ *
+ * @param containerType The type of container of the {@link InputData} objects to be created.
+ *
+ * @param refererNumber The number of the referring reference for the {@link InputData} objects to be created.
+ *
+ * @throws MOAApplicationException if creating an {@link InputData} fails.
+ */
+ private void addReferenceInputDatas(List inputDatas, List referenceDataList, String containerType, int refererNumber)
+ throws MOAApplicationException
+ {
+ for (Iterator iter = referenceDataList.iterator(); iter.hasNext();)
+ {
+ ReferenceData referenceData = (ReferenceData) iter.next();
+ inputDatas.add(buildInputData(
+ referenceData.getReferenceInputData(),
+ containerType,
+ refererNumber));
+ }
+ }
+
+ /**
+ * Build a <code>InputDataBinaryImpl</code> or an <code>InputDataXMLImpl</code>
+ * object from the given <code>DataObject</code> and the given attributes.
+ *
+ * @param dataObject The <code>DataObject</code> from which to build the result.
+ * Based on the type of this parameter, the type of the result will either be
+ * <code>InputDataBinaryImpl</code> or <code>InputDataXMLImpl</code>.
+ *
+ * @param partof see {@link InputData}
+ *
+ * @param referringReferenceNumber see {@link InputData}
+ *
+ * @return The corresponinding input data implementation.
+ *
+ * @throws MOAApplicationException An error occurred creating the result.
+ */
+ private Content buildInputData(DataObject dataObject, String partOf, int referringReferenceNumber)
+ throws MOAApplicationException {
+
+ if (dataObject instanceof BinaryDataObject) {
+ BinaryDataObject binaryData = (BinaryDataObject) dataObject;
+ return new InputDataBinaryImpl(
+ factory.createContent(binaryData.getInputStream(), null),
+ partOf,
+ referringReferenceNumber);
+ } else if (dataObject instanceof XMLDataObject) {
+ XMLDataObject xmlData = (XMLDataObject) dataObject;
+ List nodes = new ArrayList();
+
+ nodes.add(xmlData.getElement());
+ return new InputDataXMLImpl(
+ factory.createContent(new NodeListAdapter(nodes), null),
+ partOf,
+ referringReferenceNumber);
+ } else { // dataObject instanceof XMLNodeListDataObject
+ // if the data in the NodeList can be converted back to valid XML,
+ // write it as XMLContent; otherwise, write it as Base64Content
+ XMLNodeListDataObject nodeData = (XMLNodeListDataObject) dataObject;
+ NodeList nodes = nodeData.getNodeList();
+
+ if (DOMUtils.checkAttributeParentsInNodeList(nodes)) {
+ // insert as XMLContent
+ try {
+ DocumentFragment fragment = DOMUtils.nodeList2DocumentFragment(nodes);
+
+ return new InputDataXMLImpl(
+ factory.createContent(fragment.getChildNodes(), null),
+ partOf,
+ referringReferenceNumber);
+ } catch (Exception e) {
+ // not successful -> fall through to the Base64Content
+ }
+ }
+
+ // insert canonicalized NodeList as binary content
+ try {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ for(int i = 0; i < nodes.getLength(); i++) {
+ baos.write(DOMUtils.nodeToByteArray(nodes.item(i)));
+ }
+ baos.close();
+ ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray());
+ OctetStreamData inputData = new OctetStreamData(bais);
+
+ CanonicalizationMethodImpl canonicalizationMethodImpl = new CanonicalizationMethodImpl(
+ CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, new ExcC14NParameterSpec());
+ OctetStreamData data = (OctetStreamData)canonicalizationMethodImpl.transform(inputData, null);
+ bais.close();
+ //CanonicalizationAlgorithm c14n =
+ //new CanonicalizationAlgorithmImplExclusiveCanonicalXMLWithComments();
+ InputStream is = data.getOctetStream();
+
+ //c14n.setInput(nodes);
+ //is = c14n.canonicalize();
+ return new InputDataBinaryImpl(
+ factory.createContent(is, null),
+ partOf,
+ referringReferenceNumber);
+ } catch (Exception e) {
+ throw new MOAApplicationException("2200", null);
+ }
+ }
+ }
+
+ /**
+ * Build the failed references.
+ *
+ * Failed references are references for which the <code>isHashValid()</code>
+ * method returns <code>false</code>.
+ *
+ * @param refInfos A <code>List</code> containing the
+ * <code>ReferenceInfo</code> objects to be checked.
+ * @return The indexes of the failed references.
+ */
+ private int[] buildFailedReferences(List refInfos) {
+ List failedReferencesList = new ArrayList();
+ int i;
+
+ // find out the failed references
+ for (i = 0; i < refInfos.size(); i++) {
+ ReferenceInfo refInfo = (ReferenceInfo) refInfos.get(i);
+
+ try {
+ if (refInfo.isHashCalculated() && !refInfo.isHashValid()) {
+ failedReferencesList.add(new Integer(i + 1));
+ }
+ } catch (HashUnavailableException e) {
+ // nothing to do here because we called refInfo.isHashCalculated first
+ }
+ }
+
+ // convert to an int array
+ if (failedReferencesList.isEmpty()) {
+ return null;
+ } else {
+ int[] failedReferences = CollectionUtils.toIntArray(failedReferencesList);
+
+ return failedReferences;
+ }
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvoker.java
new file mode 100644
index 0000000..7debb7b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvoker.java
@@ -0,0 +1,586 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import iaik.server.modules.IAIKException;
+import iaik.server.modules.IAIKRuntimeException;
+import iaik.server.modules.xml.DataObject;
+import iaik.server.modules.xml.XMLDataObject;
+import iaik.server.modules.xml.XMLSignature;
+import iaik.server.modules.xmlsign.XMLSignatureCreationModule;
+import iaik.server.modules.xmlsign.XMLSignatureCreationModuleFactory;
+import iaik.server.modules.xmlsign.XMLSignatureCreationProfile;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Set;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.logging.LoggingContext;
+import at.gv.egovernment.moa.logging.LoggingContextManager;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfileExplicit;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfileExplicit;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.DataObjectInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.SingleSignatureInfo;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.iaik.xml.XMLDataObjectImpl;
+import at.gv.egovernment.moa.spss.server.logging.IaikLog;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.server.util.IdGenerator;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+/**
+ * A class providing an API based interface to the
+ * <code>XMLSignatureCreationModule</code>.
+ *
+ * This class performs the invocation of the
+ * <code>iaik.server.modules.xmlsign.XMLSignatureCreationModule</code> from a
+ * <code>CreateXMLSignatureRequest</code> given as an API object. The result of
+ * the invocation is integrated into a <code>CreateXMLSignatureResponse</code>
+ * and returned.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLSignatureCreationInvoker {
+
+ /** The single instance of this class. */
+ private static XMLSignatureCreationInvoker instance = null;
+
+ /**
+ * Get the only instance of this class.
+ *
+ * @return The only instance of this class.
+ */
+ public static synchronized XMLSignatureCreationInvoker getInstance() {
+ if (instance == null) {
+ instance = new XMLSignatureCreationInvoker();
+ }
+ return instance;
+ }
+
+ /**
+ * Create a new <code>XMLSignatureCreationInvoker</code>.
+ *
+ * Protected to disallow multiple instances.
+ */
+ protected XMLSignatureCreationInvoker() {
+ }
+
+ /**
+ * Process the <code>CreateXMLSignatureRequest<code> message and invoke the
+ * <code>XMLSignatureCreationModule</code> for every
+ * <code>SingleSignatureInfo</code> contained in the request.
+ *
+ * @param request A <code>CreateXMLSignatureRequest<code> API object
+ * containing the information for creating the signature(s).
+ * @param reserved A <code>Set</code> of reserved object IDs.
+ *
+ * @return A <code>CreateXMLSignatureResponse</code> API object containing
+ * the created signature(s). The response contains either a
+ * <code>SignatureEnvironment</code> or a <code>ErrorResponse</code>
+ * for each <code>SingleSignatureInfo</code> in the request.
+ * @throws MOAException An error occurred during signature creation.
+ */
+ public CreateXMLSignatureResponse createXMLSignature(
+ CreateXMLSignatureRequest request,
+ Set reserved)
+ throws MOAException {
+
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ LoggingContext loggingCtx =
+ LoggingContextManager.getInstance().getLoggingContext();
+ reserved = new HashSet(reserved);
+ XMLSignatureCreationProfileFactory profileFactory =
+ new XMLSignatureCreationProfileFactory(request, reserved);
+ CreateXMLSignatureResponseBuilder responseBuilder =
+ new CreateXMLSignatureResponseBuilder();
+ int createCount = 1;
+ IdGenerator refIdGen;
+ XMLSignatureCreationModule module;
+ Iterator singleSignatureInfoIter;
+
+ // create the XMLSignatureCreationModule and configure it
+ module = XMLSignatureCreationModuleFactory.getInstance();
+ module.setLog(new IaikLog(loggingCtx.getNodeID()));
+
+ // select the SingleSignatureInfo elements
+ singleSignatureInfoIter = request.getSingleSignatureInfos().iterator();
+
+ // iterate over all the SingleSignatureInfo elements in the request
+ while (singleSignatureInfoIter.hasNext()) {
+ SingleSignatureInfo singleSignatureInfo =
+ (SingleSignatureInfo) singleSignatureInfoIter.next();
+ CreateSignatureInfo createSignatureInfo;
+ List dataObjectList;
+ XMLSignatureCreationProfile profile;
+ XMLDataObject signatureEnvironment;
+ XMLDataObject signatureParent;
+ XMLSignature signature;
+ List additionalSignedProperties;
+ Node signatureEnvironmentParent = null;
+ Element requestElement = null;
+
+ try {
+
+ // build the signature environment
+ createSignatureInfo = singleSignatureInfo.getCreateSignatureInfo();
+ if (createSignatureInfo != null) {
+ DataObjectFactory dataObjFactory = DataObjectFactory.getInstance();
+
+ signatureEnvironment =
+ dataObjFactory.createSignatureEnvironment(
+ createSignatureInfo.getCreateSignatureEnvironment(),
+ getCreateSignatureEnvironmentProfileSupplements(singleSignatureInfo));
+ } else {
+ signatureEnvironment = null;
+ }
+
+ HashSet sigInfoReservedIDs = new HashSet();
+ if (signatureEnvironment != null)
+ {
+ // Find Id attributes of existing XML signatures in signature environment
+ HashMap nSMap = new HashMap();
+ String dsp = Constants.DSIG_PREFIX;
+ nSMap.put(dsp, Constants.DSIG_NS_URI);
+ String xPathExpr = "//" + dsp + ":Signature/@Id | //" + dsp + ":Reference/@Id | //"
+ + dsp + ":Object/@Id | //" + dsp + ":Manifest/@Id";
+ NodeList idAttrs = XPathUtils.selectNodeList(signatureEnvironment.getElement(), nSMap, xPathExpr);
+
+ // Add found Id attributes to set of reserved IDs
+ for (int i = 0; i < idAttrs.getLength(); i++) sigInfoReservedIDs.add(idAttrs.item(i).getNodeValue());
+ }
+
+ // create the reference id generator
+ HashSet allReservedIDs = new HashSet(reserved);
+ allReservedIDs.addAll(sigInfoReservedIDs);
+ refIdGen = new IdGenerator("reference-" + createCount++, allReservedIDs);
+
+ // build the list of DataObjects
+ List createTransformsProfiles = profileFactory.getCreateTransformsInfoProfiles(singleSignatureInfo);
+ dataObjectList =
+ buildDataObjectList(
+ singleSignatureInfo,
+ createTransformsProfiles,
+ signatureEnvironment,
+ refIdGen);
+
+ // build the XMLSignatureCreationProfile
+ profile = profileFactory.createProfile(singleSignatureInfo, sigInfoReservedIDs);
+
+ // build the additionalSignedProperties
+ additionalSignedProperties = buildAdditionalSignedProperties();
+
+ // build the signatureParentElement
+ if (signatureEnvironment != null) {
+ signatureParent =
+ buildSignatureParentElement(
+ signatureEnvironment.getElement(),
+ singleSignatureInfo);
+ } else {
+ signatureParent = null;
+ }
+
+ // make the signature environment the root of the document, if it is
+ // not a separate document anyway; this is done to assure that
+ // canonicalization of the signature environment contains the correct
+ // namespace declarations
+ if (signatureEnvironment != null) {
+ Document requestDoc =
+ signatureEnvironment.getElement().getOwnerDocument();
+ requestElement = requestDoc.getDocumentElement();
+ if (requestElement != signatureEnvironment.getElement()) {
+ signatureEnvironmentParent =
+ signatureEnvironment.getElement().getParentNode();
+ requestElement.getOwnerDocument().replaceChild(
+ signatureEnvironment.getElement(),
+ requestElement);
+ }
+ }
+
+ try {
+ ConfigurationProvider config = context.getConfiguration();
+ String xadesVersion = config.getXAdESVersion();
+
+ if (xadesVersion!= null && xadesVersion.compareTo(XMLSignatureCreationModule.XADES_VERSION_1_4_2) == 0) {
+ // create the signature (XAdES 1.4.2)
+ signature =
+ module.createSignature(
+ dataObjectList,
+ profile,
+ additionalSignedProperties,
+ signatureParent,
+ XMLSignatureCreationModule.XADES_VERSION_1_4_2,
+ new TransactionId(context.getTransactionID()));
+ }
+ else {
+ // create the signature (XAdES 1.1.1 = default)
+ signature =
+ module.createSignature(
+ dataObjectList,
+ profile,
+ additionalSignedProperties,
+ signatureParent,
+ XMLSignatureCreationModule.XADES_VERSION_1_1_1,
+ new TransactionId(context.getTransactionID()));
+ }
+
+ // insert the result into the response
+ if (signatureParent != null) {
+ responseBuilder.addSignatureEnvironment(
+ signatureEnvironment.getElement());
+ } else {
+ responseBuilder.addSignatureEnvironment(signature.getElement());
+ }
+
+ } catch (IAIKException e) {
+ MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+
+ responseBuilder.addError(
+ moaException.getMessageId(),
+ moaException.getMessage());
+ Logger.warn(moaException.getMessage(), e);
+ } catch (IAIKRuntimeException e) {
+ MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+
+ responseBuilder.addError(
+ moaException.getMessageId(),
+ moaException.getMessage());
+ Logger.warn(moaException.getMessage(), e);
+ }
+
+ // swap back in the request as root document
+ if (signatureEnvironment != null) {
+ if (requestElement != signatureEnvironment.getElement()) {
+ requestElement.getOwnerDocument().replaceChild(
+ requestElement,
+ signatureEnvironment.getElement());
+ signatureEnvironmentParent.appendChild(
+ signatureEnvironment.getElement());
+ }
+ }
+
+ } catch (MOAException e) {
+ responseBuilder.addError(e.getMessageId(), e.getMessage());
+ Logger.warn(e.getMessage(), e);
+ }
+
+ }
+
+ return responseBuilder.getResponse();
+ }
+
+ /**
+ * Build the list of <code>DataObject</code>s from the given
+ * <code>SingleSignatureInfo</code> object.
+ *
+ * <p>
+ * Only the following cases of <code>DataObject</code>s are
+ * valid in case of an enveloping signature:
+ *
+ * <ul>
+ * <li><code>Reference == null && Content != null</code>: The
+ * <code>Content</code> will be used in the <code>DataObject</code>.</li>
+ * <li><code>Reference != null && Content == null</code>: Resolve the
+ * <code>Reference</code> and use it as <code>DataObject</code>.
+ * Set the <code>Reference</code> in the <code>DataObject</code> as well.</li>
+ * </ul>
+ * </p>
+ *
+ * <p>
+ * Only the following cases of <code>DataObject</code>s are valid in case
+ * of a detached signature:
+ *
+ * <ul>
+ * <li><code>Reference != null && Content == null</code>: Resolve the
+ * <code>Reference</code> and use it as <code>DataObject</code>.
+ * Set the <code>Reference</code> in the <code>DataObject</code> as well.</li>
+ * <li><code>Reference != null && Content != null</code>: The
+ * <code>Content</code> will be used in the <code>DataObject</code>.
+ * Set the <code>Reference</code> in the <code>DataObject</code> as well.</li>
+ * </ul>
+ * </p>
+ *
+ * <p>
+ * All other cases will lead to an error.
+ * </p>
+ *
+ * @param singleSignatureInfo The <code>SingleSignatureInfo</code> object
+ * containing the <code>DataObjectInfo</code> objects.
+ * @param createTransformsProfiles A list of objects of type {@link CreateTransformsInfoProfileExplicit},
+ * each representing the transforms info profile information for the corresponding <code>DataObject</code>.
+ * @param signatureEnvironment The
+ * @param idGen The ID generator for <code>DataObject</code> references.
+ * @return The <code>List</code> of <code>DataObject</code>s contained in the
+ * given <code>singleSignatureInfo</code>.
+ * @throws MOASystemException A system error occurred building the data
+ * objects.
+ * @throws MOAApplicationException An error occurred building the data
+ * objects.
+ */
+ private List buildDataObjectList(
+ SingleSignatureInfo singleSignatureInfo,
+ List createTransformsProfiles,
+ XMLDataObject signatureEnvironment,
+ IdGenerator idGen)
+ throws MOASystemException, MOAApplicationException {
+
+ List dataObjInfos = singleSignatureInfo.getDataObjectInfos();
+ List dataObjects = new ArrayList();
+ Iterator dtIter;
+ Iterator ctpIter = createTransformsProfiles.iterator();
+
+ for (dtIter = dataObjInfos.iterator(); dtIter.hasNext();)
+ {
+ DataObjectInfo dataObjInfo = (DataObjectInfo) dtIter.next();
+ String structure = dataObjInfo.getStructure();
+
+ CreateTransformsInfoProfileExplicit transformsProfile =
+ (CreateTransformsInfoProfileExplicit) ctpIter.next();
+ MetaInfo finalDataMetaInfo = transformsProfile.getCreateTransformsInfo().getFinalDataMetaInfo();
+
+ if (DataObjectInfo.STRUCTURE_ENVELOPING.equals(structure)) {
+ dataObjects.add(
+ buildEnvelopingDataObject(
+ dataObjInfo.getDataObject(),
+ finalDataMetaInfo,
+ idGen.uniqueId()));
+ } else if (DataObjectInfo.STRUCTURE_DETACHED.equals(structure)) {
+ dataObjects.add(
+ buildDetachedDataObject(
+ dataObjInfo.getDataObject(),
+ finalDataMetaInfo,
+ signatureEnvironment,
+ idGen.uniqueId()));
+ } else {
+ throw new MOAApplicationException("1103", new Object[] { structure });
+ }
+ }
+
+ return dataObjects;
+
+ }
+
+ /**
+ * Build a <code>DataObject</code> to be used in an enveloping
+ * signature.
+ *
+ * @param content The <code>Content</code> object containing the data object.
+ * <code>ContentOptionalRefType</code>.
+ * @param finalDataMetaInfo The meta information corresponding with <code>content</code>.
+ * @param referenceID The reference ID to use in the signature for the
+ * <code>DataObject</code> created.
+ * @return The <code>DataObject</code> representing the data contained in
+ * <code>dataObjectElem</code>.
+ * @throws MOAApplicationException An error occurred during the creation of
+ * the <code>DataObject</code>.
+ * @throws MOASystemException A system error occurred during the creation of
+ * the <code>DataObject</code>.
+ */
+ private DataObject buildEnvelopingDataObject(
+ Content content,
+ MetaInfo finalDataMetaInfo,
+ String referenceID)
+ throws MOASystemException, MOAApplicationException {
+
+ DataObjectFactory factory = DataObjectFactory.getInstance();
+ DataObject dataObject;
+
+ dataObject =
+ factory.createFromContentOptionalRefType(
+ content,
+ finalDataMetaInfo,
+ referenceID,
+ false,
+ false,
+ true,
+ false);
+
+ return dataObject;
+ }
+
+ /**
+ * Build a <code>DataObject</code> to be used in a detached signature.
+ *
+ * @param content The <code>Content</code> object containing an the data.
+ * @param finalDataMetaInfo The meta information corresponding with <code>content</code>.
+ * @param signatureEnvironment The signature environment where the signature
+ * will be inserted.
+ * @param referenceID The reference ID to use in the signature for the
+ * <code>DataObject</code> created.
+ * @return The <code>DataObject</code> representing the data contained in
+ * <code>dataObjectElem</code>.
+ * @throws MOAApplicationException An error occurred during the creation of
+ * the <code>DataObject</code>.
+ * @throws MOASystemException A system error occurred during the creation of
+ * the <code>DataObject</code>.
+ */
+ private DataObject buildDetachedDataObject(
+ Content content,
+ MetaInfo finalDataMetaInfo,
+ XMLDataObject signatureEnvironment,
+ String referenceID)
+ throws MOASystemException, MOAApplicationException {
+
+ String reference = content.getReference();
+ DataObjectFactory factory = DataObjectFactory.getInstance();
+ DataObject dataObject;
+
+ if (reference == null) {
+ throw new MOAApplicationException("1102", null);
+ } else if ("".equals(reference) || reference.startsWith("#")) {
+ dataObject =
+ factory.createFromSignatureEnvironment(
+ signatureEnvironment.getElement(),
+ reference,
+ referenceID);
+ } else {
+ dataObject =
+ factory.createFromContentOptionalRefType(
+ content,
+ finalDataMetaInfo,
+ referenceID,
+ true,
+ false,
+ true,
+ false);
+ }
+ return dataObject;
+ }
+
+ /**
+ * Build the signature parent element.
+ *
+ * @param signatureEnvironment The signature environment containing the
+ * document in which to insert the signature.
+ * @param singleSignatureInfo The <code>SingleSignatureInfo</code>
+ * containing the signature parent element.
+ * @return An <code>XMLDataObject</code> containing the signature parent
+ * element or <code>null</code>, if the <code>CreateSignatureInfo</code> is
+ * <code>null</code>.
+ * @throws MOAApplicationException An error occurred during the creation of
+ * the signature parent.
+ */
+ private XMLDataObject buildSignatureParentElement(
+ Element signatureEnvironment,
+ SingleSignatureInfo singleSignatureInfo)
+ throws MOAApplicationException {
+
+ CreateSignatureInfo createInfo =
+ singleSignatureInfo.getCreateSignatureInfo();
+
+ // evaluate the CreateSignatureLocation
+ if (createInfo != null) {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ CreateSignatureEnvironmentProfileExplicit createProfile =
+ ProfileMapper.mapCreateSignatureEnvironmentProfile(
+ createInfo.getCreateSignatureEnvironmentProfile(),
+ config);
+ CreateSignatureLocation location =
+ createProfile.getCreateSignatureLocation();
+ Element signatureParent =
+ InvokerUtils.evaluateSignatureLocation(signatureEnvironment, location);
+
+ return new XMLDataObjectImpl(signatureParent);
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * Get the supplements contained in the
+ * <code>CreateSignatureEnvironmentProfile</code> of the given
+ * <code>SingleSignatureInfo</code>.
+ *
+ * @param singleSigInfo The <code>SingleSignatureInfo</code> from which
+ * to extract the supplements.
+ * @return A <code>List</code> of <code>XMLDataObjectAssociation</code>s
+ * or <code>null</code>, if the <code>singleSigInfo</code> does not contain
+ * supplements.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>CreateSignatureEnvironmentProfile</code>.
+ */
+ private List getCreateSignatureEnvironmentProfileSupplements(SingleSignatureInfo singleSigInfo)
+ throws MOAApplicationException {
+ CreateSignatureInfo sigInfo = singleSigInfo.getCreateSignatureInfo();
+
+ if (sigInfo != null) {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ CreateSignatureEnvironmentProfileExplicit profile =
+ ProfileMapper.mapCreateSignatureEnvironmentProfile(
+ sigInfo.getCreateSignatureEnvironmentProfile(),
+ config);
+ List supplements = profile.getSupplements();
+
+ return supplements;
+ }
+ return null;
+ }
+
+ /**
+ * Build the list of additional signed properties.
+ *
+ * Based on the generic configuration setting
+ * <code>ConfigurationProvider.TEST_SIGNING_TIME_PROPERTY</code>, a
+ * constant <code>SigningTime</code> will be added to the properties.
+ *
+ * @return The <code>List</code> of additional signed properties.
+ */
+ private List buildAdditionalSignedProperties() {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ List additionalSignedProperties = Collections.EMPTY_LIST;
+
+ return additionalSignedProperties;
+ }
+
+} \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java
new file mode 100644
index 0000000..6a85415
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java
@@ -0,0 +1,543 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import iaik.server.modules.algorithms.HashAlgorithms;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
+import iaik.server.modules.xmlsign.SignatureStructureTypes;
+import iaik.server.modules.xmlsign.XMLSignatureCreationProfile;
+import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation;
+
+import java.math.BigInteger;
+import java.security.Principal;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfileExplicit;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfileExplicit;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlsign.DataObjectInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.SingleSignatureInfo;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.config.KeyGroup;
+import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry;
+import at.gv.egovernment.moa.spss.server.iaik.xml.CanonicalizationImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xmlsign.DataObjectTreatmentImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xmlsign.XMLSignatureCreationProfileImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xmlsign.XMLSignatureInsertionLocationImpl;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.server.util.IdGenerator;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.util.Constants;
+
+/**
+ * A factory to create <code>XMLSignatureCreationProfile</code>s from a
+ * <code>CreateXMLSignatureRequest</code>, based on the current MOA
+ * configuration.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLSignatureCreationProfileFactory {
+
+ private static Map HASH_ALGORITHM_MAPPING;
+
+ static {
+ HASH_ALGORITHM_MAPPING = new HashMap();
+ HASH_ALGORITHM_MAPPING.put(Constants.SHA1_URI, HashAlgorithms.SHA1);
+ HASH_ALGORITHM_MAPPING.put(Constants.SHA256_URI, HashAlgorithms.SHA256);
+ HASH_ALGORITHM_MAPPING.put(Constants.SHA384_URI, HashAlgorithms.SHA384);
+ HASH_ALGORITHM_MAPPING.put(Constants.SHA512_URI, HashAlgorithms.SHA512);
+ }
+
+ /** The <code>CreateXMLSignatureRequest</code> for which to create the
+ * profile.*/
+ private CreateXMLSignatureRequest request;
+ /** How many profiles have been created based on the same request. */
+ private int createProfileCount;
+ /** The <code>Set</code> of reserved object IDs.*/
+ private Set reserved;
+
+ /**
+ * Create a new <code>XMLSignatureCreationProfileFactory</code>.
+ *
+ * @param request The request for which to create profiles.
+ * @param reserved The <code>Set</code> of reserved object IDs. IDs will
+ * be added during signature creation.
+ */
+ public XMLSignatureCreationProfileFactory(
+ CreateXMLSignatureRequest request,
+ Set reserved) {
+ this.request = request;
+ this.reserved = reserved;
+ createProfileCount = 1;
+ }
+
+ /**
+ * Create a <code>XMLSignatureCreationProfile</code> for the given
+ * <code>SingleSignatureInfo</code> object..
+ *
+ * @param singleSignatureInfo The <code>SingleSignatureInfo</code> object
+ * containing information about the creation of a signature.
+ * @param sigInfoReservedIDs The <code>Set</code> of reserved ID attribue values
+ * for the particular <code>singleSignatureInfo</code>.
+ * @return The <code>XMLSignatureCreationProfile</code> containing additional
+ * information for creating an XML signature.
+ * @throws MOASystemException A system error occurred during creation of the
+ * profile. See message for details
+ * @throws MOAApplicationException An application error occurred during
+ * creation of the profile. See message for details.
