CRLDistributionPoint.
- *
- * @param issuerName
- * The name of the CA issuing the CRL referred to by this DP.
- *
- * @param uri
- * The URI of the distribution point.
- *
- * @param reasonCodeStr
- * A list of reason codes (a space-separated enumeration).
- */
- public CRLDistributionPoint(String issuerName, String uri, String reasonCodeStr) {
- super(uri);
- issuerName_ = issuerName;
- this.reasonCodes = extractReasonCodes(reasonCodeStr);
- }
-
- /**
- * @see DistributionPoint#getType()
- */
- public String getType() {
- return RevocationSourceTypes.CRL;
- }
-
- /**
- * Convert a list of reason codes provided as a String to a
- * binary representation.
- *
- * @param reasonCodeStr
- * A String containing a blank-separated, textual
- * representation of reason codes.
- * @return int A binary representation of reason codes.
- * @see iaik.asn1.structures.DistributionPoint
- */
- private int extractReasonCodes(String reasonCodeStr) {
- int codes = 0;
- StringTokenizer tokenizer = new StringTokenizer(reasonCodeStr);
- String token;
- Integer reasonCode;
-
- while (tokenizer.hasMoreTokens()) {
- token = tokenizer.nextToken();
- reasonCode = (Integer) RC_MAPPING.get(token);
- if (reasonCode != null) {
- codes |= reasonCode.intValue();
- } else {
- MessageProvider msg = MessageProvider.getInstance();
- Logger.warn(new LogMsg(msg.getMessage("config.07", new Object[] { token })));
- }
- }
-
- // If reasonCodeStr is empty, set all possible reason codes
- if (codes == 0)
- codes = iaik.asn1.structures.DistributionPoint.unused | iaik.asn1.structures.DistributionPoint.keyCompromise
- | iaik.asn1.structures.DistributionPoint.cACompromise
- | iaik.asn1.structures.DistributionPoint.affiliationChanged
- | iaik.asn1.structures.DistributionPoint.superseded
- | iaik.asn1.structures.DistributionPoint.cessationOfOperation
- | iaik.asn1.structures.DistributionPoint.certificateHold
- | iaik.asn1.structures.DistributionPoint.privilegeWithdrawn
- | iaik.asn1.structures.DistributionPoint.aACompromise;
-
- return codes;
- }
-
- /**
- * Return a binary representation of the reason codes of this distribution
- * point.
- *
- * @return The binary representation of the reason codes.
- */
- public int getReasonCodes() {
- return reasonCodes;
- }
-
- /**
- * Return a String representation of this distribution point.
- *
- * @return The String representation of this distribution
- * point.
- * @see java.lang.Object#toString()
- */
- public String toString() {
- return "(DistributionPoint - " + ("URI<" + getUri()) + ("> REASONCODES<" + getReasonCodes() + ">)");
- }
-
- /**
- * @see iaik.pki.revocation.CRLDistributionPoint#getIssuerName()
- */
- public String getIssuerName() {
- return issuerName_;
- }
-
- @Override
- public Name getIssuerDN() {
- try {
- return new Name(this.issuerName_);
- } catch (RFC2253NameParserException e) {
- throw new RuntimeException(e);
- }
- }
+public class CRLDistributionPoint extends DistributionPoint implements
+ iaik.pki.revocation.CRLDistributionPoint {
+
+ private static Map RC_MAPPING = new HashMap();
+
+ static {
+
+ // create the mapping between reason code strings and their integer
+ // values
+ RC_MAPPING.put("unused", new Integer(iaik.asn1.structures.DistributionPoint.unused));
+ RC_MAPPING.put("keyCompromise", new Integer(iaik.asn1.structures.DistributionPoint.keyCompromise));
+ RC_MAPPING.put("cACompromise", new Integer(iaik.asn1.structures.DistributionPoint.cACompromise));
+ RC_MAPPING.put("affiliationChanged", new Integer(
+ iaik.asn1.structures.DistributionPoint.affiliationChanged));
+ RC_MAPPING.put("superseded", new Integer(iaik.asn1.structures.DistributionPoint.superseded));
+ RC_MAPPING.put("cessationOfOperation",
+ new Integer(iaik.asn1.structures.DistributionPoint.cessationOfOperation));
+ RC_MAPPING.put("certificateHold", new Integer(iaik.asn1.structures.DistributionPoint.certificateHold));
+ RC_MAPPING.put("privilegeWithdrawn", new Integer(
+ iaik.asn1.structures.DistributionPoint.privilegeWithdrawn));
+ RC_MAPPING.put("aACompromise", new Integer(iaik.asn1.structures.DistributionPoint.aACompromise));
+ }
+
+ /**
+ * The name of the CA issuing the CRL referred to by this DP.
+ */
+ private final String issuerName_;
+
+ /**
+ * The reason codes applicable for the distribution point.
+ */
+ private final int reasonCodes;
+
+ /**
+ * Create a CRLDistributionPoint.
+ *
+ * @param issuerName The name of the CA issuing the CRL referred to by this
+ * DP.
+ *
+ * @param uri The URI of the distribution point.
+ *
+ * @param reasonCodeStr A list of reason codes (a space-separated enumeration).
+ */
+ public CRLDistributionPoint(String issuerName, String uri, String reasonCodeStr) {
+ super(uri);
+ issuerName_ = issuerName;
+ this.reasonCodes = extractReasonCodes(reasonCodeStr);
+ }
+
+ /**
+ * @see DistributionPoint#getType()
+ */
+ @Override
+ public String getType() {
+ return RevocationSourceTypes.CRL;
+ }
+
+ /**
+ * Convert a list of reason codes provided as a String to a binary
+ * representation.
+ *
+ * @param reasonCodeStr A String containing a blank-separated,
+ * textual representation of reason codes.
+ * @return int A binary representation of reason codes.
+ * @see iaik.asn1.structures.DistributionPoint
+ */
+ private int extractReasonCodes(String reasonCodeStr) {
+ int codes = 0;
+ final StringTokenizer tokenizer = new StringTokenizer(reasonCodeStr);
+ String token;
+ Integer reasonCode;
+
+ while (tokenizer.hasMoreTokens()) {
+ token = tokenizer.nextToken();
+ reasonCode = (Integer) RC_MAPPING.get(token);
+ if (reasonCode != null) {
+ codes |= reasonCode.intValue();
+ } else {
+ final MessageProvider msg = MessageProvider.getInstance();
+ Logger.warn(new LogMsg(msg.getMessage("config.07", new Object[] { token })));
+ }
+ }
+
+ // If reasonCodeStr is empty, set all possible reason codes
+ if (codes == 0) {
+ codes = iaik.asn1.structures.DistributionPoint.unused
+ | iaik.asn1.structures.DistributionPoint.keyCompromise
+ | iaik.asn1.structures.DistributionPoint.cACompromise
+ | iaik.asn1.structures.DistributionPoint.affiliationChanged
+ | iaik.asn1.structures.DistributionPoint.superseded
+ | iaik.asn1.structures.DistributionPoint.cessationOfOperation
+ | iaik.asn1.structures.DistributionPoint.certificateHold
+ | iaik.asn1.structures.DistributionPoint.privilegeWithdrawn
+ | iaik.asn1.structures.DistributionPoint.aACompromise;
+ }
+
+ return codes;
+ }
+
+ /**
+ * Return a binary representation of the reason codes of this distribution
+ * point.
+ *
+ * @return The binary representation of the reason codes.
+ */
+ @Override
+ public int getReasonCodes() {
+ return reasonCodes;
+ }
+
+ /**
+ * Return a String representation of this distribution point.
+ *
+ * @return The String representation of this distribution point.
+ * @see java.lang.Object#toString()
+ */
+ @Override
+ public String toString() {
+ return "(DistributionPoint - " + "URI<" + getUri() + "> REASONCODES<" + getReasonCodes() + ">)";
+ }
+
+ /**
+ * @see iaik.pki.revocation.CRLDistributionPoint#getIssuerName()
+ */
+ public String getIssuerName() {
+ return issuerName_;
+ }
+
+ @Override
+ public Name getIssuerDN() {
+ try {
+ return new Name(this.issuerName_);
+ } catch (final RFC2253NameParserException e) {
+ throw new RuntimeException(e);
+ }
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationException.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationException.java
index 6546e88..13f1de9 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationException.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationException.java
@@ -21,27 +21,26 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
import at.gv.egovernment.moa.spss.MOASystemException;
/**
* Exception signalling an error in the configuration.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class ConfigurationException extends MOASystemException {
/**
- *
- */
- private static final long serialVersionUID = -1934466124930228755L;
+ *
+ */
+ private static final long serialVersionUID = -1934466124930228755L;
-/**
+ /**
* Create a ConfigurationException.
- *
+ *
* @see at.gv.egovernment.moa.spss.MOAException#MOAException(String, Object[])
*/
public ConfigurationException(String messageId, Object[] parameters) {
@@ -50,12 +49,14 @@ public class ConfigurationException extends MOASystemException {
/**
* Create a ConfigurationException.
- * @see at.gv.egovernment.moa.spss.MOAException#MOAException(String, Object[], Throwable)
+ *
+ * @see at.gv.egovernment.moa.spss.MOAException#MOAException(String, Object[],
+ * Throwable)
*/
public ConfigurationException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
+ String messageId,
+ Object[] parameters,
+ Throwable wrapped) {
super(messageId, parameters, wrapped);
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
index 3c00232..41b0c29 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -20,22 +20,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
-import iaik.asn1.structures.Name;
-//import iaik.ixsil.exceptions.URIException;
-//import iaik.ixsil.util.URI;
-import iaik.pki.pathvalidation.ChainingModes;
-import iaik.pki.revocation.RevocationSourceTypes;
-import iaik.server.modules.xml.BlackListEntry;
-import iaik.server.modules.xml.ExternalReferenceChecker;
-import iaik.server.modules.xml.WhiteListEntry;
-import iaik.utils.RFC2253NameParser;
-import iaik.utils.RFC2253NameParserException;
-import iaik.xml.crypto.utils.URI;
-import iaik.xml.crypto.utils.URIException;
-
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
@@ -70,14 +56,25 @@ import at.gv.egovernment.moaspss.logging.LogMsg;
import at.gv.egovernment.moaspss.logging.Logger;
import at.gv.egovernment.moaspss.util.Constants;
import at.gv.egovernment.moaspss.util.DOMUtils;
-import at.gv.egovernment.moaspss.util.FileUtils;
import at.gv.egovernment.moaspss.util.MiscUtil;
import at.gv.egovernment.moaspss.util.StringUtils;
import at.gv.egovernment.moaspss.util.XPathUtils;
+import iaik.asn1.structures.Name;
+//import iaik.ixsil.exceptions.URIException;
+//import iaik.ixsil.util.URI;
+import iaik.pki.pathvalidation.ChainingModes;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.server.modules.xml.BlackListEntry;
+import iaik.server.modules.xml.ExternalReferenceChecker;
+import iaik.server.modules.xml.WhiteListEntry;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+import iaik.xml.crypto.utils.URI;
+import iaik.xml.crypto.utils.URIException;
/**
* A class that builds configuration data from a DOM based representation.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -102,271 +99,274 @@ public class ConfigurationPartsBuilder {
//
private static final String ROOT = "/" + CONF + "MOAConfiguration/";
-
+
private static final String PDFAS_CONFIGURATION_XPATH =
- ROOT + CONF + "Common/" + CONF + "PDFASConfig";
-
+ ROOT + CONF + "Common/" + CONF + "PDFASConfig";
+
private static final String FORMRESULT_CONFIGURATION_XPATH =
- ROOT + CONF + "Common/" + CONF + "AdESFormResult";
-
+ ROOT + CONF + "Common/" + CONF + "AdESFormResult";
+
private static final String DIGEST_METHOD_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "XMLDSig/"
- + CONF + "DigestMethodAlgorithm";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "XMLDSig/"
+ + CONF + "DigestMethodAlgorithm";
private static final String XADES_VERSION_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "XAdES/"
- + CONF + "Version";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "XAdES/"
+ + CONF + "Version";
private static final String C14N_ALGORITHM_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "XMLDSig/"
- + CONF + "CanonicalizationAlgorithm";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "XMLDSig/"
+ + CONF + "CanonicalizationAlgorithm";
private static final String HARDWARE_CRYPTO_MODULE_XPATH =
- ROOT + CONF + "Common/"
- + CONF + "HardwareCryptoModule";
+ ROOT + CONF + "Common/"
+ + CONF + "HardwareCryptoModule";
private static final String PERMIT_EXTERNAL_URIS_XPATH =
- ROOT + CONF + "Common/"
- + CONF + "PermitExternalUris";
+ ROOT + CONF + "Common/"
+ + CONF + "PermitExternalUris";
private static final String BLACK_LIST_URIS_XPATH =
- ROOT + CONF + "Common/"
- + CONF + "PermitExternalUris/"
- + CONF + "BlackListUri";
+ ROOT + CONF + "Common/"
+ + CONF + "PermitExternalUris/"
+ + CONF + "BlackListUri";
private static final String FORBID_EXTERNAL_URIS_XPATH =
- ROOT + CONF + "Common/"
- + CONF + "ForbidExternalUris";
+ ROOT + CONF + "Common/"
+ + CONF + "ForbidExternalUris";
private static final String WHITE_LIST_URIS_XPATH =
- ROOT + CONF + "Common/"
- + CONF + "ForbidExternalUris/"
- + CONF + "WhiteListUri";
-
+ ROOT + CONF + "Common/"
+ + CONF + "ForbidExternalUris/"
+ + CONF + "WhiteListUri";
+
private static final String HARDWARE_KEY_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "KeyModules/"
- + CONF + "HardwareKeyModule";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "KeyModules/"
+ + CONF + "HardwareKeyModule";
private static final String SOFTWARE_KEY_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "KeyModules/"
- + CONF + "SoftwareKeyModule";
- private static final String KEYGROUP_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "KeyGroup";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "KeyModules/"
+ + CONF + "SoftwareKeyModule";
+ private static final String KEYGROUP_XPATH =
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "KeyGroup";
private static final String KEYGROUP_MAPPING_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "KeyGroupMapping";
- private static final String ISSUER_XPATH =
- DSIG + "X509IssuerName";
- private static final String SERIAL_XPATH =
- DSIG + "X509SerialNumber";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "KeyGroupMapping";
+ private static final String ISSUER_XPATH =
+ DSIG + "X509IssuerName";
+ private static final String SERIAL_XPATH =
+ DSIG + "X509SerialNumber";
private static final String CERTSTORE_LOCATION_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "PathConstruction/"
- + CONF + "CertificateStore/"
- + CONF + "DirectoryStore/"
- + CONF + "Location";
- private static final String AUTO_ADD_CERTIFICATES_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "PathConstruction/"
- + CONF + "AutoAddCertificates";
-
- private static final String AUTO_ADD_EE_CERTIFICATES_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "PathConstruction/"
- + CONF + "AutoAddEECertificates";
-
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathConstruction/"
+ + CONF + "CertificateStore/"
+ + CONF + "DirectoryStore/"
+ + CONF + "Location";
+ private static final String AUTO_ADD_CERTIFICATES_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathConstruction/"
+ + CONF + "AutoAddCertificates";
+
+ private static final String AUTO_ADD_EE_CERTIFICATES_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathConstruction/"
+ + CONF + "AutoAddEECertificates";
+
private static final String USE_AUTHORITY_INFO_ACCESS_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "PathConstruction/"
- + CONF + "UseAuthorityInformationAccess";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathConstruction/"
+ + CONF + "UseAuthorityInformationAccess";
private static final String CHAINING_MODES_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "PathValidation/"
- + CONF + "ChainingMode";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathValidation/"
+ + CONF + "ChainingMode";
private static final String CHAINING_MODES_DEFAULT_XPATH =
- CHAINING_MODES_XPATH + "/"
- + CONF + "DefaultMode";
+ CHAINING_MODES_XPATH + "/"
+ + CONF + "DefaultMode";
private static final String TRUST_ANCHOR_XPATH =
- CHAINING_MODES_XPATH + "/"
- + CONF + "TrustAnchor";
+ CHAINING_MODES_XPATH + "/"
+ + CONF + "TrustAnchor";
private static final String TRUST_PROFILE_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "PathValidation/"
- + CONF + "TrustProfile";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathValidation/"
+ + CONF + "TrustProfile";
private static final String DISTRIBUTION_POINTS_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "DistributionPoint";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "DistributionPoint";
private static final String CRL_RETENTION_INTERVALS_CA_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "CrlRetentionIntervals/"
- + CONF + "CA";
- private static final String ENABLE_REVOCATION_CHECKING_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "EnableChecking";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "CrlRetentionIntervals/"
+ + CONF + "CA";
+ private static final String ENABLE_REVOCATION_CHECKING_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "EnableChecking";
private static final String MAX_REVOCATION_AGE_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "MaxRevocationAge";
- private static final String REVOCATION_SERVICEORDER_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "ServiceOrder/"
- + CONF + "Service";
- private static final String ENABLE_ARCHIVING_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "Archiving/"
- + CONF + "EnableArchiving";
- private static final String CRL_ARCHIVE_DURATION_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "Archiving/"
- + CONF + "ArchiveDuration";
- private static final String ACHIVE_JDBC_URL_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "Archiving/"
- + CONF + "Archive/"
- + CONF + "DatabaseArchive/"
- + CONF + "JDBCURL";
- private static final String ACHIVE_JDBC_DRIVER_CLASS_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "Archiving/"
- + CONF + "Archive/"
- + CONF + "DatabaseArchive/"
- + CONF + "JDBCDriverClassName";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "MaxRevocationAge";
+ private static final String REVOCATION_SERVICEORDER_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "ServiceOrder/"
+ + CONF + "Service";
+ private static final String ENABLE_ARCHIVING_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "Archiving/"
+ + CONF + "EnableArchiving";
+ private static final String CRL_ARCHIVE_DURATION_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "Archiving/"
+ + CONF + "ArchiveDuration";
+ private static final String ACHIVE_JDBC_URL_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "Archiving/"
+ + CONF + "Archive/"
+ + CONF + "DatabaseArchive/"
+ + CONF + "JDBCURL";
+ private static final String ACHIVE_JDBC_DRIVER_CLASS_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "Archiving/"
+ + CONF + "Archive/"
+ + CONF + "DatabaseArchive/"
+ + CONF + "JDBCDriverClassName";
private static final String CREATE_TRANSFORMS_INFO_PROFILE_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "CreateTransformsInfoProfile";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "CreateTransformsInfoProfile";
private static final String CREATE_SIGNATURE_ENVIRONMENT_PROFILE_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "CreateSignatureEnvironmentProfile";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "CreateSignatureEnvironmentProfile";
private static final String VERIFY_TRANSFORMS_INFO_PROFILE_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "VerifyTransformsInfoProfile";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "VerifyTransformsInfoProfile";
private static final String SUPPLEMENT_PROFILE_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "SupplementProfile";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "SupplementProfile";
private static final String PERMIT_FILE_URIS_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "PermitFileURIs";
-
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "PermitFileURIs";
+
private static final String CONNECTION_TIMEOUT_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "ConnectionTimeout";
-
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "ConnectionTimeout";
+
private static final String READ_TIMEOUT_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "ReadTimeout";
-
- private static final String TSL_CONFIGURATION_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "TSLConfiguration/";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "ReadTimeout";
+
+ private static final String TSL_CONFIGURATION_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "TSLConfiguration/";
//
- // default values for configuration parameters
+ // default values for configuration parameters
//
/** The accepted canonicalization algorithm URIs, as an array */
private static final String[] ACCEPTED_C14N_ALGORITHMS_ARRAY =
- {
- Constants.C14N_URI,
- Constants.C14N_WITH_COMMENTS_URI,
- Constants.EXC_C14N_URI,
- Constants.EXC_C14N_WITH_COMMENTS_URI };
+ {
+ Constants.C14N_URI,
+ Constants.C14N_WITH_COMMENTS_URI,
+ Constants.EXC_C14N_URI,
+ Constants.EXC_C14N_WITH_COMMENTS_URI };
/** The accepted canonicalization algorithm URIs, as a Set */
private static final Set ACCEPTED_C14N_ALGORITHMS =
- new HashSet(Arrays.asList(ACCEPTED_C14N_ALGORITHMS_ARRAY));
+ new HashSet(Arrays.asList(ACCEPTED_C14N_ALGORITHMS_ARRAY));
/** Default canonicalization algorithm, if none/illegal has been configured */
private static final String C14N_ALGORITHM_DEFAULT = Constants.C14N_URI;
/** The accepted digest method algorithm URIs, as an array */
private static final String[] ACCEPTED_DIGEST_ALGORITHMS_ARRAY =
- { Constants.SHA1_URI,
- Constants.SHA256_URI,
- Constants.SHA384_URI,
- Constants.SHA512_URI};
+ { Constants.SHA1_URI,
+ Constants.SHA256_URI,
+ Constants.SHA384_URI,
+ Constants.SHA512_URI };
/** The accepted digest method algorithm URIs, as a Set */
private static final Set ACCEPTED_DIGEST_ALGORITHMS =
- new HashSet(Arrays.asList(ACCEPTED_DIGEST_ALGORITHMS_ARRAY));
-
-
- /** Default digest algorithm URI, if none/illegal has been configured (for XAdES 1.1.1) */
+ new HashSet(Arrays.asList(ACCEPTED_DIGEST_ALGORITHMS_ARRAY));
+
+ /**
+ * Default digest algorithm URI, if none/illegal has been configured (for XAdES
+ * 1.1.1)
+ */
private static final String DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1 = Constants.SHA1_URI;
-
- /** Default digest algorithm URI, if none/illegal has been configured (for XAdES 1.4.2) */
+
+ /**
+ * Default digest algorithm URI, if none/illegal has been configured (for XAdES
+ * 1.4.2)
+ */
private static final String DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2 = Constants.SHA256_URI;
-
+
/** The root element of the MOA configuration */
- private Element configElem;
-
+ private final Element configElem;
+
/**
* The directory containing the underlying configuration file.
*/
- private File configRoot_;
+ private final File configRoot_;
/** Whether any warnings were encountered building the configuration. */
- private List warnings = new ArrayList();
+ private final List warnings = new ArrayList();
/**
* Create a new ConfigurationPartsBuilder.
- *
+ *
* @param configElem The root element of the MOA configuration.
- *
+ *
* @param configRoot The directory containing the underlying configuration file.
*/
- public ConfigurationPartsBuilder(Element configElem, File configRoot)
- {
+ public ConfigurationPartsBuilder(Element configElem, File configRoot) {
this.configElem = configElem;
configRoot_ = configRoot;
}
/**
- * Returns the root element of the MOA configuration.
- *
+ * Returns the root element of the MOA configuration.
+ *
* @return The root element of the MOA configuration.
*/
public Element getConfigElem() {
return configElem;
}
-
- /**
+
+ /**
* Returns the directory containing the underlying configuration file.
- *
+ *
* @return the directory containing the underlying configuration file.
*/
- public File getConfigRoot()
- {
+ public File getConfigRoot() {
return configRoot_;
}
/**
* Returns the warnings encountered during building the configuration.
- *
- * @return A List of Strings, containing the
- * warning messages.
+ *
+ * @return A List of Strings, containing the warning
+ * messages.
*/
public List getWarnings() {
return warnings;
@@ -374,124 +374,114 @@ public class ConfigurationPartsBuilder {
/**
* Returns the digest method algorithm name.
- *
+ *
* @return The digest method algorithm name from the configuration.
*/
- public String getDigestMethodAlgorithmName()
- {
+ public String getDigestMethodAlgorithmName() {
String digestMethod = getElementValue(getConfigElem(), DIGEST_METHOD_XPATH, null);
-
- if (digestMethod == null || !ACCEPTED_DIGEST_ALGORITHMS.contains(digestMethod))
- {
- String xadesVersion = this.getXAdESVersion();
- if (xadesVersion == null) {
- info(
- "config.23",
- new Object[] { "DigestMethodAlgorithm", DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1 });
- digestMethod = DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1;
- }
- else {
- info(
- "config.23",
- new Object[] { "DigestMethodAlgorithm", DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2 });
- digestMethod = DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2;
- }
-
-
+
+ if (digestMethod == null || !ACCEPTED_DIGEST_ALGORITHMS.contains(digestMethod)) {
+ final String xadesVersion = this.getXAdESVersion();
+ if (xadesVersion == null) {
+ info(
+ "config.23",
+ new Object[] { "DigestMethodAlgorithm", DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1 });
+ digestMethod = DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1;
+ } else {
+ info(
+ "config.23",
+ new Object[] { "DigestMethodAlgorithm", DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2 });
+ digestMethod = DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2;
+ }
+
}
return digestMethod;
}
-
+
/**
* Returns the digest method algorithm name.
- *
+ *
* @return The digest method algorithm name from the configuration.
*/
- public String getXAdESVersion()
- {
- String xadesVersion = getElementValue(getConfigElem(), XADES_VERSION_XPATH, null);
-
+ public String getXAdESVersion() {
+ final String xadesVersion = getElementValue(getConfigElem(), XADES_VERSION_XPATH, null);
+
return xadesVersion;
}
-
+
/**
* Returns the digest method algorithm name.
- *
+ *
* @return The digest method algorithm name from the configuration.
*/
- public String getPDFASConfiguration()
- {
- String pdfasConfiguration = getElementValue(getConfigElem(), PDFAS_CONFIGURATION_XPATH, null);
-
+ public String getPDFASConfiguration() {
+ final String pdfasConfiguration = getElementValue(getConfigElem(), PDFAS_CONFIGURATION_XPATH, null);
+
return pdfasConfiguration;
}
-
+
/**
* Returns the digest method algorithm name.
- *
+ *
* @return The digest method algorithm name from the configuration.
*/
- public int getConnectionTimeout()
- {
- String connectionTimeout = getElementValue(getConfigElem(), CONNECTION_TIMEOUT_XPATH_, "30");
+ public int getConnectionTimeout() {
+ final String connectionTimeout = getElementValue(getConfigElem(), CONNECTION_TIMEOUT_XPATH_, "30");
int defaultConnectionTimeout = 30;
-
- if(connectionTimeout != null) {
- try {
- defaultConnectionTimeout = Integer.parseInt(connectionTimeout);
- } catch(NumberFormatException e) {
- Logger.warn("Configuration value " + CONNECTION_TIMEOUT_XPATH_ + " should be a number defaulting to 30");
- }
+
+ if (connectionTimeout != null) {
+ try {
+ defaultConnectionTimeout = Integer.parseInt(connectionTimeout);
+ } catch (final NumberFormatException e) {
+ Logger.warn("Configuration value " + CONNECTION_TIMEOUT_XPATH_
+ + " should be a number defaulting to 30");
+ }
}
-
- if(defaultConnectionTimeout < 0) {
- defaultConnectionTimeout = 30;
+
+ if (defaultConnectionTimeout < 0) {
+ defaultConnectionTimeout = 30;
}
-
+
return defaultConnectionTimeout * 1000;
}
-
- public int getReadTimeout()
- {
- String connectionTimeout = getElementValue(getConfigElem(), READ_TIMEOUT_XPATH_, "30");
+
+ public int getReadTimeout() {
+ final String connectionTimeout = getElementValue(getConfigElem(), READ_TIMEOUT_XPATH_, "30");
int defaultConnectionTimeout = 30;
-
- if(connectionTimeout != null) {
- try {
- defaultConnectionTimeout = Integer.parseInt(connectionTimeout);
- } catch(NumberFormatException e) {
- Logger.warn("Configuration value " + READ_TIMEOUT_XPATH_ + " should be a number defaulting to 30");
- }
+
+ if (connectionTimeout != null) {
+ try {
+ defaultConnectionTimeout = Integer.parseInt(connectionTimeout);
+ } catch (final NumberFormatException e) {
+ Logger.warn("Configuration value " + READ_TIMEOUT_XPATH_ + " should be a number defaulting to 30");
+ }
}
-
- if(defaultConnectionTimeout < 0) {
- defaultConnectionTimeout = 30;
+
+ if (defaultConnectionTimeout < 0) {
+ defaultConnectionTimeout = 30;
}
-
+
return defaultConnectionTimeout * 1000;
}
-
- public boolean getAdesFormResult()
- {
- String enableArchiving = getElementValue(getConfigElem(), FORMRESULT_CONFIGURATION_XPATH, null);
- return Boolean.valueOf(enableArchiving).booleanValue();
+
+ public boolean getAdesFormResult() {
+ final String enableArchiving = getElementValue(getConfigElem(), FORMRESULT_CONFIGURATION_XPATH, null);
+ return Boolean.valueOf(enableArchiving).booleanValue();
}
-
+
/**
* Returns the canonicalization algorithm name.
- *
+ *
* @return The canonicalization algorithm name from the configuration.
*/
- public String getCanonicalizationAlgorithmName()
- {
+ public String getCanonicalizationAlgorithmName() {
String c14nAlgorithm = getElementValue(getConfigElem(), C14N_ALGORITHM_XPATH, null);
- if (c14nAlgorithm == null || !ACCEPTED_C14N_ALGORITHMS.contains(c14nAlgorithm))
- {
+ if (c14nAlgorithm == null || !ACCEPTED_C14N_ALGORITHMS.contains(c14nAlgorithm)) {
info(
- "config.23",
- new Object[] { "CanonicalizationAlgorithm", C14N_ALGORITHM_DEFAULT });
+ "config.23",
+ new Object[] { "CanonicalizationAlgorithm", C14N_ALGORITHM_DEFAULT });
c14nAlgorithm = C14N_ALGORITHM_DEFAULT;
}
@@ -500,189 +490,172 @@ public class ConfigurationPartsBuilder {
/**
* Build the configured hardware crypto modules.
- *
+ *
* @return The hardware crypto modules from the configuration.
*/
- public List buildHardwareCryptoModules()
- {
- List modules = new ArrayList();
- NodeIterator modIter = XPathUtils.selectNodeIterator(
- getConfigElem(),
- HARDWARE_CRYPTO_MODULE_XPATH);
+ public List buildHardwareCryptoModules() {
+ final List modules = new ArrayList();
+ final NodeIterator modIter = XPathUtils.selectNodeIterator(
+ getConfigElem(),
+ HARDWARE_CRYPTO_MODULE_XPATH);
Element modElem;
while ((modElem = (Element) modIter.nextNode()) != null) {
- String name = getElementValue(modElem, CONF + "Name", null);
- String slotId = getElementValue(modElem, CONF + "SlotId", null);
- String userPIN = getElementValue(modElem, CONF + "UserPIN", null);
- HardwareCryptoModule module = new HardwareCryptoModule(name, slotId, userPIN);
+ final String name = getElementValue(modElem, CONF + "Name", null);
+ final String slotId = getElementValue(modElem, CONF + "SlotId", null);
+ final String userPIN = getElementValue(modElem, CONF + "UserPIN", null);
+ final HardwareCryptoModule module = new HardwareCryptoModule(name, slotId, userPIN);
modules.add(module);
}
return modules;
}
-
+
/**
- *
+ *
* @return
*/
public boolean allowExternalUris() {
- Element permitExtUris = (Element)XPathUtils.selectSingleNode(getConfigElem(), PERMIT_EXTERNAL_URIS_XPATH);
-
- // if PermitExternalUris element does not exist - don't allow external uris
- if (permitExtUris == null) {
- // set permitExtUris for iaik-moa
- ExternalReferenceChecker.setPermitExternalURLs(false);
- return false;
- }
- else {
- // set permitExtUris for iaik-moa
- ExternalReferenceChecker.setPermitExternalURLs(true);
- return true;
- }
+ final Element permitExtUris = (Element) XPathUtils.selectSingleNode(getConfigElem(),
+ PERMIT_EXTERNAL_URIS_XPATH);
+
+ // if PermitExternalUris element does not exist - don't allow external uris
+ if (permitExtUris == null) {
+ // set permitExtUris for iaik-moa
+ ExternalReferenceChecker.setPermitExternalURLs(false);
+ return false;
+ } else {
+ // set permitExtUris for iaik-moa
+ ExternalReferenceChecker.setPermitExternalURLs(true);
+ return true;
+ }
}
-
-
+
/**
- *
+ *
* @return
*/
public List buildPermitExternalUris() {
-
- info("config.33", null);
-
- List blacklist = new ArrayList();
- List blackListIaikMoa = new ArrayList();
-
- NodeIterator permitExtIter = XPathUtils.selectNodeIterator(
- getConfigElem(),
- BLACK_LIST_URIS_XPATH);
-
- Element permitExtElem = null;
- while ((permitExtElem = (Element) permitExtIter.nextNode()) != null) {
- String host = getElementValue(permitExtElem, CONF + "IP", null);
- String port = getElementValue(permitExtElem, CONF + "Port", null);
-
- BlackListEntry entry =null;
- if (port == null) {
- entry = new BlackListEntry(host, -1);
- info("config.34", new Object[]{host});
- }
- else {
- entry = new BlackListEntry(host, new Integer(port).intValue());
- info("config.34", new Object[]{host + ":" + port});
- }
-
- // add entry to iaik-moa blacklist
- blackListIaikMoa.add(entry);
-
-
- String array[] = new String[2];
- array[0] = host;
- array[1] = port;
- blacklist.add(array);
-
- }
-
-
- // set blacklist for iaik-moa
- ExternalReferenceChecker.setBlacklist(blackListIaikMoa);
-
-
- if(blacklist.isEmpty()) // no blacklisted uris given
- info("config.36", null);
-
-
- return blacklist;
+
+ info("config.33", null);
+
+ final List blacklist = new ArrayList();
+ final List blackListIaikMoa = new ArrayList();
+
+ final NodeIterator permitExtIter = XPathUtils.selectNodeIterator(
+ getConfigElem(),
+ BLACK_LIST_URIS_XPATH);
+
+ Element permitExtElem = null;
+ while ((permitExtElem = (Element) permitExtIter.nextNode()) != null) {
+ final String host = getElementValue(permitExtElem, CONF + "IP", null);
+ final String port = getElementValue(permitExtElem, CONF + "Port", null);
+
+ BlackListEntry entry = null;
+ if (port == null) {
+ entry = new BlackListEntry(host, -1);
+ info("config.34", new Object[] { host });
+ } else {
+ entry = new BlackListEntry(host, new Integer(port).intValue());
+ info("config.34", new Object[] { host + ":" + port });
+ }
+
+ // add entry to iaik-moa blacklist
+ blackListIaikMoa.add(entry);
+
+ final String array[] = new String[2];
+ array[0] = host;
+ array[1] = port;
+ blacklist.add(array);
+
+ }
+
+ // set blacklist for iaik-moa
+ ExternalReferenceChecker.setBlacklist(blackListIaikMoa);
+
+ if (blacklist.isEmpty()) {
+ info("config.36", null);
+ }
+
+ return blacklist;
}
-
+
/**
- *
+ *
* @return
*/
public List buildForbidExternalUris() {
-
- //info("config.47", null);
-
- List whitelist = new ArrayList();
- List whiteListIaikMoa = new ArrayList();
-
- NodeIterator forbidExtIter = XPathUtils.selectNodeIterator(
- getConfigElem(),
- WHITE_LIST_URIS_XPATH);
-
- Element permitExtElem = null;
- while ((permitExtElem = (Element) forbidExtIter.nextNode()) != null) {
- String host = getElementValue(permitExtElem, CONF + "IP", null);
- String port = getElementValue(permitExtElem, CONF + "Port", null);
-
- // WhiteListeEntry
- WhiteListEntry entry =null;
- if (port == null) {
- entry = new WhiteListEntry(host, -1);
- info("config.49", new Object[]{host});
+
+ // info("config.47", null);
+
+ final List whitelist = new ArrayList();
+ final List whiteListIaikMoa = new ArrayList();
+
+ final NodeIterator forbidExtIter = XPathUtils.selectNodeIterator(
+ getConfigElem(),
+ WHITE_LIST_URIS_XPATH);
+
+ Element permitExtElem = null;
+ while ((permitExtElem = (Element) forbidExtIter.nextNode()) != null) {
+ final String host = getElementValue(permitExtElem, CONF + "IP", null);
+ final String port = getElementValue(permitExtElem, CONF + "Port", null);
+
+ // WhiteListeEntry
+ WhiteListEntry entry = null;
+ if (port == null) {
+ entry = new WhiteListEntry(host, -1);
+ info("config.49", new Object[] { host });
+ } else {
+ entry = new WhiteListEntry(host, new Integer(port).intValue());
+ info("config.49", new Object[] { host + ":" + port });
}
- else {
- entry = new WhiteListEntry(host, new Integer(port).intValue());
- info("config.49", new Object[]{host + ":" + port});
- }
-
- // add entry to iaik-moa whitelist
- whiteListIaikMoa.add(entry);
-
-
- String array[] = new String[2];
- array[0] = host;
- array[1] = port;
- whitelist.add(array);
-
- }
-
-
- // set whitelist for iaik-moa
- ExternalReferenceChecker.setWhitelist(whiteListIaikMoa);
-
-
- if(whitelist.isEmpty()) // no whitelisted uris given
- info("config.48", null);
-
-
- return whitelist;
+
+ // add entry to iaik-moa whitelist
+ whiteListIaikMoa.add(entry);
+
+ final String array[] = new String[2];
+ array[0] = host;
+ array[1] = port;
+ whitelist.add(array);
+
+ }
+
+ // set whitelist for iaik-moa
+ ExternalReferenceChecker.setWhitelist(whiteListIaikMoa);
+
+ if (whitelist.isEmpty()) {
+ info("config.48", null);
+ }
+
+ return whitelist;
}
-
-
/**
- * Build the configured hardware keys.
- *
- * @param keyModules The keyModules that the configuration already knows about. To
- * prevent multiple key modules with the same ID.
+ * Build the configured hardware keys.
+ *
+ * @param keyModules The keyModules that the configuration already knows about.
+ * To prevent multiple key modules with the same ID.
* @return The hardware keys contained in the configuration.
*/
- public List buildHardwareKeyModules(List keyModules)
- {
- Set existingIds = toIdSet(keyModules);
- List hardwareKeys = new ArrayList();
- NodeIterator hkIter =
- XPathUtils.selectNodeIterator(getConfigElem(), HARDWARE_KEY_XPATH);
+ public List buildHardwareKeyModules(List keyModules) {
+ final Set existingIds = toIdSet(keyModules);
+ final List hardwareKeys = new ArrayList();
+ final NodeIterator hkIter =
+ XPathUtils.selectNodeIterator(getConfigElem(), HARDWARE_KEY_XPATH);
Element keyElem;
- while ((keyElem = (Element) hkIter.nextNode()) != null)
- {
- String id = getElementValue(keyElem, CONF + "Id", null);
- String name = getElementValue(keyElem, CONF + "Name", null);
- String slotId = getElementValue(keyElem, CONF + "SlotId", null);
- String userPIN = getElementValue(keyElem, CONF + "UserPIN", null);
+ while ((keyElem = (Element) hkIter.nextNode()) != null) {
+ final String id = getElementValue(keyElem, CONF + "Id", null);
+ final String name = getElementValue(keyElem, CONF + "Name", null);
+ final String slotId = getElementValue(keyElem, CONF + "SlotId", null);
+ final String userPIN = getElementValue(keyElem, CONF + "UserPIN", null);
- if (existingIds.contains(id))
- {
+ if (existingIds.contains(id)) {
warn(
- "config.04",
- new Object[] { "Hardware- oder SoftwareKeyModule", id });
- }
- else
- {
- KeyModule key = new HardwareKeyModule(id, name, slotId, userPIN);
+ "config.04",
+ new Object[] { "Hardware- oder SoftwareKeyModule", id });
+ } else {
+ final KeyModule key = new HardwareKeyModule(id, name, slotId, userPIN);
hardwareKeys.add(key);
existingIds.add(id);
}
@@ -694,34 +667,29 @@ public class ConfigurationPartsBuilder {
/**
* Build the configured software keys.
- *
- * @param keyModules The keyModules that the configuration already knows about. To
- * prevent multiple key modules with the same ID.
+ *
+ * @param keyModules The keyModules that the configuration already knows about.
+ * To prevent multiple key modules with the same ID.
*
* @return The software keys contained in the configuration.
*/
- public List buildSoftwareKeyModules(List keyModules)
- {
- Set existingIds = toIdSet(keyModules);
- List softwareKeys = new ArrayList();
- NodeIterator skIter =
- XPathUtils.selectNodeIterator(getConfigElem(), SOFTWARE_KEY_XPATH);
+ public List buildSoftwareKeyModules(List keyModules) {
+ final Set existingIds = toIdSet(keyModules);
+ final List softwareKeys = new ArrayList();
+ final NodeIterator skIter =
+ XPathUtils.selectNodeIterator(getConfigElem(), SOFTWARE_KEY_XPATH);
Element keyElem;
- while ((keyElem = (Element) skIter.nextNode()) != null)
- {
- String id = getElementValue(keyElem, CONF + "Id", null);
- String fileName = getElementValue(keyElem, CONF + "FileName", null);
- String passWord = getElementValue(keyElem, CONF + "Password", null);
+ while ((keyElem = (Element) skIter.nextNode()) != null) {
+ final String id = getElementValue(keyElem, CONF + "Id", null);
+ final String fileName = getElementValue(keyElem, CONF + "FileName", null);
+ final String passWord = getElementValue(keyElem, CONF + "Password", null);
- if (existingIds.contains(id))
- {
+ if (existingIds.contains(id)) {
warn(
- "config.04",
- new Object[] { "Hardware- oder SoftwareKeyModule", id });
- }
- else
- {
+ "config.04",
+ new Object[] { "Hardware- oder SoftwareKeyModule", id });
+ } else {
File keyFile;
KeyModule key;
@@ -733,7 +701,7 @@ public class ConfigurationPartsBuilder {
// check for existence
if (!keyFile.exists() || keyFile.isDirectory()) {
- warn("config.25", new Object[] { id, keyFile.getAbsolutePath()});
+ warn("config.25", new Object[] { id, keyFile.getAbsolutePath() });
} else {
// create a new key module
key = new SoftwareKeyModule(id, keyFile.getAbsolutePath(), passWord);
@@ -748,39 +716,36 @@ public class ConfigurationPartsBuilder {
/**
* Build the key group configuration.
- *
- * @param keyModules The KeyModules that the configuration
- * knows about. Used to check for errors in the configuration.
+ *
+ * @param keyModules The KeyModules that the configuration knows
+ * about. Used to check for errors in the configuration.
* @return The mapping between key group IDs and key groups.
*/
- public Map buildKeyGroups(List keyModules)
- {
- Set keyModuleIds = toIdSet(keyModules);
- Map keyGroups = new HashMap();
+ public Map buildKeyGroups(List keyModules) {
+ final Set keyModuleIds = toIdSet(keyModules);
+ final Map keyGroups = new HashMap();
NodeIterator kgIter;
Element keyGroupElem;
// select all KeyGroup elements and build the KeyGroup objects from them
kgIter = XPathUtils.selectNodeIterator(getConfigElem(), KEYGROUP_XPATH);
- while ((keyGroupElem = (Element) kgIter.nextNode()) != null)
- {
+ while ((keyGroupElem = (Element) kgIter.nextNode()) != null) {
String keyGroupId = getElementValue(keyGroupElem, CONF + "Id", null);
- //switch all keyGroupIds to lower case, only
- if (MiscUtil.isNotEmpty(keyGroupId))
- keyGroupId = keyGroupId.trim().toLowerCase();
-
- String keyGroupDigestMethodAlgorithm = getElementValue(keyGroupElem, CONF + "DigestMethodAlgorithm", null);
- Set keyGroupEntries =
- buildKeyGroupEntries(keyGroupId, keyModuleIds, keyGroupElem);
- KeyGroup keyGroup = new KeyGroup(keyGroupId, keyGroupEntries, keyGroupDigestMethodAlgorithm);
+ // switch all keyGroupIds to lower case, only
+ if (MiscUtil.isNotEmpty(keyGroupId)) {
+ keyGroupId = keyGroupId.trim().toLowerCase();
+ }
- if (keyGroups.containsKey(keyGroupId))
- {
+ final String keyGroupDigestMethodAlgorithm = getElementValue(keyGroupElem, CONF
+ + "DigestMethodAlgorithm", null);
+ final Set keyGroupEntries =
+ buildKeyGroupEntries(keyGroupId, keyModuleIds, keyGroupElem);
+ final KeyGroup keyGroup = new KeyGroup(keyGroupId, keyGroupEntries, keyGroupDigestMethodAlgorithm);
+
+ if (keyGroups.containsKey(keyGroupId)) {
warn("config.04", new Object[] { "KeyGroup", keyGroupId });
- }
- else
- {
+ } else {
keyGroups.put(keyGroup.getId(), keyGroup);
}
}
@@ -790,17 +755,16 @@ public class ConfigurationPartsBuilder {
/**
* Return the set of IDs contained in the given KeyModules.
- *
- * @param keyModules The KeyModules from which to extract the
- * IDs.
+ *
+ * @param keyModules The KeyModules from which to extract the IDs.
* @return The IDs from the given KeyModules.
*/
private Set toIdSet(List keyModules) {
- Set ids = new HashSet();
+ final Set ids = new HashSet();
Iterator iter;
for (iter = keyModules.iterator(); iter.hasNext();) {
- KeyModule keyModule = (KeyModule) iter.next();
+ final KeyModule keyModule = (KeyModule) iter.next();
ids.add(keyModule.getId());
}
@@ -809,35 +773,36 @@ public class ConfigurationPartsBuilder {
/**
* Build the key entries belonging to a key group.
- *
- * @param keyGroupId The ID of the key group we are building here. Passed
- * for logging purposes.
+ *
+ * @param keyGroupId The ID of the key group we are building here. Passed for
+ * logging purposes.
* @param keyModuleIds The IDs of the HardwareKeyModules and
- * SoftwareKeyModules that exist in the configuration.
+ * SoftwareKeyModules that exist in the
+ * configuration.
* @param keyGroupElem The KeyGroup DOM element to parse.
* @return A Set of KeyGroupEntry objects.
*/
private Set buildKeyGroupEntries(
- String keyGroupId,
- Set keyModuleIds,
- Element keyGroupElem) {
+ String keyGroupId,
+ Set keyModuleIds,
+ Element keyGroupElem) {
- Set entries = new HashSet();
+ final Set entries = new HashSet();
NodeIterator keyEntryIter;
Element keyEntryElem;
// select all Key elements and put them into the Map
keyEntryIter = XPathUtils.selectNodeIterator(keyGroupElem, CONF + "Key");
- while ((keyEntryElem = (Element) keyEntryIter.nextNode()) != null)
- {
- String keyModuleId = getElementValue(keyEntryElem, CONF + "KeyModuleId", "");
- Element keyCertElem = (Element) XPathUtils.selectSingleNode(keyEntryElem, CONF + "KeyCertIssuerSerial");
- IssuerAndSerial issuerSerial = buildIssuerAndSerial(keyCertElem);
+ while ((keyEntryElem = (Element) keyEntryIter.nextNode()) != null) {
+ final String keyModuleId = getElementValue(keyEntryElem, CONF + "KeyModuleId", "");
+ final Element keyCertElem = (Element) XPathUtils.selectSingleNode(keyEntryElem, CONF
+ + "KeyCertIssuerSerial");
+ final IssuerAndSerial issuerSerial = buildIssuerAndSerial(keyCertElem);
if (!keyModuleIds.contains(keyModuleId)) {
warn("config.26", new Object[] { keyGroupId, keyModuleId });
} else if (issuerSerial != null) {
- KeyGroupEntry entry = new KeyGroupEntry(keyModuleId, issuerSerial);
+ final KeyGroupEntry entry = new KeyGroupEntry(keyModuleId, issuerSerial);
entries.add(entry);
}
}
@@ -846,34 +811,31 @@ public class ConfigurationPartsBuilder {
/**
* Build the key group mapping.
- *
+ *
* @param keyGroups The available key groups.
* @param anonymous The IssuerAndSerial to be used for key group
- * mappings not protected by a certificate.
+ * mappings not protected by a certificate.
* @return The key group mapping.
*/
public Map buildKeyGroupMappings(Map keyGroups, IssuerAndSerial anonymous) {
- Map mappings = new HashMap();
+ final Map mappings = new HashMap();
NodeIterator mappingIter;
Element mappingElem;
// select all KeyGroupMapping elements
mappingIter =
- XPathUtils.selectNodeIterator(getConfigElem(), KEYGROUP_MAPPING_XPATH);
+ XPathUtils.selectNodeIterator(getConfigElem(), KEYGROUP_MAPPING_XPATH);
// build the mapping for each KeyGroupMapping element
- while ((mappingElem = (Element) mappingIter.nextNode()) != null)
- {
- Element issuerSerialElem = (Element) XPathUtils.selectSingleNode(mappingElem, CONF + "CustomerId");
+ while ((mappingElem = (Element) mappingIter.nextNode()) != null) {
+ final Element issuerSerialElem = (Element) XPathUtils.selectSingleNode(mappingElem, CONF
+ + "CustomerId");
// build the IssuerAndSerial who has access to the key groups
IssuerAndSerial issuerAndSerial;
- if (issuerSerialElem != null)
- {
+ if (issuerSerialElem != null) {
issuerAndSerial = buildIssuerAndSerial(issuerSerialElem);
- }
- else
- {
+ } else {
// IssuerSerial element: the keygroup is generally available
issuerAndSerial = anonymous;
}
@@ -884,8 +846,7 @@ public class ConfigurationPartsBuilder {
NodeIterator keyGroupIter;
Element keyGroupElem;
- if (groups == null)
- {
+ if (groups == null) {
// no mapping exist -> build one
groups = new HashMap();
mappings.put(issuerAndSerial, groups);
@@ -893,16 +854,13 @@ public class ConfigurationPartsBuilder {
// select the available key groups and add them to the mapping
keyGroupIter = XPathUtils.selectNodeIterator(mappingElem, CONF + "KeyGroupId");
- while ((keyGroupElem = (Element) keyGroupIter.nextNode()) != null)
- {
- String keyGroupId = getElementValue(keyGroupElem, ".", null);
- KeyGroup keyGroup = (KeyGroup) keyGroups.get(keyGroupId.trim().toLowerCase());
-
- if (keyGroup != null)
- {
+ while ((keyGroupElem = (Element) keyGroupIter.nextNode()) != null) {
+ final String keyGroupId = getElementValue(keyGroupElem, ".", null);
+ final KeyGroup keyGroup = (KeyGroup) keyGroups.get(keyGroupId.trim().toLowerCase());
+
+ if (keyGroup != null) {
groups.put(keyGroupId, keyGroup);
- } else
- {
+ } else {
warn("config.00", new Object[] { keyGroupId });
}
}
@@ -914,15 +872,14 @@ public class ConfigurationPartsBuilder {
/**
* Returns the default chaining mode from the configuration.
- *
+ *
* @return The default chaining mode.
*/
- public String getDefaultChainingMode()
- {
- String defaultChaining = getElementValue(
- getConfigElem(),
- CHAINING_MODES_DEFAULT_XPATH,
- CM_PKIX);
+ public String getDefaultChainingMode() {
+ final String defaultChaining = getElementValue(
+ getConfigElem(),
+ CHAINING_MODES_DEFAULT_XPATH,
+ CM_PKIX);
return translateChainingMode(defaultChaining);
@@ -930,23 +887,20 @@ public class ConfigurationPartsBuilder {
/**
* Build the chaining modes for all configured trust anchors.
- *
+ *
* @return The mapping from trust anchors to chaining modes.
*/
- public Map buildChainingModes()
- {
- Map chainingModes = new HashMap();
- NodeIterator trustIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_ANCHOR_XPATH);
+ public Map buildChainingModes() {
+ final Map chainingModes = new HashMap();
+ final NodeIterator trustIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_ANCHOR_XPATH);
Element trustAnchorElem;
- while ((trustAnchorElem = (Element) trustIter.nextNode()) != null)
- {
- IssuerAndSerial issuerAndSerial = buildIssuerAndSerial(
- (Element)XPathUtils.selectSingleNode(trustAnchorElem, CONF + "Identification"));
- String mode = getElementValue(trustAnchorElem, CONF + "Mode", null);
+ while ((trustAnchorElem = (Element) trustIter.nextNode()) != null) {
+ final IssuerAndSerial issuerAndSerial = buildIssuerAndSerial(
+ (Element) XPathUtils.selectSingleNode(trustAnchorElem, CONF + "Identification"));
+ final String mode = getElementValue(trustAnchorElem, CONF + "Mode", null);
- if (issuerAndSerial != null)
- {
+ if (issuerAndSerial != null) {
chainingModes.put(issuerAndSerial, translateChainingMode(mode));
}
}
@@ -956,26 +910,26 @@ public class ConfigurationPartsBuilder {
/**
* Build an IssuerAndSerial from the DOM representation.