+ */
+ public XMLSignatureCreationProfile createProfile(SingleSignatureInfo singleSignatureInfo,
+ Set sigInfoReservedIDs) throws MOASystemException, MOAApplicationException {
+
+ HashSet allReservedIDs = new HashSet(reserved);
+ allReservedIDs.addAll(sigInfoReservedIDs);
+
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ CanonicalizationImpl canonicalization;
+ List dataObjectTreatmentList;
+ Set keySet;
+ List transformationSupplements;
+ List createTransformsProfiles;
+
+ // get the key group id
+ String keyGroupID = request.getKeyIdentifier();
+ // get digest method on key group level (if configured)
+ KeyGroup keygroup = config.getKeyGroup(keyGroupID);
+ if(null == keygroup) {
+ Logger.error("Could not find key group '" + keyGroupID + "'");
+ throw new MOAApplicationException("2231", null);
+ }
+ String configDigestMethodKG = keygroup.getDigestMethodAlgorithm();
+ // get default digest method (if configured)
+ String configDigestMethod = config.getDigestMethodAlgorithmName();
+
+ String xadesVersion = config.getXAdESVersion();
+
+ String digestMethodXAdES142 = null;
+ boolean isXAdES142 = false;
+ // if XAdES Version 1.4.2 is configured
+ if (xadesVersion != null && xadesVersion.compareTo("1.4.2") == 0) {
+ isXAdES142 = true;
+ Logger.debug("XAdES version '" + xadesVersion + "' used");
+ }
+
+ if (isXAdES142) {
+ if (configDigestMethodKG != null) {
+ // if KG specific digest method is configured
+ digestMethodXAdES142 = (String) HASH_ALGORITHM_MAPPING.get(configDigestMethodKG);
+ if (digestMethodXAdES142 == null) {
+ error(
+ "config.17",
+ new Object[] { configDigestMethodKG});
+ throw new MOASystemException("2900", null);
+ }
+ Logger.debug("Digest algorithm: " + digestMethodXAdES142 + "(configured in KeyGroup)");
+ }
+ else {
+ // else get default configured digest method
+ digestMethodXAdES142 = (String) HASH_ALGORITHM_MAPPING.get(configDigestMethod);
+ if (digestMethodXAdES142 == null) {
+ error(
+ "config.17",
+ new Object[] { configDigestMethod});
+ throw new MOASystemException("2900", null);
+ }
+ Logger.debug("Digest algorithm: " + digestMethodXAdES142 + "(default)");
+
+ }
+ }
+
+ XMLSignatureCreationProfileImpl profile =
+ new XMLSignatureCreationProfileImpl(createProfileCount, allReservedIDs, digestMethodXAdES142);
+
+
+ // build the transformation supplements
+ createTransformsProfiles =
+ getCreateTransformsInfoProfiles(singleSignatureInfo);
+ transformationSupplements =
+ buildTransformationSupplements(createTransformsProfiles);
+
+ // build and set the data object treatment list
+ dataObjectTreatmentList =
+ buildDataObjectTreatmentList(
+ singleSignatureInfo,
+ createTransformsProfiles,
+ transformationSupplements,
+ allReservedIDs,
+ digestMethodXAdES142);
+ profile.setDataObjectTreatmentList(dataObjectTreatmentList);
+
+ // set the key set
+ keySet = buildKeySet(keyGroupID);
+ if (keySet == null) {
+ throw new MOAApplicationException("2231", null);
+ } else if (keySet.size() == 0) {
+ throw new MOAApplicationException("2232", null);
+ }
+ profile.setKeySet(keySet);
+
+ // set the Security Layer manifest algorithm name
+ profile.setSecurityLayerManifestTypeURI(Constants.SL_MANIFEST_TYPE_URI);
+
+ // set the structure type
+ if (singleSignatureInfo.getCreateSignatureInfo() != null) {
+ profile.setSignatureStructureType(SignatureStructureTypes.ENVELOPED);
+ } else {
+ profile.setSignatureStructureType(SignatureStructureTypes.DETACHED);
+ }
+
+ // set insertion location
+ profile.setSignatureInsertionLocation(
+ getSignatureInsertionLocationIndex(singleSignatureInfo));
+
+ // set the canonicalization algorithm
+ canonicalization =
+ new CanonicalizationImpl(config.getCanonicalizationAlgorithmName());
+ profile.setSignedInfoCanonicalization(canonicalization);
+
+ // set the signed properties
+ profile.setSignedProperties(Collections.EMPTY_LIST);
+
+ // set security layer conformity
+ profile.setSecurityLayerConform(
+ singleSignatureInfo.isSecurityLayerConform());
+
+ // update the createProfileCount
+ createProfileCount++;
+
+ return profile;
+ }
+
+ /**
+ * Get the <code>List</code> of all <code>CreateTransformsInfoProfile</code>s
+ * contained in all the <code>DataObjectInfo</code>s of the given
+ * <code>SingleSignatureInfo</code>.
+ *
+ * @param singleSignatureInfo The <code>SingleSignatureInfo</code> object from
+ * which to extract the <code>CreateTransformsInfoProfile</code>s.
+ * @return All <code>CreateTransformsInfoProfile</code>s of all
+ * <code>DataObjectInfo</code>s of <code>singleSignatureInfo</code>.
+ * @throws MOAApplicationException An error occurred creating one of the
+ * profiles.
+ */
+ List getCreateTransformsInfoProfiles(SingleSignatureInfo singleSignatureInfo)
+ throws MOAApplicationException {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ List dataObjInfos = singleSignatureInfo.getDataObjectInfos();
+ List profiles = new ArrayList();
+ Iterator dtIter;
+
+ for (dtIter = dataObjInfos.iterator(); dtIter.hasNext();) {
+ DataObjectInfo dataObjInfo = (DataObjectInfo) dtIter.next();
+ CreateTransformsInfoProfileExplicit profile =
+ ProfileMapper.mapCreateTransformsInfoProfile(
+ dataObjInfo.getCreateTransformsInfoProfile(),
+ config);
+ profiles.add(profile);
+ }
+
+ return profiles;
+ }
+
+ /**
+ * Build the <code>List</code> of transformation supplements contained in a
+ * <code>SingleSignatureInfo</code> object.
+ *
+ * @param createTransformsInfoProfiles The
+ * <code>CreateTransformsInfoProfile</code> object from which to extract the
+ * transformation supplements.
+ * @return A <code>List</code> of <code>DataObject</code>s containing the
+ * transformation supplements.
+ * @throws MOASystemException A system error occurred creating one of the
+ * transformation supplements.
+ * @throws MOAApplicationException An error occurred creating one of the
+ * transformation supplements.
+ */
+ private List buildTransformationSupplements(List createTransformsInfoProfiles)
+ throws MOASystemException, MOAApplicationException {
+
+ List transformationSupplements = new ArrayList();
+ DataObjectFactory factory = DataObjectFactory.getInstance();
+ Iterator iter;
+
+ for (iter = createTransformsInfoProfiles.iterator(); iter.hasNext();) {
+ CreateTransformsInfoProfileExplicit profile =
+ (CreateTransformsInfoProfileExplicit) iter.next();
+ List supplements = profile.getSupplements();
+
+ if (supplements != null) {
+ Iterator supplIter;
+
+ for (supplIter = supplements.iterator(); supplIter.hasNext();) {
+ XMLDataObjectAssociation supplement =
+ (XMLDataObjectAssociation) supplIter.next();
+
+ transformationSupplements.add(
+ factory.createFromXmlDataObjectAssociation(
+ supplement,
+ false,
+ true));
+ }
+ }
+ }
+
+ return transformationSupplements;
+ }
+
+ /**
+ * Build the <code>List</code> of <code>DataObjectTreatment</code>s for the
+ * given <code>SingleSignatureInfo</code> object..
+ *
+ * @param singleSignatureInfo The <code>SingleSignatureInfo</code> object
+ * from which to exctract the <code>CreateTransformsInfoProfile</code>s
+ * containing the data for the <code>DataObjectTreatment</code>s.
+ * @param createTransformsInfoProfiles The
+ * <code>CreateTransformsInfoProfile</code>s contained in the
+ * <code>singleSignatureInfo</code>.
+ * @param transformationSupplements Additional parameters for
+ * transformations contained in <code>DataObjectTreatment</code>s.
+ * @param reservedIDs The <code>Set</code> of reserved object IDs.
+ * @return A <code>List</code> of <code>DataObjectTreatment</code> objects.
+ * @throws MOAApplicationException An error occurred building one of the
+ * <code>DataObjectTreatment</code>s.
+ * @throws MOASystemException A system error occurred building one of the
+ * <code>DataObjectTreatment</code>s.
+ */
+ private List buildDataObjectTreatmentList(
+ SingleSignatureInfo singleSignatureInfo,
+ List createTransformsInfoProfiles,
+ List transformationSupplements,
+ Set reservedIDs,
+ String digestMethodXAdES142)
+ throws MOASystemException, MOAApplicationException {
+
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ List treatments = new ArrayList();
+ List dataObjInfos = singleSignatureInfo.getDataObjectInfos();
+ int dataObjectTreatmentCount = 1;
+ String hashAlgorithmName;
+ Iterator dtIter;
+ Iterator prIter;
+
+ prIter = createTransformsInfoProfiles.iterator();
+ for (dtIter = dataObjInfos.iterator(); dtIter.hasNext();) {
+ CreateTransformsInfoProfileExplicit profile =
+ (CreateTransformsInfoProfileExplicit) prIter.next();
+ DataObjectInfo dataObjInfo = (DataObjectInfo) dtIter.next();
+ IdGenerator objIdGen =
+ new IdGenerator(
+ ("signed-data-" + createProfileCount)
+ + ("-" + dataObjectTreatmentCount++),
+ reservedIDs);
+ DataObjectTreatmentImpl treatment = new DataObjectTreatmentImpl(objIdGen);
+
+ treatment.setFinalContentType(
+ profile.getCreateTransformsInfo().getFinalDataMetaInfo().getMimeType());
+ treatment.setTransformationList(buildTransformationList(profile));
+ treatment.setReferenceInManifest(dataObjInfo.isChildOfManifest());
+
+ // if XAdES version is 1.4.2
+ if (digestMethodXAdES142 != null) {
+ // use configured digest algorithm
+ hashAlgorithmName = digestMethodXAdES142;
+ }
+ else {
+ // stay as it is
+ hashAlgorithmName = (String) HASH_ALGORITHM_MAPPING.get(
+ config.getDigestMethodAlgorithmName());
+ if (hashAlgorithmName == null) {
+ error(
+ "config.17",
+ new Object[] { config.getDigestMethodAlgorithmName()});
+ throw new MOASystemException("2900", null);
+ }
+ }
+
+
+
+
+ treatment.setHashAlgorithmName(hashAlgorithmName);
+ treatment.setIncludedInSignature(
+ DataObjectInfo.STRUCTURE_ENVELOPING.equals(dataObjInfo.getStructure()));
+ treatment.setTransformationSupplements(transformationSupplements);
+
+ treatments.add(treatment);
+
+ }
+
+ return treatments;
+ }
+
+ /**
+ * Build the <code>List</code> of transformations contained in a
+ * <code>CreateTransformsInfoProfile</code> object.
+ *
+ * @param profile The <code>CreateTransformsInfoProfile</code> object
+ * from which to extract the <code>Transform</code>s.
+ * @return A <code>List</code> of <code>Transformation</code>s contained in
+ * the given <code>CreateTransformsInfoProfile</code>.
+ * @throws MOAApplicationException An error occurred building one of the
+ * <code>Transformation</code>s.
+ */
+ private List buildTransformationList(CreateTransformsInfoProfileExplicit profile)
+ throws MOAApplicationException {
+
+ TransformationFactory factory = TransformationFactory.getInstance();
+ List transforms = profile.getCreateTransformsInfo().getTransforms();
+
+ return transforms != null
+ ? factory.createTransformationList(transforms)
+ : Collections.EMPTY_LIST;
+ }
+
+ /**
+ * Build the set of <code>KeyEntryID</code>s available to the given
+ * <code>keyGroupID</code>.
+ *
+ * @param keyGroupID The keygroup ID for which the available keys should be
+ * returned.
+ * @return The <code>Set</code> of <code>KeyEntryID</code>s
+ * identifying the available keys.
+ */
+ private Set buildKeySet(String keyGroupID) {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ Set keyGroupEntries;
+
+ // get the KeyGroup entries from the configuration
+ if (context.getClientCertificate() != null) {
+ X509Certificate cert = context.getClientCertificate()[0];
+ Principal issuer = cert.getIssuerDN();
+ BigInteger serialNumber = cert.getSerialNumber();
+
+ keyGroupEntries =
+ config.getKeyGroupEntries(issuer, serialNumber, keyGroupID);
+ } else {
+ keyGroupEntries = config.getKeyGroupEntries(null, null, keyGroupID);
+ }
+
+ // map the KeyGroup entries to a set of KeyEntryIDs
+ if (keyGroupEntries == null) {
+ return null;
+ } else if (keyGroupEntries.size() == 0) {
+ return Collections.EMPTY_SET;
+ } else {
+ KeyModule module =
+ KeyModuleFactory.getInstance(
+ new TransactionId(context.getTransactionID()));
+ Set keyEntryIDs = module.getPrivateKeyEntryIDs();
+ Set keySet = new HashSet();
+ Iterator iter;
+
+ // filter out the keys that do not exist in the IAIK configuration
+ // by walking through the key entries and checking if the exist in the
+ // keyGroupEntries
+ for (iter = keyEntryIDs.iterator(); iter.hasNext();) {
+ KeyEntryID entryID = (KeyEntryID) iter.next();
+ KeyGroupEntry entry =
+ new KeyGroupEntry(
+ entryID.getModuleID(),
+ entryID.getCertificateIssuer(),
+ entryID.getCertificateSerialNumber());
+ if (keyGroupEntries.contains(entry)) {
+ keySet.add(entryID);
+ }
+ }
+ return keySet;
+ }
+ }
+
+ /**
+ * Get the signature location index where the signature will be inserted into
+ * the signature parent element.
+ *
+ * @param singleSignatureInfo The <code>SingleSignatureInfo</code> object
+ * containing the <code>CreateSignatureLocation</code>.
+ * @return The index at which to insert the signature into the signature
+ * environment.
+ * @throws MOAApplicationException An error occurred parsing the
+ * <code>CreateSignatureEnvironmentProfile</code>.
+ */
+ private XMLSignatureInsertionLocation getSignatureInsertionLocationIndex(SingleSignatureInfo singleSignatureInfo)
+ throws MOAApplicationException {
+
+ CreateSignatureInfo createInfo =
+ singleSignatureInfo.getCreateSignatureInfo();
+
+ if (createInfo != null) {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ CreateSignatureEnvironmentProfileExplicit profile =
+ ProfileMapper.mapCreateSignatureEnvironmentProfile(
+ createInfo.getCreateSignatureEnvironmentProfile(),
+ config);
+ int index = profile.getCreateSignatureLocation().getIndex();
+
+ return new XMLSignatureInsertionLocationImpl(index);
+ } else {
+ return new XMLSignatureInsertionLocationImpl(0);
+ }
+ }
+
+ /**
+ * Utility function to issue an error message to the log.
+ *
+ * @param messageId The ID of the message to log.
+ * @param parameters Additional message parameters.
+ */
+ private static void error(String messageId, Object[] parameters) {
+ MessageProvider msg = MessageProvider.getInstance();
+
+ Logger.error(new LogMsg(msg.getMessage(messageId, parameters)));
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
new file mode 100644
index 0000000..2b158dd
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
@@ -0,0 +1,727 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import iaik.xml.crypto.utils.URI;
+import iaik.xml.crypto.utils.URIException;
+import iaik.server.modules.IAIKException;
+import iaik.server.modules.IAIKRuntimeException;
+import iaik.server.modules.xml.DataObject;
+import iaik.server.modules.xml.XMLDataObject;
+import iaik.server.modules.xml.XMLSignature;
+import iaik.server.modules.xmlsign.XMLConstants;
+import iaik.server.modules.xmlverify.DsigManifest;
+import iaik.server.modules.xmlverify.ReferenceData;
+import iaik.server.modules.xmlverify.SecurityLayerManifest;
+import iaik.server.modules.xmlverify.XMLSignatureVerificationModule;
+import iaik.server.modules.xmlverify.XMLSignatureVerificationModuleFactory;
+import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile;
+import iaik.server.modules.xmlverify.XMLSignatureVerificationResult;
+import iaik.x509.X509Certificate;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.logging.LoggingContext;
+import at.gv.egovernment.moa.logging.LoggingContextManager;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResultInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfileExplicit;
+import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameter;
+import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameterHash;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfileExplicit;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.config.TrustProfile;
+import at.gv.egovernment.moa.spss.server.iaik.xml.XMLSignatureImpl;
+import at.gv.egovernment.moa.spss.server.logging.IaikLog;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.util.CertificateUtils;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.spss.util.QCSSCDResult;
+import at.gv.egovernment.moa.util.CollectionUtils;
+import at.gv.egovernment.moa.util.Constants;
+
+/**
+ * A class providing a DOM based interface to the
+ * <code>XMLSignatureVerificationModule</code>.
+ *
+ * This class performs the invocation of the
+ * <code>iaik.server.modules.xmlverify.XMLSignatureVerificationModule</code>
+ * from a <code>VerifyXMLSignatureRequest</code> given as a DOM element. The
+ * result of the invocation is integrated into a
+ * <code>VerifyXMLSignatureResponse</code> and returned.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLSignatureVerificationInvoker {
+
+ /** The single instance of this class. */
+ private static XMLSignatureVerificationInvoker instance = null;
+
+ private static Set FILTERED_REF_TYPES;
+
+ static {
+ FILTERED_REF_TYPES = new HashSet();
+ FILTERED_REF_TYPES.add(DsigManifest.XML_DSIG_MANIFEST_TYPE);
+ FILTERED_REF_TYPES.add(SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE);
+ FILTERED_REF_TYPES.add(SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE_OLD);
+ FILTERED_REF_TYPES.add(XMLConstants.NAMESPACE_ETSI_STRING + "SignedProperties");
+ FILTERED_REF_TYPES.add("http://uri.etsi.org/01903#SignedProperties");
+ }
+
+ /**
+ * Get the single instance of this class.
+ *
+ * @return The single instance of this class.
+ */
+ public static synchronized XMLSignatureVerificationInvoker getInstance() {
+ if (instance == null) {
+ instance = new XMLSignatureVerificationInvoker();
+ }
+ return instance;
+ }
+
+ /**
+ * Create a new <code>XMLSignatureCreationInvoker</code>.
+ *
+ * Protected to disallow multiple instances.
+ */
+ protected XMLSignatureVerificationInvoker() {
+ }
+
+ /**
+ * Process the <code>VerifyXMLSignatureRequest<code> message and invoke the
+ * <code>XMLSignatureVerificationModule</code>.
+ *
+ * @param request A <code>VerifyXMLSignatureRequest<code> API object
+ * containing the data for verifying an XML signature.
+ * @return A <code>VerifyXMLSignatureResponse</code> containing the
+ * answert to the <code>VerifyXMLSignatureRequest</code>.
+ * MOA schema definition.
+ * @throws MOAException An error occurred during signature verification.
+ */
+ public VerifyXMLSignatureResponse verifyXMLSignature(VerifyXMLSignatureRequest request)
+ throws MOAException {
+
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ LoggingContext loggingCtx =
+ LoggingContextManager.getInstance().getLoggingContext();
+ XMLSignatureVerificationProfileFactory profileFactory =
+ new XMLSignatureVerificationProfileFactory(request);
+ VerifyXMLSignatureResponseBuilder responseBuilder =
+ new VerifyXMLSignatureResponseBuilder();
+ XMLSignatureVerificationResult result;
+ XMLSignatureVerificationProfile profile;
+ ReferencesCheckResult signatureManifestCheck;
+ DataObjectFactory dataObjFactory;
+ XMLDataObject signatureEnvironment;
+ Node signatureEnvironmentParent = null;
+ Element requestElement = null;
+ XMLSignature xmlSignature;
+ Date signingTime;
+ List supplements;
+ List dataObjectList;
+
+ // get the supplements
+ supplements = getSupplements(request);
+
+ // build XMLSignature
+ dataObjFactory = DataObjectFactory.getInstance();
+ signatureEnvironment =
+ dataObjFactory.createSignatureEnvironment(
+ request.getSignatureInfo().getVerifySignatureEnvironment(),
+ supplements);
+ xmlSignature = buildXMLSignature(signatureEnvironment, request);
+
+ // build the list of DataObjects
+ dataObjectList = buildDataObjectList(supplements);
+
+ // build profile
+ profile = profileFactory.createProfile();
+
+ // get the signingTime
+ signingTime = request.getDateTime();
+
+ // make the signature environment the root of the document, if it is not a
+ // separate document anyway; this is done to assure that canonicalization
+ // of the signature environment contains the correct namespace declarations
+ requestElement =
+ signatureEnvironment.getElement().getOwnerDocument().getDocumentElement();
+ if (requestElement != signatureEnvironment.getElement()) {
+ signatureEnvironmentParent =
+ signatureEnvironment.getElement().getParentNode();
+ requestElement.getOwnerDocument().replaceChild(
+ signatureEnvironment.getElement(),
+ requestElement);
+ }
+
+ QCSSCDResult qcsscdresult = new QCSSCDResult();
+ String tpID = profile.getCertificateValidationProfile().getTrustStoreProfile().getId();
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ TrustProfile tp = config.getTrustProfile(tpID);
+
+ // verify the signature
+ try {
+ XMLSignatureVerificationModule module =
+ XMLSignatureVerificationModuleFactory.getInstance();
+
+ module.setLog(new IaikLog(loggingCtx.getNodeID()));
+
+ result =
+ module.verifySignature(
+ xmlSignature,
+ dataObjectList,
+ profile,
+ signingTime,
+ new TransactionId(context.getTransactionID()));
+ } catch (IAIKException e) {
+ MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+ throw moaException;
+ } catch (IAIKRuntimeException e) {
+ MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+ throw moaException;
+ }
+
+
+ // QC/SSCD check
+ List list = result.getCertificateValidationResult().getCertificateChain();
+ if (list != null) {
+ X509Certificate[] chain = new X509Certificate[list.size()];
+
+ Iterator it = list.iterator();
+ int i = 0;
+ while(it.hasNext()) {
+ chain[i] = (X509Certificate)it.next();
+ i++;
+ }
+
+ qcsscdresult = CertificateUtils.checkQCSSCD(chain, tp.isTSLEnabled());
+ }
+
+
+ // get signer certificate issuer country code
+ String issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate)list.get(0));
+
+ // swap back in the request as root document
+ if (requestElement != signatureEnvironment.getElement()) {
+ requestElement.getOwnerDocument().replaceChild(
+ requestElement,
+ signatureEnvironment.getElement());
+ signatureEnvironmentParent.appendChild(signatureEnvironment.getElement());
+ }
+
+ // check the result
+ signatureManifestCheck =
+ validateSignatureManifest(request, result, profile);
+
+ // Check if signer certificate is in trust profile's allowed signer certificates pool
+ TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId());
+ CheckResult certificateCheck = validateSignerCertificate(result, trustProfile);
+
+
+ // build the response
+ responseBuilder.setResult(result, profile, signatureManifestCheck, certificateCheck, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), tp.isTSLEnabled(), issuerCountryCode);
+ return responseBuilder.getResponse();
+ }
+
+ /**
+ * Checks if the signer certificate matches one of the allowed signer certificates specified
+ * in the provided <code>trustProfile</code>.
+ *
+ * @param result The result produced by the <code>XMLSignatureVerificationModule</code>.
+ *
+ * @param trustProfile The trust profile the signer certificate is validated against.
+ *
+ * @return The overal result of the certificate validation for the signer certificate.
+ *
+ * @throws MOAException if one of the signer certificates specified in the <code>trustProfile</code>
+ * cannot be read from the file system.
+ */
+ private CheckResult validateSignerCertificate(XMLSignatureVerificationResult result, TrustProfile trustProfile)
+ throws MOAException
+ {
+ MessageProvider msg = MessageProvider.getInstance();
+
+ int resultCode = result.getCertificateValidationResult().getValidationResultCode().intValue();
+ if (resultCode == 0 && trustProfile.getSignerCertsUri() != null)
+ {
+ X509Certificate signerCertificate = (X509Certificate) result.getCertificateValidationResult().getCertificateChain().get(0);
+
+ File signerCertsDir = null;
+ try
+ {
+ signerCertsDir = new File(new URI(trustProfile.getSignerCertsUri()).getPath());
+ }
+ catch (URIException e)
+ {
+ throw new MOASystemException("2900", null, e); // Should not happen, already checked at loading the MOA configuration
+ }
+
+ File[] files = signerCertsDir.listFiles();
+ if (files == null) resultCode = 1;
+ int i;
+ for (i = 0; i < files.length; i++)
+ {
+ if (!files[i].isDirectory())
+ {
+ FileInputStream currentFIS = null;
+ try
+ {
+ currentFIS = new FileInputStream(files[i]);
+ }
+ catch (FileNotFoundException e) {
+ throw new MOASystemException("2900", null, e);
+ }
+
+ try
+ {
+ X509Certificate currentCert = new X509Certificate(currentFIS);
+ currentFIS.close();
+ if (currentCert.equals(signerCertificate)) break;
+ }
+ catch (Exception e)
+ {
+ // Simply ignore file if it cannot be interpreted as certificate
+ String logMsg = msg.getMessage("invoker.03", new Object[]{trustProfile.getId(), files[i].getName()});
+ Logger.warn(logMsg);
+ try
+ {
+ currentFIS.close();
+ }
+ catch (IOException e1) {
+ // If clean-up fails, do nothing
+ }
+ }
+ }
+ }
+ if (i >= files.length)
+ {
+ resultCode = 1; // No signer certificate from the trustprofile pool matches the actual signer certificate
+ }
+ }
+
+ SPSSFactory factory = SPSSFactory.getInstance();
+ return factory.createCheckResult(resultCode, null);
+ }
+
+
+
+ /**
+ * Select the <code>dsig:Signature</code> DOM element within the signature
+ * environment.
+ *
+ * @param signatureEnvironment The signature environment containing the
+ * <code>dsig:Signature</code>.
+ * @param request The <code>VerifyXMLSignatureRequest</code> containing the
+ * signature environment.
+ * @return The <code>dsig:Signature</code> element wrapped in a
+ * <code>XMLSignature</code> object.
+ * @throws MOAApplicationException An error occurred locating the
+ * <code>dsig:Signature</code>.
+ */
+ private XMLSignature buildXMLSignature(
+ XMLDataObject signatureEnvironment,
+ VerifyXMLSignatureRequest request)
+ throws MOAApplicationException {
+
+ VerifySignatureLocation signatureLocation =
+ request.getSignatureInfo().getVerifySignatureLocation();
+ Element signatureParent;
+
+ // evaluate the VerifySignatureLocation to get the signature parent
+ signatureParent =
+ InvokerUtils.evaluateSignatureLocation(
+ signatureEnvironment.getElement(),
+ signatureLocation);
+
+ // check for signatureParent to be a dsig:Signature element
+ if (!"Signature".equals(signatureParent.getLocalName())
+ || !Constants.DSIG_NS_URI.equals(signatureParent.getNamespaceURI())) {
+ throw new MOAApplicationException("2266", null);
+ }
+
+ return new XMLSignatureImpl(signatureParent);
+ }
+
+ /**
+ * Build the supplemental data objects contained in the
+ * <code>VerifyXMLSignatureRequest</code>.
+ *
+ * @param supplements A <code>List</code> of
+ * <code>XMLDataObjectAssociation</code>s containing the supplement data.
+ * @return A <code>List</code> of <code>DataObject</code>s representing the
+ * supplemental data objects.
+ * @throws MOASystemException A system error occurred building one of the data
+ * objects.
+ * @throws MOAApplicationException An error occurred building one of the data
+ * objects.
+ */
+ private List buildDataObjectList(List supplements)
+ throws MOASystemException, MOAApplicationException {
+ List dataObjectList = new ArrayList();
+
+ DataObjectFactory factory = DataObjectFactory.getInstance();
+ DataObject dataObject;
+ Iterator iter;
+
+ if (supplements != null) {
+ for (iter = supplements.iterator(); iter.hasNext();) {
+ XMLDataObjectAssociation supplement =
+ (XMLDataObjectAssociation) iter.next();
+ dataObject =
+ factory.createFromXmlDataObjectAssociation(supplement, true, false);
+ dataObjectList.add(dataObject);
+ }
+ }
+
+ return dataObjectList;
+
+ }
+
+ /**
+ * Get the supplemental data contained in the
+ * <code>VerifyXMLSignatureRequest</code>.