- *
+ *
* @param root The root element (being of type dsig:
* X509IssuerSerialType.
* @return The issuer and serial number contained in the root
- * element or null if could not be built for any reason.
+ * element or null if could not be built for any reason.
*/
private IssuerAndSerial buildIssuerAndSerial(Element root) {
- String issuer = getElementValue(root, ISSUER_XPATH, null);
- String serial = getElementValue(root, SERIAL_XPATH, null);
+ final String issuer = getElementValue(root, ISSUER_XPATH, null);
+ final String serial = getElementValue(root, SERIAL_XPATH, null);
if (issuer != null && serial != null) {
try {
- RFC2253NameParser nameParser = new RFC2253NameParser(issuer);
- Principal issuerDN = nameParser.parse();
+ final RFC2253NameParser nameParser = new RFC2253NameParser(issuer);
+ final Principal issuerDN = nameParser.parse();
return new IssuerAndSerial(issuerDN, new BigInteger(serial));
- } catch (RFC2253NameParserException e) {
+ } catch (final RFC2253NameParserException e) {
warn("config.16", new Object[] { issuer, serial }, e);
return null;
- } catch (NumberFormatException e) {
+ } catch (final NumberFormatException e) {
warn("config.16", new Object[] { issuer, serial }, e);
return null;
}
@@ -986,10 +940,10 @@ public class ConfigurationPartsBuilder {
/**
* Translate the chaining mode from the configuration file to one used in the
* IAIK MOA API.
- *
+ *
* @param chainingMode The chaining mode from the configuration.
* @return The chaining mode as provided by the ChainingModes
- * interface.
+ * interface.
* @see iaik.pki.pathvalidation.ChainingModes
*/
private String translateChainingMode(String chainingMode) {
@@ -1004,55 +958,50 @@ public class ConfigurationPartsBuilder {
/**
* Build the distribution points mapping.
- *
+ *
* @return The mapping from certificate authorities to distribution points.
*/
- public Map buildDistributionPoints()
- {
- Map dPs = new HashMap();
+ public Map buildDistributionPoints() {
+ final Map dPs = new HashMap();
NodeIterator dPIter;
Element dPElem;
- // select all DistributionPoint elements
+ // select all DistributionPoint elements
dPIter = XPathUtils.selectNodeIterator(getConfigElem(), DISTRIBUTION_POINTS_XPATH);
- // build the mapping of CA name to distribution points
+ // build the mapping of CA name to distribution points
while ((dPElem = (Element) dPIter.nextNode()) != null) {
- String caIssuerDNText = getElementValue(dPElem, CONF + "CAIssuerDN", "");
- RFC2253NameParser nameParser = new RFC2253NameParser(caIssuerDNText);
- NodeIterator cRLDPIter = XPathUtils.selectNodeIterator(dPElem, CONF + "CRLDP");
- NodeIterator oCSPDPPIter = XPathUtils.selectNodeIterator(dPElem, CONF + "OCSPDP");
+ final String caIssuerDNText = getElementValue(dPElem, CONF + "CAIssuerDN", "");
+ final RFC2253NameParser nameParser = new RFC2253NameParser(caIssuerDNText);
+ final NodeIterator cRLDPIter = XPathUtils.selectNodeIterator(dPElem, CONF + "CRLDP");
+ final NodeIterator oCSPDPPIter = XPathUtils.selectNodeIterator(dPElem, CONF + "OCSPDP");
- try
- {
- String caIssuerDN = nameParser.parse().getName();
+ try {
+ final String caIssuerDN = nameParser.parse().getName();
- // check, if a mapping exists or make a new mapping
+ // check, if a mapping exists or make a new mapping
Set dPsForCA = (Set) dPs.get(caIssuerDN);
- if (dPsForCA == null)
- {
+ if (dPsForCA == null) {
dPsForCA = new HashSet();
dPs.put(caIssuerDN, dPsForCA);
}
// add the CRL distribution points of this CA to the set
Element cRLDPElem;
- while ((cRLDPElem = (Element) cRLDPIter.nextNode()) != null)
- {
- CRLDistributionPoint cRLDP = (CRLDistributionPoint) buildDistributionPoint(cRLDPElem, caIssuerDN);
+ while ((cRLDPElem = (Element) cRLDPIter.nextNode()) != null) {
+ final CRLDistributionPoint cRLDP = (CRLDistributionPoint) buildDistributionPoint(cRLDPElem,
+ caIssuerDN);
dPsForCA.add(cRLDP);
}
// add the OCSP distribution points of this CA to the set
Element oCSPPElem;
- while ((oCSPPElem = (Element) oCSPDPPIter.nextNode()) != null)
- {
- OCSPDistributionPoint oCSPDP = (OCSPDistributionPoint) buildDistributionPoint(oCSPPElem, null);
+ while ((oCSPPElem = (Element) oCSPDPPIter.nextNode()) != null) {
+ final OCSPDistributionPoint oCSPDP = (OCSPDistributionPoint) buildDistributionPoint(oCSPPElem,
+ null);
dPsForCA.add(oCSPDP);
}
-}
- catch (RFC2253NameParserException e)
- {
+ } catch (final RFC2253NameParserException e) {
warn("config.13", new Object[] { caIssuerDNText }, e);
}
@@ -1063,143 +1012,126 @@ public class ConfigurationPartsBuilder {
/**
* Build a distribution point from the DOM representation.
- *
- * @param dpElem The root element of the distribution point.
- *
- * @param issuerName The name of the CA issuing the CRL referred to by this DP, or null
- * if this DP refers to an OCSP responder.
- *
+ *
+ * @param dpElem The root element of the distribution point.
+ *
+ * @param issuerName The name of the CA issuing the CRL referred to by this DP,
+ * or null if this DP refers to an OCSP
+ * responder.
+ *
* @return The distribution point.
*/
- private DistributionPoint buildDistributionPoint(Element dpElem, String issuerName)
- {
- String uri = getElementValue(dpElem, CONF + "Location", null);
-
- if ("CRLDP".equals(dpElem.getLocalName()))
- {
- NodeIterator reasonCodesIter = XPathUtils.selectNodeIterator(dpElem, CONF + "ReasonCode");
+ private DistributionPoint buildDistributionPoint(Element dpElem, String issuerName) {
+ final String uri = getElementValue(dpElem, CONF + "Location", null);
+
+ if ("CRLDP".equals(dpElem.getLocalName())) {
+ final NodeIterator reasonCodesIter = XPathUtils.selectNodeIterator(dpElem, CONF + "ReasonCode");
Element reasonCodeElem;
- StringBuffer reasonCodesSB = new StringBuffer();
- while ((reasonCodeElem = (Element)reasonCodesIter.nextNode()) != null)
- {
- if (reasonCodesSB.length() > 0) reasonCodesSB.append(" ");
+ final StringBuffer reasonCodesSB = new StringBuffer();
+ while ((reasonCodeElem = (Element) reasonCodesIter.nextNode()) != null) {
+ if (reasonCodesSB.length() > 0) {
+ reasonCodesSB.append(" ");
+ }
reasonCodesSB.append(getElementValue(reasonCodeElem, ".", "").trim());
}
return new CRLDistributionPoint(issuerName, uri, reasonCodesSB.toString());
- }
- else
- {
+ } else {
return new OCSPDistributionPoint(uri);
}
}
/**
* Return the CRL archive duration.
- *
- * @return The value of the CRL archive duration setting from the configuration, or 0 if
- * no value is set in the configuration.
+ *
+ * @return The value of the CRL archive duration setting from the configuration,
+ * or 0 if no value is set in the configuration.
*/
- public int getRevocationArchiveDuration()
- {
- String archiveDuration = getElementValue(getConfigElem(), CRL_ARCHIVE_DURATION_XPATH, null);
- try
- {
+ public int getRevocationArchiveDuration() {
+ final String archiveDuration = getElementValue(getConfigElem(), CRL_ARCHIVE_DURATION_XPATH, null);
+ try {
return Integer.parseInt(archiveDuration);
- }
- catch (NumberFormatException e)
- {
+ } catch (final NumberFormatException e) {
warn("config.01", null);
return 365;
}
}
/**
- * Build the CreateTransformsInfoProfiles.
- *
+ * Build the CreateTransformsInfoProfiles.
+ *
* @return The mapping from profile ID to profile.
*/
- public Map buildCreateTransformsInfoProfiles()
- {
+ public Map buildCreateTransformsInfoProfiles() {
return loadProfiles(CREATE_TRANSFORMS_INFO_PROFILE_XPATH, "CreateTransformsInfoProfile");
}
/**
* Build the CreateSignatureEnvironmentProfiles.
- *
+ *
* @return The mapping from profile ID to profile.
*/
- public Map buildCreateSignatureEnvironmentProfiles()
- {
+ public Map buildCreateSignatureEnvironmentProfiles() {
return loadProfiles(CREATE_SIGNATURE_ENVIRONMENT_PROFILE_XPATH, "CreateSignatureEnvironmentProfile");
}
/**
* Build the VerifyTransformsInfoProfiles.
- *
+ *
* @return The mapping from profile ID to profile.
*/
- public Map buildVerifyTransformsInfoProfiles()
- {
+ public Map buildVerifyTransformsInfoProfiles() {
return loadProfiles(VERIFY_TRANSFORMS_INFO_PROFILE_XPATH, "VerifyTransformsInfoProfile");
}
/**
* Build the SupplementProfiles.
- *
+ *
* @return The mapping from profile ID to profile.
*/
- public Map buildSupplementProfiles()
- {
+ public Map buildSupplementProfiles() {
return loadProfiles(SUPPLEMENT_PROFILE_XPATH, "SupplementProfile");
}
/**
* Load a profile mapping.
- *
- * @param xpath The XPath to select the profiles from the configuration.
- *
+ *
+ * @param xpath The XPath to select the profiles from the configuration.
+ *
* @param profileRoot The name of the profile root element.
- *
+ *
* @return Map The profile ID to profile mapping.
*/
- private Map loadProfiles(String xpath, String profileRoot)
- {
- Map profiles = new HashMap();
- NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), xpath);
+ private Map loadProfiles(String xpath, String profileRoot) {
+ final Map profiles = new HashMap();
+ final NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), xpath);
Element profileElem;
- while ((profileElem = (Element) profileIter.nextNode()) != null)
- {
- String id = getElementValue(profileElem, CONF + "Id", null);
- String fileName = getElementValue(profileElem, CONF + "Location", null);
+ while ((profileElem = (Element) profileIter.nextNode()) != null) {
+ final String id = getElementValue(profileElem, CONF + "Id", null);
+ final String fileName = getElementValue(profileElem, CONF + "Location", null);
- if (profiles.containsKey(id))
- {
+ if (profiles.containsKey(id)) {
warn("config.04", new Object[] { profileRoot, id });
- }
- else
- {
- try
- {
+ } else {
+ try {
File profileFile = new File(fileName);
// make profileFile absolute
- if (!profileFile.isAbsolute()) profileFile = new File(configRoot_, fileName);
+ if (!profileFile.isAbsolute()) {
+ profileFile = new File(configRoot_, fileName);
+ }
// load the profile
- info("config.22", new Object[] { profileRoot, id, profileFile.getAbsoluteFile()});
- Element profile = loadProfile(profileFile);
+ info("config.22", new Object[] { profileRoot, id, profileFile.getAbsoluteFile() });
+ final Element profile = loadProfile(profileFile);
- if (Constants.MOA_NS_URI.equals(profile.getNamespaceURI()) &&
- profile.getLocalName().equals(profileRoot))
- {
+ if (Constants.MOA_NS_URI.equals(profile.getNamespaceURI()) &&
+ profile.getLocalName().equals(profileRoot)) {
profiles.put(id, profile);
- }
- else
- {
+ } else {
warn("config.02", new Object[] { profileRoot, id, fileName });
}
- } catch (ConfigurationException e) {
+ } catch (final ConfigurationException e) {
warn("config.03", new Object[] { profileRoot, id });
}
}
@@ -1210,8 +1142,9 @@ public class ConfigurationPartsBuilder {
/**
* Load a profile from a file.
- *
- * @param root The absolute directory path of the main configuration file.
+ *
+ * @param root The absolute directory path of the main configuration
+ * file.
* @param profileFile The file containing the profile.
* @return The profile in its DOM representation.
* @throws ConfigurationException An error occurred loading the profile.
@@ -1222,7 +1155,7 @@ public class ConfigurationPartsBuilder {
try {
profile = parseXml(new FileInputStream(profileFile));
- } catch (Exception e) {
+ } catch (final Exception e) {
throw new ConfigurationException("config.12", null, e);
}
@@ -1231,146 +1164,136 @@ public class ConfigurationPartsBuilder {
/**
* Build the trust profile mapping.
- *
+ *
* @return The profile ID to profile mapping.
*/
-
- public Map buildTrustProfiles()
- {
- Map trustProfiles = new HashMap();
- NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_PROFILE_XPATH);
+
+ public Map buildTrustProfiles() {
+ final Map trustProfiles = new HashMap();
+ final NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_PROFILE_XPATH);
Element profileElem;
- while ((profileElem = (Element) profileIter.nextNode()) != null) {
- //load basic TrustProfile information
-
- //check TrustProfileId
- String id = getElementValue(profileElem, CONF + "Id", null);
- if (MiscUtil.isEmpty(id)) {
- warn("config.52", new Object[]{"Id des TrustProfiles ist leer."});
- continue;
-
- }
- //cast profileId to lowercase (changed in 3.0.1)
- id = id.trim().toLowerCase();
- if (trustProfiles.containsKey(id)) {
- warn("config.04", new Object[] { "TrustProfile", id });
+ while ((profileElem = (Element) profileIter.nextNode()) != null) {
+ // load basic TrustProfile information
+
+ // check TrustProfileId
+ String id = getElementValue(profileElem, CONF + "Id", null);
+ if (MiscUtil.isEmpty(id)) {
+ warn("config.52", new Object[] { "Id des TrustProfiles ist leer." });
+ continue;
+
+ }
+ // cast profileId to lowercase (changed in 3.0.1)
+ id = id.trim().toLowerCase();
+ if (trustProfiles.containsKey(id)) {
+ warn("config.04", new Object[] { "TrustProfile", id });
+ continue;
+ }
+
+ // check location of TrustAnchor directory
+ final String trustAnchorsLocStr = getElementValue(profileElem, CONF + "TrustAnchorsLocation", null);
+ URI trustAnchorsLocURI = null;
+ try {
+ trustAnchorsLocURI = new URI(trustAnchorsLocStr);
+ if (!trustAnchorsLocURI.isAbsolute()) { // make it absolute to the config file
+ trustAnchorsLocURI = new URI(configRoot_.toURL() + trustAnchorsLocStr);
+ }
+ } catch (final URIException e) {
+ warn("config.14", new Object[] { "uri", id, trustAnchorsLocStr }, e);
+ continue;
+ } catch (final MalformedURLException e) {
+ warn("config.15", new Object[] { id }, e);
+ continue;
+ }
+ final File profileDir = new File(trustAnchorsLocURI.getPath());
+ if (!profileDir.exists() || !profileDir.isDirectory()) {
+ warn("config.27", new Object[] { "uri", id });
+ continue;
+ }
+
+ // check signerCertsLocation URL
+ String signerCertsLocStr = getElementValue(profileElem, CONF + "SignerCertsLocation", null);
+ URI signerCertsLocURI = null;
+ if (signerCertsLocStr != null && !"".equals(signerCertsLocStr)) {
+ try {
+ signerCertsLocURI = new URI(signerCertsLocStr);
+ if (!signerCertsLocURI.isAbsolute()) {
+ signerCertsLocURI = new URI(configRoot_.toURL() + signerCertsLocStr);
+ }
+
+ final File signerCertsDir = new File(signerCertsLocURI.getPath());
+ if (!signerCertsDir.exists() || !signerCertsDir.isDirectory()) {
+ warn("config.27", new Object[] { "signerCertsUri", id });
continue;
- }
-
- //check location of TrustAnchor directory
- String trustAnchorsLocStr = getElementValue(profileElem, CONF + "TrustAnchorsLocation", null);
- URI trustAnchorsLocURI = null;
- try
- {
- trustAnchorsLocURI = new URI(trustAnchorsLocStr);
- if (!trustAnchorsLocURI.isAbsolute()) { // make it absolute to the config file
- trustAnchorsLocURI = new URI(configRoot_.toURL() + trustAnchorsLocStr);
}
- }
- catch (URIException e) {
- warn("config.14", new Object[] { "uri", id, trustAnchorsLocStr }, e);
- continue;
- }
- catch (MalformedURLException e)
- {
- warn("config.15", new Object[] {id}, e);
+ } catch (final URIException e) {
+ warn("config.14", new Object[] { "signerCertsUri", id, trustAnchorsLocStr }, e);
continue;
- }
- File profileDir = new File(trustAnchorsLocURI.getPath());
- if (!profileDir.exists() || !profileDir.isDirectory()) {
- warn("config.27", new Object[] { "uri", id });
+ } catch (final MalformedURLException e) {
+ warn("config.15", new Object[] { id }, e);
continue;
}
+ }
+ signerCertsLocStr = signerCertsLocURI != null ? signerCertsLocURI.toString() : null;
+
+ // check if TSL support is enabled
+ final Element eutslElem = (Element) XPathUtils.selectSingleNode(profileElem, CONF + "EUTSL");
+ boolean tslEnabled = false;
+ if (eutslElem != null) {
+ tslEnabled = true;
+ }
+
+ // load TSL configuration
+ final String countries = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF + "CountrySelection",
+ null);
+ final String allowedTspStatus = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF
+ + "AllowedTSPStatus", null);
+ final String allowedTspServiceTypes = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF
+ + "AllowedTSPServiceTypes", null);
+
+ // create profile configuration
+ final TrustProfile profile = new TrustProfile(id, trustAnchorsLocURI.toString(), signerCertsLocStr,
+ tslEnabled, countries, allowedTspStatus, allowedTspServiceTypes);
+ trustProfiles.put(id, profile);
- //check signerCertsLocation URL
- String signerCertsLocStr = getElementValue(profileElem, CONF + "SignerCertsLocation", null);
- URI signerCertsLocURI = null;
- if (signerCertsLocStr != null && !"".equals(signerCertsLocStr))
- {
- try
- {
- signerCertsLocURI = new URI(signerCertsLocStr);
- if (!signerCertsLocURI.isAbsolute()) signerCertsLocURI = new URI(configRoot_.toURL() + signerCertsLocStr);
-
- File signerCertsDir = new File(signerCertsLocURI.getPath());
- if (!signerCertsDir.exists() || !signerCertsDir.isDirectory()) {
- warn("config.27", new Object[] { "signerCertsUri", id });
- continue;
- }
- }
- catch (URIException e) {
- warn("config.14", new Object[] { "signerCertsUri", id, trustAnchorsLocStr }, e);
- continue;
- }
- catch (MalformedURLException e) {
- warn("config.15", new Object[] {id}, e);
- continue;
- }
- }
- signerCertsLocStr = (signerCertsLocURI != null) ? signerCertsLocURI.toString() : null;
-
-
- //check if TSL support is enabled
- Element eutslElem = (Element) XPathUtils.selectSingleNode(profileElem, CONF + "EUTSL");
- boolean tslEnabled = false;
- if (eutslElem != null) //EUTSL element found --> TSL enabled
- tslEnabled = true;
-
- //load TSL configuration
- String countries = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF + "CountrySelection", null);
- String allowedTspStatus = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF + "AllowedTSPStatus", null);
- String allowedTspServiceTypes = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF + "AllowedTSPServiceTypes", null);
-
-
- //create profile configuration
- TrustProfile profile = new TrustProfile(id, trustAnchorsLocURI.toString(), signerCertsLocStr,
- tslEnabled, countries, allowedTspStatus, allowedTspServiceTypes);
- trustProfiles.put(id, profile);
-
}
return trustProfiles;
}
-
+
/**
* Returns the location of the certificate store.
- *
+ *
* @return the location of the certificate store.
*/
- public String getCertStoreLocation()
- {
- String certStoreLocStr = getElementValue(getConfigElem(), CERTSTORE_LOCATION_XPATH, null);
+ public String getCertStoreLocation() {
+ final String certStoreLocStr = getElementValue(getConfigElem(), CERTSTORE_LOCATION_XPATH, null);
File certStoreLocFile;
-
- // No value specified in configuration file: Set it to a reasonable (absolute) default
- if (certStoreLocStr == null)
- return new File(configRoot_, "certstore").getAbsolutePath();
-
+
+ // No value specified in configuration file: Set it to a reasonable (absolute)
+ // default
+ if (certStoreLocStr == null) {
+ return new File(configRoot_, "certstore").getAbsolutePath();
+ }
+
// Make cert store location an absolute value
certStoreLocFile = new File(certStoreLocStr);
- if (!certStoreLocFile.isAbsolute())
- {
+ if (!certStoreLocFile.isAbsolute()) {
certStoreLocFile = new File(configRoot_, certStoreLocStr);
}
-
+
// Check if cert store location exists, eventually try to create it
- if (!certStoreLocFile.isDirectory())
- {
+ if (!certStoreLocFile.isDirectory()) {
boolean created = false;
- try
- {
+ try {
created = certStoreLocFile.mkdirs();
- }
- finally
- {
- if (!created)
- {
+ } finally {
+ if (!created) {
warn("config.32", new Object[] { certStoreLocFile.getAbsolutePath() });
}
}
}
-
+
return certStoreLocFile.getAbsolutePath();
}
@@ -1380,437 +1303,429 @@ public class ConfigurationPartsBuilder {
/**
* Parse a configuration XML file.
- *
+ *
* @param inputStream The stream from which to read the XML data.
* @return The DOM representation of the XML data.
* @throws ParserConfigurationException XML parser not configured properly.
- * @throws SAXException An error parsing the XML file.
- * @throws IOException An error reading the stream.
+ * @throws SAXException An error parsing the XML file.
+ * @throws IOException An error reading the stream.
*/
private static Element parseXml(InputStream inputStream)
- throws ParserConfigurationException, SAXException, IOException {
+ throws ParserConfigurationException, SAXException, IOException {
return DOMUtils
- .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null)
- .getDocumentElement();
+ .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null)
+ .getDocumentElement();
}
/**
* Return the value of an element located by an XPath.
- *
- * @param root The root element from which to evaluate the xpath.
+ *
+ * @param root The root element from which to evaluate the xpath.
* @param xpath The XPath pointing to the element.
- * @param def The default value, if no element can be found with the given
- * xpath.
+ * @param def The default value, if no element can be found with the given
+ * xpath.
* @return The element value or def, if the element cannot be
- * found.
+ * found.
*/
private String getElementValue(Element root, String xpath, String def) {
- Element elem = (Element) XPathUtils.selectSingleNode(root, xpath);
+ final Element elem = (Element) XPathUtils.selectSingleNode(root, xpath);
return elem != null ? DOMUtils.getText(elem) : def;
}
/**
* Return the value of an attribute located by an XPath.
- *
- * @param root The root element from which to evaluate the xpath.
+ *
+ * @param root The root element from which to evaluate the xpath.
* @param xpath The XPath pointing to the attribute.
- * @param def The default value, if no attribute can be found with the given
- * xpath.
+ * @param def The default value, if no attribute can be found with the given
+ * xpath.
* @return The element value or def, if the attribute cannot be
- * found.
+ * found.
*/
private String getAttributeValue(Element root, String xpath, String def) {
- Attr attr = (Attr) XPathUtils.selectSingleNode(root, xpath);
+ final Attr attr = (Attr) XPathUtils.selectSingleNode(root, xpath);
return attr != null ? attr.getValue() : def;
}
/**
* Log an info message.
- *
- * @param messageId The message ID.
+ *
+ * @param messageId The message ID.
* @param parameters Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private static void info(String messageId, Object[] parameters) {
- MessageProvider msg = MessageProvider.getInstance();
+ final MessageProvider msg = MessageProvider.getInstance();
Logger.info(new LogMsg(msg.getMessage(messageId, parameters)));
}
/**
* Log a warning.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void warn(String messageId, Object[] args) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
Logger.warn(new LogMsg(txt));
warnings.add(txt);
}
-
+
/**
* Log a warning.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void debug(String messageId, Object[] args) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
Logger.debug(new LogMsg(txt));
-
+
}
-
/**
* Log a debug message.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void debug(String message) {
Logger.debug(new LogMsg(message));
}
-
+
/**
* Log a warning.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
- * @param t An exception being the cause of the warning.
+ * @param args Additional parameters for the message.
+ * @param t An exception being the cause of the warning.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void warn(String messageId, Object[] args, Throwable t) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
- Logger.warn(new LogMsg(txt), t);
+ Logger.warn(new LogMsg(txt), t);
warnings.add(txt);
}
/**
* Log an error.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void error(String messageId, Object[] args) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
Logger.error(new LogMsg(txt));
warnings.add(txt);
}
-
+
/**
* Log an error.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
- * @param t An exception being the cause of the warning.
+ * @param args Additional parameters for the message.
+ * @param t An exception being the cause of the warning.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void error(String messageId, Object[] args, Throwable t) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
- Logger.error(new LogMsg(txt), t);
+ Logger.error(new LogMsg(txt), t);
warnings.add(txt);
}
-
+
/**
* Returns whether revocation information should be archived.
- *
+ *
* @return whether revocation information should be archived.
*/
- public boolean getEnableRevocationArchiving()
- {
- String enableArchiving = getElementValue(getConfigElem(), ENABLE_ARCHIVING_XPATH, null);
+ public boolean getEnableRevocationArchiving() {
+ final String enableArchiving = getElementValue(getConfigElem(), ENABLE_ARCHIVING_XPATH, null);
return Boolean.valueOf(enableArchiving).booleanValue();
}
/**
* Returns the JDBC URL for the revocation archive database.
- *
- * @return the JDBC URL for the revocation archive database, or nullnullnullnullConfiguration data is read from an XML file, whose location is given by
- * the moa.spss.server.configuration system property.
- * This class implements the Singleton pattern. The reload()
- * method can be used to update the configuration data. Therefore, it is not
- * guaranteed that consecutive calls to getInstance() will return
- * the same ConfigurationProvider all the time. During the
- * processing of a web service request, the current
- * TransactionContext should be used to obtain the
- * ConfigurationProvider local to that request.
- *
+ *
+ *
+ * Configuration data is read from an XML file, whose location is given by the
+ * moa.spss.server.configuration system property.
+ *
+ *
+ * This class implements the Singleton pattern. The reload() method
+ * can be used to update the configuration data. Therefore, it is not guaranteed
+ * that consecutive calls to getInstance() will return the same
+ * ConfigurationProvider all the time. During the processing of a
+ * web service request, the current TransactionContext should be
+ * used to obtain the ConfigurationProvider local to that request.
+ *
+ *
* @author Patrick Peck
* @author Sven Aigner
* @version $Id$
*/
-public class ConfigurationProvider
-{
- /**
- * The name of the system property which contains the file name of the
+public class ConfigurationProvider {
+ /**
+ * The name of the system property which contains the file name of the
* configuration file.
*/
public static final String CONFIG_PROPERTY_NAME =
- "moa.spss.server.configuration";
+ "moa.spss.server.configuration";
- /**
+ /**
* A fake IssuerAndSerial object for storing KeyGroup information
* accessible by all clients.
*/
private static final IssuerAndSerial ANONYMOUS_ISSUER_SERIAL =
- new IssuerAndSerial(new Name(), new BigInteger("0"));
+ new IssuerAndSerial(new Name(), new BigInteger("0"));
/** Singleton instance. null, if none has been created. */
private static ConfigurationProvider instance;
@@ -101,23 +100,23 @@ public class ConfigurationProvider
/** The default canonicalization algorithm name */
private String canonicalizationAlgorithmName;
-
+
/** The XAdES version used for signature creation */
private String xadesVersion;
-
+
/** PDF AS Configuration */
private String pdfAsConfiguration;
-
+
private int connectionTimeout;
private int readTimeout;
-
- /**
- * A List of HardwareCryptoModule objects for
+
+ /**
+ * A List of HardwareCryptoModule objects for
* configuring hardware modules.
*/
private List hardwareCryptoModules;
- /**
+ /**
* A List of HardwareKey objects containing the
* configuration data for hardware keys.
*/
@@ -144,29 +143,29 @@ public class ConfigurationProvider
/** The default chaining mode. */
private String defaultChainingMode;
- /**
+ /**
* A Map which contains the IssuerAndSerial to
* chaining mode (a String) mapping.
*/
private Map chainingModes;
/**
- * A Map which contains the CAIssuerDN (a String)
- * to distribution points (a Set of
- * DistributionPoints) mapping.
+ * A Map which contains the CAIssuerDN (a String) to
+ * distribution points (a Set of DistributionPoints)
+ * mapping.
*/
private Map distributionPoints;
- /**
- * The CRL archive duration.
+ /**
+ * The CRL archive duration.
*/
private int cRLArchiveDuration;
-
+
/**
* Indicates whether revocation information should be archived.
*/
private boolean enableRevocationArchiving_;
-
+
/**
* The location of the certificate store.
*/
@@ -180,29 +179,29 @@ public class ConfigurationProvider
private Map createSignatureEnvironmentProfiles;
/**
- * A Map which contains a mapping from
- * CreateTransformsInfoProfile Ids (String) to
- * CreateTransformsInfoProfile elements (an Element).
+ * A Map which contains a mapping from CreateTransformsInfoProfile
+ * Ids (String) to CreateTransformsInfoProfile elements (an
+ * Element).
*/
private Map createTransformsInfoProfiles;
/**
- * A Map which contains a mapping from
- * VerifyTransformsInfoProfile Ids (String) to
- * VerifyTransformsInfoProfile elements (an Element).
+ * A Map which contains a mapping from VerifyTransformsInfoProfile
+ * Ids (String) to VerifyTransformsInfoProfile elements (an
+ * Element).
*/
private Map verifyTransformsInfoProfiles;
/**
- * A Map which contains a mapping from
- * SupplementProfile Ids (String) to SupplementProfile elements
- * (an Element).
+ * A Map which contains a mapping from SupplementProfile Ids
+ * (String) to SupplementProfile elements (an
+ * Element).
*/
private Map supplementProfiles;
/**
- * A Map which contains a TrustProfile Id (a String
- * to trust profile (a TrustProfile) mapping.
+ * A Map which contains a TrustProfile Id (a String to
+ * trust profile (a TrustProfile) mapping.
*/
private Map trustProfiles;
@@ -222,7 +221,8 @@ public class ConfigurationProvider
private boolean enableRevocationChecking_;
/**
- * The maximum age of a revocation information for considering it still as valid.
+ * The maximum age of a revocation information for considering it still as
+ * valid.
*/
private long maxRevocationAge_;
@@ -232,63 +232,58 @@ public class ConfigurationProvider
private String[] serviceOrder_;
private boolean adesFormResults;
-
+
/**
- * Indicates whether certificates found during certificate path construction
+ * Indicates whether certificates found during certificate path construction
* should be added to the certificate store.
*/
private boolean autoAddCertificates_;
-
private boolean autoAddEECertificates_;
-
-
+
/**
- * Indicates whether the certificate extension Authority Info Access should
- * be used during certificate path construction.
+ * Indicates whether the certificate extension Authority Info Access should be
+ * used during certificate path construction.
*/
private boolean useAuthorityInfoAccess_;
/**
- * Indicates whether file URIs are allowed or not
+ * Indicates whether file URIs are allowed or not
*/
private boolean permitFileURIs;
-
+
/**
* Indicates the CRL retention intervals
*/
private Map crlRetentionIntervals;
-
+
/**
* Indicates wether external URIs are allowed or not
*/
private boolean allowExternalUris_;
-
+
/**
* A List of black listed URIs (host and port)
*/
private List blackListedUris_;
-
+
/**
* A List of white listed URIs (host and port)
*/
private List whiteListedUris_;
-
+
/**
* A TSLConfiguration that represents the global TSL configuration
*/
private TSLConfiguration tslconfiguration_;
-
-
-
/**
* Return the single instance of configuration data.
- *
+ *
* @return MOAConfigurationProvider The current configuration data.
* @throws ConfigurationException Failure to load the configuration data.
*/
public static synchronized ConfigurationProvider getInstance()
- throws ConfigurationException {
+ throws ConfigurationException {
if (instance == null) {
reload();
@@ -298,21 +293,21 @@ public class ConfigurationProvider
/**
* Reload the configuration data and set it if successful.
- *
+ *
* @return MOAConfigurationProvider The loaded configuration data.
* @throws ConfigurationException Failure to load the configuration data.
*/
public static synchronized ConfigurationProvider reload()
- throws ConfigurationException {
+ throws ConfigurationException {
String fileName = System.getProperty(CONFIG_PROPERTY_NAME);
if (fileName == null) {
// find out where we are running and use the configuration provided
// under WEB-INF/conf/moa-spss/MOA-SPSSConfiguration
- URL url = ConfigurationProvider.class.getResource("/");
+ final URL url = ConfigurationProvider.class.getResource("/");
fileName =
- new File(url.getPath()).getParent()
- + "/conf/moa-spss/MOA-SPSSConfiguration.xml";
+ new File(url.getPath()).getParent()
+ + "/conf/moa-spss/MOA-SPSSConfiguration.xml";
info("config.05", new Object[] { CONFIG_PROPERTY_NAME });
}
@@ -322,7 +317,7 @@ public class ConfigurationProvider
/**
* Constructor for ConfigurationProvider.
- *
+ *
* @param fileName The name of the configuration file.
* @throws ConfigurationException An error occurred loading the configuration.
*/
@@ -331,12 +326,11 @@ public class ConfigurationProvider
}
/**
- * Load the configuration data from XML file with the given name and build
- * the internal data structures representing the MOA configuration.
- *
+ * Load the configuration data from XML file with the given name and build the
+ * internal data structures representing the MOA configuration.
+ *
* @param fileName The name of the XML file to load.
- * @throws ConfigurationException The MOA configuration could not be
- * read/built.
+ * @throws ConfigurationException The MOA configuration could not be read/built.
*/
private void load(String fileName) throws ConfigurationException {
FileInputStream stream = null;
@@ -345,16 +339,15 @@ public class ConfigurationProvider
Element configElem;
ConfigurationPartsBuilder builder;
List allKeyModules;
-
// load the main config file
try {
configFile = new File(fileName);
configRoot = new File(configFile.getParent());
- info("config.21", new Object[] { configFile.getAbsoluteFile()});
+ info("config.21", new Object[] { configFile.getAbsoluteFile() });
stream = new FileInputStream(fileName);
configElem = DOMUtils.parseXmlValidating(new FileInputStream(fileName));
- } catch (Throwable t) {
+ } catch (final Throwable t) {
throw new ConfigurationException("config.10", null, t);
}
@@ -362,30 +355,29 @@ public class ConfigurationProvider
try {
builder = new ConfigurationPartsBuilder(configElem, configRoot);
- //build TSL configuration
+ // build TSL configuration
tslconfiguration_ = builder.getTSLConfiguration();
-
- //build TrustProfile configuration
- trustProfiles = builder.buildTrustProfiles();
-
- //check TSL configuration
+
+ // build TrustProfile configuration
+ trustProfiles = builder.buildTrustProfiles();
+
+ // check TSL configuration
checkTSLConfiguration();
-
-
+
digestMethodAlgorithmName = builder.getDigestMethodAlgorithmName();
canonicalizationAlgorithmName =
- builder.getCanonicalizationAlgorithmName();
+ builder.getCanonicalizationAlgorithmName();
hardwareCryptoModules = builder.buildHardwareCryptoModules();
hardwareKeyModules =
- builder.buildHardwareKeyModules(Collections.EMPTY_LIST);
+ builder.buildHardwareKeyModules(Collections.EMPTY_LIST);
softwareKeyModules =
- builder.buildSoftwareKeyModules(hardwareKeyModules);
+ builder.buildSoftwareKeyModules(hardwareKeyModules);
allKeyModules = new ArrayList(hardwareKeyModules);
allKeyModules.addAll(softwareKeyModules);
keyGroups = builder.buildKeyGroups(allKeyModules);
keyGroupMappings =
- builder.buildKeyGroupMappings(keyGroups, ANONYMOUS_ISSUER_SERIAL);
-
+ builder.buildKeyGroupMappings(keyGroups, ANONYMOUS_ISSUER_SERIAL);
+
connectionTimeout = builder.getConnectionTimeout();
readTimeout = builder.getReadTimeout();
pdfAsConfiguration = builder.getPDFASConfiguration();
@@ -396,9 +388,9 @@ public class ConfigurationProvider
useAuthorityInfoAccess_ = builder.getUseAuthorityInfoAccess();
autoAddCertificates_ = builder.getAutoAddCertificates();
autoAddEECertificates_ = builder.getAutoEEAddCertificates();
- //trustProfiles = builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory());
-
-
+ // trustProfiles =
+ // builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory());
+
distributionPoints = builder.buildDistributionPoints();
enableRevocationChecking_ = builder.getEnableRevocationChecking();
maxRevocationAge_ = builder.getMaxRevocationAge();
@@ -407,12 +399,10 @@ public class ConfigurationProvider
cRLArchiveDuration = builder.getRevocationArchiveDuration();
revocationArchiveJDBCURL_ = builder.getRevocationArchiveJDBCURL();
revocationArchiveJDBCDriverClass_ = builder.getRevocationArchiveJDBCDriverClass();
-
-
- //TODO!!!!
+
+ // TODO!!!!
certStoreLocation_ = builder.getCertStoreLocation();
-
-
+
createTransformsInfoProfiles = builder.buildCreateTransformsInfoProfiles();
createSignatureEnvironmentProfiles = builder.buildCreateSignatureEnvironmentProfiles();
verifyTransformsInfoProfiles = builder.buildVerifyTransformsInfoProfiles();
@@ -421,41 +411,37 @@ public class ConfigurationProvider
permitFileURIs = builder.getPermitFileURIs();
crlRetentionIntervals = builder.getCrlRetentionIntervals();
- allowExternalUris_= builder.allowExternalUris();
-
- if (allowExternalUris_) {
- blackListedUris_ = builder.buildPermitExternalUris();
- whiteListedUris_ = null;
- }
- else {
- info("config.35", null);
- blackListedUris_ = null;
- whiteListedUris_ = builder.buildForbidExternalUris();
+ allowExternalUris_ = builder.allowExternalUris();
+
+ if (allowExternalUris_) {
+ blackListedUris_ = builder.buildPermitExternalUris();
+ whiteListedUris_ = null;
+ } else {
+ info("config.35", null);
+ blackListedUris_ = null;
+ whiteListedUris_ = builder.buildForbidExternalUris();
}
-
-
-
+
// Set set = crlRetentionIntervals.entrySet();
// Iterator i = set.iterator();
// while(i.hasNext()){
// Map.Entry me = (Map.Entry)i.next();
// System.out.println("Key: " + me.getKey() + " - Value: " + me.getValue() );
// }
-
-
- } catch (Throwable t) {
+
+ } catch (final Throwable t) {
throw new ConfigurationException("config.11", null, t);
} finally {
try {
if (stream != null) {
stream.close();
}
- } catch (IOException e) {
+ } catch (final IOException e) {
// don't complain about this
}
}
}
-
+
// private boolean checkTSLenableTrustprofilesExist()throws ConfigurationException {
// boolean bTSLEnabledTPExist = false;
// Iterator it = trustProfiles.entrySet().iterator();
@@ -465,78 +451,75 @@ public class ConfigurationProvider
// if (tp.isTSLEnabled())
// bTSLEnabledTPExist = bTSLEnabledTPExist || true;
// }
-//
+//
// return bTSLEnabledTPExist;
-//
+//
// }
-
- private void checkTSLConfiguration() throws ConfigurationException {
- boolean bTSLEnabledTPExist = false;
- Iterator it = trustProfiles.entrySet().iterator();
- while (it.hasNext()) {
- Map.Entry pairs = (Map.Entry)it.next();
- TrustProfile tp = (TrustProfile) pairs.getValue();
- if (tp.isTSLEnabled())
- bTSLEnabledTPExist = bTSLEnabledTPExist || true;
- }
-
- if (!bTSLEnabledTPExist) {
- // if no trustprofile has TSL support enabled, delete TSL configuration
- tslconfiguration_ = null;
- return;
- }
-
- if (bTSLEnabledTPExist && (tslconfiguration_ == null)) {
- error("config.40", null);
- throw new ConfigurationException("config.40", null);
- }
-
- File workingDir = new File(tslconfiguration_.getWorkingDirectory());
- File eu_trust = new File(workingDir.getAbsolutePath() + "/trust/eu");
- if (!eu_trust.exists()) {
- error("config.51", new Object[] {"Verzeichnis \"trust/eu\" existiert nicht"});
- throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" existiert nicht"});
- }
- else {
- File[] eutrustFiles = eu_trust.listFiles();
- if (eutrustFiles == null) {
- error("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"});
- throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"});
- }
- else {
- if (eutrustFiles.length == 0) {
- error("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"});
- throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"});
- }
- }
-
- }
-
- File hashcache = new File(tslconfiguration_.getWorkingDirectory(), "hashcache");
- if (!hashcache.exists()) {
- hashcache.mkdir();
+
+ private void checkTSLConfiguration() throws ConfigurationException {
+ boolean bTSLEnabledTPExist = false;
+ final Iterator it = trustProfiles.entrySet().iterator();
+ while (it.hasNext()) {
+ final Map.Entry pairs = (Map.Entry) it.next();
+ final TrustProfile tp = (TrustProfile) pairs.getValue();
+ if (tp.isTSLEnabled()) {
+ bTSLEnabledTPExist = bTSLEnabledTPExist || true;
}
- if (!hashcache.isDirectory()) {
- error("config.38", new Object[] { hashcache.getAbsolutePath() });
- return;
+ }
+
+ if (!bTSLEnabledTPExist) {
+ // if no trustprofile has TSL support enabled, delete TSL configuration
+ tslconfiguration_ = null;
+ return;
+ }
+
+ if (bTSLEnabledTPExist && tslconfiguration_ == null) {
+ error("config.40", null);
+ throw new ConfigurationException("config.40", null);
+ }
+
+ final File workingDir = new File(tslconfiguration_.getWorkingDirectory());
+ final File eu_trust = new File(workingDir.getAbsolutePath() + "/trust/eu");
+ if (!eu_trust.exists()) {
+ error("config.51", new Object[] { "Verzeichnis \"trust/eu\" existiert nicht" });
+ throw new ConfigurationException("config.51", new Object[] {
+ "Verzeichnis \"trust/eu\" existiert nicht" });
+ } else {
+ final File[] eutrustFiles = eu_trust.listFiles();
+ if (eutrustFiles == null) {
+ error("config.51", new Object[] { "Verzeichnis \"trust/eu\" ist leer" });
+ throw new ConfigurationException("config.51", new Object[] { "Verzeichnis \"trust/eu\" ist leer" });
+ } else {
+ if (eutrustFiles.length == 0) {
+ error("config.51", new Object[] { "Verzeichnis \"trust/eu\" ist leer" });
+ throw new ConfigurationException("config.51", new Object[] { "Verzeichnis \"trust/eu\" ist leer" });
+ }
}
+ }
+
+ final File hashcache = new File(tslconfiguration_.getWorkingDirectory(), "hashcache");
+ if (!hashcache.exists()) {
+ hashcache.mkdir();
+ }
+ if (!hashcache.isDirectory()) {
+ error("config.38", new Object[] { hashcache.getAbsolutePath() });
+ return;
+ }
+
// System.setProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR", hashcache.getAbsolutePath());
// String hashcachedir = System.getProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR");
// System.out.println("Hashcache: " + hashcachedir);
+ Logger.debug("TSL Konfiguration - Hashcache: " + hashcache.getAbsolutePath());
- Logger.debug("TSL Konfiguration - Hashcache: " + hashcache.getAbsolutePath());
-
-
}
-
/**
* Returns the warnings encountered during building the configuration.
- *
- * @return A List of Strings, containing the
- * warning messages.
+ *
+ * @return A List of Strings, containing the warning
+ * messages.
*/
public List getWarnings() {
return warnings;
@@ -544,57 +527,58 @@ public class ConfigurationProvider
/**
* Return the name of the digest algorithm used during signature creation.
- *
- * @return The digest method algorithm name, or an empty String,
- * if none has been configured.
+ *
+ * @return The digest method algorithm name, or an empty String, if
+ * none has been configured.
*/
public String getDigestMethodAlgorithmName() {
return digestMethodAlgorithmName;
}
-
+
/**
* Return the XAdES version used for signature creation.
- *
- * @return The XAdES version used for signature creation, or an empty String,
- * if none has been configured.
+ *
+ * @return The XAdES version used for signature creation, or an empty
+ * String, if none has been configured.
*/
public String getXAdESVersion() {
return xadesVersion;
}
-
+
public String getPDFASConfiguration() {
- return pdfAsConfiguration;
+ return pdfAsConfiguration;
}
-
+
public int getConnectionTimeout() {
- return this.connectionTimeout;
+ return this.connectionTimeout;
}
-
+
public int getReadTimeout() {
- return this.readTimeout;
+ return this.readTimeout;
}
-
+
public boolean getAdesFormResults() {
- return this.adesFormResults;
+ return this.adesFormResults;
}
-
+
public boolean getAllowExternalUris() {
- return this.allowExternalUris_;
+ return this.allowExternalUris_;
}
-
+
public List getBlackListedUris() {
- return this.blackListedUris_;
+ return this.blackListedUris_;
}
+
public List getWhiteListedUris() {
- return this.whiteListedUris_;
+ return this.whiteListedUris_;
}
-
+
/**
* Return the name of the canonicalization algorithm used during signature
* creation.
- *
- * @return The canonicalization algorithm name, or an empty
- * String if none has been configured.
+ *
+ * @return The canonicalization algorithm name, or an empty String
+ * if none has been configured.
*/
public String getCanonicalizationAlgorithmName() {
return canonicalizationAlgorithmName;
@@ -602,9 +586,9 @@ public class ConfigurationProvider
/**
* Return the configured hardware crypto modules.
- *
+ *
* @return A List of HardwareCryptoModule objects
- * containing the hardware crypto module configurations.
+ * containing the hardware crypto module configurations.
*/
public List getHardwareCryptoModules() {
return hardwareCryptoModules;
@@ -612,9 +596,9 @@ public class ConfigurationProvider
/**
* Return the hardware key modules configuration.
- *
+ *
* @return A List of HardwareKeyModule objects
- * containing the configuration of the hardware key modules.
+ * containing the configuration of the hardware key modules.
*/
public List getHardwareKeyModules() {
return hardwareKeyModules;
@@ -622,9 +606,9 @@ public class ConfigurationProvider
/**
* Return the software key module configuration.
- *
+ *
* @return A List of SoftwareKeyModule objects
- * containing the configuration of the software key modules.
+ * containing the configuration of the software key modules.
*/
public List getSoftwareKeyModules() {
return softwareKeyModules;
@@ -632,38 +616,38 @@ public class ConfigurationProvider
/**
* Return the key group mapping.
- *
- * @return A mapping from key group ID (a String) to
- * KeyGroup mapping.
+ *
+ * @return A mapping from key group ID (a String) to
+ * KeyGroup mapping.
*/
public Map getKeyGroups() {
return keyGroups;
}
-
+
public KeyGroup getKeyGroup(String keyGroupId) {
- if (MiscUtil.isNotEmpty(keyGroupId))
- return (KeyGroup) keyGroups.get(keyGroupId.trim().toLowerCase());
-
- else
- return null;
+ if (MiscUtil.isNotEmpty(keyGroupId)) {
+ return (KeyGroup) keyGroups.get(keyGroupId.trim().toLowerCase());
+ } else {
+ return null;
+ }
}
/**
* Return the set of KeyGroupEntrys of a given key group, which a
* client (identified by an issuer/serial pair) may access.
- *
- * @param issuer The issuer of the client certificate.
- * @param serial The serial number of the client certificate.
+ *
+ * @param issuer The issuer of the client certificate.
+ * @param serial The serial number of the client certificate.
* @param keyGroupId The ID of the key group.
* @return A Set of all the KeyGroupEntrys in the
- * given key group, if the user may access them. Returns null, if
- * the user may not access the given key group or if the key group does not
- * exist.
+ * given key group, if the user may access them. Returns
+ * null, if the user may not access the given key group or
+ * if the key group does not exist.
*/
public Set getKeyGroupEntries(
- Principal issuer,
- BigInteger serial,
- String keyGroupId) {
+ Principal issuer,
+ BigInteger serial,
+ String keyGroupId) {
IssuerAndSerial issuerAndSerial;
Map mapping;
@@ -676,118 +660,115 @@ public class ConfigurationProvider
// System.out.println("Issuer: " + issuer);
// System.out.println("serial: " + serial);
-//
+//
// Iterator entries = keyGroupMappings.entrySet().iterator();
// while (entries.hasNext()) {
// Entry thisEntry = (Entry) entries.next();
// System.out.println("Entry: " + thisEntry.getKey());
// System.out.println("Value: " + thisEntry.getValue());
// }
-
+
mapping = (Map) keyGroupMappings.get(issuerAndSerial);
if (mapping != null) {
- KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId);
+ final KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId);
if (keyGroup != null) {
return keyGroup.getKeyGroupEntries();
}
}
-
+
// If no key group is available for a client identified by a certificate,
// try to find a key group in the anonymous key group mapping
- if (issuer != null || serial != null)
- {
+ if (issuer != null || serial != null) {
mapping = (Map) keyGroupMappings.get(ANONYMOUS_ISSUER_SERIAL);
- if (mapping != null)
- {
- KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId);
- if (keyGroup != null) return keyGroup.getKeyGroupEntries();
+ if (mapping != null) {
+ final KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId);
+ if (keyGroup != null) {
+ return keyGroup.getKeyGroupEntries();
+ }
}
}
-
+
return null;
}
/**
* Return the chaining mode for a given trust anchor.
- *
+ *
* @param trustAnchor The trust anchor for which the chaining mode should be
- * returned.
- * @return The chaining mode for the given trust anchor. If the trust anchor
- * has not been configured separately, the system default will be returned.
+ * returned.
+ * @return The chaining mode for the given trust anchor. If the trust anchor has
+ * not been configured separately, the system default will be returned.
*/
public String getChainingMode(X509Certificate trustAnchor) {
- Principal issuer = trustAnchor.getIssuerDN();
- BigInteger serial = trustAnchor.getSerialNumber();
- IssuerAndSerial issuerAndSerial = new IssuerAndSerial(issuer, serial);
+ final Principal issuer = trustAnchor.getIssuerDN();
+ final BigInteger serial = trustAnchor.getSerialNumber();
+ final IssuerAndSerial issuerAndSerial = new IssuerAndSerial(issuer, serial);
- String mode = (String) chainingModes.get(issuerAndSerial);
+ final String mode = (String) chainingModes.get(issuerAndSerial);
return mode != null ? mode : defaultChainingMode;
}
/**
* Return the distribution points for a given CA.
- *
+ *
* @param cert The certificate for which the distribution points should be
* looked up. The issuer information is used to perform the lookup.
- *
- * @return A Set of DistributionPoint objects. The
- * set will be empty, if no distribution points have been configured
- * for this certificate.
+ *
+ * @return A Set of DistributionPoint objects. The set
+ * will be empty, if no distribution points have been configured for
+ * this certificate.
*/
- public Set getDistributionPoints(X509Certificate cert)
- {
+ public Set getDistributionPoints(X509Certificate cert) {
try {
- RFC2253NameParser nameParser =
- new RFC2253NameParser(cert.getIssuerDN().toString());
- String caIssuerDN = nameParser.parse().getName();
- Set dps = (Set) distributionPoints.get(caIssuerDN);
+ final RFC2253NameParser nameParser =
+ new RFC2253NameParser(cert.getIssuerDN().toString());
+ final String caIssuerDN = nameParser.parse().getName();
+ final Set dps = (Set) distributionPoints.get(caIssuerDN);
if (dps == null) {
return Collections.EMPTY_SET;
}
return dps;
- } catch (RFC2253NameParserException e) {
+ } catch (final RFC2253NameParserException e) {
return Collections.EMPTY_SET;
}
}
/**
* Return the CRL archive duration.