+ *
+ * @param request The <code>VerifyXMLSignatureRequest</code> containing the
+ * supplemental data.
+ * @return A <code>List</code> of <code>XMLDataObjectAssociation</code>
+ * objects containing the supplemental data.
+ * @throws MOAApplicationException An error occurred resolving one of the
+ * supplement profiles.
+ */
+ private List getSupplements(VerifyXMLSignatureRequest request)
+ throws MOAApplicationException {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ List supplementProfiles = request.getSupplementProfiles();
+
+ List supplements = new ArrayList();
+
+ if (supplementProfiles != null) {
+
+ List mappedProfiles =
+ ProfileMapper.mapSupplementProfiles(supplementProfiles, config);
+ Iterator iter;
+
+ for (iter = mappedProfiles.iterator(); iter.hasNext();) {
+ SupplementProfileExplicit profile =
+ (SupplementProfileExplicit) iter.next();
+ supplements.add(profile.getSupplementProfile());
+ }
+
+ }
+ return supplements;
+ }
+
+ /**
+ * Perform additional validations of the
+ * <code>XMLSignatureVerificationResult</code>.
+ *
+ * <p> In particular, it is verified that:
+ * <ul>
+ * <li>Each <code>ReferenceData</code> object contains transformation
+ * chain that matches one of the <code>Transforms</code> given in the
+ * corresponding <code>SignatureManifestCheckParams/ReferenceInfo</code></li>
+ * <li>The hash values of the <code>TransformParameter</code>s are valid.
+ * </li>
+ * </ul>
+ * </p>
+ *
+ * @param request The <code>VerifyXMLSignatureRequest</code> containing the
+ * signature to verify.
+ * @param result The result produced by
+ * <code>XMLSignatureVerificationModule</code>.
+ * @param profile The profile used for validating the <code>request</code>.
+ * @return The result of additional validations of the signature manifest.
+ * @throws MOAApplicationException Post-validation of the
+ * <code>XMLSignatureVerificaitonResult</code> failed.
+ */
+ private ReferencesCheckResult validateSignatureManifest(
+ VerifyXMLSignatureRequest request,
+ XMLSignatureVerificationResult result,
+ XMLSignatureVerificationProfile profile)
+ throws MOAApplicationException {
+
+ SPSSFactory factory = SPSSFactory.getInstance();
+ MessageProvider msg = MessageProvider.getInstance();
+
+ // validate that each ReferenceData object contains transforms specified
+ // in the corresponding SignatureManifestCheckParams/ReferenceInfo
+ if (request.getSignatureManifestCheckParams() != null) {
+ List refInfos =
+ request.getSignatureManifestCheckParams().getReferenceInfos();
+ List refDatas = filterReferenceInfos(result.getReferenceDataList());
+ List failedReferencesList = new ArrayList();
+ Iterator refInfoIter;
+ Iterator refDataIter;
+
+ if (refInfos.size() != refDatas.size()) {
+ return factory.createReferencesCheckResult(1, null);
+ }
+
+ refInfoIter = refInfos.iterator();
+ refDataIter =
+ filterReferenceInfos(result.getReferenceDataList()).iterator();
+
+ while (refInfoIter.hasNext()) {
+ ReferenceInfo refInfo = (ReferenceInfo) refInfoIter.next();
+ ReferenceData refData = (ReferenceData) refDataIter.next();
+ List transforms = buildTransformsList(refInfo);
+ boolean found = false;
+ Iterator trIter;
+
+ for (trIter = transforms.iterator(); trIter.hasNext() && !found;) {
+ found = trIter.next().equals(refData.getTransformationList());
+ }
+
+ if (!found) {
+ Integer refIndex = new Integer(refData.getReferenceIndex());
+ String logMsg =
+ msg.getMessage("invoker.01", new Object[] { refIndex });
+
+ failedReferencesList.add(refIndex);
+ Logger.debug(new LogMsg(logMsg));
+ }
+ }
+
+ if (!failedReferencesList.isEmpty()) {
+ // at least one reference failed - return their indexes and check code 1
+ int[] failedReferences =
+ CollectionUtils.toIntArray(failedReferencesList);
+ ReferencesCheckResultInfo checkInfo =
+ factory.createReferencesCheckResultInfo(null, failedReferences);
+
+ return factory.createReferencesCheckResult(1, checkInfo);
+ }
+ }
+
+ // validate the hashes contained in all the ReferenceInfo objects of the
+ // security layer manifest
+ if (request.getSignatureManifestCheckParams() != null
+ && result.containsSecurityLayerManifest()) {
+ Map hashValues = buildTransformParameterHashValues(request);
+ Set transformParameterURIs =
+ buildTransformParameterURIs(profile.getTransformationSupplements());
+ List referenceInfoList =
+ result.getSecurityLayerManifest().getReferenceDataList();
+ Iterator refIter;
+
+ for (refIter = referenceInfoList.iterator(); refIter.hasNext();) {
+ iaik.server.modules.xmlverify.ReferenceInfo ref =
+ (iaik.server.modules.xmlverify.ReferenceInfo) refIter.next();
+ byte[] hash = (byte[]) hashValues.get(ref.getURI());
+
+ if (!transformParameterURIs.contains(ref.getURI())
+ || (hash != null && !Arrays.equals(hash, ref.getHashValue()))) {
+
+ // the transform parameter doesn't exist or the hashs do not match
+ // return the index of the failed reference and check code 1
+ int[] failedReferences = new int[] { ref.getReferenceIndex()};
+ ReferencesCheckResultInfo checkInfo =
+ factory.createReferencesCheckResultInfo(null, failedReferences);
+ String logMsg =
+ msg.getMessage(
+ "invoker.02",
+ new Object[] { new Integer(ref.getReferenceIndex())});
+
+ Logger.debug(new LogMsg(logMsg));
+
+ return factory.createReferencesCheckResult(1, checkInfo);
+ }
+ }
+ }
+
+ return factory.createReferencesCheckResult(0, null);
+ }
+
+ /**
+ * Get all <code>Transform</code>s contained in all the
+ * <code>VerifyTransformsInfoProfile</code>s of the given
+ * <code>ReferenceInfo</code>.
+ *
+ * @param refInfo The <code>ReferenceInfo</code> object containing
+ * the transformations.
+ * @return A <code>List</code> of <code>List</code>s. Each of the
+ * <code>List</code>s contains <code>Transformation</code> objects.
+ * @throws MOAApplicationException An error occurred building one of the
+ * <code>Transformation</code>s.
+ */
+ private List buildTransformsList(ReferenceInfo refInfo)
+ throws MOAApplicationException {
+
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ List profiles = refInfo.getVerifyTransformsInfoProfiles();
+ List mappedProfiles =
+ ProfileMapper.mapVerifyTransformsInfoProfiles(profiles, config);
+ List transformsList = new ArrayList();
+ TransformationFactory factory = TransformationFactory.getInstance();
+ Iterator iter;
+
+ for (iter = mappedProfiles.iterator(); iter.hasNext();) {
+ VerifyTransformsInfoProfileExplicit profile =
+ (VerifyTransformsInfoProfileExplicit) iter.next();
+ List transforms = profile.getTransforms();
+
+ if (transforms != null) {
+ transformsList.add(factory.createTransformationList(transforms));
+ }
+ }
+
+ return transformsList;
+ }
+
+ /**
+ * Build the <code>Set</code> of all <code>TransformParameter</code> URIs.
+ *
+ * @param transformParameters The <code>List</code> of
+ * <code>TransformParameter</code>s, as provided to the verification.
+ * @return The <code>Set</code> of all <code>TransformParameter</code> URIs.
+ */
+ private Set buildTransformParameterURIs(List transformParameters) {
+ Set uris = new HashSet();
+ Iterator iter;
+
+ for (iter = transformParameters.iterator(); iter.hasNext();) {
+ DataObject transformParameter = (DataObject) iter.next();
+ uris.add(transformParameter.getURI());
+ }
+
+ return uris;
+ }
+
+ /**
+ * Build a mapping between <code>TransformParameter</code> URIs (a
+ * <code>String</code> and <code>dsig:HashValue</code> (a
+ * <code>byte[]</code>).
+ *
+ * @param request The <code>VerifyXMLSignatureRequest</code>.
+ * @return Map The resulting mapping.
+ * @throws MOAApplicationException An error occurred accessing one of
+ * the profiles.
+ */
+ private Map buildTransformParameterHashValues(VerifyXMLSignatureRequest request)
+ throws MOAApplicationException {
+
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ Map hashValues = new HashMap();
+ List refInfos =
+ request.getSignatureManifestCheckParams().getReferenceInfos();
+ Iterator refIter;
+
+ for (refIter = refInfos.iterator(); refIter.hasNext();) {
+ ReferenceInfo refInfo = (ReferenceInfo) refIter.next();
+ List profiles = refInfo.getVerifyTransformsInfoProfiles();
+ List mappedProfiles =
+ ProfileMapper.mapVerifyTransformsInfoProfiles(profiles, config);
+ Iterator prIter;
+
+ for (prIter = mappedProfiles.iterator(); prIter.hasNext();) {
+ VerifyTransformsInfoProfileExplicit profile =
+ (VerifyTransformsInfoProfileExplicit) prIter.next();
+ List trParameters = profile.getTransformParameters();
+ Iterator trIter;
+
+ for (trIter = trParameters.iterator(); trIter.hasNext();) {
+ TransformParameter transformParameter =
+ (TransformParameter) trIter.next();
+ String uri = transformParameter.getURI();
+
+ if (transformParameter.getTransformParameterType()
+ == TransformParameter.HASH_TRANSFORMPARAMETER) {
+ hashValues.put(
+ uri,
+ ((TransformParameterHash) transformParameter).getDigestValue());
+ }
+
+ }
+ }
+ }
+ return hashValues;
+ }
+
+ /**
+ * Filter the <code>ReferenceInfo</code>s returned by the
+ * <code>VerifyXMLSignatureResult</code> for comparison with the
+ * <code>ReferenceInfo</code> elements in the request.
+ *
+ * @param referenceInfos The <code>ReferenceInfo</code>s from the
+ * <code>VerifyXMLSignatureResult</code>.
+ * @return A <code>List</code> of all <code>ReferenceInfo</code>s whose type
+ * is not a XMLDsig manifest, Security Layer manifest, or ETSI signed
+ * property.
+ */
+ private List filterReferenceInfos(List referenceInfos) {
+ List filtered = new ArrayList();
+ Iterator iter;
+
+ for (iter = referenceInfos.iterator(); iter.hasNext();) {
+ iaik.server.modules.xmlverify.ReferenceInfo refInfo =
+ (iaik.server.modules.xmlverify.ReferenceInfo) iter.next();
+ String refType = refInfo.getReferenceType();
+
+ if (refType == null || !FILTERED_REF_TYPES.contains(refType)) {
+ filtered.add(refInfo);
+ }
+ }
+
+ return filtered;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationProfileFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationProfileFactory.java
new file mode 100644
index 0000000..3e4c712
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationProfileFactory.java
@@ -0,0 +1,170 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.invoke;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.List;
+
+import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.SignatureManifestCheckParams;
+import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameter;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfileExplicit;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.iaik.pki.PKIProfileImpl;
+import at.gv.egovernment.moa.spss.server.iaik.xmlverify.XMLSignatureVerificationProfileImpl;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+
+/**
+ * A factory to create a <code>XMLSignatureVerificationProfile</code> from a
+ * <code>VerifyXMLSignatureRequest</code>, based on the current MOA
+ * configuration.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLSignatureVerificationProfileFactory {
+
+ /** The <code>VerifyXMLSignatureRequest</code> for which to create profile
+ * information. */
+ private VerifyXMLSignatureRequest request;
+
+ /**
+ * Create a new <code>XMLSignatureVerificationProfileFactory</code>.
+ *
+ * @param request The <code>VerifyXMLSignatureRequest</code> to extract
+ * profile data from.
+ */
+ public XMLSignatureVerificationProfileFactory(VerifyXMLSignatureRequest request) {
+ this.request = request;
+ }
+
+ /**
+ * Create a <code>XMLSignatureCreationProfile</code> from the
+ * <code>VerifyXMLSignaturesRequest</code> and the current MOA configuration.
+ *
+ * @return The <code>XMLSignatureVerificationProfile</code> containing
+ * additional information for verifying an XML signature.
+ * @throws MOASystemException A system error occurred building the profile.
+ * @throws MOAApplicationException An error occurred building the profile.
+ */
+ public XMLSignatureVerificationProfile createProfile()
+ throws MOASystemException, MOAApplicationException {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ XMLSignatureVerificationProfileImpl profile =
+ new XMLSignatureVerificationProfileImpl();
+ SignatureManifestCheckParams checkParams;
+ String trustProfileID;
+
+ // set whether to check XMLDsig manifests
+ profile.setCheckXMLDsigManifests(true);
+
+ // set the certificate validation profile
+ trustProfileID = request.getTrustProfileId();
+ profile.setCertificateValidationProfile(
+ new PKIProfileImpl(config, trustProfileID));
+
+ // set whether hash input data is to be included
+ profile.setIncludeHashInputData(request.getReturnHashInputData());
+
+ // set the security layer manifest check parameters
+ // and transformation supplements (if present)
+ checkParams = request.getSignatureManifestCheckParams();
+ profile.setCheckSecurityLayerManifest(true);
+ profile.setIncludeReferenceInputData(checkParams != null ? checkParams.getReturnReferenceInputData() : false);
+ if (checkParams != null) {
+ List transformationSupplements;
+ transformationSupplements = buildTransformationSupplements();
+ profile.setTransformationSupplements(transformationSupplements);
+ } else {
+ profile.setTransformationSupplements(Collections.EMPTY_LIST);
+ }
+
+ profile.setPermitFileURIs(config.getPermitFileURIs());
+
+ return profile;
+ }
+
+ /**
+ * Build supplemental data objects used in the transformations.
+ *
+ * @return A <code>List</code> of <code>DataObject</code>s providing
+ * supplemental data to the transformations.
+ * @throws MOASystemException A system error occurred building one of the
+ * transformations.
+ * @throws MOAApplicationException An error occurred building one of the
+ * transformations.
+ */
+ public List buildTransformationSupplements()
+ throws MOASystemException, MOAApplicationException {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ SignatureManifestCheckParams checkParams =
+ request.getSignatureManifestCheckParams();
+ List transformsProfiles = new ArrayList();
+ List transformationSupplements = new ArrayList();
+ DataObjectFactory factory = DataObjectFactory.getInstance();
+ List refInfos = checkParams.getReferenceInfos();
+ Iterator refIter;
+ Iterator prIter;
+ Iterator trIter;
+
+ // build the list of all VerifyTransformsInfoProfiles in all ReferenceInfos
+ refInfos = checkParams.getReferenceInfos();
+ for (refIter = refInfos.iterator(); refIter.hasNext();) {
+ ReferenceInfo refInfo = (ReferenceInfo) refIter.next();
+ List profiles = refInfo.getVerifyTransformsInfoProfiles();
+
+ transformsProfiles.addAll(
+ ProfileMapper.mapVerifyTransformsInfoProfiles(profiles, config));
+ }
+
+ // build the DataObjects
+ for (prIter = transformsProfiles.iterator(); prIter.hasNext();) {
+ VerifyTransformsInfoProfileExplicit profile =
+ (VerifyTransformsInfoProfileExplicit) prIter.next();
+ List transformParameters = profile.getTransformParameters();
+
+ for (trIter = transformParameters.iterator(); trIter.hasNext();) {
+ TransformParameter trParam = (TransformParameter) trIter.next();
+ transformationSupplements.add(
+ factory.createFromTransformParameter(trParam));
+ }
+ }
+
+ return transformationSupplements;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java
new file mode 100644
index 0000000..10dc79d
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java
@@ -0,0 +1,150 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.logging;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import iaik.logging.TransactionId;
+
+/**
+ * An implementation of the <code>iaik.logging.Log</code>
+ * interface that is based on Jakarta Commons-Logging.
+ *
+ * @author Fatemeh Philippi
+ * @version $Id$
+ */
+public class IaikLog implements iaik.logging.Log {
+ /** The hierarchy to log all IAIK output to. */
+ public static final String IAIK_LOG_HIERARCHY = "iaik.server";
+ /** The commons-loggin <code>Log</code> to use for logging the messages. */
+ private static Log log = LogFactory.getLog(IAIK_LOG_HIERARCHY);
+ /** The node ID to use. */
+ private String nodeId;
+
+ /**
+ * Create a new <code>IaikLog</code>.
+ *
+ * @param nodeId The node ID for this <code>Log</code> object.
+ */
+ public IaikLog(String nodeId) {
+ this.nodeId = nodeId;
+ }
+
+ /**
+ * @see iaik.logging.Log#isDebugEnabled()
+ */
+ public boolean isDebugEnabled() {
+ return log.isDebugEnabled();
+ }
+
+ /**
+ * @see iaik.logging.Log#debug(TransactionId, Object, Throwable)
+ */
+ public void debug(TransactionId transactionId, Object message, Throwable t) {
+ IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+
+ log.debug(msg, t);
+ }
+
+ /**
+ * @see iaik.logging.Log#isInfoEnabled()
+ */
+ public boolean isInfoEnabled() {
+ return log.isInfoEnabled();
+ }
+
+ /**
+ * @see iaik.logging.Log#info(TransactionId, Object, Throwable)
+ */
+ public void info(TransactionId transactionId, Object message, Throwable t) {
+ IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+
+ log.info(msg, t);
+ }
+
+ /**
+ * @see iaik.logging.Log#isWarnEnabled()
+ */
+ public boolean isWarnEnabled() {
+ return log.isWarnEnabled();
+ }
+
+ /**
+ * @see iaik.logging.Log#warn(TransactionId, Object, Throwable)
+ */
+ public void warn(TransactionId transactionId, Object message, Throwable t) {
+ IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+
+ log.warn(msg, t);
+ }
+
+ /**
+ * @see iaik.logging.Log#isErrorEnabled()
+ */
+ public boolean isErrorEnabled() {
+ return log.isErrorEnabled();
+ }
+
+ /**
+ * @see iaik.logging.Log#error(TransactionId, Object, Throwable)
+ */
+ public void error(TransactionId transactionId, Object message, Throwable t) {
+ IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+
+ log.error(msg, t);
+ }
+
+ /**
+ * @see iaik.logging.Log#isFatalEnabled()
+ */
+ public boolean isFatalEnabled() {
+ return log.isFatalEnabled();
+ }
+
+ /**
+ * @see iaik.logging.Log#fatal(TransactionId, Object, Throwable)
+ */
+ public void fatal(TransactionId transactionId, Object message, Throwable t) {
+ IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+
+ log.fatal(msg, t);
+ }
+
+ /**
+ * @see iaik.logging.Log#setNodeId(String)
+ */
+ public void setNodeId(String nodeId) {
+ this.nodeId = nodeId;
+ }
+
+ /**
+ * @see iaik.logging.Log#getNodeId()
+ */
+ public String getNodeId() {
+ return nodeId;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogFactory.java
new file mode 100644
index 0000000..64810a8
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogFactory.java
@@ -0,0 +1,66 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.logging;
+
+import iaik.logging.Log;
+import iaik.logging.LogConfigurationException;
+import iaik.logging.LogFactory;
+
+import at.gv.egovernment.moa.logging.LoggingContextManager;
+
+/**
+ * An implementation of the <code>iaik.logging.LogFactory</code> abstract
+ * class to log messages to the MOA logging subsystem.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class IaikLogFactory extends LogFactory {
+
+ public Log getInstance(Class clazz) throws LogConfigurationException {
+ return getInstanceImpl();
+ }
+
+ public Log getInstance(String name) throws LogConfigurationException {
+ return getInstanceImpl();
+ }
+
+ /**
+ * Return an instance of <code>iaik.logging.Log</code>.
+ *
+ * @return The <code>iaik.logging.Log</code> object to log messages to.
+ */
+ private Log getInstanceImpl() {
+ String nodeID =
+ LoggingContextManager.getInstance().getLoggingContext().getNodeID();
+
+ return new IaikLog(nodeID);
+ }
+
+ public void release() {
+ // we do not hold any resources
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogMsg.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogMsg.java
new file mode 100644
index 0000000..7e4ff84
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogMsg.java
@@ -0,0 +1,78 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.logging;
+
+import iaik.logging.TransactionId;
+
+/**
+ * A unified message type to log messages from the IAIK subsystem.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class IaikLogMsg {
+
+ /** The transaction ID of this message. */
+ private TransactionId transactionId;
+ /** The node ID of this message. */
+ private String nodeId;
+ /** The message to log. */
+ private Object message;
+
+ /**
+ * Create a <code>IaikLogMsg</code> object.
+ *
+ * @param transactionId The transaction id of the transaction which
+ * generated this log message. May be <code>null</code>.
+ * @param nodeId The node id where this message was generated. May be
+ * <code>null</code>.
+ * @param message The actual message to log. May be <code>null</code>.
+ */
+ public IaikLogMsg(TransactionId transactionId, String nodeId, Object message) {
+ this.transactionId = transactionId;
+ this.nodeId = nodeId;
+ this.message = message;
+ }
+
+
+ /**
+ * Convert this log message to a <code>String</code>.
+ *
+ * @return The <code>String</code> representation of this log message.
+ */
+ public String toString() {
+ StringBuffer msg = new StringBuffer();
+
+ msg.append("TID=");
+ msg.append(transactionId != null ? transactionId.getLogID() : "<null>");
+ msg.append(" NID=");
+ msg.append(nodeId != null ? nodeId : "<null>");
+ msg.append(" MSG=");
+ msg.append(message != null ? message.toString() : "<null>");
+
+ return msg.toString();
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/TransactionId.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/TransactionId.java
new file mode 100644
index 0000000..ba76c0b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/TransactionId.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.logging;
+
+/**
+ * An implementation of the <code>iaik.logging.TransactionId</code> interface.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class TransactionId implements iaik.logging.TransactionId {
+
+ /** The String representation for logging the transaction ID. */
+ private String logID;
+
+ /**
+ * Create a <code>TransactionId</code> object.
+ *
+ * @param logID The transaction id as it should be presented to the logging
+ * subsystem.
+ */
+ public TransactionId(String logID) {
+ this.logID = logID;
+ }
+
+ /**
+ * @see iaik.logging.TransactionId#getLogID()
+ */
+ public String getLogID() {
+ return logID;
+ }
+
+ /**
+ * @see java.lang.Object#toString()
+ */
+ public String toString() {
+ return getLogID();
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java
new file mode 100644
index 0000000..f6d84c7
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java
@@ -0,0 +1,102 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.service;
+
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.pki.store.revocation.archive.Archive;
+import iaik.pki.store.revocation.archive.ArchiveFactory;
+
+import java.util.Date;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+
+/**
+ * A <code>Runnable</code> for periodically cleaning up the revocation archive.
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class RevocationArchiveCleaner implements Runnable {
+
+ /** The inverval between two clean-ups of the revocation archive. */
+ private long archiveCleanupInterval;
+
+ /**
+ * Create a new <code>RevocationArchiveCleaner</code>.
+ *
+ * @param archiveCleanupInterval The interval between two clean-ups of the
+ * revocation archive.
+ */
+ public RevocationArchiveCleaner(long archiveCleanupInterval) {
+ this.archiveCleanupInterval = archiveCleanupInterval;
+ }
+
+ /**
+ * Run the <code>RevocationArchiveCleaner</code> in its own
+ * <code>Thread</code>.
+ */
+ public void run() {
+ while (true) {
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ boolean enableArchiving = config.getEnableRevocationArchiving();
+
+ if (enableArchiving)
+ {
+ Archive archive = ArchiveFactory.getInstance().getArchive();
+ long archiveDurationMillis =
+ (long) config.getCRLArchiveDuration() * 86400000;
+
+ // delete old archive data
+ if (archiveDurationMillis > 0) {
+ Date olderThan =
+ new Date(System.currentTimeMillis() - archiveDurationMillis);
+
+ archive.deleteOldArchiveEntries(
+ RevocationSourceTypes.CRL,
+ olderThan,
+ new TransactionId("RevocationArchiveCleaner"));
+ }
+ }
+
+ } catch (Exception e) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("init.02", null)), e);
+ }
+
+ // sleep
+ try {
+ Thread.sleep(archiveCleanupInterval * 1000);
+ } catch (InterruptedException e) {
+ // ok to do nothing here
+ }
+
+ }
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/DeleteableDataSource.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/DeleteableDataSource.java
new file mode 100644
index 0000000..a5ea592
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/DeleteableDataSource.java
@@ -0,0 +1,7 @@
+package at.gv.egovernment.moa.spss.server.transaction;
+
+import javax.activation.DataSource;
+
+public interface DeleteableDataSource extends DataSource {
+ public void delete();
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java
new file mode 100644
index 0000000..3425dac
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java
@@ -0,0 +1,385 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.transaction;
+
+import iaik.xml.crypto.utils.URI;
+
+import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.cert.X509Certificate;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Vector;
+
+import javax.activation.DataSource;
+
+import java.util.Map.Entry;
+
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * Contains information about the current request.
+ *
+ * @author Stefan Knirsch
+ * @author Patrick Peck
+ */
+public class TransactionContext {
+
+ /** The client certificate. */
+ private X509Certificate[] clientCertificate = null;
+ /** The transaction ID. */
+ private String transactionID = null;
+ /** The name of the request. */
+ private String requestName = null;
+ /** The SOAP embedded request */
+ private Element request;
+ /** The response which is to embed by SOAP */
+ private Element response;
+ /** The map pointing to SOAP attachments needed by the request. */
+ private HashMap attachments = null;
+ /** The map containing cashed entities used in DataObjectFactory. */
+ private HashMap resolvedEntities = null;
+ /** The configuration to use throughout the request. */
+ private ConfigurationProvider configuration = null;
+
+ /**
+ * Create a <code>TransactionContext</code> object.
+ *
+ * @param transactionID A unique ID for this <code>TransactionContext</code>.
+ * @param clientCertificate The client certificate chain.
+ * @param configuration The MOA configuration to use for this transaction.
+ */
+ public TransactionContext(
+ String transactionID,
+ X509Certificate[] clientCertificate,
+ ConfigurationProvider configuration) {
+
+ this.transactionID = transactionID;
+ this.clientCertificate = clientCertificate;
+ this.configuration = configuration;
+ }
+
+ /**
+ * Create a <code>TransactionContext</code> object.
+ *
+ * @param transactionID A unique ID for this <code>TransactionContext</code>.
+ * @param clientCertificate The client certificate chain.
+ * @param configuration The MOA configuration to use for this transaction.
+ * @param attachments to use for this transaction.
+ */
+ public TransactionContext(
+ String transactionID,
+ X509Certificate[] clientCertificate,
+ ConfigurationProvider configuration,
+ Element request,
+ HashMap attachments) {
+
+ this.transactionID = transactionID;
+ this.clientCertificate = clientCertificate;
+ this.configuration = configuration;
+ this.request = request;
+ this.attachments = attachments;
+ }
+
+ /**
+ * Returns the client certificate.
+ *
+ * @return The client certificate chain, if SSL client authentication has been
+ * configured in the web server and has been used by the client. The 0th
+ * element of the array contains the client certificate. <code>null</code>
+ * otherwise.
+ */
+ public X509Certificate[] getClientCertificate() {
+ return clientCertificate;
+ }
+
+ /**
+ * Returns the unique transaction ID.
+ *
+ * @return The transaction ID.
+ */
+ public String getTransactionID() {
+ return transactionID;
+ }
+
+ /**
+ * Returns the name of the request.
+ *
+ * @return The name of the request.
+ */
+ public String getRequestName() {
+ return requestName;
+ }
+
+ /**
+ * Sets the name of the request.
+ *
+ * @param requestName The request name to set.
+ */
+ public void setRequestName(String requestName) {
+ this.requestName = requestName;
+ }
+
+ /**
+ * Sets the the request.
+ *
+ * @param request The request to set.
+ */
+ public void setRequest(Element request) {
+ this.request = request;
+ }
+
+ /**
+ * Returns the request.
+ *
+ * @return The request.
+ */
+ public Element getRequest() {
+ return request;
+ }
+
+ /**
+ * Sets the the response.