- *
+ *
* @return The duration of how long to keep CRL archive entries (measured in
- * days).
+ * days).
*/
public int getCRLArchiveDuration() {
return cRLArchiveDuration;
}
-
+
/**
* Returns whether revocation information should be archived.
- *
+ *
* @return whether revocation information should be archived.
*/
- public boolean getEnableRevocationArchiving()
- {
+ public boolean getEnableRevocationArchiving() {
return enableRevocationArchiving_;
}
-
+
/**
* Returns the location of the certificate store.
- *
+ *
* @return the location of the certificate store.
*/
- public String getCertStoreLocation()
- {
+ public String getCertStoreLocation() {
return certStoreLocation_;
}
/**
* Return a CreateTransformsInfoProfile with the given ID.
- *
+ *
* @param id The CreateTransformsInfoProfile ID.
- * @return The CreateTransformsInfoProfile with the given
- * ID or null, if none exists.
+ * @return The CreateTransformsInfoProfile with the given ID or
+ * null, if none exists.
*/
public Element getCreateTransformsInfoProfile(String id) {
return (Element) createTransformsInfoProfiles.get(id);
@@ -795,10 +776,10 @@ public class ConfigurationProvider
/**
* Return a CreateSignatureEnvironmentProfile with the given ID.
- *
+ *
* @param id The CreateSignatureEnvironmentProfile ID.
- * @return The CreateSignatureEnvironmentProfile with the given
- * ID or null, if none exists.
+ * @return The CreateSignatureEnvironmentProfile with the given ID
+ * or null, if none exists.
*/
public Element getCreateSignatureEnvironmentProfile(String id) {
return (Element) createSignatureEnvironmentProfiles.get(id);
@@ -806,10 +787,10 @@ public class ConfigurationProvider
/**
* Return a VerifyTransformsInfoProfile with the given ID.
- *
+ *
* @param id The VerifyTransformsInfoProfile ID.
* @return The VerifyTransformsInfoProfile with the given ID or
- * null, if none exists.
+ * null, if none exists.
*/
public Element getVerifyTransformsInfoProfile(String id) {
return (Element) verifyTransformsInfoProfiles.get(id);
@@ -817,10 +798,10 @@ public class ConfigurationProvider
/**
* Return a SupplementProfile with the given ID.
- *
+ *
* @param id The SupplementProfile ID.
* @return The SupplementProfile with the given ID or
- * null, if none exists.
+ * null, if none exists.
*/
public Element getSupplementProfile(String id) {
return (Element) supplementProfiles.get(id);
@@ -828,63 +809,64 @@ public class ConfigurationProvider
/**
* Return a TrustProfile with the given ID.
- *
+ *
* @param id The TrustProfile ID.
- * @return The TrustProfile with the given ID or
- * null, if none exists.
+ * @return The TrustProfile with the given ID or null,
+ * if none exists.
*/
public TrustProfile getTrustProfile(String id) {
- if (MiscUtil.isNotEmpty(id)) {
- id = id.trim().toLowerCase();
- return (TrustProfile) trustProfiles.get(id);
-
- }
-
- return null;
+ if (MiscUtil.isNotEmpty(id)) {
+ id = id.trim().toLowerCase();
+ return (TrustProfile) trustProfiles.get(id);
+
+ }
+
+ return null;
}
-
+
/**
* Returns a map of TrustProfiles
+ *
* @return
*/
public Map getTrustProfiles() {
- return trustProfiles;
+ return trustProfiles;
}
/**
* Log a warning.
- *
- * @param messageId The message ID.
+ *
+ * @param messageId The message ID.
* @param parameters Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private static void info(String messageId, Object[] parameters) {
- MessageProvider msg = MessageProvider.getInstance();
+ final MessageProvider msg = MessageProvider.getInstance();
Logger.info(new LogMsg(msg.getMessage(messageId, parameters)));
}
-
+
/**
* Log a debug message.
- *
- * @param messageId The message ID.
+ *
+ * @param messageId The message ID.
* @param parameters Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private static void debug(String message) {
Logger.debug(message);
}
-
- /**
+
+ /**
* Log a warning.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void warn(String messageId, Object[] args) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
Logger.warn(new LogMsg(txt));
warnings.add(txt);
@@ -892,133 +874,126 @@ public class ConfigurationProvider
/**
* Log an error.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void error(String messageId, Object[] args) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
Logger.warn(new LogMsg(txt));
// warnings.add(txt);
}
-
+
/**
* Returns the JDBC URL for the revocation archive database.
- *
+ *
* @return the JDBC URL for the revocation archive database.
*/
- public String getRevocationArchiveJDBCURL()
- {
+ public String getRevocationArchiveJDBCURL() {
return revocationArchiveJDBCURL_;
}
/**
* Returns the JDBC driver class name for the revocation archive database.
- *
+ *
* @return the JDBC driver class name for the revocation archive database.
*/
- public String getRevocationArchiveJDBCDriverClass()
- {
+ public String getRevocationArchiveJDBCDriverClass() {
return revocationArchiveJDBCDriverClass_;
}
/**
* Returns whether revocation checking should be done.
- *
+ *
* @return whether revocation checking should be done.
*/
- public boolean getEnableRevocationChecking()
- {
+ public boolean getEnableRevocationChecking() {
return enableRevocationChecking_;
}
/**
- * Returns the maximum age of a revocation information for considering it
- * still as valid.
- *
- * @return the maximum age of a revocation information for considering it
- * still as valid.
+ * Returns the maximum age of a revocation information for considering it still
+ * as valid.
+ *
+ * @return the maximum age of a revocation information for considering it still
+ * as valid.
*/
- public long getMaxRevocationAge()
- {
+ public long getMaxRevocationAge() {
return maxRevocationAge_;
}
/**
* Returns the service order for revocation checking.
- *
+ *
* @return the service order for revocation checking. Valid array entries are
- * {@link RevocationSourceTypes#OCSP} and {@link RevocationSourceTypes#CRL}.
+ * {@link RevocationSourceTypes#OCSP} and
+ * {@link RevocationSourceTypes#CRL}.
*/
- public String[] getServiceOrder()
- {
+ public String[] getServiceOrder() {
return serviceOrder_;
}
/**
- * Returns whether certificates found during certificate path construction
+ * Returns whether certificates found during certificate path construction
* should be added to the certificate store.
- *
- * @return whether certificates found during certificate path construction
+ *
+ * @return whether certificates found during certificate path construction
* should be added to the certificate store.
*/
- public boolean getAutoAddCertificates()
- {
+ public boolean getAutoAddCertificates() {
return autoAddCertificates_;
}
/**
- * Returns whether EE certificates found during certificate path construction
+ * Returns whether EE certificates found during certificate path construction
* should be added to the certificate store.
- *
- * @return whether certificates found during certificate path construction
+ *
+ * @return whether certificates found during certificate path construction
* should be added to the certificate store.
*/
- public boolean getAutoAddEECertificates()
- {
+ public boolean getAutoAddEECertificates() {
return autoAddEECertificates_;
}
-
+
/**
- * Returns whether the certificate extension Authority Info Access should
- * be used during certificate path construction.
- *
- * @return whether the certificate extension Authority Info Access should
- * be used during certificate path construction.
+ * Returns whether the certificate extension Authority Info Access should be
+ * used during certificate path construction.
+ *
+ * @return whether the certificate extension Authority Info Access should be
+ * used during certificate path construction.
*/
- public boolean getUseAuthorityInfoAccess()
- {
+ public boolean getUseAuthorityInfoAccess() {
return useAuthorityInfoAccess_;
}
-
+
/**
* Returns whether the file URIs are permitted or not
+ *
* @return whether the file URIs are permitted or not
*/
- public boolean getPermitFileURIs()
- {
- return permitFileURIs;
+ public boolean getPermitFileURIs() {
+ return permitFileURIs;
}
-
+
/**
* Returns the map of retention intervals
+ *
* @return The map of retention intervals
*/
public Map getCrlRetentionIntervals() {
- return crlRetentionIntervals;
+ return crlRetentionIntervals;
}
-
+
/**
* Returns the global TSL configuration
+ *
* @return The global TSL configuration
*/
public TSLConfiguration getTSLConfiguration() {
- return tslconfiguration_;
+ return tslconfiguration_;
}
-
-
}
\ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/DistributionPoint.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/DistributionPoint.java
index a2e5b93..bf911df 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/DistributionPoint.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/DistributionPoint.java
@@ -21,42 +21,40 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
/**
* Abstract base class for distribution points.
- *
+ *
* @author Gregor Karlinger
* @version $Id$
- * */
-public abstract class DistributionPoint implements iaik.pki.revocation.DistributionPoint
-{
- /**
- * The distribution point URI.
+ */
+public abstract class DistributionPoint implements iaik.pki.revocation.DistributionPoint {
+ /**
+ * The distribution point URI.
*/
- private String uri_;
+ private final String uri_;
/**
* Create a DistributionPoint with a URI.
- *
+ *
* @param uri The URI of the distribution point.
*/
- public DistributionPoint(String uri)
- {
+ public DistributionPoint(String uri) {
uri_ = uri;
}
-
+
/**
* @see iaik.pki.revocation.DistributionPoint#getType()
*/
+ @Override
public abstract String getType();
/**
* @see iaik.pki.revocation.DistributionPoint#getUri()
*/
- public String getUri()
- {
+ @Override
+ public String getUri() {
return uri_;
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareCryptoModule.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareCryptoModule.java
index c0487f6..99ca1c3 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareCryptoModule.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareCryptoModule.java
@@ -21,40 +21,38 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
/**
* Contains configuration data for a hardware crypto module.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class HardwareCryptoModule {
/** The name of the module. */
- private String name;
+ private final String name;
/** The slod ID of the module. */
- private String slotID;
+ private final String slotID;
/** The user PIN of the module. */
- private String userPIN;
-
+ private final String userPIN;
+
/**
* Create a new HardwareCryptoModule.
- *
- * @param name The name of this HardwareCryptoModule.
- * @param slotID The slot ID of this HardwareCryptoModule.
- * @param userPIN The user PIN to access this
- * HardwareCryptoModule.
+ *
+ * @param name The name of this HardwareCryptoModule.
+ * @param slotID The slot ID of this HardwareCryptoModule.
+ * @param userPIN The user PIN to access this HardwareCryptoModule.
*/
public HardwareCryptoModule(String name, String slotID, String userPIN) {
this.name = name;
this.slotID = slotID;
this.userPIN = userPIN;
}
-
+
/**
* Returns the name of this HardwareCryptoModule.
- *
+ *
* @return The name of this HardwareCryptoModule.
*/
public String getName() {
@@ -63,22 +61,20 @@ public class HardwareCryptoModule {
/**
* Returns the slot ID of this HardwareCryptoModule.
- *
+ *
* @return The slot ID.
*/
public String getSlotID() {
return slotID;
}
-
/**
* Returns the user PIN of this HardwareCryptoModule.
- *
+ *
* @return The user PIN used to access the module.
*/
public String getUserPIN() {
return userPIN;
}
-
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareKeyModule.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareKeyModule.java
index 18fd085..5fa408c 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareKeyModule.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareKeyModule.java
@@ -21,60 +21,59 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
/**
* A class that contains information about a hardware key module.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class HardwareKeyModule extends KeyModule {
/** The name of the module. */
- private String name;
+ private final String name;
/** The slod ID of the module. */
- private String slotID;
+ private final String slotID;
/** The user PIN of the module. */
- private String userPIN;
-
+ private final String userPIN;
+
/**
* Create a new HardwareKey.
- *
- * @param id The key module ID.
- * @param name The name of the key.
- * @param slotID The slot ID of the key within the hardware module. May be
- * null.
+ *
+ * @param id The key module ID.
+ * @param name The name of the key.
+ * @param slotID The slot ID of the key within the hardware module. May be
+ * null.
* @param userPIN The user PIN to access the key.
*/
public HardwareKeyModule(String id, String name, String slotID, String userPIN) {
super(id);
this.name = name;
this.slotID = slotID;
- this.userPIN = userPIN;
+ this.userPIN = userPIN;
}
-
+
/**
* Return the name of this HardwareKey.
- *
+ *
* @return The name of this HardwareKey.
*/
public String getName() {
return name;
}
-
+
/**
* Return the slot ID of this HardwareKey.
- *
+ *
* @return The slot ID of this HardwareKey.
*/
public String getSlotID() {
return slotID;
}
-
+
/**
* Return the user PIN to access this HardwareKey.
- *
+ *
* @return The user PIN to access this HardwareKey.
*/
public String getUserPIN() {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/IssuerAndSerial.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/IssuerAndSerial.java
index 38a3ae9..03827f2 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/IssuerAndSerial.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/IssuerAndSerial.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
import java.math.BigInteger;
@@ -34,25 +33,25 @@ import iaik.utils.RFC2253NameParserException;
/**
* A class containing the issuer and serial number of a certificate, which can
* be used to uniquely identify the certificate.
- *
+ *
* The issuer is contained as an RFC2253 encoded String.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class IssuerAndSerial {
/** The issuer distinguished name. */
- private String issuerDN;
+ private final String issuerDN;
/** The certificate serial number. */
- private BigInteger serial;
+ private final BigInteger serial;
/**
* Create an IssuerAndSerial object.
- *
+ *
* The name of the issuer is converted to RFC2253. If it cannot be parsed, the
- * DN contained in the issuer is set.
- *
+ * DN contained in the issuer is set.
+ *
* @param issuer The isser of a certificate.
* @param serial The serial number of the certificate.
*/
@@ -60,28 +59,28 @@ public class IssuerAndSerial {
String issuerDN = null;
if (issuer instanceof Name) {
try {
- issuerDN = ((Name)issuer).getRFC2253String();
- } catch (RFC2253NameParserException e) {
+ issuerDN = ((Name) issuer).getRFC2253String();
+ } catch (final RFC2253NameParserException e) {
// do nothing
}
}
if (issuerDN == null) {
- RFC2253NameParser parser = new RFC2253NameParser(issuer.getName());
+ final RFC2253NameParser parser = new RFC2253NameParser(issuer.getName());
try {
- issuerDN = ((Name)parser.parse()).getRFC2253String();
- } catch (RFC2253NameParserException e) {
+ issuerDN = parser.parse().getRFC2253String();
+ } catch (final RFC2253NameParserException e) {
issuerDN = issuer.getName();
}
}
this.serial = serial;
this.issuerDN = issuerDN;
}
-
+
/**
* Create an IssuerAndSerial object.
- *
+ *
* @param issuerDN The issuer distinguished name. Should be an RFC2253 name.
- * @param serial The serial number of the certificate.
+ * @param serial The serial number of the certificate.
*/
public IssuerAndSerial(String issuerDN, BigInteger serial) {
this.issuerDN = issuerDN;
@@ -90,7 +89,7 @@ public class IssuerAndSerial {
/**
* Return the issuer DN in RFC2253 format.
- *
+ *
* @return The issuer part of this object.
*/
public String getIssuerDN() {
@@ -99,7 +98,7 @@ public class IssuerAndSerial {
/**
* Return the serial number.
- *
+ *
* @return The serial number of this object.
*/
public BigInteger getSerial() {
@@ -108,28 +107,31 @@ public class IssuerAndSerial {
/**
* Compare this IssuerAndSerial to another object.
- *
+ *
* @param other The object to compare this IssuerAndSerial to.
* @return true, if other is an
- * IssuerAndSerial object and the issuer and
- * serial fields are both equal. false otherwise.
+ * IssuerAndSerial object and the issuer and
+ * serial fields are both equal. false
+ * otherwise.
* @see java.lang.Object#equals(java.lang.Object)
*/
+ @Override
public boolean equals(Object other) {
if (other instanceof IssuerAndSerial) {
- IssuerAndSerial ias = (IssuerAndSerial) other;
+ final IssuerAndSerial ias = (IssuerAndSerial) other;
return getIssuerDN().equals(ias.getIssuerDN())
- && getSerial().equals(ias.getSerial());
+ && getSerial().equals(ias.getSerial());
}
return false;
}
/**
* Return the hash code of this IssuerAndSerial.
- *
+ *
* @return The hash code of this IssuerAndSerial.
* @see java.lang.Object#hashCode()
*/
+ @Override
public int hashCode() {
return issuerDN.hashCode() ^ serial.hashCode();
}
@@ -137,13 +139,14 @@ public class IssuerAndSerial {
/**
* Return a String representation of this
* IssuerAndSerial object.
- *
+ *
* @return The String representation.
* @see java.lang.Object#toString()
*/
+ @Override
public String toString() {
- return ("(IssuerAndSerial - Issuer<" + getIssuerDN())
- + ("> Serial<" + serial.toString() + ">)");
+ return "(IssuerAndSerial - Issuer<" + getIssuerDN()
+ + "> Serial<" + serial.toString() + ">)";
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroup.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroup.java
index c2490f9..faeaf82 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroup.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroup.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
import java.util.Iterator;
@@ -29,7 +28,7 @@ import java.util.Set;
/**
* A collection of KeyGroupEntrys with its own ID.
- *
+ *
* @author Sven Aigner
* @author Patrick Peck
* @version $Id$
@@ -37,59 +36,62 @@ import java.util.Set;
public class KeyGroup {
/** The keys belonging to this key group. */
- private Set keyGroupEntries;
+ private final Set keyGroupEntries;
/** The key group ID. */
- private String id;
+ private final String id;
/** The digest method algorithm for the key group */
- private String digestMethodAlgorithm;
+ private final String digestMethodAlgorithm;
/**
* Create a KeyGroup.
- *
- * @param id The ID of this KeyGroup.
- * @param keyGroupEntries The keys belonging to this KeyGroup.
+ *
+ * @param id The ID of this KeyGroup.
+ * @param keyGroupEntries The keys belonging to this
+ * KeyGroup.
* @param digestMethodAlgorithm The signature algorithm used for this key group
*/
public KeyGroup(String id, Set keyGroupEntries, String digestMethodAlgorithm) {
this.id = id;
this.keyGroupEntries = keyGroupEntries;
- this.digestMethodAlgorithm = digestMethodAlgorithm;
+ this.digestMethodAlgorithm = digestMethodAlgorithm;
}
/**
* Return the KeyEntrys contained in this KeyGroup.
- *
+ *
* @return The KeyEntrys contained in this KeyGroup.
*/
public Set getKeyGroupEntries() {
return keyGroupEntries;
}
-
+
/**
* Returnd the digest method algorithm used for this key group
+ *
* @return The digest method signature algorithm used for this key group
*/
public String getDigestMethodAlgorithm() {
- return digestMethodAlgorithm;
+ return digestMethodAlgorithm;
}
/**
* Return the ID of this KeyGroup.
- *
+ *
* @return The KeyGroup ID.
*/
public String getId() {
return id;
}
- /**
+ /**
* Return a String representation of this KeyGroup.
- *
+ *
* @return The String representation.
* @see java.lang.Object#toString()
*/
+ @Override
public String toString() {
- StringBuffer sb = new StringBuffer();
+ final StringBuffer sb = new StringBuffer();
Iterator i;
if (getKeyGroupEntries() != null) {
@@ -99,7 +101,8 @@ public class KeyGroup {
sb.append(" " + i.next());
}
}
- return "(KeyGroup - ID:" + id + " " + sb.toString() + ")" + "DigestMethodAlgorithm: " + digestMethodAlgorithm;
+ return "(KeyGroup - ID:" + id + " " + sb.toString() + ")" + "DigestMethodAlgorithm: "
+ + digestMethodAlgorithm;
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroupEntry.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroupEntry.java
index fcedfb0..d73b755 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroupEntry.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroupEntry.java
@@ -21,31 +21,30 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
import java.math.BigInteger;
/**
* A class containing information about an entry in a key group.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class KeyGroupEntry {
/** The module ID of the key. */
- private String moduleID;
+ private final String moduleID;
/** The issuer DN of the certificate identifying the key. */
- private String issuerDN;
+ private final String issuerDN;
/** The serial number of the certificate identifying the key. */
- private BigInteger serialNumber;
+ private final BigInteger serialNumber;
/**
* Create a new KeyGroupEntry.
- *
- * @param moduleID The key module ID to which this entry belongs to.
- * @param issuerAndSerial The issuer and serial number which uniquely
- * identifies a certificate within the key module.
+ *
+ * @param moduleID The key module ID to which this entry belongs to.
+ * @param issuerAndSerial The issuer and serial number which uniquely identifies
+ * a certificate within the key module.
*/
public KeyGroupEntry(String moduleID, IssuerAndSerial issuerAndSerial) {
this.moduleID = moduleID;
@@ -55,25 +54,24 @@ public class KeyGroupEntry {
/**
* Create a new KeyGroupEntry.
- *
- * @param moduleID The key module ID to which this entry belongs to.
- * @param issuerDN The isser DN of the certificate within the key module.
+ *
+ * @param moduleID The key module ID to which this entry belongs to.
+ * @param issuerDN The isser DN of the certificate within the key module.
* @param serialNumber The serial number of the certificate within the key
- * module.
+ * module.
*/
public KeyGroupEntry(
- String moduleID,
- String issuerDN,
- BigInteger serialNumber) {
+ String moduleID,
+ String issuerDN,
+ BigInteger serialNumber) {
this.moduleID = moduleID;
this.issuerDN = issuerDN;
this.serialNumber = serialNumber;
}
/**
- * Return the key module ID to which this KeyGroupEntry belongs
- * to.
- *
+ * Return the key module ID to which this KeyGroupEntry belongs to.
+ *
* @return The key module ID.
*/
public String getModuleID() {
@@ -83,7 +81,7 @@ public class KeyGroupEntry {
/**
* Return the issuer DN of this KeyGroupEntry for identifying the
* certificate within the key module.
- *
+ *
* @return The issuer DN of the certificate.
*/
public String getIssuerDN() {
@@ -93,7 +91,7 @@ public class KeyGroupEntry {
/**
* Return the serial number of this KeyGroupEntry for identifying
* the certificate within the key module.
- *
+ *
* @return The serial number of the certificate.
*/
public BigInteger getSerialNumber() {
@@ -105,26 +103,28 @@ public class KeyGroupEntry {
*
* @param other The KeyGroupEntry to compare to.
* @return true, if module ID, isser DN and serial number of
- * other match the ones contained in this object, otherwise
- * false.
+ * other match the ones contained in this object, otherwise
+ * false.
* @see java.lang.Object#equals(Object)
*/
+ @Override
public boolean equals(Object other) {
if (other instanceof KeyGroupEntry) {
- KeyGroupEntry entry = (KeyGroupEntry) other;
+ final KeyGroupEntry entry = (KeyGroupEntry) other;
return getModuleID().equals(entry.getModuleID())
- && getIssuerDN().equals(entry.getIssuerDN())
- && getSerialNumber().equals(entry.getSerialNumber());
+ && getIssuerDN().equals(entry.getIssuerDN())
+ && getSerialNumber().equals(entry.getSerialNumber());
}
return false;
}
-
+
/**
* @see java.lang.Object#hashCode()
*/
+ @Override
public int hashCode() {
return getModuleID().hashCode()
- ^ getIssuerDN().hashCode()
- ^ getSerialNumber().hashCode();
+ ^ getIssuerDN().hashCode()
+ ^ getSerialNumber().hashCode();
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyModule.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyModule.java
index 45d8d7e..6a665d6 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyModule.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyModule.java
@@ -21,23 +21,22 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
/**
* A class that contains information about a key module.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class KeyModule {
/** The key module ID. */
- private String id;
+ private final String id;
/**
* Create a Key object.
- *
+ *
* @param id The key module ID.
*/
public KeyModule(String id) {
@@ -46,7 +45,7 @@ public class KeyModule {
/**
* Return the key ID.
- *
+ *
* @return The key ID.
*/
public String getId() {
@@ -55,10 +54,11 @@ public class KeyModule {
/**
* Return a String representation of this Key.
- *
+ *
* @return The String representation.
* @see java.lang.Object#toString()
*/
+ @Override
public String toString() {
return "(Key - Id<" + id + ">)";
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/OCSPDistributionPoint.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/OCSPDistributionPoint.java
index 2e91c6b..97ced05 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/OCSPDistributionPoint.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/OCSPDistributionPoint.java
@@ -21,36 +21,33 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
import iaik.pki.revocation.RevocationSourceTypes;
/**
* A class representing a CRL distribution point.
- *
+ *
* @author Gregor Karlinger
* @version $Id$
*/
-public class OCSPDistributionPoint
- extends DistributionPoint
- implements iaik.pki.revocation.DistributionPoint
-{
+public class OCSPDistributionPoint
+ extends DistributionPoint
+ implements iaik.pki.revocation.DistributionPoint {
/**
* Create a OCSPDistributionPoint with a URI.
- *
+ *
* @param uri The URI of the ocsp distribution point.
*/
- public OCSPDistributionPoint(String uri)
- {
+ public OCSPDistributionPoint(String uri) {
super(uri);
}
/**
* @see iaik.pki.revocation.DistributionPoint#getType()
*/
- public String getType()
- {
+ @Override
+ public String getType() {
return RevocationSourceTypes.OCSP;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/SoftwareKeyModule.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/SoftwareKeyModule.java
index 0ed83bb..3c038cf 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/SoftwareKeyModule.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/SoftwareKeyModule.java
@@ -21,25 +21,24 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
/**
* A class containing information about a software key, stored in PKCS12 format.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class SoftwareKeyModule extends KeyModule {
/** The name of the file containing the keys. */
- private String fileName;
+ private final String fileName;
/** The password for accessing the file. */
- private String passWord;
-
+ private final String passWord;
+
/**
* Create a new SoftwareKey.
- *
- * @param id The key ID.
+ *
+ * @param id The key ID.
* @param fileName The name of the PKCS12 keystore file containing the key.
* @param passWord The password to access the keystore file.
*/
@@ -48,25 +47,24 @@ public class SoftwareKeyModule extends KeyModule {
this.fileName = fileName;
this.passWord = passWord;
}
-
+
/**
* Return the name of the PKCS12 keystore file containing this
* SoftwareKey.
- *
+ *
* @return The name of the PKCS12 keystore file.
*/
public String getFileName() {
return fileName;
}
-
+
/**
* Return the password to access the keystore file.
- *
+ *
* @return The password to access the keystore file.
*/
public String getPassWord() {
return passWord;
}
-
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java
index 0063c7f..94155d6 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
import java.net.URI;
@@ -35,129 +34,139 @@ import java.util.regex.PatternSyntaxException;
import at.gv.egovernment.moa.sig.tsl.TslConstants;
import at.gv.egovernment.moaspss.logging.Logger;
import at.gv.egovernment.moaspss.util.MiscUtil;
-import iaik.x509.X509Certificate;
/**
* Information about a trust profile.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class TrustProfile {
/** The ID of the trust profile. */
- private String id;
+ private final String id;
/** The URI giving the location of the trust profile. */
- private String uri;
+ private final String uri;
/** The URI giving the location of the allowed signer certificates. */
- private String signerCertsUri;
-
- /** Defines if Trustprofile makes use of EU TSL*/
- private boolean tslEnabled;
- /** The countries given */
- private List countries = new ArrayList();
-
- private List allowedTspStatus = new ArrayList();
- private List allowedTspServiceTypes = new ArrayList();
-
-
+ private final String signerCertsUri;
+
+ /** Defines if Trustprofile makes use of EU TSL */
+ private final boolean tslEnabled;
+ /** The countries given */
+ private final List countries = new ArrayList<>();
+
+ private final List allowedTspStatus = new ArrayList<>();
+ private final List allowedTspServiceTypes = new ArrayList<>();
+
/**
* Create a TrustProfile.
- *
- * @param id The ID of the TrustProfile to create.
- * @param uri The URI of the TrustProfile to create.
- * @param signerCertsUri The URI of the location of the allowed signer
- * certificates of the TrustProfile to create.
- * @param allowedTspServiceTypes
- * @param allowedTspStatus
+ *
+ * @param id The ID of the TrustProfile to
+ * create.
+ * @param uri The URI of the TrustProfile to
+ * create.
+ * @param signerCertsUri The URI of the location of the allowed signer
+ * certificates of the TrustProfile
+ * to create.
+ * @param allowedTspServiceTypes
+ * @param allowedTspStatus
*/
- public TrustProfile(String id, String uri, String signerCertsUri,
- boolean tslEnabled, String countries, String allowedTspStatus, String allowedTspServiceTypes) {
+ public TrustProfile(String id, String uri, String signerCertsUri,
+ boolean tslEnabled, String countries, String allowedTspStatus, String allowedTspServiceTypes) {
this.id = id;
this.uri = uri;
this.signerCertsUri = signerCertsUri;
-
- //TSL configuration parameters
+
+ // TSL configuration parameters
this.tslEnabled = tslEnabled;
- if (tslEnabled) {
- setCountries(countries);
- if (!this.countries.isEmpty())
- Logger.info("TrustProfile "+ id + " allows " + Arrays.toString(this.countries.toArray()) + " TSL countries");
- else
- Logger.info("TrustProfile "+ id + " allows " + "ALL" + " TSL countries");
-
- setAllowedTspStatus(allowedTspStatus);
- Logger.info("TrustProfile "+ id + " allows " + Arrays.toString(this.allowedTspStatus.toArray()) + " TSP status identifier");
-
- setAllowedTspServiceTypes(allowedTspServiceTypes);
- Logger.info("TrustProfile "+ id + " allows " + Arrays.toString(this.allowedTspServiceTypes.toArray()) + " TSL service-type identifier");
-
- }
+ if (tslEnabled) {
+ setCountries(countries);
+ if (!this.countries.isEmpty()) {
+ Logger.info("TrustProfile " + id + " allows " + Arrays.toString(this.countries.toArray())
+ + " TSL countries");
+ } else {
+ Logger.info("TrustProfile " + id + " allows " + "ALL" + " TSL countries");
+ }
+
+ setAllowedTspStatus(allowedTspStatus);
+ Logger.info("TrustProfile " + id + " allows " + Arrays.toString(this.allowedTspStatus.toArray())
+ + " TSP status identifier");
+
+ setAllowedTspServiceTypes(allowedTspServiceTypes);
+ Logger.info("TrustProfile " + id + " allows " + Arrays.toString(this.allowedTspServiceTypes.toArray())
+ + " TSL service-type identifier");
+
+ }
}
private void setCountries(String countries) {
- if (MiscUtil.isNotEmpty(countries)) {
- String[] ccArray = countries.split(",");
- for (String el : ccArray)
- this.countries.add(el.trim());
-
- }
+ if (MiscUtil.isNotEmpty(countries)) {
+ final String[] ccArray = countries.split(",");
+ for (final String el : ccArray) {
+ this.countries.add(el.trim());
+ }
+
+ }
}
-
+
private void setAllowedTspStatus(String allowedTspStatus) {
- if (MiscUtil.isNotEmpty(allowedTspStatus)) {
- String[] ccArray = allowedTspStatus.split(",");
- for (String el : ccArray) {
- try {
- this.allowedTspStatus.add(new URI(el.trim()));
-
- } catch (URISyntaxException e) {
- Logger.warn("TrustProfile: " + this.id + " contains a non-valid TSP Status identifier (" + el + ")");
-
- }
-
- }
-
- } else {
- Logger.debug("Use default set of TSP Status identifier");
- this.allowedTspStatus.addAll(
- Arrays.asList(
- TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.granted),
- TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.recognisedatnationallevel),
- TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.accredited),
- TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.undersupervision)));
-
- }
-
+ if (MiscUtil.isNotEmpty(allowedTspStatus)) {
+ final String[] ccArray = allowedTspStatus.split(",");
+ for (final String el : ccArray) {
+ try {
+ this.allowedTspStatus.add(new URI(el.trim()));
+
+ } catch (final URISyntaxException e) {
+ Logger.warn("TrustProfile: " + this.id + " contains a non-valid TSP Status identifier (" + el
+ + ")");
+
+ }
+
+ }
+
+ } else {
+ Logger.debug("Use default set of TSP Status identifier");
+ this.allowedTspStatus.addAll(
+ Arrays.asList(
+ TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.granted),
+ TslConstants.SERVICE_STATUS_SORT_TO_URI.get(
+ TslConstants.SERVICE_STATUS_SHORT.recognisedatnationallevel),
+ TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.accredited),
+ TslConstants.SERVICE_STATUS_SORT_TO_URI.get(
+ TslConstants.SERVICE_STATUS_SHORT.undersupervision)));
+
+ }
+
}
-
+
private void setAllowedTspServiceTypes(String allowedTspServiceTypes) {
- if (MiscUtil.isNotEmpty(allowedTspServiceTypes)) {
- String[] ccArray = allowedTspServiceTypes.split(",");
- for (String el : ccArray) {
- try {
- this.allowedTspServiceTypes.add(Pattern.compile(el.trim()));
-
- } catch (PatternSyntaxException e) {
- Logger.warn("TrustProfile: " + this.id + " contains a non-valid TSP Service-Type identifier Regex pattern(" + el + ")");
-
- }
-
- }
-
- } else {
- Logger.debug("Use default set of TSP Service-Type identifier");
- this.allowedTspServiceTypes.addAll(
- Arrays.asList(
- Pattern.compile(TslConstants.DEFAULT_REGEX_PATTERN_ALLOW_ALL)));
-
- }
-
+ if (MiscUtil.isNotEmpty(allowedTspServiceTypes)) {
+ final String[] ccArray = allowedTspServiceTypes.split(",");
+ for (final String el : ccArray) {
+ try {
+ this.allowedTspServiceTypes.add(Pattern.compile(el.trim()));
+
+ } catch (final PatternSyntaxException e) {
+ Logger.warn("TrustProfile: " + this.id
+ + " contains a non-valid TSP Service-Type identifier Regex pattern(" + el + ")");
+
+ }
+
+ }
+
+ } else {
+ Logger.debug("Use default set of TSP Service-Type identifier");
+ this.allowedTspServiceTypes.addAll(
+ Arrays.asList(
+ Pattern.compile(TslConstants.DEFAULT_REGEX_PATTERN_ALLOW_ALL)));
+
+ }
+
}
-
+
/**
* Return the ID of this TrustProfile.
- *
+ *
* @return The TrustProfile ID.
*/
public String getId() {
@@ -166,49 +175,51 @@ public class TrustProfile {
/**
* Return the URI of this TrustProfile.
- *
+ *
* @return The URI of TrustProfile.
*/
public String getUri() {
return uri;
}
-
/**
- * Return the URI giving the location of the allowed signer certificates
- * of this TrustProfile.
- *
+ * Return the URI giving the location of the allowed signer certificates of this
+ * TrustProfile.
+ *
* @return The URI of TrustProfile.
*/
public String getSignerCertsUri() {
return signerCertsUri;
}
+
/**
* Returns if Trustprofile is TSL enabled
+ *
* @return
*/
public boolean isTSLEnabled() {
- return tslEnabled;
+ return tslEnabled;
}
+
/**
* Returns the given countries
+ *
* @return Given countries
*/
public List getCountries() {
- if (!tslEnabled)
- return null;
- else
- return countries;
+ if (!tslEnabled) {
+ return null;
+ } else {
+ return countries;
+ }
}
public List getAllowedTspStatus() {
- return allowedTspStatus;
+ return allowedTspStatus;
}
public List getAllowedTspServiceTypes() {
- return allowedTspServiceTypes;
+ return allowedTspServiceTypes;
}
-
-
-
+
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java
index a465049..d660c7a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java
@@ -21,17 +21,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.cmssign;
-import iaik.server.modules.algorithms.SignatureAlgorithms;
-import iaik.server.modules.cmssign.CMSSignatureCreationProfile;
-import iaik.server.modules.keys.AlgorithmUnavailableException;
-import iaik.server.modules.keys.KeyEntryID;
-import iaik.server.modules.keys.KeyModule;
-import iaik.server.modules.keys.KeyModuleFactory;
-import iaik.server.modules.keys.UnknownKeyException;
-
import java.util.List;
import java.util.Set;
@@ -39,61 +30,71 @@ import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
import at.gv.egovernment.moaspss.logging.Logger;
+import iaik.server.modules.algorithms.SignatureAlgorithms;
+import iaik.server.modules.cmssign.CMSSignatureCreationProfile;
+import iaik.server.modules.keys.AlgorithmUnavailableException;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
+import iaik.server.modules.keys.UnknownKeyException;
/**
* An object providing auxiliary information for creating a CMS signature.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class CMSSignatureCreationProfileImpl
- implements CMSSignatureCreationProfile {
+ implements CMSSignatureCreationProfile {
/** The set of keys available to the signing process. */
private Set keySet;
- /** The MIME type of the data to be signed*/
- private String mimeType;
- /** Whether the created signature is to be Security Layer conform. */
+ /** The MIME type of the data to be signed */
+ private final String mimeType;
+ /** Whether the created signature is to be Security Layer conform. */
private boolean securityLayerConform;
- /** Properties to be signed during signature creation. */
- private List signedProperties;
- /** Specifies whether the content data shall be included in the CMS SignedData or shall be not included. */
- private boolean includeData;
- /** Digest Method algorithm */
+ /** Properties to be signed during signature creation. */
+ private final List signedProperties;
+ /**
+ * Specifies whether the content data shall be included in the CMS SignedData or
+ * shall be not included.
+ */
+ private final boolean includeData;
+ /** Digest Method algorithm */
private String digestMethod;
- private boolean isPAdESConform;
-
-
+ private final boolean isPAdESConform;
+
/**
* Create a new XMLSignatureCreationProfileImpl.
- *
- * @param createProfileCount Provides external information about the
- * number of calls to the signature creation module, using the same request.
- * @param reservedIDs The set of IDs that must not be used while generating
- * new IDs.
+ *
+ * @param createProfileCount Provides external information about the number of
+ * calls to the signature creation module, using the
+ * same request.
+ * @param reservedIDs The set of IDs that must not be used while
+ * generating new IDs.
*/
public CMSSignatureCreationProfileImpl(
- Set keySet,
- String digestMethod,
- List signedProperties,
- boolean securityLayerConform,
- boolean includeData,
- String mimeType,
- boolean isPAdESConform) {
- this.keySet = keySet;
- this.signedProperties = signedProperties;
- this.securityLayerConform = securityLayerConform;
- this.includeData = includeData;
- this.mimeType = mimeType;
- this.digestMethod = digestMethod;
- this.isPAdESConform = isPAdESConform;
+ Set keySet,
+ String digestMethod,
+ List signedProperties,
+ boolean securityLayerConform,
+ boolean includeData,
+ String mimeType,
+ boolean isPAdESConform) {
+ this.keySet = keySet;
+ this.signedProperties = signedProperties;
+ this.securityLayerConform = securityLayerConform;
+ this.includeData = includeData;
+ this.mimeType = mimeType;
+ this.digestMethod = digestMethod;
+ this.isPAdESConform = isPAdESConform;
}
-
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getKeySet()
*/
+ @Override
public Set getKeySet() {
return keySet;
}
@@ -101,119 +102,116 @@ public class CMSSignatureCreationProfileImpl
/**
* Set the set of KeyEntryIDs which may be used for signature
* creation.
- *
+ *
* @param keySet The set of KeyEntryIDs to set.
*/
public void setKeySet(Set keySet) {
this.keySet = keySet;
}
-
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureAlgorithmName(KeyEntryID)
*/
+ @Override
public String getSignatureAlgorithmName(KeyEntryID selectedKeyID)
- throws AlgorithmUnavailableException {
+ throws AlgorithmUnavailableException {
-
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- TransactionId tid = new TransactionId(context.getTransactionID());
- KeyModule module = KeyModuleFactory.getInstance(tid);
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final TransactionId tid = new TransactionId(context.getTransactionID());
+ final KeyModule module = KeyModuleFactory.getInstance(tid);
Set algorithms;
try {
algorithms = module.getSupportedSignatureAlgorithms(selectedKeyID);
- } catch (UnknownKeyException e) {
+ } catch (final UnknownKeyException e) {
throw new AlgorithmUnavailableException(
- "Unknown key entry: " + selectedKeyID,
- e,
- null);
+ "Unknown key entry: " + selectedKeyID,
+ e,
+ null);
}
-
- if (digestMethod.compareTo("SHA-1") == 0) {
- Logger.warn("SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)");
-
- if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) {
- return SignatureAlgorithms.SHA1_WITH_RSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) {
- return SignatureAlgorithms.ECDSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
-
- } else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
- }
-
- } else if (digestMethod.compareTo("SHA-256") == 0) {
- if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
- return SignatureAlgorithms.SHA256_WITH_RSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) {
- return SignatureAlgorithms.SHA256_WITH_ECDSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
-
- } else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
- }
- } else if (digestMethod.compareTo("SHA-384") == 0) {
- if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) {
- return SignatureAlgorithms.SHA384_WITH_RSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) {
- return SignatureAlgorithms.SHA384_WITH_ECDSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
-
- } else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
- }
- } else if (digestMethod.compareTo("SHA-512") == 0) {
- if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) {
- return SignatureAlgorithms.SHA512_WITH_RSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) {
- return SignatureAlgorithms.SHA512_WITH_ECDSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
-
- } else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
- }
- }
- else {
- throw new AlgorithmUnavailableException(
- "No signature algorithm found for digest algorithm '" + digestMethod,
- null,
- null);
- }
-
- }
+ if (digestMethod.compareTo("SHA-1") == 0) {
+ Logger.warn(
+ "SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)");
+
+ if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) {
+ return SignatureAlgorithms.SHA1_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) {
+ return SignatureAlgorithms.ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+
+ } else if (digestMethod.compareTo("SHA-256") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
+ return SignatureAlgorithms.SHA256_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA256_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else if (digestMethod.compareTo("SHA-384") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) {
+ return SignatureAlgorithms.SHA384_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA384_WITH_ECDSA;
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else if (digestMethod.compareTo("SHA-512") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) {
+ return SignatureAlgorithms.SHA512_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA512_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No signature algorithm found for digest algorithm '" + digestMethod,
+ null,
+ null);
+ }
+
+ }
-
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedProperties()
*/
+ @Override
public List getSignedProperties() {
return signedProperties;
}
@@ -221,38 +219,38 @@ public class CMSSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#isSecurityLayerConform()
*/
+ @Override
public boolean isSecurityLayerConform() {
return securityLayerConform;
}
/**
* Sets the security layer conformity.
- *
- * @param securityLayerConform true, if the created signature
- * is to be conform to the Security Layer specification.
+ *
+ * @param securityLayerConform true, if the created signature is to
+ * be conform to the Security Layer specification.
*/
public void setSecurityLayerConform(boolean securityLayerConform) {
this.securityLayerConform = securityLayerConform;
}
-
public void setDigestMethod(String digestMethod) {
- this.digestMethod = digestMethod;
+ this.digestMethod = digestMethod;
}
-
+ @Override
public String getMimeType() {
- return mimeType;
+ return mimeType;
}
+ @Override
public boolean includeData() {
- return this.includeData;
+ return this.includeData;
}
-
-@Override
-public boolean isPAdESConform() {
- return this.isPAdESConform;
-}
+ @Override
+ public boolean isPAdESConform() {
+ return this.isPAdESConform;
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java
index ab807ae..2247090 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java
@@ -24,40 +24,42 @@
package at.gv.egovernment.moa.spss.server.iaik.cmsverify;
import iaik.pki.PKIProfile;
+import iaik.server.modules.SignatureVerificationProfile;
import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
/**
* An implementation of the CMSSignatureVerificationProfile
* interface.
- *
+ *
* @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile
* @author Patrick Peck
* @version $Id$
*/
public class CMSSignatureVerificationProfileImpl implements CMSSignatureVerificationProfile {
- /** The profile for validating the certificate. */
- private PKIProfile certificateValidationProfile;
+ /** The profile for validating the certificate. */
+ private PKIProfile certificateValidationProfile;
- /**
- * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile#getCertificateValidationProfile()
- */
- public PKIProfile getCertificateValidationProfile() {
- return certificateValidationProfile;
- }
+ /**
+ * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile#getCertificateValidationProfile()
+ */
+ @Override
+ public PKIProfile getCertificateValidationProfile() {
+ return certificateValidationProfile;
+ }
- /**
- * Sets the profile for validating the signer certificate.
- *
- * @param certificateValidationProfile
- * The certificate validation profile to set.
- */
- public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) {
- this.certificateValidationProfile = certificateValidationProfile;
- }
+ /**
+ * Sets the profile for validating the signer certificate.
+ *
+ * @param certificateValidationProfile The certificate validation profile to
+ * set.
+ */
+ public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) {
+ this.certificateValidationProfile = certificateValidationProfile;
+ }
- @Override
- public String getTargetLevel() {
- return CMSSignatureVerificationProfile.LEVEL_LTA;
- }
+ @Override
+ public String getTargetLevel() {
+ return SignatureVerificationProfile.LEVEL_LTA;
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java
index 785c85b..18a9f9c 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java
@@ -3,6 +3,6 @@ package at.gv.egovernment.moa.spss.server.iaik.cmsverify;
import iaik.server.modules.pdfverify.PDFSignatureVerificationProfile;
public class PDFSignatureVerificationProfileImpl extends CMSSignatureVerificationProfileImpl
- implements PDFSignatureVerificationProfile {
+ implements PDFSignatureVerificationProfile {
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java
index 90e6793..1cd4b64 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
import iaik.server.modules.keys.KeyModuleConfiguration;
@@ -29,22 +28,22 @@ import iaik.server.modules.keys.KeyModuleConfiguration;
/**
* Base implementation class for the KeyModuleConfiguration
* interface and the interfaces derived from it.
- *
+ *
* @see iaik.server.modules.keys.KeyModuleConfiguration
* @author Patrick Peck
* @version $Id$
*/
public abstract class AbstractKeyModuleConfigurationImpl
- implements KeyModuleConfiguration {
+ implements KeyModuleConfiguration {
+
+ /** The module ID. */
+ private final String moduleID;
- /** The module ID. */
- private String moduleID;
-
/**
* Creata new AbstractKeyModuleConfigurationImpl.
- *
+ *
* @param moduleID The key module ID of this
- * KeyModuleConfiguration.
+ * KeyModuleConfiguration.
*/
public AbstractKeyModuleConfigurationImpl(String moduleID) {
this.moduleID = moduleID;
@@ -53,6 +52,7 @@ public abstract class AbstractKeyModuleConfigurationImpl
/**
* @see iaik.server.modules.keys.KeyModuleConfiguration#getModuleID()
*/
+ @Override
public String getModuleID() {
return moduleID;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java
index e2d828b..a9dfe2d 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
import java.util.ArrayList;
@@ -34,18 +33,19 @@ import iaik.pki.store.observer.Observer;
/**
* A base class for observable configuration data.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public abstract class AbstractObservableConfiguration implements Observable {
/** The observers registered with this Observable. */
- private List observers = new ArrayList();
+ private final List observers = new ArrayList();
/**
* @see iaik.pki.store.observer.Observable#addObserver(iaik.pki.store.observer.Observer)
*/
+ @Override
public void addObserver(Observer observer) {
observers.add(observer);
}
@@ -53,6 +53,7 @@ public abstract class AbstractObservableConfiguration implements Observable {
/**
* @see iaik.pki.store.observer.Observable#removeObserver(iaik.pki.store.observer.Observer)
*/
+ @Override
public boolean removeObserver(Observer observer) {
return observers.remove(observer);
}
@@ -60,13 +61,14 @@ public abstract class AbstractObservableConfiguration implements Observable {
/**
* @see iaik.pki.store.observer.Observable#notify(iaik.pki.store.observer.NotificationData)
*/
+ @Override
public void notify(NotificationData data) {
Iterator iter = observers.iterator();
for (iter = observers.iterator(); iter.hasNext();) {
- Observer observer = (Observer) iter.next();
+ final Observer observer = (Observer) iter.next();
observer.notify(data);
}
}
-
+
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java
index 4a300a2..ff9927b 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java
@@ -21,76 +21,68 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
-import iaik.pki.store.revocation.archive.ArchiveConfiguration;
-import iaik.pki.store.revocation.archive.ArchiveParameters;
-import iaik.pki.store.revocation.archive.ArchiveTypes;
-
import java.sql.Driver;
import java.sql.DriverManager;
import java.util.Enumeration;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import iaik.pki.store.revocation.archive.ArchiveConfiguration;
+import iaik.pki.store.revocation.archive.ArchiveParameters;
+import iaik.pki.store.revocation.archive.ArchiveTypes;
/**
- * An implementation of the ArchiveConfiguration interface
- * using configuration data provided by the MOA configuration file.
- *
+ * An implementation of the ArchiveConfiguration interface using
+ * configuration data provided by the MOA configuration file.
+ *
* @see iaik.pki.store.revocation.archive.ArchiveConfiguration
* @author Patrick Peck
* @version $Id$
*/
public class ArchiveConfigurationImpl
- extends AbstractObservableConfiguration
- implements ArchiveConfiguration {
-
+ extends AbstractObservableConfiguration
+ implements ArchiveConfiguration {
+
/** The configuration parameters of the archive. */
- private ArchiveParameters archiveParameters;
+ private final ArchiveParameters archiveParameters;
/**
* Create a new ArchiveConfigurationImpl.
- *
- * @param config The MOA configuration from which the configuration data is being read.
+ *
+ * @param config The MOA configuration from which the configuration data is
+ * being read.
*/
- public ArchiveConfigurationImpl(ConfigurationProvider config)
- {
- String jdbcUrl = config.getRevocationArchiveJDBCURL();
+ public ArchiveConfigurationImpl(ConfigurationProvider config) {
+ final String jdbcUrl = config.getRevocationArchiveJDBCURL();
this.archiveParameters = new DataBaseArchiveParameterImpl(jdbcUrl);
-
- // Register JDBC driver class
- if (jdbcUrl != null)
- {
- String jdbcDriverClass = config.getRevocationArchiveJDBCDriverClass();
- try
- {
+
+ // Register JDBC driver class
+ if (jdbcUrl != null) {
+ final String jdbcDriverClass = config.getRevocationArchiveJDBCDriverClass();
+ try {
Class.forName(jdbcDriverClass);
- }
- catch (ClassNotFoundException e)
- {
+ } catch (final ClassNotFoundException e) {
// TODO 20030709 GK Improve exception handling
- throw new RuntimeException("JDBC driver class \"" + jdbcDriverClass + " could not be found.");
+ throw new RuntimeException("JDBC driver class \"" + jdbcDriverClass + " could not be found.");
}
-
- Enumeration regDrivers = DriverManager.getDrivers();
+
+ final Enumeration regDrivers = DriverManager.getDrivers();
boolean isRegistered = false;
- while (regDrivers.hasMoreElements())
- {
- Object currentDriver = regDrivers.nextElement();
- if (jdbcDriverClass.equals(currentDriver.getClass().getName())) isRegistered = true;
- }
- if (!isRegistered)
- {
- // Workaround for a driver which does not register itselve at invocation of Class.forName(drvname)
- try
- {
- DriverManager.registerDriver((Driver)Class.forName(jdbcDriverClass).newInstance());
+ while (regDrivers.hasMoreElements()) {
+ final Object currentDriver = regDrivers.nextElement();
+ if (jdbcDriverClass.equals(currentDriver.getClass().getName())) {
+ isRegistered = true;
}
- catch (Exception e)
- {
+ }
+ if (!isRegistered) {
+ // Workaround for a driver which does not register itselve at invocation of
+ // Class.forName(drvname)
+ try {
+ DriverManager.registerDriver((Driver) Class.forName(jdbcDriverClass).newInstance());
+ } catch (final Exception e) {
// TODO 20030709 GK Improve exception handling
- throw new RuntimeException("Registering JDBC driver \"" + jdbcDriverClass + " failed.");
+ throw new RuntimeException("Registering JDBC driver \"" + jdbcDriverClass + " failed.");
}
}
}
@@ -98,11 +90,13 @@ public class ArchiveConfigurationImpl
/**
* Return the type of archive.
- *
+ *
* This will always return ArchiveTypes.DATABASE.
+ *
* @return ArchiveTypes.DATABASE.
* @see iaik.pki.store.revocation.archive.ArchiveConfiguration#getType()
*/
+ @Override
public String getType() {
return ArchiveTypes.DATABASE;
}
@@ -110,10 +104,11 @@ public class ArchiveConfigurationImpl
/**
* Return the ArchiveParameters describing this
* ArchiveConfiguration.