+ *
+ * @param response The response to set.
+ */
+ public void setResponse(Element response) {
+ this.response = response;
+ }
+
+ /**
+ * Returns the response.
+ *
+ * @return The response.
+ */
+ public Element getResponse() {
+ return response;
+ }
+
+ /**
+ * Adds an attachment to the transactions list of SOAP attachments.
+ *
+ * @param referenceId Identification value for the SOAP attachment.
+ * @param contentType MIME type of the SOAP attachment.
+ * @param is Handle to the ManagedMemoryDataSource of the SOAP attachment.
+ */
+ public void addAttachment(String referenceId, String contentType, DataSource is) {
+ if (this.attachments == null) this.attachments = new HashMap();
+ Vector entry = new Vector(2);
+ entry.add(contentType);
+ entry.add(is);
+ this.attachments.put(referenceId, entry);
+ }
+
+ /**
+ * Adds an attachment to the transactions list of SOAP attachments.
+ *
+ * @param referenceId Identification value for the SOAP attachment.
+ * @param contentType MIME type of the SOAP attachment.
+ * @param is Handle to the InputStream of the SOAP attachment.
+ * @param filename Filename of the temporary file the InputStream belongs to
+ */
+ public void addAttachment(String referenceId, String contentType, InputStream is, String filename) {
+ if (this.attachments == null) this.attachments = new HashMap();
+ Vector entry = new Vector(3);
+ entry.add(contentType);
+ entry.add(is);
+ entry.add(filename);
+ this.attachments.put(referenceId, entry);
+ }
+
+ /**
+ * Returns the ManagedMemoryDataSource to a specific SOAP attachment identified by referenceId.
+ *
+ * @param referenceId Identification value for the SOAP attachment.
+ */
+ public DataSource getAttachment(String referenceId) {
+ if (attachments==null) {
+ return null;
+ }
+ Vector entry = (Vector) attachments.get(referenceId);
+ if (entry==null) {
+ return null;
+ }
+ Object object = entry.get(1);
+ if (object instanceof DataSource) {
+ return (DataSource) object;
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * Returns the InputStream to a specific SOAP attachment identified by uri.
+ *
+ * @param uri Identification value for the SOAP attachment.
+ */
+ public InputStream getAttachmentInputStream(URI uri) throws MOAApplicationException {
+ if (attachments==null) {
+ return null;
+ }
+ String referenceId = uri.getPath();
+ Vector entry = (Vector) attachments.get(referenceId);
+ if (entry==null) {
+ return null;
+ }
+
+ InputStream attachmentIs = null;
+ Object object = entry.get(1);
+
+ if (object instanceof DataSource) {
+ try {
+ attachmentIs = (InputStream) ( ((DataSource)object).getInputStream());
+ } catch (IOException e) {
+ throw new MOAApplicationException("2208", new Object[] { uri }, e);
+ }
+ } else {
+ attachmentIs = (InputStream) object;
+ }
+ return attachmentIs;
+ //If we would return the whole mmds: return (ManagedMemoryDataSource) entry.get(1);
+ }
+
+ /**
+ * Returns the content type to a specific SOAP attachment identified by referenceId.
+ *
+ * @param referenceId Identification value for the SOAP attachment.
+ */
+ public String getAttachmentContentType(String referenceId) {
+ Vector entry = (Vector) attachments.get(referenceId);
+ if (entry==null) {
+ return null;
+ }
+ return (String) entry.get(0);
+ }
+
+ /**
+ * Delete the temporary attachment files.
+ */
+public void cleanAttachmentCache() {
+ if (null==attachments) {
+ return;
+ }
+ Iterator iterator = attachments.entrySet().iterator();
+ while (iterator.hasNext()) {
+ Entry hmEntry = (Entry) iterator.next();
+ Vector entry = (Vector)hmEntry.getValue();
+ Object object = entry.get(1);
+ if (object instanceof DataSource) {
+ DataSource mmds = (DataSource)object;
+ try {
+ if (mmds!=null) {
+ InputStream is = mmds.getInputStream();
+ if (is!=null) is.close();
+// not available in Axis 1.0 to 1.1
+// File f = mmds.getDiskCacheFile();
+// if (f!=null) f.delete();
+ if(mmds instanceof DeleteableDataSource) {
+ ((DeleteableDataSource)mmds).delete();
+ }
+ //mmds..delete();
+ }
+ } catch (IOException e) {
+ // ok to do nothing here
+ }
+ } else if (object instanceof InputStream) {
+ InputStream is = (InputStream)object;
+ try {
+ if (is!=null) is.close();
+ String tempFile = (String) entry.get(2);
+ if (tempFile!=null){
+ File f = new File(tempFile);
+ f.delete();
+ }
+ } catch (IOException e) {
+ // ok to do nothing here
+ }
+ }
+ }
+ }
+
+ /**
+ * Returns the <code>ConfigurationProvider</code> associated with this
+ * transaction.
+ *
+ * @return The ConfigurationProvider associated with this transaction.
+ */
+ public ConfigurationProvider getConfiguration() {
+ return configuration;
+ }
+
+ /**
+ * Search an uri content in cashed map.
+ *
+ * @param uri The value to look for.
+ * @return If found the cached entity, <code>null<code> otherwise.
+ */
+ public Vector FindResolvedEntity(String uri) {
+ if (resolvedEntities==null) return null;
+ return (Vector) resolvedEntities.get(uri);
+ }
+
+ /**
+ * Get a new InputStream of a cached entity.
+ *
+ * @param uri The value to look for.
+ * @return A new InputStream of the cached entity.
+ */
+ public InputStream ResolveURI(String uri) {
+ InputStream is = null;
+ Vector entity = FindResolvedEntity(uri);
+ if (entity!=null) {
+ byte[] contentBytes = (byte[]) entity.get(0);
+ if (contentBytes!=null) {
+ is = new ByteArrayInputStream(contentBytes);
+ }
+ }
+ return is;
+ }
+
+ /**
+ * Put a read entity (supplement, detached content, data object) on
+ * transactions entity cash, to prevent repeated reading on slower channels.
+ *
+ * @param uri A transaction-wide unique URI used as key of the entity cash
+ * table.
+ * @param contentBytes The cached content belonging to the uri.
+ * @param contentType If known, the MIME-type of the cashed content.
+ */
+ public void PutResolvedEntity(String uri, byte[] contentBytes, String contentType) {
+ Logger.trace(" storing uri content of uri \"" + uri + "\" for future references");
+ if (resolvedEntities==null) resolvedEntities = new HashMap();
+ Vector entity = new Vector();
+ entity.add(contentBytes);
+ entity.add(contentType);
+ resolvedEntities.put(uri, entity);
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContextManager.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContextManager.java
new file mode 100644
index 0000000..8a45ddf
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContextManager.java
@@ -0,0 +1,86 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.transaction;
+
+/**
+ * Provides each thread with an instance of <code>TransactionContext</code>.
+ *
+ * The single instance of the <code>TransactionContextManager</code> should be
+ * used to access contextual information for each web service transaction, e.g.
+ * the transaction ID, MOA configuration, client certificate, etc.
+ *
+ * @author Stefan Knirsch
+ * @author Patrick Peck
+ */
+public class TransactionContextManager {
+
+ /** The single instance of <code>TransactionContextManager</code> */
+ private static TransactionContextManager instance = null;
+
+ /** Contains a single <code>TransactionContext</code> for each thread. */
+ private ThreadLocal context = null;
+
+ /**
+ * Get the single instance of <code>TransactionContextManager</code>.
+ *
+ * @return The single instanc of <code>TransactionContextManager</code>.
+ */
+ public static synchronized TransactionContextManager getInstance() {
+ if (instance == null) {
+ instance = new TransactionContextManager();
+ }
+ return instance;
+ }
+
+ /**
+ * Creates a new <code>TransactionContextManager</code>.
+ *
+ * Protected to disallow direct instantiation.
+ */
+ protected TransactionContextManager() {
+ context = new ThreadLocal();
+ }
+
+ /**
+ * Set the <code>TransactionContext</code> for the current thread.
+ *
+ * @param txContext The <code>TransactionContext</code> for this thread.
+ */
+ public void setTransactionContext(TransactionContext txContext) {
+ context.set(txContext);
+ }
+
+ /**
+ * Get the <code>TransactionContext</code> for the current thread.
+ *
+ * @return The <code>TransactionContext</code> for the current thread or
+ * <code>null</code>, if none has been set (or if this method is being invoked
+ * outside the bounds of a transaction).
+ */
+ public TransactionContext getTransactionContext() {
+ return (TransactionContext) context.get();
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionIDGenerator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionIDGenerator.java
new file mode 100644
index 0000000..b173308
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionIDGenerator.java
@@ -0,0 +1,75 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.transaction;
+
+
+/**
+ * A generator for unique transaction IDs.
+ *
+ * <p>The transaction IDs are of the form "<base>-<counter>", where:
+ * <ul>
+ * <li><code>base</code> is initialized with the system time when this class is
+ * being loaded</li>
+ * <li><code>counter</code> is incremented sequentially on each call to
+ * <code>nextID()</code></li>
+ * </ul>
+ * </p>
+ *
+ * <p> Assuming that it is highly unlikely that MOA servers are started at
+ * exactly the same time instant, the mechanism provided by this class should
+ * guarantee unique transaction IDs across multiple restarts and/or instances of
+ * the server.</p>
+ *
+ * @author Patrick Peck
+ * @author Stefan Knirsch
+ */
+public class TransactionIDGenerator {
+
+ /** Request sequence number. */
+ private static long counter = 0;
+ /** The base value to which to append the sequence number. */
+ private static String base = null;
+
+ /**
+ * Set up the initial base value.
+ */
+ static {
+ synchronized (TransactionIDGenerator.class) {
+ base = Long.toString(System.currentTimeMillis());
+ }
+ }
+
+ /**
+ * Returns the next transaction ID.
+ *
+ * @return The next transaction ID.
+ */
+ public static synchronized String nextID() {
+ counter++;
+
+ return (base + "-" + counter);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/util/IdGenerator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/util/IdGenerator.java
new file mode 100644
index 0000000..a8d9e1b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/util/IdGenerator.java
@@ -0,0 +1,85 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.util;
+
+import java.util.Set;
+
+/**
+ * Generate unique ID values for various objects in the response.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class IdGenerator {
+ /** The base value to append the counter to. */
+ private String base;
+ /** The <code>Set</code> of reserved ID values. */
+ private Set reserved;
+ /** The sequence number. */
+ private int count;
+
+ /**
+ * Create a new <code>IdGenerator</code>.
+ *
+ * @param base A base value to append the IDs to. The creator of this object
+ * should provide a base value, so that appending the counter leads to unique
+ * IDs.
+ * @param reserved The <code>Set</code> of reserved IDs. A call to
+ * <code>uniqueId()</code> will respect the reserved IDs.
+ */
+ public IdGenerator(String base, Set reserved) {
+ this.base = base;
+ this.reserved = reserved;
+ count = 1;
+ }
+
+ /**
+ * Create the next ID value in the sequence.
+ *
+ * @return The next ID value in the sequence.
+ */
+ protected String nextId() {
+ return base + "-" + count++;
+ }
+
+ /**
+ * Create the next unique ID value which is unique in the reserved ID set.
+ *
+ * The created ID is added to the set of reserved IDs.
+ *
+ * @return The next ID value.
+ */
+ public String uniqueId() {
+ String nextId;
+
+ while (reserved.contains(nextId = nextId()));
+
+ reserved.add(nextId);
+
+ return nextId;
+
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/config/Configurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/config/Configurator.java
new file mode 100644
index 0000000..defaedd
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/config/Configurator.java
@@ -0,0 +1,130 @@
+package at.gv.egovernment.moa.spss.tsl.config;
+
+import iaik.util.logging._l;
+import iaik.xml.crypto.tsl.ex.TSLEngineDiedException;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+
+public class Configurator {
+
+ private static final String _TMPDBFILENAME = "temp_tsl.sqlite";
+
+ private static boolean _sqlMultithreaded;
+ private static boolean _throwExceptions;
+ private static boolean _logExceptions;
+ private static boolean _throwWarnings;
+ private static boolean _logWarnings;
+ private static boolean _nullRedundancies;
+ private static URL _euTSLURL;
+ private static String _TSLWorkingDirectoryPath;
+ private static String _dbFile;
+ private static String _euTrustAnchorsPath;
+ private static String _msTrustAnchorsPath;
+
+
+ private static boolean _isInitialised = false;
+
+
+ /**
+ *
+ */
+ public static void initial(String euTSLURL, String TSLWorkingDirectoryPath, String jdbcURL, String jdbcDriverClass)
+ throws TSLEngineDiedException {
+
+
+ if (!_isInitialised) {
+ try {
+ _euTSLURL = new URL(euTSLURL);
+ } catch (MalformedURLException e) {
+ _l.err("Bad TSL URL: " + euTSLURL, e);
+ throw new TSLEngineDiedException(e);
+ }
+
+ if (!TSLWorkingDirectoryPath.endsWith("/"))
+ TSLWorkingDirectoryPath += "/";
+
+ Configurator._TSLWorkingDirectoryPath = TSLWorkingDirectoryPath;
+
+ initialDefaultConfig();
+
+ _isInitialised = true;
+ }
+ }
+
+ public static String get_TSLWorkingDirectoryPath() {
+ return _TSLWorkingDirectoryPath;
+ }
+
+ public static String get_dbFile() {
+ return _dbFile;
+ }
+
+ public static void set_dbFileName(String _dbFile) {
+ Configurator._dbFile = _TSLWorkingDirectoryPath + _dbFile;
+ }
+
+ public static String get_euTrustAnchorsPath() {
+ return _euTrustAnchorsPath;
+ }
+
+ public static String get_msTrustAnchorsPath() {
+ return _msTrustAnchorsPath;
+ }
+
+ public static boolean is_sqlMultithreaded() {
+ return _sqlMultithreaded;
+ }
+
+ public static boolean is_throwExceptions() {
+ return _throwExceptions;
+ }
+
+ public static boolean is_logExceptions() {
+ return _logExceptions;
+ }
+
+ public static boolean is_throwWarnings() {
+ return _throwWarnings;
+ }
+
+ public static boolean is_logWarnings() {
+ return _logWarnings;
+ }
+
+ public static boolean is_nullRedundancies() {
+ return _nullRedundancies;
+ }
+
+ public static URL get_euTSLURL() {
+ return _euTSLURL;
+ }
+
+ public static boolean is_isInitialised() {
+ return _isInitialised;
+ }
+
+ public static String get_TempdbFile() {
+ return _TSLWorkingDirectoryPath + _TMPDBFILENAME;
+ }
+
+ public static void set_euTrustAnchorsPath(String _euTrustAnchorsPath) {
+ Configurator._euTrustAnchorsPath = _euTrustAnchorsPath;
+ }
+
+ public static void set_msTrustAnchorsPath(String _msTrustAnchorsPath) {
+ Configurator._msTrustAnchorsPath = _msTrustAnchorsPath;
+ }
+
+ private static void initialDefaultConfig() {
+ _sqlMultithreaded = false;
+ _throwExceptions = true;
+ _logExceptions = true;
+ _throwWarnings = false;
+ _logWarnings = true;
+ _nullRedundancies = false;
+ _dbFile = _TSLWorkingDirectoryPath + "tsl.sqlite";
+ _euTrustAnchorsPath = _TSLWorkingDirectoryPath + "trust/eu/";
+ _msTrustAnchorsPath = "/trust/ms/";
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/TSLConnector.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/TSLConnector.java
new file mode 100644
index 0000000..82df37b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/TSLConnector.java
@@ -0,0 +1,972 @@
+package at.gv.egovernment.moa.spss.tsl.connector;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.nio.channels.ByteChannel;
+import java.nio.channels.FileChannel;
+import java.security.Security;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.ListIterator;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.Set;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.spss.tsl.config.Configurator;
+import at.gv.egovernment.moa.spss.tsl.utils.TSLEUImportFromFileContext;
+import at.gv.egovernment.moa.spss.tsl.utils.TSLEvaluationContext;
+import at.gv.egovernment.moa.spss.tsl.utils.TSLImportFromFileContext;
+import iaik.asn1.ObjectID;
+import iaik.util._15;
+import iaik.util.logging._l;
+import iaik.utils.RFC2253NameParser;
+import iaik.xml.crypto.EccProviderAdapter;
+import iaik.xml.crypto.XSecProvider;
+import iaik.xml.crypto.tsl.DbTables;
+import iaik.xml.crypto.tsl.DbTables.MODE;
+import iaik.xml.crypto.tsl.DbTables.Service;
+import iaik.xml.crypto.tsl.TSLCertEvaluator;
+import iaik.xml.crypto.tsl.TSLCertsExporter;
+import iaik.xml.crypto.tsl.TSLEngine;
+import iaik.xml.crypto.tsl.TSLEngine.LocationAndCertHash;
+import iaik.xml.crypto.tsl.TSLEngine.TSLEngineEU;
+import iaik.xml.crypto.tsl.TSLImportContext;
+import iaik.xml.crypto.tsl.TSLResult;
+import iaik.xml.crypto.tsl.TSLResultEndEntity;
+import iaik.xml.crypto.tsl.TSLResultImpl;
+import iaik.xml.crypto.tsl.TslSqlConnectionWrapper;
+import iaik.xml.crypto.tsl.constants.Countries;
+import iaik.xml.crypto.tsl.ex.TSLEngineDiedException;
+import iaik.xml.crypto.tsl.ex.TSLEngineFatalException;
+import iaik.xml.crypto.tsl.ex.TSLEngineFatalRuntimeException;
+import iaik.xml.crypto.tsl.ex.TSLExceptionB;
+import iaik.xml.crypto.tsl.ex.TSLRuntimeException;
+import iaik.xml.crypto.tsl.ex.TSLSearchException;
+import iaik.xml.crypto.tsl.ex.TSLTransactionFailedRuntimeException;
+import iaik.xml.crypto.tsl.fetch.TLS;
+import iaik.xml.crypto.tsl.sie.gen.QualifierType;
+
+public class TSLConnector implements TSLConnectorInterface {
+
+ static final String _QCSSCDURI = "http://uri.etsi.org/TrstSvc/eSigDir-1999-93-EC-TrustedList/SvcInfoExt/QCWithSSCD";
+ static final String _STYPETEMPLATE_CAQC = "CA/QC";
+ static final String _STYPETEMPLATE_TSAQTST = "TSA/QTST";
+
+ private static final String DEFAULT_HASHCACHE_DIR = "./hashcache/";
+
+ static final List<String> STYPETEMPLATES = Collections.unmodifiableList(new ArrayList<String>(){
+ private static final long serialVersionUID = 1L;
+ {
+ add(_STYPETEMPLATE_CAQC);
+ add(_STYPETEMPLATE_TSAQTST);
+ }
+ });
+
+
+ static Logger log = Logger.getLogger(TSLConnector.class);
+
+ public void initialize(String euTSLURL, String TSLWorkingDirectoryPath, String jdbcURL, String jdbcDriverClass)
+ throws TSLEngineDiedException {
+
+ Configurator.initial(euTSLURL, TSLWorkingDirectoryPath, jdbcURL, jdbcDriverClass);
+
+ }
+
+ public ArrayList<File> updateAndGetQualifiedCACertificates(Date dateTime,
+ String[] serviceLevelStatus) throws TSLEngineDiedException, TSLSearchException {
+
+ if (Configurator.is_isInitialised() == false)
+ new TSLEngineFatalException("The TSL Engine is not initialized!");
+
+ return updateAndGetQualifiedCACertificates(dateTime, null, serviceLevelStatus);
+ }
+
+ public void updateTSLs(Date dateTime,
+ String[] serviceLevelStatus) throws TSLEngineDiedException, TSLSearchException {
+
+ if (Configurator.is_isInitialised() == false)
+ new TSLEngineFatalException("The TSL Engine is not initialized!");
+
+ updateTSLs(dateTime, null, serviceLevelStatus);
+ }
+
+ public ArrayList<File> updateAndGetQualifiedCACertificates(Date dateTime,
+ String[] countries, String[] serviceLevelStatus) throws TSLEngineDiedException, TSLSearchException {
+
+ if (Configurator.is_isInitialised() == false)
+ new TSLEngineFatalException("The TSL Engine is not initialized!");
+
+ String tsldownloaddir = Configurator.get_TSLWorkingDirectoryPath() + "TslDownload";
+
+// String hashcachedir = System.getProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR");
+// System.out.println("hashcachedir: " + hashcachedir);
+// if (hashcachedir==null)
+// hashcachedir = DEFAULT_HASHCACHE_DIR;
+
+// File hashcachefile = new File(hashcachedir);
+// File[] filelist = hashcachefile.listFiles();
+// if (filelist != null) {
+// for (File f : filelist)
+// f.delete();
+// }
+
+ File tsldownloadfile = new File(tsldownloaddir);
+ if (!tsldownloadfile.exists()) {
+ tsldownloadfile.mkdir();
+ }
+ File[] tslfilelist = tsldownloadfile.listFiles();
+ if (tslfilelist != null) {
+ for (File f : tslfilelist)
+ f.delete();
+ }
+
+ //create sqlLite database
+ File dbFile = new File(Configurator.get_TempdbFile());
+ try {
+ dbFile.delete();
+ dbFile.createNewFile();
+ } catch (IOException e) {
+ throw new TSLEngineDiedException("Could not create temporary data base file", e);
+ }
+
+ //the TSL library uses the iaik.util.logging environment.
+ //iaik.util.logging.Log.setLogLevel(iaik.util.logging.LogLevels.WARN);
+ iaik.util.logging.Log.setLogLevel(iaik.util.logging.LogLevels.OFF);
+
+ log.info("Starting EU TSL import.");
+
+ // Certificates in Germany, Estonia, Greece, Cyprus,
+ // Lithuainia, Hungary, Poland, Finland, Norway use SURNAME
+ log.debug("### SURNAME registered as " + ObjectID.surName + " ###");
+ RFC2253NameParser.register("SURNAME", ObjectID.surName);
+
+ XSecProvider.addAsProvider(false);
+
+ TSLEngine tslEngine;
+ TslSqlConnectionWrapper connection = null;
+
+ try {
+ // register the Https JSSE Wrapper
+ TLS.register();
+ log.trace("### Https JSSE Wrapper registered ###");
+
+
+ log.debug("### Connect to Database.###");
+ connection = DbTables.connectToDatabaBase(dbFile, MODE.AUTO_COMMIT_ON);
+
+ log.trace("### Connected ###");
+
+ // empty the database and recreate the tables
+ tslEngine = new TSLEngine(dbFile, Configurator.get_TSLWorkingDirectoryPath(),
+ connection, true, true);
+
+ } catch (TSLEngineFatalException e1) {
+ throw new TSLEngineDiedException(e1);
+
+ }
+
+ // H.2.2.1 Same-scheme searching
+ // H.2.2.2 Known scheme searching
+ // H.2.2.3 "Blind" (unknown) scheme searching
+ Number tId = null;
+ Countries euTerritory = Countries.EU;
+ TSLImportContext topLevelTslContext = new TSLEUImportFromFileContext(
+ euTerritory, Configurator.get_euTSLURL(), Configurator.get_TSLWorkingDirectoryPath(),
+ Configurator.is_sqlMultithreaded(),
+ Configurator.is_throwExceptions(), Configurator.is_logExceptions(),
+ Configurator.is_throwWarnings(), Configurator.is_logWarnings(),
+ Configurator.is_nullRedundancies());
+
+ TSLEngineEU tslengineEU;
+ try {
+ tslengineEU = tslEngine.new TSLEngineEU();
+
+ } catch (TSLEngineFatalException e1) {
+ throw new TSLEngineDiedException(e1);
+ }
+
+ // establish EU TSL trust anchor
+ ListIterator<java.security.cert.X509Certificate> expectedEuTslSignerCerts =
+ tslEngine.loadCertificatesFromResource(
+ Configurator.get_euTrustAnchorsPath(), topLevelTslContext);
+
+ log.debug("Process EU TSL");
+ // process the EU TSL to receive the pointers to the other TSLs
+ // and the trust anchors for the TSL signers
+ Set<Entry<Number, LocationAndCertHash>> pointersToMsTSLs = null;
+
+ try {
+
+ tId = tslengineEU.processEUTSL(topLevelTslContext, expectedEuTslSignerCerts);
+ log.info("Process EU TSL finished");
+
+ log.debug(Thread.currentThread() + " waiting for other threads ...");
+
+ topLevelTslContext.waitForAllOtherThreads();
+ log.debug(Thread.currentThread()
+ + " reactivated after other threads finished ...");
+
+
+ // get the TSLs pointed from the EU TSL
+ LinkedHashMap<Number, LocationAndCertHash> tslMap = tslengineEU
+ .getOtherTslMap(tId, topLevelTslContext);
+
+ pointersToMsTSLs = tslMap.entrySet();
+
+ //set Errors and Warrnings
+
+ } catch (TSLEngineFatalRuntimeException e) {
+ throw new TSLEngineDiedException(topLevelTslContext.dumpFatals());
+
+ } catch (TSLTransactionFailedRuntimeException e) {
+ throw new TSLEngineDiedException(topLevelTslContext.dumpTransactionFaliures());
+ }
+
+ //Backup implementation if the EU TSL includes a false signer certificate
+ // establish additional trust anchors for member states
+// Countries[] countriesWithPotentiallyWrongCertsOnEuTsl = {
+// Countries.CZ,
+// Countries.LU,
+// Countries.ES,
+// Countries.AT,
+// };
+ Countries[] countriesWithPotentiallyWrongCertsOnEuTsl = {};
+
+ Map<Countries, java.util.ListIterator<java.security.cert.X509Certificate>>
+ trustAnchorsWrongOnEuTsl = loadCertificatesFromResource(
+ Configurator.get_msTrustAnchorsPath(), tslEngine, topLevelTslContext,
+ countriesWithPotentiallyWrongCertsOnEuTsl);
+
+ log.info("Starting EU member TSL import.");
+
+ for (Entry<Number, LocationAndCertHash> entry : pointersToMsTSLs) {
+
+ TSLImportContext msTslContext;
+
+ Countries expectedTerritory = entry.getValue().getSchemeTerritory();
+ try {
+
+// if (expectedTerritory.equals("RO"))
+// System.out.println("Stop");
+
+ Number otpId = entry.getKey();
+ LocationAndCertHash lac = entry.getValue();
+
+ URL uriReference = null;
+ try {
+ uriReference = new URL(lac.getUrl());
+
+ } catch (MalformedURLException e) {
+ log.warn("Could not process: " + uriReference, e);
+ continue;
+ }
+
+ String baseURI = uriReference == null ? "" : "" + uriReference;
+
+ msTslContext = new TSLImportFromFileContext(
+ expectedTerritory, uriReference, otpId, Configurator.get_TSLWorkingDirectoryPath(),
+ Configurator.is_sqlMultithreaded(),
+ Configurator.is_throwExceptions(), Configurator.is_logExceptions(),
+ Configurator.is_throwWarnings(), Configurator.is_logWarnings(),
+ Configurator.is_nullRedundancies(), baseURI, trustAnchorsWrongOnEuTsl,
+ topLevelTslContext);
+
+ ListIterator<X509Certificate> expectedTslSignerCerts = null;
+ expectedTslSignerCerts = tslEngine.getCertificates(lac, msTslContext);
+
+ if (expectedTslSignerCerts == null) {
+
+ // no signer certificate on the EU TSL
+ // ignore this msTSL and log a warning
+ log.warn("NO signer certificate found on EU TSL! "
+ + lac.getSchemeTerritory() + "TSL ignored.");
+
+ }
+ else {
+ tslEngine.processMSTSL(topLevelTslContext, msTslContext, expectedTslSignerCerts);
+ }
+
+ } catch (TSLExceptionB e) {
+ log.warn("Failed to process TSL. " + entry.getValue().getSchemeTerritory()
+ + " TSL ignored.");
+ log.debug("Failed to process TSL. " + entry, e);
+ continue;
+ } catch (TSLRuntimeException e) {
+ log.warn("Failed to process TSL. " + entry.getValue().getSchemeTerritory()
+ + " TSL ignored.");
+ log.debug("Failed to process TSL. " + entry, e);
+ continue;
+ }
+ }
+
+ log.debug(Thread.currentThread() + " waiting for other threads ...");
+ topLevelTslContext.waitForAllOtherThreads();
+
+ log.debug(_15.dumpAllThreads());
+ log.debug(Thread.currentThread() + " reactivated after other threads finished ...");
+
+ connection = null;
+ try {
+ connection = DbTables.connectToDatabaBase(dbFile, MODE.AUTO_COMMIT_ON);
+ tslEngine.recreateTablesInvalidatedByImport(connection);
+
+
+ //TODO: implement database copy operation!
+ File working_database = new File(Configurator.get_dbFile());
+ working_database.delete();
+ copy(dbFile, working_database);
+
+
+ } catch (TSLEngineFatalException e) {
+ throw new TSLEngineDiedException(e);
+
+ } finally {
+ try {
+ connection.closeConnection();
+
+ } catch (TSLEngineFatalException e) {
+ throw new TSLEngineDiedException(e);
+
+ }
+ }
+
+ return getQualifiedCACertificates(dateTime, countries, serviceLevelStatus);
+ }
+
+ public void updateTSLs(Date dateTime,
+ String[] countries, String[] serviceLevelStatus) throws TSLEngineDiedException, TSLSearchException {
+
+ if (Configurator.is_isInitialised() == false)
+ new TSLEngineFatalException("The TSL Engine is not initialized!");
+
+ String tsldownloaddir = Configurator.get_TSLWorkingDirectoryPath() + "TslDownload";
+
+// String hashcachedir = System.getProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR");
+// System.out.println("hashcachedir: " + hashcachedir);
+// if (hashcachedir==null)
+// hashcachedir = DEFAULT_HASHCACHE_DIR;
+
+// File hashcachefile = new File(hashcachedir);
+// File[] filelist = hashcachefile.listFiles();
+// if (filelist != null) {
+// for (File f : filelist)
+// f.delete();
+// }
+
+ File tsldownloadfile = new File(tsldownloaddir);
+ if (!tsldownloadfile.exists()) {
+ tsldownloadfile.mkdir();
+ }
+ File[] tslfilelist = tsldownloadfile.listFiles();
+ if (tslfilelist != null) {
+ for (File f : tslfilelist)
+ f.delete();
+ }
+
+ //create sqlLite database
+ File dbFile = new File(Configurator.get_TempdbFile());
+ try {
+ dbFile.delete();
+ dbFile.createNewFile();
+ } catch (IOException e) {
+ throw new TSLEngineDiedException("Could not create temporary data base file", e);
+ }
+
+ //the TSL library uses the iaik.util.logging environment.
+ //iaik.util.logging.Log.setLogLevel(iaik.util.logging.LogLevels.WARN);
+ iaik.util.logging.Log.setLogLevel(iaik.util.logging.LogLevels.OFF);
+
+ log.info("Starting EU TSL import.");
+
+ // Certificates in Germany, Estonia, Greece, Cyprus,
+ // Lithuainia, Hungary, Poland, Finland, Norway use SURNAME
+ log.debug("### SURNAME registered as " + ObjectID.surName + " ###");
+ RFC2253NameParser.register("SURNAME", ObjectID.surName);
+
+ XSecProvider.addAsProvider(false);
+
+ TSLEngine tslEngine;
+ TslSqlConnectionWrapper connection = null;
+
+ try {
+ // register the Https JSSE Wrapper
+ TLS.register();
+ log.trace("### Https JSSE Wrapper registered ###");
+
+
+ log.debug("### Connect to Database.###");
+ connection = DbTables.connectToDatabaBase(dbFile, MODE.AUTO_COMMIT_ON);
+
+ log.trace("### Connected ###");
+
+ // empty the database and recreate the tables
+ tslEngine = new TSLEngine(dbFile, Configurator.get_TSLWorkingDirectoryPath(),
+ connection, true, true);
+
+ } catch (TSLEngineFatalException e1) {
+ throw new TSLEngineDiedException(e1);
+
+ }
+
+ // H.2.2.1 Same-scheme searching
+ // H.2.2.2 Known scheme searching
+ // H.2.2.3 "Blind" (unknown) scheme searching
+ Number tId = null;
+ Countries euTerritory = Countries.EU;
+ TSLImportContext topLevelTslContext = new TSLEUImportFromFileContext(
+ euTerritory, Configurator.get_euTSLURL(), Configurator.get_TSLWorkingDirectoryPath(),
+ Configurator.is_sqlMultithreaded(),
+ Configurator.is_throwExceptions(), Configurator.is_logExceptions(),
+ Configurator.is_throwWarnings(), Configurator.is_logWarnings(),
+ Configurator.is_nullRedundancies());
+
+ TSLEngineEU tslengineEU;
+ try {
+ tslengineEU = tslEngine.new TSLEngineEU();
+
+ } catch (TSLEngineFatalException e1) {
+ throw new TSLEngineDiedException(e1);
+ }
+
+ // establish EU TSL trust anchor
+ ListIterator<java.security.cert.X509Certificate> expectedEuTslSignerCerts =
+ tslEngine.loadCertificatesFromResource(
+ Configurator.get_euTrustAnchorsPath(), topLevelTslContext);
+
+ log.debug("Process EU TSL");
+ // process the EU TSL to receive the pointers to the other TSLs
+ // and the trust anchors for the TSL signers
+ Set<Entry<Number, LocationAndCertHash>> pointersToMsTSLs = null;
+
+ try {
+
+ tId = tslengineEU.processEUTSL(topLevelTslContext, expectedEuTslSignerCerts);
+ log.info("Process EU TSL finished");
+
+ log.debug(Thread.currentThread() + " waiting for other threads ...");
+
+ topLevelTslContext.waitForAllOtherThreads();
+ log.debug(Thread.currentThread()
+ + " reactivated after other threads finished ...");
+
+
+ // get the TSLs pointed from the EU TSL
+ LinkedHashMap<Number, LocationAndCertHash> tslMap = tslengineEU
+ .getOtherTslMap(tId, topLevelTslContext);
+
+ pointersToMsTSLs = tslMap.entrySet();
+
+ //set Errors and Warrnings
+
+ } catch (TSLEngineFatalRuntimeException e) {
+ throw new TSLEngineDiedException(topLevelTslContext.dumpFatals());
+
+ } catch (TSLTransactionFailedRuntimeException e) {
+ throw new TSLEngineDiedException(topLevelTslContext.dumpTransactionFaliures());
+ }
+
+ //Backup implementation if the EU TSL includes a false signer certificate
+ // establish additional trust anchors for member states
+// Countries[] countriesWithPotentiallyWrongCertsOnEuTsl = {
+// Countries.CZ,
+// Countries.LU,
+// Countries.ES,
+// Countries.AT,
+// };
+ Countries[] countriesWithPotentiallyWrongCertsOnEuTsl = {};
+
+ Map<Countries, java.util.ListIterator<java.security.cert.X509Certificate>>
+ trustAnchorsWrongOnEuTsl = loadCertificatesFromResource(
+ Configurator.get_msTrustAnchorsPath(), tslEngine, topLevelTslContext,
+ countriesWithPotentiallyWrongCertsOnEuTsl);
+
+ log.info("Starting EU member TSL import.");
+
+ for (Entry<Number, LocationAndCertHash> entry : pointersToMsTSLs) {
+
+ TSLImportContext msTslContext;
+
+ Countries expectedTerritory = entry.getValue().getSchemeTerritory();
+ try {
+
+// if (expectedTerritory.equals("RO"))
+// System.out.println("Stop");
+
+ Number otpId = entry.getKey();
+ LocationAndCertHash lac = entry.getValue();
+
+ URL uriReference = null;
+ try {
+ uriReference = new URL(lac.getUrl());
+
+ } catch (MalformedURLException e) {
+ log.warn("Could not process: " + uriReference, e);
+ continue;
+ }
+
+ String baseURI = uriReference == null ? "" : "" + uriReference;
+
+ msTslContext = new TSLImportFromFileContext(
+ expectedTerritory, uriReference, otpId, Configurator.get_TSLWorkingDirectoryPath(),
+ Configurator.is_sqlMultithreaded(),
+ Configurator.is_throwExceptions(), Configurator.is_logExceptions(),
+ Configurator.is_throwWarnings(), Configurator.is_logWarnings(),
+ Configurator.is_nullRedundancies(), baseURI, trustAnchorsWrongOnEuTsl,
+ topLevelTslContext);
+
+ ListIterator<X509Certificate> expectedTslSignerCerts = null;
+ expectedTslSignerCerts = tslEngine.getCertificates(lac, msTslContext);
+
+ if (expectedTslSignerCerts == null) {
+
+ // no signer certificate on the EU TSL
+ // ignore this msTSL and log a warning
+ log.warn("NO signer certificate found on EU TSL! "
+ + lac.getSchemeTerritory() + "TSL ignored.");
+
+ }
+ else {
+ tslEngine.processMSTSL(topLevelTslContext, msTslContext, expectedTslSignerCerts);
+ }
+
+ } catch (TSLExceptionB e) {
+ log.warn("Failed to process TSL. " + entry.getValue().getSchemeTerritory()
+ + " TSL ignored.");
+ log.debug("Failed to process TSL. " + entry, e);
+ continue;
+ } catch (TSLRuntimeException e) {
+ log.warn("Failed to process TSL. " + entry.getValue().getSchemeTerritory()
+ + " TSL ignored.");
+ log.debug("Failed to process TSL. " + entry, e);
+ continue;
+ }
+ }
+
+ log.debug(Thread.currentThread() + " waiting for other threads ...");
+ topLevelTslContext.waitForAllOtherThreads();
+
+ log.debug(_15.dumpAllThreads());
+ log.debug(Thread.currentThread() + " reactivated after other threads finished ...");
+
+ connection = null;
+ try {
+ connection = DbTables.connectToDatabaBase(dbFile, MODE.AUTO_COMMIT_ON);
+ tslEngine.recreateTablesInvalidatedByImport(connection);
+
+
+ //TODO: implement database copy operation!
+ File working_database = new File(Configurator.get_dbFile());
+ working_database.delete();
+ copy(dbFile, working_database);
+
+
+ } catch (TSLEngineFatalException e) {
+ throw new TSLEngineDiedException(e);
+
+ } finally {
+ try {
+ connection.closeConnection();
+
+ } catch (TSLEngineFatalException e) {
+ throw new TSLEngineDiedException(e);
+
+ }
+ }
+
+ //return getQualifiedCACertificates(dateTime, countries, serviceLevelStatus);
+ }
+
+ public ArrayList<File> getQualifiedCACertificates(Date dateTime,
+ String[] serviceLevelStatus) throws TSLEngineDiedException,
+ TSLSearchException {
+
+ if (Configurator.is_isInitialised() == false)
+ new TSLEngineFatalException("The TSL Engine is not initialized!");
+
+ return getQualifiedCACertificates(dateTime, null, serviceLevelStatus);
+ }
+
+ public ArrayList<File> getQualifiedCACertificates(Date dateTime,
+ String[] countries, String[] serviceLevelStatus)
+ throws TSLEngineDiedException, TSLSearchException {
+
+ if (Configurator.is_isInitialised() == false)
+ new TSLEngineFatalException("The TSL Engine is not initialized!");
+
+ //TODO: database
+ File dbFile = new File(Configurator.get_TempdbFile());
+ //File dbFile = new File(Configurator.get_dbFile());
+ if(!dbFile.exists())
+ throw new TSLEngineDiedException("Could not open data base file");
+
+ log.debug("### Connect to Database ###");
+ TslSqlConnectionWrapper readConnection = null;
+
+ try {
+ readConnection = DbTables.connectToDatabaBase(dbFile, MODE.READ_ONLY);
+
+ TSLEngine tslEngine = new TSLEngine(dbFile, Configurator.get_TSLWorkingDirectoryPath(),
+ readConnection, false, false);
+
+ log.debug("### Connected ###");
+ //TODO: maybe add "TSA/QTST for qualified timestamps
+ try {
+ TSLCertsExporter certsExporter;
+ certsExporter = tslEngine.createCertsExporter(
+ readConnection,
+ countries,
+ new String[]{_STYPETEMPLATE_CAQC},
+ serviceLevelStatus
+ );
+
+ return certsExporter.exportAsArray(dateTime, null);
+
+ } catch (TSLEngineFatalException e) {
+ e.printStackTrace();
+ _l.err("could not export Certs", e);
+ throw new TSLEngineDiedException(e);
+ }
+
+ } catch (TSLEngineFatalException e1) {
+ throw new TSLEngineDiedException(e1);
+
+ } finally {
+ try {
+ readConnection.closeConnection();
+
+ } catch (TSLEngineFatalException e) {
+ throw new TSLEngineDiedException(e);
+ }
+ }
+ }
+
+ public boolean checkQC(java.security.cert.X509Certificate[] chain)
+ throws TSLSearchException, TSLEngineDiedException {
+
+ if (Configurator.is_isInitialised() == false)
+ new TSLEngineFatalException("The TSL Engine is not initialized!");
+
+ return checkQC(chain, 1);
+ }
+
+ public boolean checkSSCD(java.security.cert.X509Certificate[] chain)
+ throws TSLSearchException, TSLEngineDiedException {
+
+ if (Configurator.is_isInitialised() == false)
+ new TSLEngineFatalException("The TSL Engine is not initialized!");
+
+ return checkSSCD(chain, 1);
+ }
+
+ public boolean checkQC(java.security.cert.X509Certificate[] chain, int cnt)
+ throws TSLSearchException, TSLEngineDiedException {
+
+ if (Configurator.is_isInitialised() == false)
+ new TSLEngineFatalException("The TSL Engine is not initialized!");
+
+ LinkedHashMap<X509Certificate, TSLResult> tslResultC = checkchain(chain, cnt);
+
+ //get first result
+ java.util.Map.Entry<java.security.cert.X509Certificate, TSLResult> resultmap = tslResultC.entrySet().iterator().next();
+ TSLResult tslresult = tslResultC.entrySet().iterator().next().getValue();
+
+
+
+ if (tslresult == null) {
+ log.info("Certificate: " + resultmap.getKey().getSubjectDN()
+ + " not on the TSL");
+ throw new TSLSearchException("Certificate: " + resultmap.getKey().getSubjectDN()
+ + " not on the TSL");
+ }
+
+ if (tslresult instanceof TSLResultEndEntity) {
+ TSLResultEndEntity ree = (TSLResultEndEntity) tslresult;
+
+
+ String sType = (String) ree.get(Service.C.sType);
+
+ log.info("Cert: " + resultmap.getKey().getSubjectDN() + " sType=" + sType);
+
+ //TODO: maybe add "TSA/QTST for qualified timestamps
+ if (sType.equals(_STYPETEMPLATE_CAQC))
+ return true;
+ else
+ return false;
+ }
+
+ else if (tslresult instanceof TSLResultImpl) {
+
+ //TODO: Certificate is not of Type EndEntity (equal to QCSSCD check)
+ // Is FALSE the correct answer?
+ return false;
+ }
+
+ throw new TSLEngineDiedException("TSL Result has an unknown Class type");
+ }
+
+ public boolean checkSSCD(java.security.cert.X509Certificate[] chain, int cnt)
+ throws TSLSearchException, TSLEngineDiedException {
+
+ if (Configurator.is_isInitialised() == false)
+ new TSLEngineFatalException("The TSL Engine is not initialized!");
+
+ LinkedHashMap<X509Certificate, TSLResult> tslResultC = checkchain(chain, cnt);
+
+ //get first result
+ java.util.Map.Entry<java.security.cert.X509Certificate, TSLResult> resultmap = tslResultC.entrySet().iterator().next();
+ TSLResult tslresult = tslResultC.entrySet().iterator().next().getValue();
+
+ if (tslresult == null) {
+ log.info("Certificate: " + resultmap.getKey().getSubjectDN() + " not on the TSL");
+ throw new TSLSearchException("Certificate: " + resultmap.getKey().getSubjectDN()
+ + " not on the TSL");
+ }
+
+ if (tslresult instanceof TSLResultEndEntity) {
+ TSLResultEndEntity ree = (TSLResultEndEntity) tslresult;
+
+ List<QualifierType> qualifier = ree.getQualifierList();
+
+ Iterator<QualifierType> qualifierlist = qualifier.iterator();
+
+ String uri = "";
+
+ while (qualifierlist.hasNext()) {
+ uri = qualifierlist.next().getUri();
+
+ log.debug("Cert: " + resultmap.getKey().getSubjectDN() + " SSCD=" + uri);
+
+ if (uri.contains(_QCSSCDURI)) {
+ return true;
+ }
+ else {
+ return false;
+ }
+ }
+ return false;
+ }
+
+ else if (tslresult instanceof TSLResultImpl) {
+
+ //TODO: Certificate is not of Type EndEntity (equal to QC check)
+ // Is FALSE the correct answer?
+ return false;
+ }
+
+ throw new TSLEngineDiedException("TSL Result has an unknown Class type");
+ }
+
+
+
+ private LinkedHashMap<java.security.cert.X509Certificate, TSLResult> checkchain(java.security.cert.X509Certificate[] chain, int cnt)
+ throws TSLSearchException, TSLEngineDiedException {
+
+ File dbFile = new File(Configurator.get_dbFile());
+ if(!dbFile.exists())
+ throw new TSLEngineDiedException("Could not open data base file");
+
+ try {
+
+ log.debug("### Connect to Database ###");
+ TslSqlConnectionWrapper readConnection;
+ readConnection = DbTables.connectToDatabaBase(dbFile, MODE.READ_ONLY);
+ log.debug("### Connected ###");
+
+ TSLEngine tslEngine = new TSLEngine(dbFile, Configurator.get_TSLWorkingDirectoryPath(),
+ readConnection, false, false);
+
+ XSecProvider.addAsProvider(false);
+ log.debug("### XSECT registered ###");
+ // register the additional IAIK ECC provider
+ Security.addProvider(EccProviderAdapter.getEccProvider());
+ log.debug("### ECC registered ###");
+
+
+ TSLEvaluationContext context = new TSLEvaluationContext(
+ Configurator.get_TSLWorkingDirectoryPath(),
+ Configurator.is_sqlMultithreaded(),
+ Configurator.is_throwExceptions(),
+ Configurator.is_logExceptions(),
+ Configurator.is_throwWarnings(),
+ Configurator.is_logWarnings());
+
+ TSLCertEvaluator tslCertEvaluator = tslEngine.createEvaluator(context,
+ readConnection);
+
+ Date signingTime = new Date();
+
+ // has to be later or equal
+ Date now = new Date();
+
+ LinkedHashMap<java.security.cert.X509Certificate, TSLResult> tslResultC = tslCertEvaluator
+ .evaluate(TSLCertEvaluator.CHAIN_MODEL, chain, signingTime, now, context);
+
+ return tslResultC;
+
+ } catch (TSLEngineFatalException e1) {
+ throw new TSLEngineDiedException(e1);
+ }
+
+
+ }
+
+ private static Map<Countries, java.util.ListIterator<java.security.cert.X509Certificate>> loadCertificatesFromResource(
+ final String msTrustAnchorsPath, TSLEngine tslEngine,
+ TSLImportContext topLevelTslContext, Countries[] countriesWithNoCertsOnEuTsl)
+ throws TSLEngineDiedException {
+ Map<Countries, java.util.ListIterator<java.security.cert.X509Certificate>> trustAnchorsMissingOnEuTsl;
+ trustAnchorsMissingOnEuTsl =
+ new HashMap<Countries, java.util.ListIterator<java.security.cert.X509Certificate>>(
+ countriesWithNoCertsOnEuTsl.length);
+
+ for (int i = 0; i < countriesWithNoCertsOnEuTsl.length; i++) {
+ Countries country = countriesWithNoCertsOnEuTsl[i];
+
+ final String mspath = msTrustAnchorsPath + country + "/";
+
+ ListIterator<java.security.cert.X509Certificate> msCerts =
+ tslEngine.loadCertificatesFromResource(mspath, topLevelTslContext);
+
+ trustAnchorsMissingOnEuTsl.put(country, msCerts);
+ }
+ return trustAnchorsMissingOnEuTsl;
+ }
+
+
+ private void copy(File source, File destination) throws TSLEngineDiedException {
+ try {
+ FileInputStream fileInputStream = new FileInputStream(source);
+ FileOutputStream fileOutputStream = new FileOutputStream(destination);
+ FileChannel inputChannel = fileInputStream.getChannel();
+ FileChannel outputChannel = fileOutputStream.getChannel();
+
+ transfer(inputChannel, outputChannel, source.length(), false);
+
+ fileInputStream.close();
+ fileOutputStream.close();
+
+ destination.setLastModified(source.lastModified());
+ } catch (Exception e) {
+
+ throw new TSLEngineDiedException("Error during TSL database copy operation!.");
+ }
+ }
+
+ private void transfer(FileChannel fileChannel, ByteChannel byteChannel, long lengthInBytes, boolean verbose)
+ throws IOException {
+
+ long overallBytesTransfered = 0L;
+ long time = -System.currentTimeMillis();
+
+ while (overallBytesTransfered < lengthInBytes) {
+ long bytesTransfered = 0L;
+ bytesTransfered = fileChannel.transferTo(overallBytesTransfered, Math.min(1024 * 1024, lengthInBytes - overallBytesTransfered), byteChannel);
+ overallBytesTransfered += bytesTransfered;
+ if (verbose) {
+ System.out.println("overall bytes transfered: " + overallBytesTransfered + " progress " + (Math.round(overallBytesTransfered / ((double) lengthInBytes) * 100.0)) + "%");
+ }
+ }
+ time += System.currentTimeMillis();
+
+ if (verbose) {
+ System.out.println("Transfered: " + overallBytesTransfered + " bytes in: " + (time / 1000) + " s -> " + (overallBytesTransfered / 1024.0) / (time / 1000.0) + " kbytes/s");
+ }
+ }
+
+
+// /**
+// * @param tslResultC
+// * @param context
+// */
+// private static void printResultDetails(
+// LinkedHashMap<java.security.cert.X509Certificate, TSLResult> tslResultC, TSLContext context) {
+//
+// for (java.util.Map.Entry<java.security.cert.X509Certificate, TSLResult> e : tslResultC
+// .entrySet()) {
+//
+// TSLResult r = e.getValue();
+//
+// if (r == null) {
+// log.info("Certificate: " + e.getKey().getSubjectDN()
+// + " not on the TSL");
+// continue;
+// }
+//
+// if (r instanceof TSLResultEndEntity) {
+// TSLResultEndEntity ree = (TSLResultEndEntity) r;
+//
+// String status = (String) ree.get(Service.C.status);
+//
+// Date startDate = context.getDate(ree.get(Service.C.startDate));
+// Long endDateL = (Long) ree.get(ServiceView.C.endDate);
+// Date endDate = endDateL == null ? null : new Date(endDateL);
+//
+// String sType = (String) ree.get(Service.C.sType);
+//
+// List<QualifierType> tslQual = ree.getQualifierList();
+//
+// StringBuilder qualList = new StringBuilder("");
+// if (!tslQual.isEmpty()) {
+// qualList.append("\n~~~~~~~~~~~~ TSL-Qualifiers ~~~~~~~~~~~~\n");
+// for (QualifierType qual : tslQual) {
+// qualList.append(qual.getUri() + "\n");
+// }
+// qualList.append("~~~~~~~~~~~~~~~~~ End ~~~~~~~~~~~~~~~~\n");
+// }
+//
+// log.info("############### EndEntity ###############\n"
+// + _.printCertificate(e.getKey()) + qualList + "\nServiceProvider: "
+// + ree.getSerivceProvider().getSubjectDN() + "\n" + Service.C.sType
+// + ": " + sType + "\n" + Service.C.status + ": " + status + "\n"
+// + Service.C.startDate + ": " + startDate + "\n"
+// + ServiceView.C.endDate + ": " + endDate);
+// log.info("############ ServiceProvider ############\n"
+// + _.printCertificate(ree.getSerivceProvider()));
+// log.info("################# END #################");
+//
+// continue;
+// }
+//
+// if (r instanceof TSLResultImpl) {
+// TSLResultImpl ri = (TSLResultImpl) r;
+// log.info("----------------- BEGIN -----------------\n"
+// + "Certificate: " + e.getKey().getSubjectDN() + "\n" + ri.toString());
+//
+// int i = 1;
+// for (Iterator iter = ri.getRows().iterator(); iter.hasNext();) {
+// Row row = (Row) iter.next();
+// // TSPServiceInformationType sInfo =
+// // ((JAXBElement<TSPServiceInformationType>)
+// // row.s_.get(Service.C.sInfo)).getValue();
+// String status = (String) row.s_.get(Service.C.status);
+//
+// Date startDate = context.getDate(row.s_.get(Service.C.startDate));
+//
+// Date endDate = context.getDate(row.s_.get(ServiceView.C.endDate));
+//
+// String sType = (String) row.s_.get(Service.C.sType);
+//
+// log.info("----------------- (" + (i++) + ") -----------------\n"
+// + Service.C.sType + ": " + sType + " " + Service.C.status + ": "
+// + status + "\n" + Service.C.startDate + ": " + startDate + "\n"
+// + ServiceView.C.endDate + ": " + endDate + "\n" + row.s_);
+//
+// row.s_.get(Service.C.sExt);
+// }
+// log.info("----------------- END -----------------");
+// }
+// }
+// }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/TSLConnectorInterface.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/TSLConnectorInterface.java
new file mode 100644
index 0000000..4992f75
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/TSLConnectorInterface.java
@@ -0,0 +1,95 @@
+package at.gv.egovernment.moa.spss.tsl.connector;
+
+import iaik.xml.crypto.tsl.ex.TSLEngineDiedException;
+import iaik.xml.crypto.tsl.ex.TSLSearchException;
+
+import java.io.File;
+import java.util.ArrayList;
+import java.util.Date;
+
+import java.security.cert.X509Certificate;
+
+public interface TSLConnectorInterface {
+
+ /**
+ * Initial the MOA TSL Connector.<br>
+ * <b>The hashcache directory must be set via "System-Property "iaik.xml.crypto.tsl.BinaryHashCache.DIR"!!!</b>
+ *
+ * @author TLenz
+ * @param euTSLURL - URL to TrustList
+ * @param TSLWorkingDirectoryPath - Path to a folder which should be used by the TSL engine. (/A/B/.../)
+ * @param jdbcURL - ...
+ * @param jdbcDriverClass - ...
+ */
+ void initialize(String euTSLURL, String TSLWorkingDirectoryPath, String jdbcURL, String jdbcDriverClass) throws TSLEngineDiedException;
+
+
+ /**
+ * Perform an update of all certificates which are on EU TSL and all MS TSLs and create an locale TSL database.
+ * The old locale TSL database is removed and a new database is created.
+ *
+ * @author TLenz
+ * @param dateTime - ...
+ * @param serviceLevelStatus - String Array of ServiceLevelStatus. For example new String[]{"accredited","undersupervision"}
+ * @return List of certificates with the selected properties
+ */
+ ArrayList<File> updateAndGetQualifiedCACertificates(Date dateTime, String[] serviceLevelStatus)
+ throws TSLEngineDiedException, TSLSearchException ;
+
+ /**
+ * Perform an update of all certificates which are on EU TSL and all MS TSLs and create an locale TSL database.
+ * The old locale TSL database is removed and a new database is created.
+ *
+ * @author TLenz
+ * @param dateTime - ...
+ * @param countries - String Array of country codes. For example new Sting[]{"AT","IT","BE"}
+ * @param serviceLevelStatus - String Array of ServiceLevelStatus. For example new String[]{"accredited","undersupervision"}
+ * @return List of certificates with the selected properties
+ */
+ ArrayList<File> updateAndGetQualifiedCACertificates(Date dateTime, String[] countries, String[] serviceLevelStatus)
+ throws TSLEngineDiedException, TSLSearchException ;
+
+ /**
+ * Check the http://uri.etis.org/TrstSvc/Svctype/CA/QC characteristic of a certificate by using the TSL information.
+ * This method uses information from the local TSL database.
+ *
+ * @author TLenz
+ * @param certificate - An X509 certificate.