- *
+ *
* @return The archive parameters.
* @see iaik.pki.store.revocation.archive.ArchiveConfiguration#getArchiveParameters()
*/
+ @Override
public ArchiveParameters getArchiveParameters() {
return archiveParameters;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
index d752a63..d1b776b 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
@@ -23,13 +23,6 @@
package at.gv.egovernment.moa.spss.server.iaik.config;
-import iaik.logging.TransactionId;
-import iaik.pki.revocation.RevocationSourceTypes;
-import iaik.pki.store.revocation.RevocationInfoRetriever;
-import iaik.pki.store.revocation.RevocationSource;
-import iaik.pki.store.revocation.RevocationStoreException;
-import iaik.pki.ldap.Handler;
-
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URL;
@@ -39,6 +32,12 @@ import java.util.Collection;
import java.util.Date;
import at.gv.egovernment.moaspss.logging.Logger;
+import iaik.logging.TransactionId;
+import iaik.pki.ldap.Handler;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.pki.store.revocation.RevocationInfoRetriever;
+import iaik.pki.store.revocation.RevocationSource;
+import iaik.pki.store.revocation.RevocationStoreException;
/**
* A customized implementation of
@@ -47,55 +46,56 @@ import at.gv.egovernment.moaspss.logging.Logger;
* {@link iaik.pki.store.revocation.CRLRetriever} to overcome a classloader
* problem in connection with the {@link java.net.URL} class in a Tomcat
* deployment environment.
- *
+ *
* @author Gregor Karlinger
* @version $$
*/
public class CRLRetriever implements RevocationInfoRetriever {
-
- private int connectTimeout = 5;
- private int readTimeout = 5;
-
-
- public void update(RevocationSource source, Collection supplementalRequestData, TransactionId tid)
- throws RevocationStoreException {
- if (source == null) {
- throw new NullPointerException("RevocationSource parameter mustn't be null.");
- }
- Logger.info("Downloading crl from " + source.getUri());
- if (!source.getType().equals(RevocationSourceTypes.CRL)) {
- throw new RevocationStoreException(source.getType() + " not supported", null, getClass().getName() + ":1");
- }
- try {
- URL crlUrl;
- try {
- crlUrl = new URL(source.getUri());
- } catch (MalformedURLException e) {
- // Workaround for classloader problem with deployment in Tomcat
- // 4.1
- URLStreamHandler handler = new Handler();
- crlUrl = new URL(null, source.getUri(), handler);
- }
- URLConnection con = crlUrl.openConnection();
- con.setConnectTimeout(connectTimeout);
- con.setReadTimeout(readTimeout);
- InputStream crlInputStream = con.getInputStream();
- source.readFrom(crlInputStream, tid);
- source.setDownloadTime(new Date());
- crlInputStream.close();
- } catch (Exception iox) {
- Logger.warn("Cannot retrieve crl", iox);
- throw new RevocationStoreException("Cannot retrieve CRL", iox, getClass().getName() + ":1");
- }
- }
- @Override
- public void setConnectTimeout(int arg0) {
- this.connectTimeout = arg0;
- }
+ private int connectTimeout = 5;
+ private int readTimeout = 5;
+
+ @Override
+ public void update(RevocationSource source, Collection supplementalRequestData, TransactionId tid)
+ throws RevocationStoreException {
+ if (source == null) {
+ throw new NullPointerException("RevocationSource parameter mustn't be null.");
+ }
+ Logger.info("Downloading crl from " + source.getUri());
+ if (!source.getType().equals(RevocationSourceTypes.CRL)) {
+ throw new RevocationStoreException(source.getType() + " not supported", null, getClass().getName()
+ + ":1");
+ }
+ try {
+ URL crlUrl;
+ try {
+ crlUrl = new URL(source.getUri());
+ } catch (final MalformedURLException e) {
+ // Workaround for classloader problem with deployment in Tomcat
+ // 4.1
+ final URLStreamHandler handler = new Handler();
+ crlUrl = new URL(null, source.getUri(), handler);
+ }
+ final URLConnection con = crlUrl.openConnection();
+ con.setConnectTimeout(connectTimeout);
+ con.setReadTimeout(readTimeout);
+ final InputStream crlInputStream = con.getInputStream();
+ source.readFrom(crlInputStream, tid);
+ source.setDownloadTime(new Date());
+ crlInputStream.close();
+ } catch (final Exception iox) {
+ Logger.warn("Cannot retrieve crl", iox);
+ throw new RevocationStoreException("Cannot retrieve CRL", iox, getClass().getName() + ":1");
+ }
+ }
+
+ @Override
+ public void setConnectTimeout(int arg0) {
+ this.connectTimeout = arg0;
+ }
- @Override
- public void setReadTimeout(int arg0) {
- this.readTimeout = arg0;
- }
+ @Override
+ public void setReadTimeout(int arg0) {
+ this.readTimeout = arg0;
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java
index 43483a0..052a3c5 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java
@@ -23,77 +23,71 @@
package at.gv.egovernment.moa.spss.server.iaik.config;
-import java.io.File;
-import java.io.IOException;
-
-import org.apache.commons.io.FileUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import at.gv.egovernment.moa.sig.tsl.exception.TslException;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
-import at.gv.egovernment.moa.spss.server.logging.IaikLog;
-import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.tsl.TSLServiceFactory;
-import iaik.logging.Log;
import iaik.pki.store.certstore.CertStoreConfiguration;
import iaik.pki.store.certstore.CertStoreParameters;
import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters;
-import iaik.pki.store.certstore.directory.DirectoryStoreException;
-import iaik.pki.store.certstore.utils.DirectoryCertStoreConverter;
/**
* An implementation of the CertStoreConfiguration interface based
* on MOA configuration data.
- *
+ *
* @see iaik.pki.store.certstore.CertStoreConfiguration
* @author Patrick Peck
* @version $Id$
*/
-public class CertStoreConfigurationImpl extends AbstractObservableConfiguration implements CertStoreConfiguration {
+public class CertStoreConfigurationImpl extends AbstractObservableConfiguration implements
+ CertStoreConfiguration {
+
+ private static final Logger logger = LoggerFactory.getLogger(CertStoreConfigurationImpl.class);
+
+ /** The configuration parameters of the CertStore. */
+ private CertStoreParameters[] parameters;
+
+ /**
+ * Create a new CertStoreConfigurationImpl.
+ *
+ * @param config The MOA configuration from which the configuration data is
+ * being read.
+ */
+ public CertStoreConfigurationImpl(ConfigurationProvider config) {
+ final String certStoreRoot = config.getCertStoreLocation();
+
+ final DirectoryCertStoreParameters dirParameters = new DirectoryCertStoreParametersImpl(
+ "MOA Directory CertStore",
+ certStoreRoot, true, false);
- private static final Logger logger = LoggerFactory.getLogger(CertStoreConfigurationImpl.class);
+ if (TSLServiceFactory.isInitialized()) {
+ try {
+ final CertStoreParameters tslCertStore = TSLServiceFactory.getTSLServiceClient()
+ .getCertStoreWithTSLCertificates();
+ parameters = new CertStoreParameters[] { dirParameters, tslCertStore };
- /** The configuration parameters of the CertStore. */
- private CertStoreParameters[] parameters;
+ } catch (final TslException e) {
+ logger.warn("TSL based CertStore initialisation FAILED.", e);
+ logger.warn("Only Directory based CertStore is used ... ");
+ parameters = new CertStoreParameters[] { dirParameters };
+ }
- /**
- * Create a new CertStoreConfigurationImpl.
- *
- * @param config
- * The MOA configuration from which the configuration data is
- * being read.
- */
- public CertStoreConfigurationImpl(ConfigurationProvider config) {
- String certStoreRoot = config.getCertStoreLocation();
+ } else {
+ logger.info("Trust-Status List support is not active. Use only Directory based CertStore.");
+ parameters = new CertStoreParameters[] { dirParameters };
- DirectoryCertStoreParameters dirParameters = new DirectoryCertStoreParametersImpl("MOA Directory CertStore",
- certStoreRoot, true, false);
+ }
- if (TSLServiceFactory.isInitialized()) {
- try {
- CertStoreParameters tslCertStore = TSLServiceFactory.getTSLServiceClient().getCertStoreWithTSLCertificates();
- parameters = new CertStoreParameters[] { dirParameters, tslCertStore};
-
- } catch (TslException e) {
- logger.warn("TSL based CertStore initialisation FAILED.", e);
- logger.warn("Only Directory based CertStore is used ... ");
- parameters = new CertStoreParameters[] { dirParameters };
- }
-
- } else {
- logger.info("Trust-Status List support is not active. Use only Directory based CertStore.");
- parameters = new CertStoreParameters[] { dirParameters };
-
- }
-
- }
+ }
- /**
- * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters()
- */
- public CertStoreParameters[] getParameters() {
- return parameters;
- }
+ /**
+ * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters()
+ */
+ @Override
+ public CertStoreParameters[] getParameters() {
+ return parameters;
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java
index dff78d6..891f078 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java
@@ -21,43 +21,41 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
-import iaik.logging.LoggerConfig;
-import iaik.pki.PKIConfiguration;
-import iaik.server.ConfigurationData;
-
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule;
import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule;
-import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule;
+import iaik.logging.LoggerConfig;
+import iaik.pki.PKIConfiguration;
+import iaik.server.ConfigurationData;
/**
- * An implementation of the ConfigurationData interface using
- * MOA configuration data.
- *
+ * An implementation of the ConfigurationData interface using MOA
+ * configuration data.
+ *
* @see iaik.server.ConfigurationData
* @author Patrick Peck
* @version $Id$
*/
public class ConfigurationDataImpl implements ConfigurationData {
/** PKI configuration data. */
- private PKIConfiguration pkiConfiguration;
+ private final PKIConfiguration pkiConfiguration;
/** Crypto modules configuration data. */
- private List cryptoModuleConfigurations;
+ private final List cryptoModuleConfigurations;
/** Key modules configuration data. */
- private List keyModuleConfigurations;
+ private final List keyModuleConfigurations;
/** Logging configuration data. */
- private LoggerConfig loggerConfig;
+ private final LoggerConfig loggerConfig;
/**
* Create a new ConfigurationDataImpl.
- *
+ *
* @param config The underlying MOA configuration data.
*/
public ConfigurationDataImpl(ConfigurationProvider config) {
@@ -69,54 +67,55 @@ public class ConfigurationDataImpl implements ConfigurationData {
/**
* Build the list of CryptoModuleConfigurations.
- *
+ *
* @param config The underlying MOA configuration data.
- * @return The list of CryptoModuleConfigurations configured in
- * the MOA configuration.
+ * @return The list of CryptoModuleConfigurations configured in the
+ * MOA configuration.
*/
private List buildCryptoModuleConfigurations(ConfigurationProvider config) {
- List modules = new ArrayList();
- Iterator iter = config.getHardwareCryptoModules().iterator();
-
+ final List modules = new ArrayList();
+ final Iterator iter = config.getHardwareCryptoModules().iterator();
+
while (iter.hasNext()) {
- HardwareCryptoModule module = (HardwareCryptoModule) iter.next();
+ final HardwareCryptoModule module = (HardwareCryptoModule) iter.next();
modules.add(new HardwareCryptoModuleConfigurationImpl(module));
}
-
+
return modules;
}
-
+
/**
* Build the list of KeyModuleConfigurations.
- *
+ *
* @param config The underlying MOA configuration data.
* @return The list of KeyModuleConfigurations configured in the
- * MOA configuration.
+ * MOA configuration.
*/
private List buildKeyModuleConfigurations(ConfigurationProvider config) {
- List keys = new ArrayList();
+ final List keys = new ArrayList();
Iterator iter;
-
+
// add the hardware keys
iter = config.getHardwareKeyModules().iterator();
while (iter.hasNext()) {
- HardwareKeyModule key = (HardwareKeyModule) iter.next();
+ final HardwareKeyModule key = (HardwareKeyModule) iter.next();
keys.add(new HardwareKeyModuleConfigurationImpl(key));
}
-
+
// add the software keys
iter = config.getSoftwareKeyModules().iterator();
while (iter.hasNext()) {
- SoftwareKeyModule key = (SoftwareKeyModule) iter.next();
+ final SoftwareKeyModule key = (SoftwareKeyModule) iter.next();
keys.add(new SoftwareKeyModuleConfigurationImpl(key));
}
-
+
return keys;
}
/**
* @see iaik.server.ConfigurationData#getPKIConfiguration()
*/
+ @Override
public PKIConfiguration getPKIConfiguration() {
return pkiConfiguration;
}
@@ -124,6 +123,7 @@ public class ConfigurationDataImpl implements ConfigurationData {
/**
* @see iaik.server.ConfigurationData#getCryptoModuleConfigurations()
*/
+ @Override
public List getCryptoModuleConfigurations() {
return cryptoModuleConfigurations;
}
@@ -131,6 +131,7 @@ public class ConfigurationDataImpl implements ConfigurationData {
/**
* @see iaik.server.ConfigurationData#getKeyModuleConfigurations()
*/
+ @Override
public List getKeyModuleConfigurations() {
return keyModuleConfigurations;
}
@@ -138,6 +139,7 @@ public class ConfigurationDataImpl implements ConfigurationData {
/**
* @see iaik.server.ConfigurationData#getLoggerConfig()
*/
+ @Override
public LoggerConfig getLoggerConfig() {
return loggerConfig;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java
index f4658a2..22cceeb 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java
@@ -21,14 +21,13 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
import iaik.pki.store.revocation.archive.DataBaseArchiveParameters;
/**
* An implementation of the DataBaseArchiveParameter interface.
- *
+ *
* @see iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter
* @author Patrick Peck
* @version $Id$
@@ -36,11 +35,11 @@ import iaik.pki.store.revocation.archive.DataBaseArchiveParameters;
public class DataBaseArchiveParameterImpl implements DataBaseArchiveParameters {
/** The JDBC URL for accessing the archive. */
- private String jDBCUrl;
+ private final String jDBCUrl;
/**
* Create a new DataBaseArchiveParameterImpl.
- *
+ *
* @param jDBCUrl The JDBC URL of the archive.
*/
public DataBaseArchiveParameterImpl(String jDBCUrl) {
@@ -50,6 +49,7 @@ public class DataBaseArchiveParameterImpl implements DataBaseArchiveParameters {
/**
* @see iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter#getJDBCUrl()
*/
+ @Override
public String getJDBCUrl() {
return jDBCUrl;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java
index 39da9cf..e48c7e7 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java
@@ -21,50 +21,48 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
import java.util.Collections;
import java.util.Set;
-import iaik.pki.store.certstore.CertStoreParameters;
import iaik.pki.store.certstore.CertStoreTypes;
import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters;
/**
* An implementation of the DirectoryCertStoreParameters interface.
- *
+ *
* @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters
* @author Patrick Peck
* @version $Id$
*/
public class DirectoryCertStoreParametersImpl
- implements DirectoryCertStoreParameters {
+ implements DirectoryCertStoreParameters {
/** The root directory of the CertStore. */
- private String rootDirectory;
+ private final String rootDirectory;
/** Whether a new directory may be created. */
- private boolean createNew;
+ private final boolean createNew;
/** The CertStore ID. */
- private String id;
+ private final String id;
/** Whether the CertStore is read-only. */
- private boolean readOnly;
+ private final boolean readOnly;
/**
* Create a new DirectoryCertStoreParameterImpl.
- *
- * @param id The CertStore ID.
+ *
+ * @param id The CertStore ID.
* @param rootDirectory The root directory of the CertStore.
- * @param createNew Whether a new directory may be created.
- * @param readOnly Whether the CertStore is read-only.
+ * @param createNew Whether a new directory may be created.
+ * @param readOnly Whether the CertStore is read-only.
*/
public DirectoryCertStoreParametersImpl(
- String id,
- String rootDirectory,
- boolean createNew,
- boolean readOnly) {
-
- this.id = id;
+ String id,
+ String rootDirectory,
+ boolean createNew,
+ boolean readOnly) {
+
+ this.id = id;
this.rootDirectory = rootDirectory;
this.createNew = createNew;
this.readOnly = readOnly;
@@ -73,6 +71,7 @@ public class DirectoryCertStoreParametersImpl
/**
* @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getRootDirectory()
*/
+ @Override
public String getRootDirectory() {
return rootDirectory;
}
@@ -80,6 +79,7 @@ public class DirectoryCertStoreParametersImpl
/**
* @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew()
*/
+ @Override
public boolean createNew() {
return createNew;
}
@@ -87,6 +87,7 @@ public class DirectoryCertStoreParametersImpl
/**
* @see iaik.pki.store.certstore.CertStoreParameters#getId()
*/
+ @Override
public String getId() {
return id;
}
@@ -94,6 +95,7 @@ public class DirectoryCertStoreParametersImpl
/**
* @see iaik.pki.store.certstore.CertStoreParameters#isReadOnly()
*/
+ @Override
public boolean isReadOnly() {
return readOnly;
}
@@ -102,14 +104,15 @@ public class DirectoryCertStoreParametersImpl
* @return CertStoreTypes.DIRECTORY
* @see iaik.pki.store.certstore.CertStoreParameters#getType()
*/
+ @Override
public String getType() {
return CertStoreTypes.DIRECTORY;
}
-@Override
-public Set getVirtualStores() {
- // TODO AFITZEK IMPLEMENT THIS METHOD
- return Collections.EMPTY_SET;
-}
+ @Override
+ public Set getVirtualStores() {
+ // TODO AFITZEK IMPLEMENT THIS METHOD
+ return Collections.EMPTY_SET;
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java
index c9904c5..6275e08 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java
@@ -21,32 +21,30 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
-import iaik.server.modules.crypto.HardwareCryptoModuleConfiguration;
-
import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule;
+import iaik.server.modules.crypto.HardwareCryptoModuleConfiguration;
/**
* An implementation of the HardwareCryptoModuleConfiguration
* wrapping a HardwareCryptoModule from the MOA configuration.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class HardwareCryptoModuleConfigurationImpl
- implements HardwareCryptoModuleConfiguration {
-
- /** The wrapped HardwareCryptoModule. */
- private HardwareCryptoModule module;
-
+ implements HardwareCryptoModuleConfiguration {
+
+ /** The wrapped HardwareCryptoModule. */
+ private final HardwareCryptoModule module;
+
/**
* Create a new HardwareCryptoModuleConfigurationImpl.
- *
+ *
* @param module The HardwareCryptoModule from the underlying MOA
- * configuration.
- */
+ * configuration.
+ */
public HardwareCryptoModuleConfigurationImpl(HardwareCryptoModule module) {
this.module = module;
}
@@ -54,6 +52,7 @@ public class HardwareCryptoModuleConfigurationImpl
/**
* @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getModuleName()
*/
+ @Override
public String getModuleName() {
return module.getName();
}
@@ -61,6 +60,7 @@ public class HardwareCryptoModuleConfigurationImpl
/**
* @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getSlotID()
*/
+ @Override
public String getSlotID() {
return module.getSlotID();
}
@@ -68,6 +68,7 @@ public class HardwareCryptoModuleConfigurationImpl
/**
* @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getUserPIN()
*/
+ @Override
public char[] getUserPIN() {
return module.getUserPIN().toCharArray();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java
index 05f5633..9b37c60 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java
@@ -21,34 +21,32 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
-import iaik.server.modules.keys.HardwareKeyModuleConfiguration;
-
import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule;
+import iaik.server.modules.keys.HardwareKeyModuleConfiguration;
/**
* An implementation of the HardwareKeyModuleConfiguration
* interface wrapping a HardwareKeyModule from the MOA
* configuration.
- *
+ *
* @see iaik.server.modules.keys.HardwareKeyModuleConfiguration
* @author Patrick Peck
* @version $Id$
*/
public class HardwareKeyModuleConfigurationImpl
- extends AbstractKeyModuleConfigurationImpl
- implements HardwareKeyModuleConfiguration {
+ extends AbstractKeyModuleConfigurationImpl
+ implements HardwareKeyModuleConfiguration {
/** The wrapped HardwareKeyModule. */
- private HardwareKeyModule keyModule;
+ private final HardwareKeyModule keyModule;
/**
* Create a new HardwareKeyModuleConfigurationImpl.
- *
- * @param keyModule The HardwareKeyModule from the underlying
- * MOA configuration.
+ *
+ * @param keyModule The HardwareKeyModule from the underlying MOA
+ * configuration.
*/
public HardwareKeyModuleConfigurationImpl(HardwareKeyModule keyModule) {
super(keyModule.getId());
@@ -58,6 +56,7 @@ public class HardwareKeyModuleConfigurationImpl
/**
* @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getModuleName()
*/
+ @Override
public String getModuleName() {
return keyModule.getName();
}
@@ -65,6 +64,7 @@ public class HardwareKeyModuleConfigurationImpl
/**
* @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getSlotID()
*/
+ @Override
public String getSlotID() {
return keyModule.getSlotID();
}
@@ -72,6 +72,7 @@ public class HardwareKeyModuleConfigurationImpl
/**
* @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getUserPIN()
*/
+ @Override
public char[] getUserPIN() {
return keyModule.getUserPIN().toCharArray();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
index 1a41499..8ca19e4 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
@@ -21,27 +21,10 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
-import iaik.cms.IaikCCProvider;
-import iaik.esi.sva.Configuration;
-import iaik.logging.LogFactory;
-import iaik.pki.store.revocation.RevocationFactory;
-import iaik.pki.store.revocation.RevocationSourceStore;
-import iaik.pki.store.truststore.TrustStoreFactory;
-import iaik.security.ec.provider.ECCelerate;
-import iaik.server.ConfigurationData;
-import iaik.server.Configurator;
-import iaik.server.modules.keys.KeyEntryID;
-import iaik.server.modules.keys.KeyModule;
-import iaik.server.modules.keys.KeyModuleFactory;
-
-import java.io.PrintStream;
import java.io.PrintWriter;
import java.io.StringWriter;
-import java.security.Provider;
-import java.security.Security;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
@@ -54,99 +37,109 @@ import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.config.KeyGroup;
import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry;
-import at.gv.egovernment.moa.spss.server.init.SystemInitializer;
import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.util.CertStoreConverter;
import at.gv.egovernment.moa.spss.util.MessageProvider;
import at.gv.egovernment.moa.spss.util.SecProviderUtils;
import at.gv.egovernment.moaspss.logging.LogMsg;
import at.gv.egovernment.moaspss.logging.Logger;
+import iaik.logging.LogFactory;
+import iaik.pki.store.revocation.RevocationFactory;
+import iaik.pki.store.revocation.RevocationSourceStore;
+import iaik.pki.store.truststore.TrustStoreFactory;
+import iaik.server.ConfigurationData;
+import iaik.server.Configurator;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
/**
* A class responsible for configuring the IAIK MOA modules.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class IaikConfigurator {
- private static final org.slf4j.Logger logger = LoggerFactory.getLogger(IaikConfigurator.class);
-
+ private static final org.slf4j.Logger logger = LoggerFactory.getLogger(IaikConfigurator.class);
+
/** The warnings encountered during configuration. */
private List warnings = new ArrayList();
/**
* Configure the IAIK MOA subsystem.
- *
- *
+ *
+ *
* @param moaConfig The underlying MOA configuration.
* @return Returns the config data of the underlying MOA subsystem
- * @throws ConfigurationException An error occurred configuring the IAIK
- * MOA subsystem.
+ * @throws ConfigurationException An error occurred configuring the IAIK MOA
+ * subsystem.
*/
public ConfigurationData configure(ConfigurationProvider moaConfig)
- throws ConfigurationException {
- ConfigurationData configData = new ConfigurationDataImpl(moaConfig);
-
+ throws ConfigurationException {
+ final ConfigurationData configData = new ConfigurationDataImpl(moaConfig);
+
warnings = new ArrayList();
try {
- TransactionId transId = new TransactionId("IaikConfigurator");
-
- //iaik.esi.sva.Configuration config = new Configuration(IaikConfigurator.class.getResourceAsStream("/sva.config"));
-
- //SecProviderUtils.dumpSecProviders("Starting configuration");
-
+ final TransactionId transId = new TransactionId("IaikConfigurator");
+
+ // iaik.esi.sva.Configuration config = new
+ // Configuration(IaikConfigurator.class.getResourceAsStream("/sva.config"));
+
+ // SecProviderUtils.dumpSecProviders("Starting configuration");
+
LogFactory.configure(configData.getLoggerConfig());
-
+
try {
- iaik.pki.Configurator.initCommon(configData.getLoggerConfig(),
- transId);
- //SecProviderUtils.dumpSecProviders("initCommon");
- String certStoreRoot = moaConfig.getCertStoreLocation();
- CertStoreConverter.convert(certStoreRoot, transId);
+ iaik.pki.Configurator.initCommon(configData.getLoggerConfig(),
+ transId);
+ // SecProviderUtils.dumpSecProviders("initCommon");
+ final String certStoreRoot = moaConfig.getCertStoreLocation();
+ CertStoreConverter.convert(certStoreRoot, transId);
} finally {
- //Security.removeProvider(ECCelerate.getInstance().getName());
+ // Security.removeProvider(ECCelerate.getInstance().getName());
}
-
+
Configurator.init(configData, transId);
-
+
SecProviderUtils.dumpSecProviders("Fully configured!");
-
- // Set customized CRL retriever to overcome a classloader problem when MOA is deployed in Tomcat
- RevocationSourceStore rss = RevocationFactory.getInstance(transId).getRevocationSourceStore();
- //rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL);
- if ((moaConfig.getSoftwareKeyModules().size() > 0) || (moaConfig.getHardwareKeyModules().size() > 0)) {
+
+ // Set customized CRL retriever to overcome a classloader problem when MOA is
+ // deployed in Tomcat
+ final RevocationSourceStore rss = RevocationFactory.getInstance(transId).getRevocationSourceStore();
+ // rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL);
+ if (moaConfig.getSoftwareKeyModules().size() > 0 || moaConfig.getHardwareKeyModules().size() > 0) {
dumpKeyEntryIDs();
}
checkKeyGroupConfig(moaConfig);
TrustStoreFactory.reset();
-
+
return configData;
- } catch (iaik.server.ConfigurationException e) {
- logException(e);
- throw new ConfigurationException("config.08", null, e);
-
- } catch (Throwable t) {
- logException(t);
- throw new ConfigurationException("config.08", null, t);
-
+ } catch (final iaik.server.ConfigurationException e) {
+ logException(e);
+ throw new ConfigurationException("config.08", null, e);
+
+ } catch (final Throwable t) {
+ logException(t);
+ throw new ConfigurationException("config.08", null, t);
+
}
}
- private void logException(Throwable e) {
- StringWriter out = new StringWriter();
- PrintWriter writer = new PrintWriter(out);
+ private void logException(Throwable e) {
+ final StringWriter out = new StringWriter();
+ final PrintWriter writer = new PrintWriter(out);
e.printStackTrace(writer);
- logger.error("IAIK_Module error: {}",out.toString());
-
+ logger.error("IAIK_Module error: {}", out.toString());
+
}
-/**
+ /**
* Return the warnings encountered during configuration.