+ * @return Return true, if the certificate comprises the http://uri.etis.org/TrstSvc/Svctype/CA/QC characteristic.
+ */
+ boolean checkQC(X509Certificate[] certificate) throws TSLSearchException, TSLEngineDiedException;
+
+ /**
+ * Check the http://uri.etis.org/TrstSvc/eSigDir-1999-93-ECTrustedList/SvcInfoExt/QCWithSSCD characteristic of a certificate by using the TSL information.
+ * This method uses information from the local TSL database.
+ *
+ * @author TLenz
+ * @param certificate - An X509 certificate.
+ * @return Return true, if the certificate comprises the http://uri.etis.org/TrstSvc/eSigDir-1999-93-ECTrustedList/SvcInfoExt/QCWithSSCD characteristic.
+ */
+ boolean checkSSCD(X509Certificate[] certificate) throws TSLSearchException, TSLEngineDiedException;
+
+ /**
+ * Get a list of certificates form the local TSL database with the selected properties.
+ *
+ * @author TLenz
+ * @param dateTime - ...
+ * @param serviceLevelStatus - String Array of ServiceLevelStatus. For example new String[]{"accredited","undersupervision"}
+ * @return List of certificates with the selected properties
+ */
+ ArrayList<File> getQualifiedCACertificates(Date dateTime, String[] serviceLevelStatus)
+ throws TSLEngineDiedException, TSLSearchException;
+
+ /**
+ * Get a list of certificates form the local TSL database with the selected properties.
+ *
+ * @author TLenz
+ * @param dateTime - ...
+ * @param countries - String Array of countrie codes. For example new Sting[]{"AT","IT","BE"}
+ * @param serviceLevelStatus - String Array of ServiceLevelStatus. For example new String[]{"accredited","undersupervision"}
+ * @return List of certificates with the selected properties
+ */
+ ArrayList<File> getQualifiedCACertificates(Date dateTime, String[] countries, String[] serviceLevelStatus)
+ throws TSLEngineDiedException, TSLSearchException;
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/exception/MitigatedTSLSecurityException.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/exception/MitigatedTSLSecurityException.java
new file mode 100644
index 0000000..d580405
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/exception/MitigatedTSLSecurityException.java
@@ -0,0 +1,17 @@
+package at.gv.egovernment.moa.spss.tsl.exception;
+
+import iaik.xml.crypto.tsl.ex.TSLSecurityException;
+
+import org.xml.sax.Locator;
+
+public final class MitigatedTSLSecurityException extends
+ TSLSecurityException {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
+
+ public MitigatedTSLSecurityException(Type t, Locator l) {
+ super(t, l);
+ }
+} \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java
new file mode 100644
index 0000000..e06abe4
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java
@@ -0,0 +1,212 @@
+package at.gv.egovernment.moa.spss.tsl.timer;
+
+import iaik.pki.store.certstore.CertStoreException;
+import iaik.pki.store.certstore.CertStoreParameters;
+import iaik.pki.store.truststore.TrustStoreException;
+import iaik.pki.store.truststore.TrustStoreProfile;
+import iaik.pki.store.utils.StoreUpdater;
+import iaik.server.ConfigurationData;
+import iaik.x509.X509Certificate;
+import iaik.xml.crypto.tsl.ex.TSLEngineDiedException;
+import iaik.xml.crypto.tsl.ex.TSLSearchException;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.TimerTask;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.config.TrustProfile;
+import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
+import at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore.TrustStoreProfileImpl;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.tsl.connector.TSLConnector;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.util.StringUtils;
+
+
+public class TSLUpdaterTimerTask extends TimerTask {
+
+ public static TSLConnector tslconnector_;
+
+ public static ConfigurationData configData_ = null;
+
+ @Override
+ public void run() {
+
+ try {
+ Logger.info("Start TSL Update");
+ update();
+ Logger.info("Finished TSL Update");
+ } catch (TSLEngineDiedException e) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
+ } catch (TSLSearchException e) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
+ } catch (ConfigurationException e) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
+ } catch (MOAApplicationException e) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
+ } catch (CertStoreException e) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
+ } catch (TrustStoreException e) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
+ } catch (FileNotFoundException e) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
+ } catch (IOException e) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
+ } catch (CertificateException e) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
+ }
+
+ }
+
+ public static void update() throws TSLEngineDiedException, TSLSearchException, ConfigurationException, MOAApplicationException, CertStoreException, TrustStoreException, CertificateException, IOException {
+ MessageProvider msg = MessageProvider.getInstance();
+
+ //TrustProfile tp = null;
+ TrustStoreProfile tsp = null;
+ StoreUpdater storeUpdater = null;
+ TransactionId tid = null;
+
+ //get TSl configuration
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ if (configData_ == null)
+ configData_ = new IaikConfigurator().configure(config);
+
+ TSLConfiguration tslconfig = config.getTSLConfiguration();
+ if (tslconfig != null) {
+
+ tslconnector_.updateTSLs(new Date(), new String[]{"accredited","undersupervision"});
+
+ Logger.info(new LogMsg(msg.getMessage("config.42", null)));
+
+ // get certstore parameters
+ CertStoreParameters[] certStoreParameters = configData_.getPKIConfiguration().getCertStoreConfiguration().getParameters();
+
+ // iterate over all truststores
+ Map mapTrustProfiles = config.getTrustProfiles();
+ Iterator it = mapTrustProfiles.entrySet().iterator();
+ while (it.hasNext()) {
+ Map.Entry pairs = (Map.Entry)it.next();
+ TrustProfile tp = (TrustProfile) pairs.getValue();
+ if (tp.isTSLEnabled()) {
+ tsp = new TrustStoreProfileImpl(config, tp.getId());
+ TrustStoreProfile[] trustStoreProfiles = new TrustStoreProfile[1];
+ trustStoreProfiles[0] = tsp;
+
+ Logger.debug(new LogMsg(msg.getMessage("config.43", new String[]{tp.getId()})));
+
+ tid = new TransactionId("TSLConfigurator-" + tp.getId());
+ ArrayList tsl_certs = null;
+ if (StringUtils.isEmpty(tp.getCountries())) {
+ Logger.debug(new LogMsg(msg.getMessage("config.44", null)));
+
+ // get certificates from TSL from all countries
+ tsl_certs = tslconnector_.getQualifiedCACertificates(new Date(), new String[]{"accredited","undersupervision"});
+ }
+ else {
+ Logger.debug(new LogMsg(msg.getMessage("config.44", null)));
+ // get selected countries as array
+ String countries = tp.getCountries();
+ String[] array = countries.split(",");
+ for (int i = 0; i < array.length; i++)
+ array[i] = array[i].trim();
+
+ // get certificates from TSL from given countries
+ tsl_certs = tslconnector_.getQualifiedCACertificates(new Date(), array, new String[]{"accredited","undersupervision"});
+ }
+
+ // create store updater for each TSL enabled truststore
+ Logger.debug(new LogMsg(msg.getMessage("config.45", null)));
+ storeUpdater = new StoreUpdater(certStoreParameters, trustStoreProfiles, tid);
+
+ // delete files in trustprofile
+
+ File ftp = new File(tp.getUri());
+ File[] files = ftp.listFiles();
+ X509Certificate[] removeCertificates = new X509Certificate[files.length];
+ int i = 0;
+ for (File file : files) {
+ FileInputStream fis = new FileInputStream(file);
+ removeCertificates[i] = new X509Certificate(fis);
+ i++;
+ fis.close();
+ //file.delete();
+ }
+
+ // remove all certificates
+ storeUpdater.removeCertificatesFromTrustStores(removeCertificates, tid);
+ storeUpdater.removeCertificatesFromCertStores(removeCertificates, tid);
+
+
+ // copy files from original trustAnchorsLocURI into tslworking trust profile
+ File src = new File(tp.getUriOrig());
+ files = src.listFiles();
+ X509Certificate[] addCertificates = new X509Certificate[files.length];
+ i = 0;
+ for (File file : files) {
+ FileInputStream fis = new FileInputStream(file);
+ addCertificates[i] = new X509Certificate(fis);
+ //FileUtils.copyFile(file, new File(tp.getUri(), file.getName()));
+ i++;
+ fis.close();
+ }
+
+ // convert ArrayList<File> to X509Certificate[]
+ if (tsl_certs == null) {
+ Logger.warn("No certificates from TSL imported.");
+ //throw new TSLSearchException("No certificates from TSL imported.");
+ }
+ else {
+
+ X509Certificate[] addCertificatesTSL = new X509Certificate[tsl_certs.size()];
+ Iterator itcert = tsl_certs.iterator();
+ i = 0;
+ File f = null;
+ while(itcert.hasNext()) {
+ f = (File)itcert.next();
+ FileInputStream fis = new FileInputStream(f);
+ X509Certificate cert = new X509Certificate(fis);
+ addCertificatesTSL[i] = cert;
+
+ i++;
+ fis.close();
+ }
+
+ Logger.debug(new LogMsg("Add " + addCertificatesTSL.length + " certificates."));
+ storeUpdater.addCertificatesToTrustStores(addCertificatesTSL, tid);
+ storeUpdater.addCertificatesToCertStores(addCertificatesTSL, tid);
+
+ Logger.debug(new LogMsg("Add " + addCertificates.length + " certificates."));
+ storeUpdater.addCertificatesToTrustStores(addCertificates, tid);
+ storeUpdater.addCertificatesToCertStores(addCertificates, tid);
+ }
+ }
+ }
+ }
+
+
+
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/CertificateReader.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/CertificateReader.java
new file mode 100644
index 0000000..763382a
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/CertificateReader.java
@@ -0,0 +1,155 @@
+package at.gv.egovernment.moa.spss.tsl.utils;
+import iaik.pkcs.PKCS7CertList;
+import iaik.pkcs.PKCSParsingException;
+import iaik.security.provider.IAIK;
+import iaik.utils.Util;
+import iaik.x509.X509Certificate;
+import iaik.xml.crypto.EccProviderAdapter;
+
+import java.io.BufferedInputStream;
+import java.io.File;
+import java.io.FileFilter;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.security.Security;
+import java.security.cert.CertificateException;
+import java.util.Arrays;
+import java.util.Iterator;
+import java.util.List;
+
+// Copyright (C) 2011 IAIK
+// http://jce.iaik.at
+//
+// Copyright (C) 2011 Stiftung Secure Information and
+// Communication Technologies SIC
+// http://www.sic.st
+//
+// All rights reserved.
+//
+// This source is provided for inspection purposes and recompilation only,
+// unless specified differently in a contract with IAIK. This source has to
+// be kept in strict confidence and must not be disclosed to any third party
+// under any circumstances. Redistribution in source and binary forms, with
+// or without modification, are <not> permitted in any case!
+//
+// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+// SUCH DAMAGE.
+//
+//
+
+public class CertificateReader {
+
+ /**
+ * Filter for reading certificate files from a directory.
+ * The filter accepts a file if its name ends with
+ * &quot;.cer&quot;, &quot;.der&quot;, &quot;.crt&quot;
+ * or &quot;.pem&quot;.
+ *
+ * @author Harald Bratko
+ * @author Konrad Lanz
+ */
+ static class CertificateFileFilter implements FileFilter {
+
+ /**
+ * Accepts a file if it is not a directory and its name ends with
+ * &quot;.cer&quot;, &quot;.der&quot;, &quot;.crt&quot; or &quot;.pem&quot;.
+ *
+ * @see java.io.FileFilter#accept(java.io.File)
+ */
+ public boolean accept(File file) {
+ String name = file.getName();
+ if (name.endsWith(".der") ||
+ name.endsWith(".cer") ||
+ name.endsWith(".crt") ||
+ name.endsWith(".pem"))
+ {
+ return true;
+ } else {
+ return false;
+ }
+ }
+ }
+
+
+
+ /**
+ * Reads the certificates from the given directory and
+ * returns the certificates as sorted list (end user certificate first).
+ * @param directory
+ * @return
+ * @throws IOException
+ * @throws FileNotFoundException
+ * @throws CertificateException
+ * @throws Exception
+ */
+ public static X509Certificate[] readCertificatesIntoArray(String directory) throws CertificateException, FileNotFoundException, IOException{
+ File file = new File(directory);
+ File[] certificateFiles = file.listFiles(new CertificateFileFilter());
+ int l = certificateFiles.length;
+ X509Certificate[] certs = new X509Certificate[l];
+ for (int i=0; i<certificateFiles.length; i++) {
+ X509Certificate certificate = new X509Certificate(new FileInputStream(certificateFiles[i]));
+ certs[i] = certificate;
+ }
+ return Util.arrangeCertificateChain(certs, false);
+ }
+
+ /**
+ * Reads the certificates from the given directory and
+ * returns the certificates as sorted list (end user certificate first).
+ * @param directory
+ * @return
+ * @throws IOException
+ * @throws FileNotFoundException
+ * @throws CertificateException
+ * @throws Exception
+ */
+ public static List<X509Certificate> readCertificates(String directory) throws CertificateException, FileNotFoundException, IOException{
+
+ return Arrays.asList(readCertificatesIntoArray(directory));
+ }
+
+ public static void main(String[] args) {
+ try {
+
+ IAIK.addAsJDK14Provider();
+ //IAIK.addAsProvider();
+ //Security.addProvider(new IAIK());
+
+ // install ECC provider
+ Security.addProvider(EccProviderAdapter.getEccProvider());
+
+ String dir = "spec/examples/EU/AT/certs/on-tsl/chain/";
+ List l = readCertificates(dir);
+ Iterator<X509Certificate> it = l.iterator();
+ while (it.hasNext()) {
+ System.out.println(((X509Certificate)it.next()).getSubjectDN().getName());
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ System.exit(1);
+ }
+
+ }
+
+ public static X509Certificate[] p7read(File path) throws PKCSParsingException, FileNotFoundException, IOException {
+ PKCS7CertList p7certList = new PKCS7CertList(
+ new BufferedInputStream(
+ new FileInputStream(
+ path
+ )
+ )
+ );
+ return p7certList.getCertificateList();
+ }
+ } \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/Mitigation.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/Mitigation.java
new file mode 100644
index 0000000..a1635b8
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/Mitigation.java
@@ -0,0 +1,15 @@
+package at.gv.egovernment.moa.spss.tsl.utils;
+
+public class Mitigation extends iaik.xml.crypto.tsl.ex.SeverityAspect.Mitigation {
+
+ String report_;
+
+ public Mitigation(String report) {
+ report_ = report;
+ }
+
+ @Override
+ public String getReport() {
+ return report_;
+ }
+} \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEUImportFromFileContext.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEUImportFromFileContext.java
new file mode 100644
index 0000000..453ee2b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEUImportFromFileContext.java
@@ -0,0 +1,140 @@
+package at.gv.egovernment.moa.spss.tsl.utils;
+
+import java.io.File;
+import java.io.IOException;
+import java.lang.reflect.Method;
+import java.net.URL;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.sqlite.SQLiteErrorCode;
+
+import iaik.util.logging.Log;
+import iaik.util.logging._l;
+import iaik.util.logging.Log.MultiThreadLoggingGroup;
+import iaik.xml.crypto.tsl.DbTables;
+import iaik.xml.crypto.tsl.TSLImportFromFileContext;
+import iaik.xml.crypto.tsl.TSLOpenURIException;
+import iaik.xml.crypto.tsl.constants.Countries;
+import iaik.xml.crypto.tsl.ex.TSLExceptionB;
+import iaik.xml.crypto.tsl.ex.ThrowableAndLocatorAndMitigation;
+import iaik.xml.crypto.tsl.ex.SeverityAspect.Severity;
+import iaik.xml.crypto.tsl.fetch.TopLevelTslFetchContext;
+
+public class TSLEUImportFromFileContext extends TopLevelTslFetchContext {
+
+ public TSLEUImportFromFileContext(
+ Countries euTerritory,
+ URL euTslURL,
+ String workingdirectory,
+ boolean sqlMultithreaded,
+ boolean throwExceptions,
+ boolean logExceptions,
+ boolean throwWarnings,
+ boolean logWarnings,
+ boolean nullRedundancies) {
+
+ super(
+ euTerritory,
+ euTslURL,
+ workingdirectory,
+ sqlMultithreaded,
+ throwExceptions,
+ logExceptions,
+ throwWarnings,
+ logWarnings,
+ nullRedundancies);
+
+ }
+
+ public List<ThrowableAndLocatorAndMitigation> getErrorsAndWarnings() {
+ List<ThrowableAndLocatorAndMitigation> errorsAndWarnings = new ArrayList<ThrowableAndLocatorAndMitigation>();
+ errorsAndWarnings.addAll(this.fatals_);
+ errorsAndWarnings.addAll(this.faildTransactions_);
+ errorsAndWarnings.addAll(this.warnings_);
+
+ return errorsAndWarnings;
+ }
+
+ @Override
+ public boolean normalizeXML() {
+ return true;
+ }
+
+ @Override
+ public Object throwException(Throwable e, Method enclosingMethod,
+ Object thisObject, Object[] parameters) {
+
+ if (enclosingMethod != null){
+ if (
+ e instanceof TSLOpenURIException &&
+ enclosingMethod.getName().equals("processUrl") &&
+ TSLImportFromFileContext.class.isAssignableFrom(enclosingMethod.getDeclaringClass()) &&
+ parameters[1] instanceof File &&
+ e.getCause() instanceof IOException &&
+ parameters[0] instanceof URL
+ ){
+
+ _l.err("Ignoring download error using old: " + parameters[0],null);
+ wrapException(e);
+ return parameters[1];
+ }
+ }
+
+ //we allow each and every funny stuff from the EU as long as it's not insecure
+ if (e instanceof TSLExceptionB){
+ TSLExceptionB ve = (TSLExceptionB) e;
+ Severity s = ve.getSeverity();
+ if ( s != null && s.ordinal() < Severity.insecure.ordinal()){
+ _l.err("Ignored Exception: ",ve);
+// if(logExceptions_){
+ warnings_.add(
+ new ThrowableAndLocatorAndMitigation(
+ ve, null, ve.getLocator(), ve.getMitigation()
+ )
+ );
+// }
+ return null;
+ }
+ }
+
+
+ return super.throwException(e, enclosingMethod, thisObject, parameters);
+ }
+
+ @Override
+ public Boolean doesViolateRawHash(SQLException e, byte[] rawHash) {
+
+ String msg = e.getMessage();
+ return (
+ msg.startsWith("["+SQLiteErrorCode.SQLITE_CONSTRAINT.name()+"]") &&
+ msg.contains("column " + DbTables.TSLDownload.C.rawHash + " is not unique")
+ );
+ }
+
+ public MultiThreadLoggingGroup getLoggingGroup() {
+ return this;
+ }
+
+ StringBuilder log = new StringBuilder();
+
+ public void flushLog() {
+ if (log != null && log.length() > 0) {
+ Thread currentThread = Thread.currentThread();
+ String ncName = getNcName(currentThread);
+
+ synchronized (log) {
+ print(
+ "<" + ncName + " state=\"" + currentThread.getState() + "\" " + " id=\"" + currentThread.getId() + "\">\n"
+ + log.toString() + "</" + ncName + ">\n");
+ log.setLength(0);
+ }
+ }
+ }
+
+ public void print(Object msg) {
+ Log.print(msg);
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEvaluationContext.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEvaluationContext.java
new file mode 100644
index 0000000..a656f11
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEvaluationContext.java
@@ -0,0 +1,134 @@
+package at.gv.egovernment.moa.spss.tsl.utils;
+
+import iaik.util.logging.Log.MultiThreadLoggingGroup;
+import iaik.util.logging.Log;
+import iaik.util.logging._l;
+import iaik.xml.crypto.tsl.BaseClass;
+import iaik.xml.crypto.tsl.SIEExtensionChecker;
+import iaik.xml.crypto.tsl.constants.Countries;
+import iaik.xml.crypto.tsl.ex.TSLSIEExtensionException;
+import iaik.xml.crypto.tsl.ex.SeverityAspect.Mitigation;
+import iaik.xml.crypto.tsl.sie.gen.CriteriaListType;
+import iaik.xml.crypto.tsl.sie.gen.KeyUsageBitType;
+import iaik.xml.crypto.tsl.sie.gen.KeyUsageType;
+import iaik.xml.crypto.tsl.sie.gen.ObjectFactory;
+
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+
+public final class TSLEvaluationContext extends iaik.xml.crypto.tsl.TSLEvaluationContext {
+
+ public TSLEvaluationContext(
+ String workingdirectory,
+ boolean sqlMultithreaded,
+ boolean throwExceptions,
+ boolean logExceptions,
+ boolean throwWarnings,
+ boolean logWarnings) {
+ super(workingdirectory,
+ sqlMultithreaded,
+ throwExceptions,
+ logExceptions,
+ throwWarnings,
+ logWarnings);
+ }
+
+ @Override
+ public Object throwException(Throwable e, Method enclosingMethod,
+ Object thisObject, Object[] parameters) {
+
+ if (e instanceof TSLSIEExtensionException
+ && e.getMessage() == TSLSIEExtensionException.NO_KEYUSEAGE_NOR_POLICYSET) {
+
+ CriteriaListType criteriaList = (CriteriaListType) parameters[1];
+
+ _l.warn(criteriaList.getDescription());
+
+ String description = criteriaList.getDescription();
+ if (description
+ .trim()
+ .equals(
+ "This service issues qualified certificates for e-signing and "
+ + "e-authentication within the same process. The Relaying Party shall "
+ + "make distinction by inspection of keyUsage field contents - "
+ + "e-signature certificates have non-repudation bit set exclusively.")) {
+ criteriaList.setAssert(SIEExtensionChecker.Asssert.all.toString());
+
+ ObjectFactory of = new ObjectFactory();
+ KeyUsageType ku = of.createKeyUsageType();
+ KeyUsageBitType kb = of.createKeyUsageBitType();
+ kb.setName(SIEExtensionChecker.KeyUseageBit.nonRepudiation
+ .toString());
+ kb.setValue(true);
+ ku.getKeyUsageBit().add(kb);
+ criteriaList.getKeyUsage().add(ku);
+
+ Object mitigatedResult = null;
+ try {
+ mitigatedResult = enclosingMethod.invoke(thisObject, parameters);
+
+ } catch (IllegalAccessException e1) {
+ wrapException(e1);
+ } catch (InvocationTargetException e1) {
+ wrapException(e1);
+ }
+
+ if (mitigatedResult != null) {
+ wrapException(e, criteriaList.sourceLocation(), new Mitigation() {
+ @Override
+ public String getReport() {
+ return "Fixed invalid criteria list";
+ }
+ });
+ return mitigatedResult;
+ }
+
+ }
+ }
+ return super.throwException(e, enclosingMethod, thisObject, parameters);
+ }
+
+ @Override
+ protected long howLongWaitForThreads() {
+ return 10000;
+ }
+
+ @Override
+ protected BaseClass getCurrentBaseClass() {
+ //TODO check whether we can avoid by redesign to focus this only on import
+ return null;
+ }
+
+ @Override
+ public boolean normalizeXML() {
+ return true;
+ }
+
+ public Countries getExpectedTerritory() {
+ return null;
+ }
+
+ public MultiThreadLoggingGroup getLoggingGroup() {
+ return this;
+ }
+
+ StringBuffer log = new StringBuffer();
+
+ public void flushLog() {
+ if (log != null && log.length() > 0) {
+ synchronized (System.out) {
+ Thread currentThread = Thread.currentThread();
+ print("# # # " + getHint() + " Thread: "
+ + currentThread.getName() + "(" + currentThread.getId()
+ + ") collected logs - BEGIN # # #\n" + log.toString() + "# # # "
+ + getHint() + " Thread: " + currentThread.getName()
+ + "(" + currentThread.getId() + ") collected logs - END # # #\n");
+ }
+ log = null;
+ }
+ }
+
+ public void print(Object msg) {
+ Log.print(msg);
+ }
+} \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLImportFromFileContext.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLImportFromFileContext.java
new file mode 100644
index 0000000..5d69f69
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLImportFromFileContext.java
@@ -0,0 +1,850 @@
+package at.gv.egovernment.moa.spss.tsl.utils;
+
+import java.io.BufferedOutputStream;
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.OutputStream;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.security.InvalidKeyException;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.List;
+import java.util.ListIterator;
+import java.util.Map;
+
+import javax.xml.bind.Unmarshaller;
+import javax.xml.crypto.AlgorithmMethod;
+import javax.xml.crypto.KeySelectorException;
+
+import org.apache.log4j.Logger;
+import org.sqlite.SQLiteErrorCode;
+import org.w3c.dom.DOMError;
+import org.xml.sax.Locator;
+import org.xml.sax.SAXParseException;
+
+import at.gv.egovernment.moa.spss.tsl.exception.MitigatedTSLSecurityException;
+import iaik.util.logging.Log.MultiThreadLoggingGroup;
+import iaik.util.logging._l;
+import iaik.utils.RFC2253NameParserException;
+import iaik.utils.Util;
+import iaik.util._15;
+import iaik.xml.crypto.dsig.keyinfo.X509DataImpl;
+import iaik.xml.crypto.tsl.DbTables;
+import iaik.xml.crypto.tsl.TSLConstants;
+import iaik.xml.crypto.tsl.TSLContext;
+import iaik.xml.crypto.tsl.TSLEngine;
+import iaik.xml.crypto.tsl.TSLImportContext;
+import iaik.xml.crypto.tsl.TSLOpenURIException;
+import iaik.xml.crypto.tsl.TSLThreadContext;
+import iaik.xml.crypto.tsl.ValidationFixupFilter;
+import iaik.xml.crypto.tsl.ValidationFixupFilter.AttributeValueFixup;
+import iaik.xml.crypto.tsl.ValidationFixupFilter.DeleteAttrFixup;
+import iaik.xml.crypto.tsl.ValidationFixupFilter.ElementStringValueFixup;
+import iaik.xml.crypto.tsl.ValidationFixupFilter.FixedSaxLevelValidationExcption;
+import iaik.xml.crypto.tsl.ValidationFixupFilter.Fixup;
+import iaik.xml.crypto.tsl.ValidationFixupFilter.LocalNameFixup;
+import iaik.xml.crypto.tsl.constants.Countries;
+import iaik.xml.crypto.tsl.ex.LocatorAspect;
+import iaik.xml.crypto.tsl.ex.TSLEngineFatalException;
+import iaik.xml.crypto.tsl.ex.TSLRuntimeWarning;
+import iaik.xml.crypto.tsl.ex.TSLSecurityException;
+import iaik.xml.crypto.tsl.ex.TSLSecurityException.Type;
+import iaik.xml.crypto.tsl.ex.TSLVerificationException;
+import iaik.xml.crypto.tsl.gen.DigitalIdentityType;
+import iaik.xml.crypto.tsl.verify.TSLDOMErrorHandler;
+import iaik.xml.crypto.tsl.verify.TSLValidationException;
+import iaik.xml.crypto.tsl.verify.TslKeySelector;
+import iaik.xml.crypto.utils.KeySelectorImpl.X509KeySelectorResultImpl;
+
+/**
+ *
+ */
+
+public class TSLImportFromFileContext extends iaik.xml.crypto.tsl.TSLImportFromFileContext {
+
+ static Logger l = Logger.getLogger(TSLImportFromFileContext.class);
+
+ public static final class ExceptionalMitigation extends Mitigation {
+ public ExceptionalMitigation(String report) {
+ super(report);
+ }
+ }
+
+ public static final class FixedValidationMitigation extends Mitigation {
+ public FixedValidationMitigation(String report) {
+ super(report);
+ }
+ }
+
+ private final String baseuri_;
+ private Map<Countries, ListIterator<X509Certificate>>
+ trustAnchorsWrongOnEuTsl_;
+
+ public TSLImportFromFileContext(
+ Countries expectedTerritory,
+ URL url,
+ Number otherTslPointerId,
+ String workingdirectory,
+ boolean sqlMultithreaded,
+ boolean throwExceptions,
+ boolean logExceptions,
+ boolean throwWarnings,
+ boolean logWarnings,
+ boolean nullRedundancies,
+ String baseuri,
+ Map <Countries, ListIterator<X509Certificate>> trustAnchorsWrongOnEuTsl,
+ TSLThreadContext parentContext) {
+ super(
+ expectedTerritory,
+ url,
+ otherTslPointerId,
+ workingdirectory,
+ sqlMultithreaded,
+ throwExceptions,
+ logExceptions,
+ throwWarnings,
+ logWarnings,
+ nullRedundancies,
+ parentContext);
+ baseuri_ = baseuri;
+ trustAnchorsWrongOnEuTsl_ = trustAnchorsWrongOnEuTsl;
+ }
+ /* (non-Javadoc)
+ * @see iaik.xml.crypto.tsl.TSLImportFromFileContext#getbaseURI()
+ */
+ @Override
+ public String getbaseURI() {
+ return this.baseuri_;
+ }
+
+
+
+
+ //@Override
+ protected RuntimeException wrapException(Throwable t, Locator l, Mitigation m) {
+ return super.wrapException(t, l, m);
+ }
+
+ @Override
+ public
+ synchronized void throwException(Throwable e) {
+
+ if (e instanceof TSLValidationException) {
+ // we do not throw dom validation errors for testing
+ // and just collect them
+ wrapException(e);
+ } else if (e instanceof TSLVerificationException) {
+
+ boolean corrected = false;
+ // we do not throw verification errors for testing
+ // and just collect them
+
+// // NEVER DO THIS! unless you want to import TSLs without signatures.
+// if (Boolean.valueOf(_.getSysProperty(TSLSecurityException.Type.NO_TSL_SIGNATURE
+// .getClass().getName(), "true"))
+// && ((TSLVerificationException) e).getType() == TSLSecurityException.Type.NO_TSL_SIGNATURE) {
+// ((TSLVerificationException) e).setMitigation(Mitigation.IGNORED);
+// }
+//
+// if (Boolean.valueOf(_.getSysProperty(TSLSecurityException.Type.NON_CONFORMANT_REFERENCE_IN_TSL_SIGNATURE
+// .getClass().getName(), "true"))
+// && ((TSLVerificationException) e).getType() == TSLSecurityException.Type.NON_CONFORMANT_REFERENCE_IN_TSL_SIGNATURE) {
+// ((TSLVerificationException) e).setMitigation(Mitigation.IGNORED);
+// }
+
+// if (Boolean.valueOf(_.getSysProperty(TSLSecurityException.Type.NON_CONFORMANT_TRANSFORMS_IN_TSL_SIGNATURE
+// .getClass().getName(), "true"))
+// && ((TSLVerificationException) e).getType() == TSLSecurityException.Type.NON_CONFORMANT_TRANSFORMS_IN_TSL_SIGNATURE) {
+// ((TSLVerificationException) e).setMitigation(Mitigation.IGNORED);
+//
+// corrected = true;
+// }
+//
+//
+// if (Boolean.valueOf(_.getSysProperty(TSLSecurityException.Type.NON_CONFORMANT_TRANSFORM_IN_TSL_SIGNATURE
+// .getClass().getName(), "true"))
+// && ((TSLVerificationException) e).getType() == TSLSecurityException.Type.NON_CONFORMANT_TRANSFORM_IN_TSL_SIGNATURE) {
+// ((TSLVerificationException) e).setMitigation(Mitigation.IGNORED);
+//
+// corrected = true;
+// }
+//
+// if (Boolean.valueOf(_.getSysProperty(TSLSecurityException.Type.NON_CONFORMANT_C14N_IN_TSL_SIGNATURE
+// .getClass().getName(), "true"))
+// && ((TSLVerificationException) e).getType() == TSLSecurityException.Type.NON_CONFORMANT_C14N_IN_TSL_SIGNATURE) {
+// ((TSLVerificationException) e).setMitigation(Mitigation.IGNORED);
+//
+// corrected = true;
+// }
+//
+// if (corrected)
+// wrapException(e);
+// else
+// super.throwException(e);
+
+ super.throwException(e);
+
+ } else if (e instanceof FileNotFoundException) {
+ // we do not stop and continue processing
+ wrapException(e);
+ } else if (e instanceof IllegalArgumentException) {
+ // we do not stop and continue processing
+ wrapException(e);
+ } else {
+ // all other errors are treated as per default
+ super.throwException(e);
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see iaik.xml.crypto.tsl.TSLContext#throwException(java.lang.Exception, java.lang.reflect.Method, java.lang.Object, java.lang.Object[])
+ */
+ @Override
+ public Object throwException(
+ Throwable e, Method enclosingMethod, Object thisObject, final Object[] parameters) {
+
+ if (enclosingMethod != null){
+
+ if(
+ e instanceof FixedSaxLevelValidationExcption &&
+ enclosingMethod.getDeclaringClass().equals(ValidationFixupFilter.class)){
+ wrapException(e,
+ ((LocatorAspect) e).getLocator(),
+ new FixedValidationMitigation("Performed SAX Level Fixup."));
+ return null;
+ }
+
+ if(e instanceof CertificateException &&
+ enclosingMethod.getDeclaringClass().equals(TSLImportContext.class) &&
+ enclosingMethod.getName().equals("parseCertificate")) {
+
+ wrapException(e);
+ // ((DigitalIdentityType)parameters[1]).sourceLocation();
+
+ return null;
+ }
+
+ if (e instanceof TSLValidationException&&
+ enclosingMethod.getDeclaringClass().equals(TSLDOMErrorHandler.class) &&
+ enclosingMethod.getName().equals("handleError")) {
+
+ if (parameters[0] instanceof DOMError) {
+ DOMError domError = (DOMError) parameters[0];
+
+ _l.warn(""+domError.getRelatedData());
+
+ // domError.getRelatedData().getClass().getField("")
+
+ wrapException(e);
+ return Boolean.TRUE;
+ }
+ }
+
+ if (e instanceof RFC2253NameParserException&&
+ enclosingMethod.getDeclaringClass().equals(TSLImportContext.class) &&
+ enclosingMethod.getName().equals("getNormalizedDN") &&
+ parameters[0] instanceof DigitalIdentityType ) {
+
+ DigitalIdentityType digitalId = (DigitalIdentityType) parameters[0];
+
+ String subDN = digitalId.getX509SubjectName();
+
+ // String openSslRdnRegExp = "/([^=]+)=?(([^/]+)|\"([^\"]+)\"";
+
+ String openSslRdnRegExp = "/([^=]+)=(\"([^\"]*)\"|([^/\"][^/]*)|(.{0}))";
+ // 1 2 3 4 5
+ // 1 matches Attribute
+ // 2 matches values
+ // 2 greedy matches properly quoted values
+ // 3 greedy matches values without quotes
+ // 4 matches the empty value
+ if (subDN.matches("^("+openSslRdnRegExp+")+$")){
+ //trigger openSSL format error handling
+
+ Object mitigatedResult = null;
+
+ String[] rdns = subDN.substring(1, subDN.length()).split("/");
+
+ rdns = (String[]) _15.reverseInPlace(rdns);
+
+ subDN = "/"+_15.implode("/", rdns);
+
+ //for now we only support properly quoted values or such without quotes
+
+ subDN = subDN.replaceAll(openSslRdnRegExp, "$1=\"$2$3\",");
+ subDN = subDN.substring(0, subDN.length()-1);
+
+ digitalId.setX509SubjectName(subDN);
+ try {
+ mitigatedResult = enclosingMethod.invoke(thisObject, new Object[]{digitalId});
+
+ } catch (IllegalAccessException e1) {
+ wrapException(e1);
+ } catch (InvocationTargetException e1) {
+ wrapException(e1);
+ }
+
+ if (mitigatedResult != null){
+ wrapException(e, digitalId.sourceLocation(), new iaik.xml.crypto.tsl.ex.SeverityAspect.Mitigation() {
+ @Override
+ public String getReport() {
+ return "Converted OpenSSL SubjectDN";
+ }
+ });
+ return mitigatedResult;
+
+ }
+ }
+
+ wrapException(
+ new TSLRuntimeWarning("Could not normalize :" + (digitalId).getX509SubjectName(), e),
+ digitalId.sourceLocation());
+
+ //if we cannot Normalize the DN we simply don't
+ return (digitalId).getX509SubjectName();
+ }
+
+ //TODO check if this is really needed for ESP TSL
+ if (e instanceof RFC2253NameParserException &&
+ enclosingMethod.getDeclaringClass().equals(TSLImportContext.class) &&
+ enclosingMethod.getName().equals("getNormalizedSubjectDN") &&
+ parameters[0] instanceof X509Certificate ) {
+
+ X509Certificate cert = (X509Certificate) parameters[0];
+
+
+ wrapException(e, null);
+ //if we cannot Normalize the DN we simply don't
+ return cert.getSubjectDN().getName();
+ }
+
+ if (
+ (expectedTerritory_ == Countries.MT || expectedTerritory_ == Countries.LT)&&
+ e instanceof TSLOpenURIException &&
+ enclosingMethod.getDeclaringClass().equals(TSLImportFromFileContext.class) &&
+ enclosingMethod.getName().equals("processUrl") &&
+ parameters[1] instanceof File){
+
+ URL url = null;
+ if (
+ e.getCause() instanceof FileNotFoundException &&
+ parameters[0] instanceof URL &&
+ (url =((URL)parameters[0])).getProtocol().equalsIgnoreCase("http")
+ ){
+ try {
+ //Malta just changed their URL ...
+ if ("http://www.mca.org.mt/tsl/MT_TSL.xml".equalsIgnoreCase(url.toString())){
+ url = new URL("http://www.mca.org.mt/sites/default/files/pageattachments/MT_TSL.xml");
+ } else {
+ url = new URL("https", url.getHost(), url.getFile());
+ }
+ } catch (MalformedURLException e1) {
+ wrapException(e1);
+ }
+
+ Object mitigatedResult = null;
+ try {
+
+ mitigatedResult = enclosingMethod.invoke(thisObject, new Object[]{url,parameters[1]});
+ } catch (IllegalAccessException e1) {
+ wrapException(e1);
+ } catch (InvocationTargetException e1) {
+ wrapException(e1);
+ }
+
+ if (mitigatedResult != null){
+ wrapException(e, null, new iaik.xml.crypto.tsl.ex.SeverityAspect.Mitigation() {
+ @Override
+ public String getReport() {
+ return "Trying https:// ...";
+ }
+ });
+ return mitigatedResult;
+ }
+ }
+
+ _l.err("Ignoring download error using old: " + parameters[0], null);
+ wrapException(e);
+ return parameters[1];
+ }
+
+// if (
+// expectedTerritory_ == Countries.PL &&(
+// (e.getCause() instanceof java.io.EOFException ||
+// e.getCause() instanceof iaik.security.ssl.SSLException) &&
+// parameters[0] instanceof URL &&
+// ((URL)parameters[0]).getProtocol().equalsIgnoreCase("https")
+// )){
+// File f = null;
+// System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");
+// TLS.register("TLSv1");
+// try {
+// f = (File) enclosingMethod.invoke(thisObject, parameters);
+// } catch (IllegalAccessException e1) {
+// wrapException(e1);
+// } catch (InvocationTargetException e1) {
+// wrapException(e1);
+// }
+//
+// // System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", null);
+// TLS.register();
+//
+// if (f != null){
+// wrapException(e, null, new Mitigation() {
+// @Override
+// public String getReport() {
+// return "Trying TLSv1 and sun.security.ssl.allowUnsafeRenegotiation=true";
+// }
+// });
+// return f;
+// }
+// }
+
+ if (
+ e instanceof TSLSecurityException &&
+ enclosingMethod.getDeclaringClass().equals(TSLContext.class) &&
+ enclosingMethod.getName().equals("securityCheck") &&
+ parameters[0] == TSLSecurityException.Type.UNTRUSTED_TSL_SIGNER &&
+ trustAnchorsWrongOnEuTsl_.containsKey(expectedTerritory_) &&
+ parameters[1] instanceof X509Certificate &&
+ parameters[2] instanceof ListIterator<?>
+ )
+ {
+ final ListIterator<X509Certificate> trustAnchorsWrongOnEuTsl =
+ trustAnchorsWrongOnEuTsl_.get(expectedTerritory_);
+
+ if (trustAnchorsWrongOnEuTsl != parameters[2]){ //prevents recursion
+ try {
+ enclosingMethod.invoke(thisObject,
+ new Object[]{parameters[0],parameters[1], trustAnchorsWrongOnEuTsl});
+ } catch (IllegalAccessException e1) {
+ wrapException(e1);
+ } catch (InvocationTargetException e1) {
+ wrapException(e1);
+ }
+ wrapException(e, getLocator(),
+ new iaik.xml.crypto.tsl.ex.SeverityAspect.Mitigation(){
+ @Override
+ public String getReport() {
+ return "make an exception for " + expectedTerritory_ + " who have the wrong certificate in " +
+ "the EU TSL and allow the certificate " +
+ parameters[1];
+ }
+ });
+ return null;
+ }
+ X509Certificate crt = (X509Certificate)parameters[1];
+
+ File f = new File("./wrong/"+expectedTerritory_+"/",
+ iaik.util._15.toHexString(getFingerPrint(crt,
+ new byte[TSLConstants.CertHash.LENGTH]))+".der");
+ File parent = f.getParentFile();
+ if(!parent.exists() && !parent.mkdirs()){
+ throw new IllegalStateException("Couldn't create dir: " + parent);
+ }
+
+ if (!f.exists()){
+ try {
+ OutputStream os = new BufferedOutputStream(
+ new FileOutputStream(f)
+ );
+ os.write(crt.getEncoded());
+ os.close();
+ } catch (Exception e1) {
+ e1.printStackTrace();
+ System.exit(1);
+ }
+ }
+
+ //continue ...
+ }
+
+ if (
+ ( expectedTerritory_ == Countries.SK ||
+ expectedTerritory_ == Countries.SE ||
+ expectedTerritory_ == Countries.NO ||
+ expectedTerritory_ == Countries.PL) &&
+ e instanceof KeySelectorException &&
+ enclosingMethod.getDeclaringClass().equals(TslKeySelector.class) &&
+ enclosingMethod.getName().equals("select") &&
+ parameters[0] instanceof X509DataImpl){
+
+ X509DataImpl x509Data = (X509DataImpl) parameters[0];
+ AlgorithmMethod method = (AlgorithmMethod) parameters[2];
+
+ List certificates = new ArrayList();
+
+ Iterator x509content = x509Data.getContent().iterator();
+ while (x509content.hasNext()) {
+ Object element = x509content.next();
+ if (element instanceof X509Certificate) {
+ X509Certificate rawCert = (X509Certificate)element;
+ certificates.add(rawCert);
+ }
+ }
+
+ if (!certificates.isEmpty()) {
+ X509Certificate[] rawCertificates = new X509Certificate[certificates.size()];
+ certificates.toArray(rawCertificates);
+ certificates.clear();
+ Iterator certs = null;
+ try {
+ // convert the certificates to IAIK certifcates
+ iaik.x509.X509Certificate[] iaikCertificates = Util.convertCertificateChain(rawCertificates);
+ // sort the certificate chain
+ iaik.x509.X509Certificate[] sortedChain = Util.arrangeCertificateChain(iaikCertificates, false);
+ if (sortedChain == null) {
+ // chain could not be sorted; maybe there are two different certificates
+ // containing the same public key; use the unsorted chain
+ certificates = Arrays.asList(iaikCertificates);
+ certs = certificates.iterator();
+ } else {
+ certs = (Collections.nCopies(1, sortedChain[0])).iterator();
+ certificates = Arrays.asList(sortedChain);
+ }
+ } catch (CertificateException e1) {
+ //cannot handle this throw error
+ return super.throwException(e, enclosingMethod, thisObject, parameters);
+ }
+
+ PublicKey oldPublicKey = null;
+ while (certs.hasNext()) {
+
+ iaik.x509.X509Certificate cert = (iaik.x509.X509Certificate)certs.next();
+
+ boolean hit = false;
+
+ PublicKey publicKey = cert.getPublicKey();
+
+ // failReason_ = "";
+
+ // Does the certificate provide a key for the requested algorithm?
+ try {
+ KeyFactory kfac = KeyFactory.getInstance(method.getAlgorithm());
+ kfac.translateKey(publicKey);
+ hit = true;
+ if (oldPublicKey != null) {
+ if (!publicKey.equals(oldPublicKey)) {
+ //cannot handle this throw error
+ return super.throwException(e, enclosingMethod, thisObject, parameters);
+ }
+ }
+ oldPublicKey = publicKey;
+ } catch (NoSuchAlgorithmException e1) {
+ //cannot handle this throw error
+ return super.throwException(e, enclosingMethod, thisObject, parameters);
+ } catch (InvalidKeyException e1) {
+ //cannot handle this throw error
+ return super.throwException(e, enclosingMethod, thisObject, parameters);
+ }
+ if (hit) {
+ //make an exception for SK, SE who violate XMLDSig ds:KeyInfo/ds:X509Data
+ wrapException(e, getLocator(),
+ new ExceptionalMitigation("make an exception for " + expectedTerritory_ + " who violate XMLDSig ds:KeyInfo"));
+ return new X509KeySelectorResultImpl(publicKey, certificates, null);
+ }
+ }
+ }
+ }
+
+ if ( expectedTerritory_ == Countries.DK &&
+ e instanceof KeySelectorException &&
+ parameters[0] instanceof X509DataImpl){
+ if (e.getMessage().equals("KeyInfo X509SubjectName (CN=Adam Arndt Digst,serialNumber=CVR:34051178-RID:25902029,O=Digitaliseringsstyrelsen // CVR:34051178,C=DK) does not match SubjectDN (serialNumber=CVR:34051178-RID:25902029+CN=Adam Arndt Digst,O=Digitaliseringsstyrelsen // CVR:34051178,C=DK) of KeyInfo X509Certificate.\n"+
+ "Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear MUST refer to the certificate or certificates containing the validation key.")) {
+
+ X509DataImpl x509DataImpl = (X509DataImpl) parameters[0];
+
+ ListIterator li = x509DataImpl.getContent().listIterator();
+ li.next();
+ String sn = (String) li.next();
+
+ _l.err(sn, null);
+
+ System.exit(1);
+
+ Object mitigatedResult = null;
+ try {
+
+ mitigatedResult = enclosingMethod.invoke(thisObject, parameters);
+ } catch (IllegalAccessException e1) {
+ wrapException(e1);
+ } catch (InvocationTargetException e1) {
+ wrapException(e1);
+ }
+
+ if (mitigatedResult != null){
+ wrapException(e, null, new iaik.xml.crypto.tsl.ex.SeverityAspect.Mitigation() {
+ @Override
+ public String getReport() {
+ return "Deleted wrong X509SubjectName from XMLDSIG Signature.";
+ }
+ });
+ return mitigatedResult;
+
+ }
+ }
+ }
+
+
+ } else {
+ if (e instanceof MitigatedTSLSecurityException){
+ // we allow to mitigate Security exceptions for testing
+ // and collect them
+ wrapException(e);
+ return null;
+ } else if (e instanceof FixedSaxLevelValidationExcption) {
+ // we allow to mitigate Sax Level Fixup for testing
+ // and collect them
+ wrapException(e);
+ return null;
+ }
+ }
+
+ return super.throwException(e, enclosingMethod, thisObject, parameters);
+ }
+
+
+
+ @Override
+ public Unmarshaller createTSLUnmarshaller()
+ throws TSLEngineFatalException {
+ if (expectedTerritory_ == Countries.FI){
+ //we cannot fix FI at SAX Level and re-validate
+ return TSLEngine.createTSLUnmarshaller(false);
+ }
+ return super.createTSLUnmarshaller();
+ }
+
+ @Override
+ public String compressStatus(String status) {
+ if(expectedTerritory_ == Countries.EL){
+ //fix the whitespace in Greece TSL
+ status = status.trim();
+ }
+ if (status != null && status.startsWith("http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/")) {
+ status = status.substring("http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/".length());
+ }
+
+ return super.compressStatus(status);
+ }
+
+
+ @Override
+ public String compressServiceType(String sType) {
+ if(expectedTerritory_ == Countries.EL){
+ //fix the whitespace in Greece TSL
+ sType = sType.trim();
+ }
+ return super.compressServiceType(sType);
+ }
+
+
+ @Override
+ public iaik.xml.crypto.tsl.ValidationFixupFilter.Fixup getSaxLevelValidationFixup(SAXParseException e) {
+
+ if (expectedTerritory_ == Countries.AT){
+ if (e.getMessage().equals("cvc-type.3.1.1: Element 'tsl:URI' is a simple type, so it cannot have attributes, excepting those whose namespace name is identical to 'http://www.w3.org/2001/XMLSchema-instance' and whose [local name] is one of 'type', 'nil', 'schemaLocation' or 'noNamespaceSchemaLocation'. However, the attribute, 'xml:lang' was found.")){
+ return new DeleteAttrFixup("http://www.w3.org/XML/1998/namespace","lang", e, this);
+ }
+ }
+
+ if (expectedTerritory_ == Countries.CZ){
+ if (e.getMessage().equals("cvc-type.3.1.1: Element 'tsl:URI' is a simple type, so it cannot have attributes, excepting those whose namespace name is identical to 'http://www.w3.org/2001/XMLSchema-instance' and whose [local name] is one of 'type', 'nil', 'schemaLocation' or 'noNamespaceSchemaLocation'. However, the attribute, 'xml:lang' was found.")){
+ return new DeleteAttrFixup("http://www.w3.org/XML/1998/namespace","lang", e, this);
+ }
+ }
+
+ if (expectedTerritory_ == Countries.FR){
+ if (e.getMessage().equals("cvc-type.3.1.1: Element 'tsl:URI' is a simple type, so it cannot have attributes, excepting those whose namespace name is identical to 'http://www.w3.org/2001/XMLSchema-instance' and whose [local name] is one of 'type', 'nil', 'schemaLocation' or 'noNamespaceSchemaLocation'. However, the attribute, 'xml:lang' was found.")){
+ return new DeleteAttrFixup("http://www.w3.org/XML/1998/namespace","lang", e, this);
+ }
+ }
+
+ if (expectedTerritory_ == Countries.NO){
+ if (e.getMessage().equals("cvc-type.3.1.1: Element 'tsl:URI' is a simple type, so it cannot have attributes, excepting those whose namespace name is identical to 'http://www.w3.org/2001/XMLSchema-instance' and whose [local name] is one of 'type', 'nil', 'schemaLocation' or 'noNamespaceSchemaLocation'. However, the attribute, 'xml:lang' was found.")){
+ return new DeleteAttrFixup("http://www.w3.org/XML/1998/namespace","lang", e, this);
+ }
+ }
+
+ if (expectedTerritory_ == Countries.SK){
+ if (e.getMessage().equals("cvc-type.3.1.1: Element 'tsl:URI' is a simple type, so it cannot have attributes, excepting those whose namespace name is identical to 'http://www.w3.org/2001/XMLSchema-instance' and whose [local name] is one of 'type', 'nil', 'schemaLocation' or 'noNamespaceSchemaLocation'. However, the attribute, 'xml:lang' was found.")){
+ return new DeleteAttrFixup("http://www.w3.org/XML/1998/namespace","lang", e, this);
+ }
+ }
+
+
+ if (expectedTerritory_ == Countries.ES && getDownloadLocation().toString().contains(".es/")){
+ if (e.getMessage().equals("cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'tslx:CertSubjectDNAttributeType'.")){
+ return new LocalNameFixup("CertSubjectDNAttributeType","CertSubjectDNAttribute",e, this);
+ }
+ }
+
+ if (expectedTerritory_ == Countries.MT && getDownloadLocation().toString().contains(".mt/")){
+ if (e.getMessage().equals("cvc-complex-type.2.4.a: Invalid content was found starting with element 'tsl:TSLPolicy'. One of '{\"http://uri.etsi.org/02231/v2#\":TSLLegalNotice}' is expected.")){
+ return new LocalNameFixup("TSLPolicy","TSLLegalNotice",e, this);
+ }
+ }
+
+ if (e.getMessage().equals("cvc-complex-type.3.2.2: Attribute 'assert' is not allowed to appear in element 'ecc:otherCriteriaList'.")){
+ return new LocalNameFixup("otherCriteriaList","CriteriaList",e, this);
+ } else if (e.getMessage().startsWith("cvc-datatype-valid.1.2.1: '") && e.getMessage().endsWith("' is not a valid value for 'dateTime'.")){
+ return new ElementStringValueFixup("-(.)-","-0$1-",e, this);
+ } else if (e.getMessage().startsWith("cvc-type.3.1.3: The value '") && e.getMessage().endsWith("' of element 'tsl:ListIssueDateTime' is not valid.")){
+ // return new DateTimeFixup();
+ } else if (e.getMessage().startsWith("cvc-datatype-valid.1.2.1: '") && e.getMessage().endsWith("' is not a valid value for 'base64Binary'.")){
+ return new ElementStringValueFixup("(\\s)=([^=]+)","$1$2",e, this);
+ } else if (e.getMessage().startsWith("cvc-type.3.1.3: The value '") && e.getMessage().endsWith("' of element 'tsl:X509Certificate' is not valid.")){
+ // return new Base64BinaryFixup();
+ } else if (e.getMessage().startsWith("cvc-datatype-valid.1.2.1: '") && e.getMessage().endsWith("' is not a valid value for 'anyURI'.")){
+
+ //TODO only for sweden and find a better discriminatory than the URI
+// if (expectedTerritory_ == Countries.SE){
+// return new ElementStringValueFixup(
+// "-http://www.pts.se/upload/Ovrigt/Internet/Branschinformation/Trusted%20List%20SE%20MR.xml",
+// "http://www.pts.se/upload/Ovrigt/Internet/Branschinformation/Trusted%20List%20SE%20MR.xml");
+ return new ElementStringValueFixup("-http://www.pts.se/", "http://www.pts.se/", e, this);
+// }
+
+
+ } else if (e.getMessage().startsWith("cvc-datatype-valid.1.2.1: '") && e.getMessage().endsWith("' is not a valid value for 'NCName'.")){
+ if (expectedTerritory_ == Countries.CY || expectedTerritory_ == Countries.LV ||
+ expectedTerritory_ == Countries.HR || expectedTerritory_ == Countries.NL){
+ return new AttributeValueFixup("","Id","(.+)","x$1",e, this);
+ }
+ } else if (e.getMessage().startsWith("cvc-complex-type.2.3: Element '") && e.getMessage().endsWith("' cannot have character [children], because the type's content type is element-only.")) {
+ //cvc-complex-type.2.3: Element 'tsl:ServiceDigitalIdentity' cannot have character [children], because the type's content type is element-only.
+ if (expectedTerritory_ == Countries.FI){
+// return new ElementStringValueFixup("(\\s*)-(\\s*)","$1$2",e, this);
+ return new Fixup(e, this){
+ {
+ changed_ = true;
+ fixupPerformed();
+ }
+ @Override
+ public String fixup(String input) {
+ return null;
+ }
+
+ @Override
+ public Mitigation getMitigation() {
+ return new Mitigation("Ignored");
+ }
+
+ };
+ }
+ }
+
+ if (e.getMessage().startsWith("cvc-elt")){
+
+ } else if (e.getMessage().startsWith("cvc-type")) {
+
+ } else if (e.getMessage().startsWith("cvc-complex-type")) {
+
+ } else if (e.getMessage().startsWith("cvc-datatype-valid")) {
+
+ } else if (e.getMessage().startsWith("cvc-attribute")) {
+
+ }
+ //cvc-complex-type.2.4.a: Invalid content was found starting with element 'tsl:TSLPolicy'. One of '{"http://uri.etsi.org/02231/v2#":TSLLegalNotice}' is expected.
+
+ //cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'ecc:PolicySet'
+ //cvc-complex-type.2.4.a: Invalid content was found starting with element 'ecc:Identifier'. One of '{"http://uri.etsi.org/02231/v2/additionaltypes#":AttributeOID}' is expected.
+ //cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'tsl:ExtensionOID'.
+ //cvc-type.3.1.3: The value '-http://www.pts.se/upload/Ovrigt/Internet/Branschinformation/Trusted%20List%20SE%20MR.xml' of element 'tsl:URI' is not valid.,locator=[node=null,object=null,url=file:/C:/Gesichert/Development/projects/TSL/./hashcache/900BA6AB3702EC9518627496749AA28129C56100.tsl.xml,line=109,col=118,offset=-1]]
+
+ return super.getSaxLevelValidationFixup(e);
+ }
+
+ @Override
+ public void securityCheck(Type securityCheckType,
+ java.security.cert.X509Certificate[] certs,
+ ListIterator<java.security.cert.X509Certificate> expectedTslSignerCerts) {
+
+ //TODO check whether we always want to do that to make sure we use the endentity
+ try {
+ certs = Util.convertCertificateChain(certs);
+ } catch (CertificateException e) {
+ throwException(e);
+ }
+ certs = Util.arrangeCertificateChain((iaik.x509.X509Certificate[]) certs, false);
+ super.securityCheck(securityCheckType, certs, expectedTslSignerCerts);
+ }
+
+
+ @Override
+ public boolean doRollback() {
+ //accept each and every TSL ... even partially ... for testing
+ return false;
+// return true;
+ }
+
+ @Override
+ public Boolean doesViolateRawHash(SQLException e, byte[] rawHash) {
+
+ String msg = e.getMessage();
+
+ _l.info(msg);
+ return(
+ msg.startsWith("["+SQLiteErrorCode.SQLITE_CONSTRAINT.name()+"]") &&
+ msg.contains("column " + DbTables.TSLDownload.C.rawHash + " is not unique")
+ );
+ }
+
+ @Override
+ protected Long getLocalLastModified(File targetFile) {
+ return super.getLocalLastModified(targetFile);
+ }
+ @Override
+ protected long howLongWaitForThreads() {
+ // TODO Auto-generated method stub
+ return 100000;
+ }
+
+ @Override
+ protected boolean normalizeXML() {
+ return true;
+ }
+ public MultiThreadLoggingGroup getLoggingGroup() {
+ return this;
+ }
+
+ StringBuilder log = new StringBuilder();
+
+ public void flushLog() {
+ if (log != null && log.length() > 0) {
+ Thread currentThread = Thread.currentThread();
+ String ncName = getNcName(currentThread);
+ synchronized (log) {
+ parentContext_.print("<" + ncName + " state=\"" + currentThread.getState()
+ + "\" " + " id=\"" + currentThread.getId() + "\">\n" + log.toString() + "</"
+ + ncName + ">" + _15.LB);
+ parentContext_.flushLog();
+ log.setLength(0);
+ }
+ }
+ }
+
+ /**
+ * Collect all the logs for this context
+ * @see iaik.util.logging.Log.MultiThreadLoggingGroup#print(java.lang.Object)
+ */
+ public void print(Object msg) {
+ synchronized (log) {
+ log.append(msg);
+ }
+ }
+
+} \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertStoreConverter.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertStoreConverter.java
new file mode 100644
index 0000000..0956617
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertStoreConverter.java
@@ -0,0 +1,109 @@
+package at.gv.egovernment.moa.spss.util;
+
+import java.io.File;
+import java.io.IOException;
+
+import org.apache.commons.io.FileUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.spss.server.logging.IaikLog;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import iaik.pki.store.certstore.directory.DirectoryStoreException;
+import iaik.pki.store.certstore.utils.DirectoryCertStoreConverter;
+
+public class CertStoreConverter {
+
+ private static final Logger logger = LoggerFactory.getLogger(CertStoreConverter.class);
+
+ public static boolean convert(String certStoreRoot, TransactionId transId) {
+ String certStoreSubjectDN = certStoreRoot + File.separator + "subjectdn";
+
+ logger.error("checking for new cert store format {} -> {}", certStoreRoot, certStoreSubjectDN);
+
+ File certStoreDirectory = new File(certStoreRoot);
+ if (certStoreDirectory.isDirectory() && certStoreDirectory.exists()) {
+
+ File file = new File(certStoreSubjectDN);
+
+ if (file.isDirectory() && file.exists()) {
+ // Is new Format!
+ logger.error("Cert store is allready new format!");
+ return false;
+ } else {
+ try {
+ logger.error(
+ "###########################################################################################");
+ logger.error(
+ "###########################################################################################");
+ logger.error("The certificate store @ {} will now be converted into the new format!",
+ certStoreDirectory.getAbsolutePath());
+
+ String backup = certStoreRoot;
+
+ if (certStoreRoot.endsWith(File.separator)) {
+ backup = certStoreRoot.substring(0, certStoreRoot.length() - File.separator.length());
+ }
+
+ String timestamp = String.valueOf(System.currentTimeMillis());
+ backup = backup + "_" + timestamp;
+
+ logger.error("Creating a backup of the certstore @ {}", backup);
+
+ File backupDirectory = new File(backup);
+ try {
+ FileUtils.copyDirectory(certStoreDirectory, backupDirectory);
+ } catch (IOException e) {
+ logger.error("Failed to create certstore backup!", e);
+ throw new RuntimeException("Failed to create certstore backup!", e);
+ }
+
+ logger.error("deleting original certstore @ {}", certStoreRoot);
+
+ try {
+ FileUtils.deleteDirectory(certStoreDirectory);
+ } catch (IOException e1) {
+ logger.error("Failed to delete old certstore!", e1);
+ throw new RuntimeException("Failed to delete old certstore!", e1);
+ }
+ certStoreDirectory.mkdir();
+
+ DirectoryCertStoreConverter directoryCertStoreConverter = new DirectoryCertStoreConverter();
+
+ try {
+ logger.error("running conversion of certstore @ {}", certStoreRoot);
+ directoryCertStoreConverter.convert(backupDirectory.getAbsolutePath(),
+ certStoreDirectory.getAbsolutePath(), true, false,
+ new IaikLog("DirectoryCertStoreConverter"), transId);
+ } catch (DirectoryStoreException e) {
+ logger.error("Failed to run conversion of old certstore!", e);
+
+ try {
+ FileUtils.copyDirectory(backupDirectory, certStoreDirectory);
+ } catch (IOException e1) {
+ logger.error("!!!!Failed to restore original certstore!!!! CHECK LOGS", e1);
+ throw new RuntimeException("!!!!Failed to restore original certstore!!!! CHECK LOGS", e);
+
+ }
+ throw new RuntimeException("Failed to run conversion of old certstore!", e);
+ }
+
+ logger.error("Conversion of certstore succseeded");
+ logger.error("Certstore in new format is located @ {}", certStoreDirectory.getAbsolutePath());
+ logger.error("Backup of Certstore in old format is located @ {}",
+ certStoreDirectory.getAbsolutePath());
+ } finally {
+ logger.error(
+ "###########################################################################################");
+ logger.error(
+ "###########################################################################################");
+ }
+ return true;
+ }
+ } else {
+ logger.error("Certstore does not exist yet");
+ }
+ return false;
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java
new file mode 100644
index 0000000..544ea91
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java
@@ -0,0 +1,286 @@
+package at.gv.egovernment.moa.spss.util;
+
+import iaik.asn1.ObjectID;
+import iaik.asn1.structures.Name;
+import iaik.asn1.structures.PolicyInformation;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+import iaik.x509.X509Certificate;
+import iaik.x509.X509ExtensionInitException;
+import iaik.x509.extensions.CertificatePolicies;
+import iaik.x509.extensions.qualified.QCStatements;
+import iaik.x509.extensions.qualified.structures.QCStatement;
+import iaik.x509.extensions.qualified.structures.etsi.QcEuCompliance;
+import iaik.x509.extensions.qualified.structures.etsi.QcEuSSCD;
+import iaik.xml.crypto.tsl.ex.TSLEngineDiedException;
+import iaik.xml.crypto.tsl.ex.TSLSearchException;
+
+import java.security.Principal;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.tsl.timer.TSLUpdaterTimerTask;
+
+public class CertificateUtils {
+
+
+ /**
+ * Verifies if the given certificate contains QCP+ statement
+ * @param cert X509Certificate
+ * @return true if the given certificate contains QCP+ statement, else false
+ */
+ private static boolean checkQCPPlus(X509Certificate cert) {
+ Logger.debug("Checking QCP+ extension");
+ String OID_QCPPlus = "0.4.0.1456.1.1";
+ try {
+ CertificatePolicies certPol = (CertificatePolicies) cert.getExtension(CertificatePolicies.oid);
+ if (certPol == null) {
+ Logger.debug("No CertificatePolicies extension found");
+ return false;
+ }
+
+ PolicyInformation[] polInfo = certPol.getPolicyInformation();
+ if (polInfo == null) {
+ Logger.debug("No policy information found");
+ return false;
+ }
+
+ for (int i = 0; i < polInfo.length; i++) {
+ ObjectID oid = polInfo[i].getPolicyIdentifier();
+ String oidStr = oid.getID();
+ if (oidStr.compareToIgnoreCase(OID_QCPPlus) == 0) {
+ Logger.debug("QCP+ extension found");
+ return true;
+ }
+ }
+
+ Logger.debug("No QCP+ extension found");
+
+ return false;
+ } catch (X509ExtensionInitException e) {
+ Logger.debug("No QCP+ extension found");
+
+ return false;
+ }
+
+ }
+
+ /**
+ * Verifies if the given certificate contains QCP statement
+ * @param cert X509Certificate
+ * @return true if the given certificate contains QCP statement, else false
+ */
+ private static boolean checkQCP(X509Certificate cert) {
+ Logger.debug("Checking QCP extension");
+ String OID_QCP = "0.4.0.1456.1.2";
+ try {
+ CertificatePolicies certPol = (CertificatePolicies) cert.getExtension(CertificatePolicies.oid);
+ if (certPol == null) {
+ Logger.debug("No CertificatePolicies extension found");
+ return false;
+ }
+
+ PolicyInformation[] polInfo = certPol.getPolicyInformation();
+ if (polInfo == null) {
+ Logger.debug("No policy information found");
+ return false;
+ }
+
+ for (int i = 0; i < polInfo.length; i++) {
+ ObjectID oid = polInfo[i].getPolicyIdentifier();
+ String oidStr = oid.getID();
+ if (oidStr.compareToIgnoreCase(OID_QCP) == 0) {
+ Logger.debug("QCP extension found");
+ return true;
+ }
+
+ }
+
+ Logger.debug("No QCP extension found");
+ return false;
+
+ } catch (X509ExtensionInitException e) {
+ Logger.debug("No QCP extension found");
+ return false;
+ }
+
+ }
+
+ /**
+ * Verifies if the given certificate contains QcEuCompliance statement
+ * @param cert X509Certificate
+ * @return true if the given certificate contains QcEuCompliance statement, else false
+ */
+ private static boolean checkQcEuCompliance(X509Certificate cert) {
+ Logger.debug("Checking QcEUCompliance extension");
+ try {
+ QCStatements qcStatements = (QCStatements) cert.getExtension(QCStatements.oid);
+
+ if (qcStatements == null) {
+ Logger.debug("No QcStatements extension found");
+ return false;
+ }
+
+ QCStatement qcEuCompliance = qcStatements.getQCStatements(QcEuCompliance.statementID);
+
+ if (qcEuCompliance != null) {
+ Logger.debug("QcEuCompliance extension found");
+ return true;
+ }
+
+ Logger.debug("No QcEuCompliance extension found");
+ return false;
+
+ } catch (X509ExtensionInitException e) {
+ Logger.debug("No QcEuCompliance extension found");
+ return false;
+ }
+
+ }
+
+ /**
+ * Verifies if the given certificate contains QcEuSSCD statement
+ * @param cert X509Certificate
+ * @return true if the given certificate contains QcEuSSCD statement, else false
+ */
+ private static boolean checkQcEuSSCD(X509Certificate cert) {
+ Logger.debug("Checking QcEuSSCD extension");
+ try {
+ QCStatements qcStatements = (QCStatements) cert.getExtension(QCStatements.oid);
+ if (qcStatements == null) {
+ Logger.debug("No QcStatements extension found");
+ return false;
+ }
+
+ QCStatement qcEuSSCD = qcStatements.getQCStatements(QcEuSSCD.statementID);
+
+ if (qcEuSSCD != null) {
+ Logger.debug("QcEuSSCD extension found");
+ return true;
+ }
+
+ Logger.debug("No QcEuSSCD extension found");
+ return false;
+
+ } catch (X509ExtensionInitException e) {
+ Logger.debug("No QcEuSSCD extension found");
+ return false;
+ }
+
+ }
+
+ public static QCSSCDResult checkQCSSCD(X509Certificate[] chain, boolean isTSLenabledTrustprofile) {
+
+ boolean qc = false;
+ boolean qcSourceTSL = false;
+ boolean sscd = false;
+ boolean sscdSourceTSL = false;
+
+ try {
+
+ if (isTSLenabledTrustprofile) {
+ // perform QC check via TSL
+ boolean checkQCFromTSL = TSLUpdaterTimerTask.tslconnector_.checkQC(chain);
+ if (!checkQCFromTSL) {
+ // if QC check via TSL returns false
+ // try certificate extensions QCP and QcEuCompliance
+ Logger.debug("QC check via TSL returned false - checking certificate extensions");
+ boolean checkQCP = CertificateUtils.checkQCP(chain[0]);
+ boolean checkQcEuCompliance = CertificateUtils.checkQcEuCompliance(chain[0]);
+
+ if (checkQCP || checkQcEuCompliance) {
+ Logger.debug("Certificate is QC (Source: Certificate)");
+ qc = true;
+ }
+
+ qcSourceTSL = false;
+ }
+ else {
+ // use TSL result
+ Logger.debug("Certificate is QC (Source: TSL)");
+ qc = true;
+ qcSourceTSL = true;
+ }
+
+ // perform SSCD check via TSL
+ boolean checkSSCDFromTSL = TSLUpdaterTimerTask.tslconnector_.checkSSCD(chain);
+ if (!checkSSCDFromTSL) {
+ // if SSCD check via TSL returns false
+ // try certificate extensions QCP+ and QcEuSSCD
+ Logger.debug("SSCD check via TSL returned false - checking certificate extensions");
+ boolean checkQCPPlus = CertificateUtils.checkQCPPlus(chain[0]);
+ boolean checkQcEuSSCD = CertificateUtils.checkQcEuSSCD(chain[0]);
+
+ if (checkQCPPlus || checkQcEuSSCD) {
+ Logger.debug("Certificate is SSCD (Source: Certificate)");
+ sscd = true;
+ }
+
+ sscdSourceTSL = false;
+ }
+ else {
+ // use TSL result
+ Logger.debug("Certificate is SSCD (Source: TSL)");
+ sscd = true;
+ sscdSourceTSL = true;
+ }
+
+ }
+ else {
+ // Trustprofile is not TSL enabled - use certificate extensions only
+
+ // perform QC check
+ // try certificate extensions QCP and QcEuCompliance
+ boolean checkQCP = CertificateUtils.checkQCP(chain[0]);
+ boolean checkQcEuCompliance = CertificateUtils.checkQcEuCompliance(chain[0]);
+
+ if (checkQCP || checkQcEuCompliance)
+ qc = true;
+
+ qcSourceTSL = false;
+
+ // perform SSCD check
+ // try certificate extensions QCP+ and QcEuSSCD
+ boolean checkQCPPlus = CertificateUtils.checkQCPPlus(chain[0]);
+ boolean checkQcEuSSCD = CertificateUtils.checkQcEuSSCD(chain[0]);
+
+ if (checkQCPPlus || checkQcEuSSCD)
+ sscd = true;
+
+ sscdSourceTSL = false;
+ }
+ }
+ catch (TSLEngineDiedException e) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.01", null)), e);
+ } catch (TSLSearchException e) {
+ MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.01", null)), e);
+ }
+
+ QCSSCDResult result = new QCSSCDResult(qc, qcSourceTSL, sscd, sscdSourceTSL);
+
+ return result;
+ }
+
+ /**
+ * Gets the country from the certificate issuer
+ * @param cert X509 certificate
+ * @return Country code from the certificate issuer
+ */
+ public static String getIssuerCountry(X509Certificate cert) {
+ String country = null;
+ Principal issuerdn = cert.getIssuerX500Principal();
+ RFC2253NameParser nameParser = new RFC2253NameParser(issuerdn.getName());
+
+ try {
+ Name name = nameParser.parse();
+ country = name.getRDN(ObjectID.country);
+ } catch (RFC2253NameParserException e) {
+ Logger.warn("Could not get country code from issuer.");
+ }
+
+
+ return country;
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java
new file mode 100644
index 0000000..219bb7c
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java
@@ -0,0 +1,114 @@
+package at.gv.egovernment.moa.spss.util;
+
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.util.Iterator;
+import java.util.List;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+public class ExternalURIVerifier {
+
+ public static void verify(String host, int port) throws MOAApplicationException {
+
+
+ if (host == null)
+ return;
+ if (host.equalsIgnoreCase(""))
+ return;
+
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+
+ boolean allowExternalUris = config.getAllowExternalUris();
+ List blacklist = config.getBlackListedUris();
+ List whitelist = config.getWhiteListedUris();
+
+ InetAddress hostInetAddress = InetAddress.getByName(host);
+ String ip = hostInetAddress.getHostAddress();
+
+
+ if (allowExternalUris) {
+ // external URIs are allowed - check blacklist
+ Iterator it = blacklist.iterator();
+ while (it.hasNext()) {
+ String[] array = (String[])it.next();
+ String bhost = array[0];
+ String bport = array[1];
+ if (bport == null || port == -1) {
+ // check only host
+ if (ip.startsWith(bhost)) {
+ Logger.debug(new LogMsg("Blacklist check: " + host + " (" + ip + ") blacklisted"));
+ throw new MOAApplicationException("4002", new Object[]{host + "(" + ip + ")"});
+ }
+ }
+ else {
+ // check host and port
+ int iport = new Integer(bport).intValue();
+ if (ip.startsWith(bhost) && (iport == port)) {
+ Logger.debug(new LogMsg("Blacklist check: " + host + ":" + port + " (" + ip + ":" + port + " blacklisted"));
+ throw new MOAApplicationException("4002", new Object[]{host + ":" + port + " (" + ip + ":" + port + ")"});
+ }
+
+ }
+ }
+ }
+ else {
+ // external uris are forbidden - check whitelist
+ Iterator it = whitelist.iterator();
+ boolean allowed = false;
+ while (it.hasNext()) {
+ String[] array = (String[])it.next();
+ String bhost = array[0];
+ String bport = array[1];
+ if (bport == null || port == -1) {
+ // check only host
+ if (ip.startsWith(bhost)) {
+ Logger.debug(new LogMsg("Whitelist check: " + host + " (" + ip + ") whitelisted"));
+ allowed = true;
+ //throw new MOAApplicationException("4002", new Object[]{host + "(" + ip + ")"});
+ }
+ }
+ else {
+ // check host and port
+ int iport = new Integer(bport).intValue();
+ if (ip.startsWith(bhost) && (iport == port)) {
+ Logger.debug(new LogMsg("Whitelist check: " + host + ":" + port + " (" + ip + ":" + port + " whitelisted"));
+ //throw new MOAApplicationException("4002", new Object[]{host + ":" + port + " (" + ip + ":" + port + ")"});
+ allowed = true;
+ }
+
+ }
+ }
+
+ if (!allowed) {
+ if (port != -1) {
+ Logger.debug(new LogMsg("No external URIs allowed (" + host + ")"));
+ throw new MOAApplicationException("4001", new Object[]{host + "(" + ip + ")"});
+ }
+ else {
+ Logger.debug(new LogMsg("No external URIs allowed (" + host + ":" + port + ")"));
+ throw new MOAApplicationException("4001", new Object[]{host + ":" + port + " (" + ip + ":" + port + ")"});
+ }
+
+ }
+
+ }
+
+ Logger.debug(new LogMsg("URI allowed: " + ip + ":" + port));
+
+ } catch (ConfigurationException e) {
+ throw new MOAApplicationException("config.10", null);
+ } catch (UnknownHostException e) {
+ throw new MOAApplicationException("4003", new Object[]{host});
+ }
+
+
+
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MOASPSSEntityResolver.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MOASPSSEntityResolver.java
new file mode 100644
index 0000000..b5f72c4
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MOASPSSEntityResolver.java
@@ -0,0 +1,142 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.gv.egovernment.moa.spss.util;
+
+import java.io.InputStream;
+
+import org.apache.xerces.util.URI;
+import org.apache.xerces.util.URI.MalformedURIException;
+import org.xml.sax.EntityResolver;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.util.Constants;
+
+
+/**
+ * An <code>EntityResolver</code> that looks up entities stored as
+ * local resources.
+ *
+ * <p>The following DTDs are mapped to local resources:
+ * <ul>
+ * <li>The XMLSchema.dtd</li>
+ * <li>The datatypes.dtd</li>
+ * </ul>
+ * </p>
+ * <p>For all other resources, an attempt is made to resolve them as resources,
+ * either absolute or relative to <code>Constants.SCHEMA_ROOT</code>.
+ *
+ * @author Patrick Peck
+ * @author Sven Aigner
+ */
+public class MOASPSSEntityResolver implements EntityResolver {
+
+ /**
+ * Resolve an entity.
+ *
+ * The <code>systemId</code> parameter is used to perform the lookup of the
+ * entity as a resource, either by interpreting the <code>systemId</code> as
+ * an absolute resource path, or by appending the last path component of
+ * <code>systemId</code> to <code>Constants.SCHEMA_ROOT</code>.
+ *
+ * @param publicId The public ID of the resource.
+ * @param systemId The system ID of the resource.
+ * @return An <code>InputSource</code> from which the entity can be read, or
+ * <code>null</code>, if the entity could not be found.
+ * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, java.lang.String)
+ */
+ public InputSource resolveEntity(String publicId, String systemId) throws SAXException {
+ InputStream stream;
+ int slashPos;
+
+ if (Logger.isDebugEnabled()) {
+ Logger.debug(
+ new LogMsg("resolveEntity: p=" + publicId + " s=" + systemId));
+ }
+
+ if (publicId != null) {
+ // check if we can resolve some standard dtd's
+ if (publicId.equalsIgnoreCase("-//W3C//DTD XMLSchema 200102//EN")) {
+ return new InputSource(
+ getClass().getResourceAsStream(
+ Constants.SCHEMA_ROOT + "XMLSchema.dtd"));
+ } else if (publicId.equalsIgnoreCase("datatypes")) {
+ return new InputSource(
+ getClass().getResourceAsStream(
+ Constants.SCHEMA_ROOT + "datatypes.dtd"));
+ }
+ } else if (systemId != null) {
+ // get the URI path
+ try {
+ URI uri = new URI(systemId);
+ systemId = uri.getPath();
+
+ if ("".equals(systemId.trim())) {
+ return null;
+ }
+
+// if (!"file".equals(uri.getScheme()) || "".equals(systemId.trim())) {
+// return null;
+// }
+
+ ExternalURIVerifier.verify(uri.getHost(), uri.getPort());
+
+ } catch (MalformedURIException e) {
+ return null;
+ }
+ catch (MOAApplicationException e) {
+ throw new SAXException(e);
+ }
+
+ // try to get the resource from the full path
+ stream = getClass().getResourceAsStream(systemId);
+ if (stream != null) {
+ InputSource source = new InputSource(stream);
+
+ source.setSystemId(systemId);
+ return source;
+ }
+
+ // try to get the resource from the last path component
+ slashPos = systemId.lastIndexOf('/');
+ if (slashPos >= 0 && systemId.length() > slashPos) {
+ systemId = systemId.substring(slashPos + 1, systemId.length());
+ stream =
+ getClass().getResourceAsStream(Constants.SCHEMA_ROOT + systemId);
+ if (stream != null) {
+ InputSource source = new InputSource(stream);
+
+ source.setSystemId(systemId);
+ return source;
+ }
+ }
+ }
+
+ return null; // nothing found - let the parser handle the entity
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MessageProvider.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MessageProvider.java
new file mode 100644
index 0000000..6c8a833
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MessageProvider.java
@@ -0,0 +1,89 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.util;
+
+import java.util.Locale;
+
+import at.gv.egovernment.moa.util.Messages;
+
+/**
+ * Singleton wrapper around a <code>Messages</code> object.
+ *
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class MessageProvider {
+
+ /** The resource names of the messages to load. */
+ private static final String[] DEFAULT_MESSAGE_RESOURCES =
+ { "resources/properties/spss_messages" };
+ /** The corresponding message locales. */
+ private static final Locale[] DEFAULT_MESSAGE_LOCALES =
+ new Locale[] { new Locale("de", "AT") };
+ /** The single instance of this class. */
+ private static MessageProvider instance;
+
+ /** The messages provided by the <code>MessageProvider</code>. */
+ private Messages messages;
+
+ /**
+ * Return the single instance of the <code>MessageProvider</code>.
+ *
+ * Intialilizes the <code>MessageProvider</code> with the default message
+ * locations: <code>/resources/properties/spss_messages</code>.
+ *
+ * @return The single <code>MessageProvider</code>.
+ */
+ public static synchronized MessageProvider getInstance() {
+ if (instance == null) {
+ instance =
+ new MessageProvider(DEFAULT_MESSAGE_RESOURCES, DEFAULT_MESSAGE_LOCALES);
+ }
+ return instance;
+ }
+
+ /**
+ * Create a <code>MessageProvider</code>.
+ *
+ * @param resourceNames The names of the resources containing the messages.
+ * @param locales The corresponding locales.
+ */
+ protected MessageProvider(String[] resourceNames, Locale[] locales) {
+ this.messages = new Messages(resourceNames, locales);
+ }
+
+ /**
+ * Get the message corresponding to a given message ID.
+ *
+ * @param messageId The ID of the message.
+ * @param parameters The parameters to fill in into the message arguments.
+ * @return The formatted message.
+ */
+ public String getMessage(String messageId, Object[] parameters) {
+ return messages.getMessage(messageId, parameters);
+ }
+
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/NodeListToNodeSetDataAdapter.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/NodeListToNodeSetDataAdapter.java
new file mode 100644
index 0000000..e9b1f7d
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/NodeListToNodeSetDataAdapter.java
@@ -0,0 +1,26 @@
+package at.gv.egovernment.moa.spss.util;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.xml.crypto.NodeSetData;
+
+import org.w3c.dom.NodeList;
+
+public class NodeListToNodeSetDataAdapter implements NodeSetData {
+
+ private List list = new ArrayList();
+
+ public NodeListToNodeSetDataAdapter(NodeList list) {
+ for(int i = 0; i < list.getLength(); i++) {
+ this.list.add(list.item(i));
+ }
+ }
+
+ @Override
+ public Iterator iterator() {
+ return this.list.iterator();
+ }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/QCSSCDResult.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/QCSSCDResult.java
new file mode 100644
index 0000000..99af843
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/QCSSCDResult.java
@@ -0,0 +1,37 @@
+package at.gv.egovernment.moa.spss.util;
+
+public class QCSSCDResult {
+
+ private boolean qc;
+ private boolean qcSourceTSL;
+
+ private boolean sscd;
+ private boolean sscdSourceTSL;
+
+ public QCSSCDResult() {
+ this.qc = false;
+ this.qcSourceTSL = false;
+ this.sscd = false;
+ this.sscdSourceTSL = false;
+ }
+
+ public QCSSCDResult(boolean qc, boolean qcSourceTSL, boolean sscd, boolean sscdSourceTSL) {
+ this.qc = qc;
+ this.qcSourceTSL = qcSourceTSL;
+ this.sscd = sscd;
+ this.sscdSourceTSL = sscdSourceTSL;
+ }
+
+ public boolean isQC() {
+ return this.qc;
+ }
+ public boolean isQCSourceTSL() {
+ return this.qcSourceTSL;
+ }
+ public boolean isSSCD() {
+ return this.sscd;
+ }
+ public boolean isSSCDSourceTSL() {
+ return this.sscdSourceTSL;
+ }
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/SecProviderUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/SecProviderUtils.java
new file mode 100644
index 0000000..edcac97
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/SecProviderUtils.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.spss.util;
+
+import java.security.Provider;
+import java.security.Security;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class SecProviderUtils {
+
+ private static final Logger logger = LoggerFactory.getLogger(SecProviderUtils.class);
+
+
+ public static void dumpSecProviders(String message) {
+
+ logger.info("Security Providers: {}", message);
+
+ for(Provider provider : Security.getProviders()) {
+ logger.info(" - {} - {}", provider.getName(), provider.getVersion());
+ }
+ }
+}