- *
+ *
* @return The warnings.
- */
+ */
public List getWarnings() {
return warnings;
}
@@ -156,71 +149,71 @@ public class IaikConfigurator {
* KeyModules to the log file.
*/
private void dumpKeyEntryIDs() {
- MessageProvider msg = MessageProvider.getInstance();
- KeyModule module = KeyModuleFactory.getInstance(new TransactionId("dump"));
- Set keyEntryIds = module.getPrivateKeyEntryIDs();
+ final MessageProvider msg = MessageProvider.getInstance();
+ final KeyModule module = KeyModuleFactory.getInstance(new TransactionId("dump"));
+ final Set keyEntryIds = module.getPrivateKeyEntryIDs();
Iterator iter;
for (iter = keyEntryIds.iterator(); iter.hasNext();) {
- KeyEntryID keyEntryId = (KeyEntryID) iter.next();
+ final KeyEntryID keyEntryId = (KeyEntryID) iter.next();
Logger.info(
- new LogMsg(msg.getMessage("config.19", new Object[] { keyEntryId })));
+ new LogMsg(msg.getMessage("config.19", new Object[] { keyEntryId })));
}
}
/**
- * Check that each key group entry in each key group can be resolved to a
+ * Check that each key group entry in each key group can be resolved to a
* KeyEntryID.
- *
+ *
* Logs a warning for each key group entry that cannot be resolved.
- *
+ *
* @param moaConfig The MOA configuration to check.
*/
private void checkKeyGroupConfig(ConfigurationProvider moaConfig) {
- Map keyGroups = moaConfig.getKeyGroups();
+ final Map keyGroups = moaConfig.getKeyGroups();
Iterator iter;
for (iter = keyGroups.values().iterator(); iter.hasNext();) {
- KeyGroup keyGroup = (KeyGroup) iter.next();
- Set keyGroupEntries = keyGroup.getKeyGroupEntries();
+ final KeyGroup keyGroup = (KeyGroup) iter.next();
+ final Set keyGroupEntries = keyGroup.getKeyGroupEntries();
Iterator kgIter;
for (kgIter = keyGroupEntries.iterator(); kgIter.hasNext();) {
- KeyGroupEntry entry = (KeyGroupEntry) kgIter.next();
+ final KeyGroupEntry entry = (KeyGroupEntry) kgIter.next();
if (!findKeyEntryID(entry)) {
warn(
- "config.31",
- new Object[] {
- keyGroup.getId(),
- entry.getModuleID(),
- entry.getIssuerDN(),
- entry.getSerialNumber()});
+ "config.31",
+ new Object[] {
+ keyGroup.getId(),
+ entry.getModuleID(),
+ entry.getIssuerDN(),
+ entry.getSerialNumber() });
}
}
}
}
/**
- * Find out that a certain KeyGroupEntry could be resolved to a KeyEntryID
- * by the Configurator.
+ * Find out that a certain KeyGroupEntry could be resolved to a KeyEntryID by
+ * the Configurator.
*
* @param keyGroupEntry The key group entry to find.
* @return true, if the keyGroupEntry could be
- * resolved to a KeyEntryID; otherwise false.
+ * resolved to a KeyEntryID; otherwise false.
*/
private boolean findKeyEntryID(KeyGroupEntry keyGroupEntry) {
- KeyModule module = KeyModuleFactory.getInstance(new TransactionId("check"));
- Set keyEntryIDs = module.getPrivateKeyEntryIDs();
+ final KeyModule module = KeyModuleFactory.getInstance(new TransactionId("check"));
+ final Set keyEntryIDs = module.getPrivateKeyEntryIDs();
Iterator iter;
for (iter = keyEntryIDs.iterator(); iter.hasNext();) {
- KeyEntryID entry = (KeyEntryID) iter.next();
+ final KeyEntryID entry = (KeyEntryID) iter.next();
if (entry.getCertificateIssuer().equals(keyGroupEntry.getIssuerDN())
- && entry.getCertificateSerialNumber().equals(
- keyGroupEntry.getSerialNumber())
- && entry.getModuleID().equals(keyGroupEntry.getModuleID())) {
+ && entry.getCertificateSerialNumber().equals(
+ keyGroupEntry.getSerialNumber())
+ && entry.getModuleID().equals(keyGroupEntry.getModuleID())) {
return true;
}
}
@@ -230,14 +223,14 @@ public class IaikConfigurator {
/**
* Log a warning.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void warn(String messageId, Object[] args) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
Logger.warn(new LogMsg(txt));
warnings.add(txt);
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java
index 317fcca..7ba2122 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
import java.util.Properties;
@@ -32,24 +31,27 @@ import iaik.logging.LoggerConfig;
/**
* Default implementation of the LoggerConfig interface.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class LoggerConfigImpl implements LoggerConfig {
-
+
/** The implementation of iaik.logging.LogFactory. */
- private static final String DEFAULT_IMPLEMENTATION =
- "at.gv.egovernment.moa.spss.server.logging.IaikLogFactory";
+ private static final String DEFAULT_IMPLEMENTATION =
+ "at.gv.egovernment.moa.spss.server.logging.IaikLogFactory";
+ @Override
public String getFactory() {
return DEFAULT_IMPLEMENTATION;
}
+ @Override
public Properties getProperties() throws LogConfigurationException {
return new Properties();
}
+ @Override
public String getNodeId() {
return LoggingContextManager.getInstance().getLoggingContext().getNodeID();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
index 6341609..d54bcfd 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
@@ -23,93 +23,96 @@
package at.gv.egovernment.moa.spss.server.iaik.config;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import iaik.pki.PKIConfiguration;
import iaik.pki.pathvalidation.ValidationConfiguration;
import iaik.pki.revocation.RevocationConfiguration;
import iaik.pki.store.certstore.CertStoreConfiguration;
import iaik.pki.store.revocation.archive.ArchiveConfiguration;
-import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
/**
* An implementation of the PKIConfiguration interface using data
* from the MOA configuration.
- *
+ *
* @see iaik.pki.PKIConfiguration
* @author Patrick Peck
* @version $Id$
*/
public class PKIConfigurationImpl implements PKIConfiguration {
- /** The CertStore configuration. */
- private CertStoreConfiguration certStoreConfiguration;
- /** The revocation checking configuration. */
- private RevocationConfiguration revocationConfiguration;
- /** The revocation archive configuration. */
- private ArchiveConfiguration archiveConfiguration;
- /** The certificate validation configuration. */
- private ValidationConfiguration validationConfiguration;
- private int connectionTimeout;
- private int readTimeout;
+ /** The CertStore configuration. */
+ private final CertStoreConfiguration certStoreConfiguration;
+ /** The revocation checking configuration. */
+ private final RevocationConfiguration revocationConfiguration;
+ /** The revocation archive configuration. */
+ private ArchiveConfiguration archiveConfiguration;
+ /** The certificate validation configuration. */
+ private final ValidationConfiguration validationConfiguration;
+ private final int connectionTimeout;
+ private final int readTimeout;
- /**
- * Create a new PKIConfigurationImpl.
- *
- * @param config
- * The underlying MOA configuration which will be used to build
- * the configuration data contained in this object.
- */
- public PKIConfigurationImpl(ConfigurationProvider config) {
+ /**
+ * Create a new PKIConfigurationImpl.
+ *
+ * @param config The underlying MOA configuration which will be used to build
+ * the configuration data contained in this object.
+ */
+ public PKIConfigurationImpl(ConfigurationProvider config) {
- this.certStoreConfiguration = new CertStoreConfigurationImpl(config);
- this.revocationConfiguration = new RevocationConfigurationImpl(config);
+ this.certStoreConfiguration = new CertStoreConfigurationImpl(config);
+ this.revocationConfiguration = new RevocationConfigurationImpl(config);
- boolean archiveInfo = config.getEnableRevocationArchiving();
- if (archiveInfo) {
- this.archiveConfiguration = new ArchiveConfigurationImpl(config);
- } else {
- this.archiveConfiguration = null;
- }
+ final boolean archiveInfo = config.getEnableRevocationArchiving();
+ if (archiveInfo) {
+ this.archiveConfiguration = new ArchiveConfigurationImpl(config);
+ } else {
+ this.archiveConfiguration = null;
+ }
- this.validationConfiguration = new ValidationConfigurationImpl(config);
- this.connectionTimeout = config.getConnectionTimeout();
- this.readTimeout = config.getReadTimeout();
- }
+ this.validationConfiguration = new ValidationConfigurationImpl(config);
+ this.connectionTimeout = config.getConnectionTimeout();
+ this.readTimeout = config.getReadTimeout();
+ }
- /**
- * @see iaik.pki.PKIConfiguration#getCertStoreConfiguration()
- */
- public CertStoreConfiguration getCertStoreConfiguration() {
- return certStoreConfiguration;
- }
+ /**
+ * @see iaik.pki.PKIConfiguration#getCertStoreConfiguration()
+ */
+ @Override
+ public CertStoreConfiguration getCertStoreConfiguration() {
+ return certStoreConfiguration;
+ }
- /**
- * @see iaik.pki.PKIConfiguration#getRevocationConfiguration()
- */
- public RevocationConfiguration getRevocationConfiguration() {
- return revocationConfiguration;
- }
+ /**
+ * @see iaik.pki.PKIConfiguration#getRevocationConfiguration()
+ */
+ @Override
+ public RevocationConfiguration getRevocationConfiguration() {
+ return revocationConfiguration;
+ }
- /**
- * @see iaik.pki.PKIConfiguration#getArchiveConfiguration()
- */
- public ArchiveConfiguration getArchiveConfiguration() {
- return archiveConfiguration;
- }
+ /**
+ * @see iaik.pki.PKIConfiguration#getArchiveConfiguration()
+ */
+ @Override
+ public ArchiveConfiguration getArchiveConfiguration() {
+ return archiveConfiguration;
+ }
- /**
- * @see iaik.pki.PKIConfiguration#getValidationConfiguration()
- */
- public ValidationConfiguration getValidationConfiguration() {
- return validationConfiguration;
- }
+ /**
+ * @see iaik.pki.PKIConfiguration#getValidationConfiguration()
+ */
+ @Override
+ public ValidationConfiguration getValidationConfiguration() {
+ return validationConfiguration;
+ }
- @Override
- public int getConnectTimeout() {
- return this.connectionTimeout;
- }
+ @Override
+ public int getConnectTimeout() {
+ return this.connectionTimeout;
+ }
- @Override
- public int getReadTimeout() {
- return this.readTimeout;
- }
+ @Override
+ public int getReadTimeout() {
+ return this.readTimeout;
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
index 5df84c9..6aa20cf 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
@@ -23,9 +23,6 @@
package at.gv.egovernment.moa.spss.server.iaik.config;
-import iaik.pki.revocation.RevocationConfiguration;
-import iaik.pki.revocation.dbcrl.config.DBCrlConfig;
-
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
@@ -33,81 +30,85 @@ import java.util.Map;
import java.util.Set;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import iaik.pki.revocation.RevocationConfiguration;
+import iaik.pki.revocation.dbcrl.config.DBCrlConfig;
/**
* An implementation of the RevocationConfiguration interface using
* MOA configuration data.
- *
+ *
* @see iaik.pki.revocation.RevocationConfiguration
* @author Patrick Peck
* @version $Id$
*/
-public class RevocationConfigurationImpl extends AbstractObservableConfiguration implements RevocationConfiguration {
-
- /**
- * The ConfigurationProvider to read the configuration data
- * from.
- */
- private ConfigurationProvider config;
-
- /**
- * Create a new RevocationConfigurationImpl.
- *
- * @param config
- * The underlying MOA configuration containing the configuration
- * data.
- */
- public RevocationConfigurationImpl(ConfigurationProvider config) {
- this.config = config;
- }
-
- /**
- * @see iaik.pki.revocation.RevocationConfiguration#getAlternativeDistributionPoints
- */
- public Set getAlternativeDistributionPoints(X509Certificate cert, X509Certificate issuer, Date date) {
- return config.getDistributionPoints(cert);
- }
-
- /**
- * @see iaik.pki.revocation.RevocationConfiguration#archiveRevocationInfo(java.lang.String,
- * java.lang.String)
- */
- public boolean archiveRevocationInfo(String type, String uri) {
- return config.getEnableRevocationArchiving();
- }
-
- /**
- * @see iaik.pki.revocation.RevocationConfiguration#getCrlRetentionInterval(java.lang.String)
- */
- public Integer getCrlRetentionInterval(String issuername) {
- Map map = config.getCrlRetentionIntervals();
- Integer interval = (Integer) map.get(issuername);
-
- return interval;
- }
-
- @Override
- public DBCrlConfig getDataBaseCRLConfig() {
- // TODO AFITZEK IMPLEMENT THIS METHOD
- return null;
- }
-
- @Override
- public boolean getKeepRevocationInfo() {
- // TODO AFITZEK IMPLEMENT THIS METHOD
- return false;
- }
-
- @Override
- public Set getPositiveOCSPResponders() {
- // TODO AFITZEK IMPLEMENT THIS METHOD
- return Collections.EMPTY_SET;
- }
-
- @Override
- public boolean skipIndirectCRLCheckForAlternativeDistributionPoints() {
- // TODO AFITZEK IMPLEMENT THIS METHOD
- return false;
- }
+public class RevocationConfigurationImpl extends AbstractObservableConfiguration implements
+ RevocationConfiguration {
+
+ /**
+ * The ConfigurationProvider to read the configuration data from.
+ */
+ private final ConfigurationProvider config;
+
+ /**
+ * Create a new RevocationConfigurationImpl.
+ *
+ * @param config The underlying MOA configuration containing the configuration
+ * data.
+ */
+ public RevocationConfigurationImpl(ConfigurationProvider config) {
+ this.config = config;
+ }
+
+ /**
+ * @see iaik.pki.revocation.RevocationConfiguration#getAlternativeDistributionPoints
+ */
+ @Override
+ public Set getAlternativeDistributionPoints(X509Certificate cert, X509Certificate issuer, Date date) {
+ return config.getDistributionPoints(cert);
+ }
+
+ /**
+ * @see iaik.pki.revocation.RevocationConfiguration#archiveRevocationInfo(java.lang.String,
+ * java.lang.String)
+ */
+ @Override
+ public boolean archiveRevocationInfo(String type, String uri) {
+ return config.getEnableRevocationArchiving();
+ }
+
+ /**
+ * @see iaik.pki.revocation.RevocationConfiguration#getCrlRetentionInterval(java.lang.String)
+ */
+ @Override
+ public Integer getCrlRetentionInterval(String issuername) {
+ final Map map = config.getCrlRetentionIntervals();
+ final Integer interval = (Integer) map.get(issuername);
+
+ return interval;
+ }
+
+ @Override
+ public DBCrlConfig getDataBaseCRLConfig() {
+ // TODO AFITZEK IMPLEMENT THIS METHOD
+ return null;
+ }
+
+ @Override
+ public boolean getKeepRevocationInfo() {
+ // TODO AFITZEK IMPLEMENT THIS METHOD
+ return false;
+ }
+
+ @Override
+ public Set getPositiveOCSPResponders() {
+ // TODO AFITZEK IMPLEMENT THIS METHOD
+ return Collections.EMPTY_SET;
+ }
+
+ @Override
+ public boolean skipIndirectCRLCheckForAlternativeDistributionPoints() {
+ // TODO AFITZEK IMPLEMENT THIS METHOD
+ return false;
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java
index 1aed76e..767b3f2 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java
@@ -21,40 +21,39 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
-import iaik.server.modules.keys.ConfigurationException;
-import iaik.server.modules.keys.SoftwareKeyModuleConfiguration;
import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule;
import at.gv.egovernment.moa.spss.util.MessageProvider;
import at.gv.egovernment.moaspss.logging.LogMsg;
import at.gv.egovernment.moaspss.logging.Logger;
+import iaik.server.modules.keys.ConfigurationException;
+import iaik.server.modules.keys.SoftwareKeyModuleConfiguration;
/**
* An implementation of the SoftwareKeyModuleConfiguration wrapping
* a SoftwareKeyModule from the MOA configuration.
- *
+ *
* @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration
* @author Patrick Peck
* @version $Id$
*/
public class SoftwareKeyModuleConfigurationImpl
- extends AbstractKeyModuleConfigurationImpl
- implements SoftwareKeyModuleConfiguration {
+ extends AbstractKeyModuleConfigurationImpl
+ implements SoftwareKeyModuleConfiguration {
/** The wrapped SoftwareKeyModule. */
- private SoftwareKeyModule keyModule;
+ private final SoftwareKeyModule keyModule;
/**
* Create a new SoftwareKeyModuleConfigurationImpl.
- *
+ *
* @param keyModule The SoftwareKeyModule from the underlying MOA
- * configuration.
+ * configuration.
*/
public SoftwareKeyModuleConfigurationImpl(SoftwareKeyModule keyModule) {
super(keyModule.getId());
@@ -64,6 +63,7 @@ public class SoftwareKeyModuleConfigurationImpl
/**
* @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreTypeName()
*/
+ @Override
public String getKeyStoreTypeName() {
return KEY_STORE_TYPE_NAME_PKCS12;
}
@@ -71,17 +71,18 @@ public class SoftwareKeyModuleConfigurationImpl
/**
* @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreAsStream()
*/
+ @Override
public InputStream getKeyStoreAsStream() {
- MessageProvider msg = MessageProvider.getInstance();
+ final MessageProvider msg = MessageProvider.getInstance();
try {
- String message =
- msg.getMessage("config.18", new Object[] { keyModule.getFileName()});
+ final String message =
+ msg.getMessage("config.18", new Object[] { keyModule.getFileName() });
Logger.info(new LogMsg(message));
return new FileInputStream(keyModule.getFileName());
- } catch (FileNotFoundException e) {
- String message =
- msg.getMessage("config.09", new Object[] { keyModule.getFileName()});
+ } catch (final FileNotFoundException e) {
+ final String message =
+ msg.getMessage("config.09", new Object[] { keyModule.getFileName() });
throw new ConfigurationException(message, e, null);
}
@@ -90,6 +91,7 @@ public class SoftwareKeyModuleConfigurationImpl
/**
* @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreAuthenticationData()
*/
+ @Override
public char[] getKeyStoreAuthenticationData() {
return keyModule.getPassWord().toCharArray();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java
index 9e26fb8..50c3926 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java
@@ -21,35 +21,34 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;
-import iaik.pki.pathvalidation.ValidationConfiguration;
-
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import iaik.pki.pathvalidation.ValidationConfiguration;
/**
* An implementation of the ValidationConfiguration interface using
* MOA configuration data.
- *
+ *
* @see iaik.pki.pathvalidation.ValidationConfiguration
* @author Patrick Peck
* @version $Id$
*/
public class ValidationConfigurationImpl
- extends AbstractObservableConfiguration
- implements ValidationConfiguration {
+ extends AbstractObservableConfiguration
+ implements ValidationConfiguration {
- /** The ConfigurationProvider to read the configuration data
- * from. */
- private ConfigurationProvider config;
+ /**
+ * The ConfigurationProvider to read the configuration data from.
+ */
+ private final ConfigurationProvider config;
/**
* Create a new ValidationConfigurationImpl.
- *
+ *
* @param config The underlying MOA configuration data.
*/
public ValidationConfigurationImpl(ConfigurationProvider config) {
@@ -59,6 +58,7 @@ public class ValidationConfigurationImpl
/**
* @see iaik.pki.pathvalidation.ValidationConfiguration#getChainingMode(java.security.cert.X509Certificate)
*/
+ @Override
public String getChainingMode(X509Certificate cert) {
return config.getChainingMode(cert);
}
@@ -66,6 +66,7 @@ public class ValidationConfigurationImpl
/**
* @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsSpec(java.security.cert.X509Certificate)
*/
+ @Override
public AlgorithmParameterSpec getPublicKeyParamsAsSpec(X509Certificate cert) {
return null;
}
@@ -73,6 +74,7 @@ public class ValidationConfigurationImpl
/**
* @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsCert(java.security.cert.X509Certificate)
*/
+ @Override
public X509Certificate getPublicKeyParamsAsCert(X509Certificate cert) {
return null;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
index 97eb6ef..0032dc6 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
@@ -23,15 +23,8 @@
package at.gv.egovernment.moa.spss.server.iaik.pki;
-import iaik.pki.PKIProfile;
-import iaik.pki.pathvalidation.ValidationProfile;
-import iaik.pki.revocation.RevocationProfile;
-import iaik.pki.store.truststore.TrustStoreProfile;
-import iaik.pki.store.truststore.TrustStoreTypes;
-
import java.util.Arrays;
-import at.gv.egovernment.moa.sig.tsl.api.ITslService;
import at.gv.egovernment.moa.sig.tsl.exception.TslPKIException;
import at.gv.egovernment.moa.sig.tsl.pki.TslTrustStoreProfile;
import at.gv.egovernment.moa.sig.tsl.pki.chaining.ChainingTrustStoreProfile;
@@ -43,189 +36,195 @@ import at.gv.egovernment.moa.spss.server.iaik.pki.revocation.RevocationProfileIm
import at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore.TrustStoreProfileImpl;
import at.gv.egovernment.moa.spss.tsl.TSLServiceFactory;
import at.gv.egovernment.moaspss.logging.Logger;
+import iaik.pki.PKIProfile;
+import iaik.pki.pathvalidation.ValidationProfile;
+import iaik.pki.revocation.RevocationProfile;
+import iaik.pki.store.truststore.TrustStoreProfile;
/**
* Implementation of the PKIProfile interface containing
* information needed for certificate path validation. It uses configuration
* data from the MOA configuration.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class PKIProfileImpl implements PKIProfile {
- /** Profile information for revocation checking. */
- private RevocationProfile revocationProfile;
- /** Profile information about the trust profile to use. */
- private TrustStoreProfile trustStoreProfile;
- /** Profile information about the certificate validation. */
- private ValidationProfile validationProfile;
- /**
- * The ConfigurationProvider to read the MOA configuration data
- * from.
- */
- private ConfigurationProvider config;
-
- /**
- * Create a new PKIProfileImpl.
- *
- * @param config
- * The MOA configuration providing configuration data about
- * certificate path validation.
- * @param trustProfileID
- * The trust profile ID denoting the location of the trust store.
- * @throws MOAApplicationException
- * An error occurred building the profile.
- */
- public PKIProfileImpl(ConfigurationProvider config, String trustProfileID) throws MOAApplicationException {
-
- this.config = config;
- setRevocationProfile(new RevocationProfileImpl(config));
- setValidationProfile(new ValidationProfileImpl(config));
-
- //generate TrustStoreProfile from TrustStore configuration
- internalTrustProfileBuilder(trustProfileID);
-
- }
-
-
- private void internalTrustProfileBuilder(String trustProfileId) throws MOAApplicationException {
- TrustProfile tp = (TrustProfile) config.getTrustProfile(trustProfileId);
- if (tp != null) {
- //build directory based trust store as default
-
-
- if (tp.isTSLEnabled()) {
- TslTrustStoreProfile tslTrustStore;
- try {
- if (!TSLServiceFactory.isInitialized()) {
- Logger.error("Can not build TrustProfile:" + trustProfileId
- + " Reason: TrustProfile needs TSL support but TSL client NOT initialized.");
- throw new TslPKIException("Trust Status-List service client is NOT initialized");
-
- }
-
- //build TSL truststore if enabled
- tslTrustStore = TSLServiceFactory.getTSLServiceClient().
- buildTrustStoreProfile(
- tp.getCountries(),
- tp.getAllowedTspStatus(),
- tp.getAllowedTspServiceTypes(),
- trustProfileId + "_TSL");
-
- //build Directory based TrustStore
- TrustStoreProfileImpl directoryTrustStore = new TrustStoreProfileImpl(trustProfileId + "_Directory", tp.getUri());
-
- //generate a virtual truststore that concatenates the TSL TrustStore and the directory TrustStore
- ChainingTrustStoreProfile chainedProfile = new ChainingTrustStoreProfile(
- Arrays.asList(tslTrustStore, directoryTrustStore),
- trustProfileId);
-
- //set this virtual truststore
- setTrustStoreProfile(chainedProfile);
-
- } catch (TslPKIException e) {
- Logger.error("Virtual TSL based TrustProfile generation FAILED.", e);
- throw new MOAApplicationException("2900", new Object[] { trustProfileId });
-
- }
-
- } else
- setTrustStoreProfile(new TrustStoreProfileImpl(trustProfileId, tp.getUri()));
-
- } else {
- throw new MOAApplicationException("2203", new Object[] { trustProfileId });
-
- }
-
- }
-
- /**
- * @see iaik.pki.PKIProfile#autoAddCertificates()
- */
- /*public boolean autoAddCertificates() {
- return useAuthorityInfoAccess() ? true : config.getAutoAddCertificates();
- }*/
-
- /**
- * @see iaik.pki.PKIProfile#getRevocationProfile()
- */
- public RevocationProfile getRevocationProfile() {
- return revocationProfile;
- }
-
- /**
- * Sets the RevocationProfile.
- *
- * @param revocationProfile
- * The RevocationProfile used for revocation
- * checking.
- */
- protected void setRevocationProfile(RevocationProfile revocationProfile) {
- this.revocationProfile = revocationProfile;
- }
-
- /**
- * @see iaik.pki.PKIProfile#getTrustStoreProfile()
- */
- public TrustStoreProfile getTrustStoreProfile() {
- return trustStoreProfile;
- }
-
- /**
- * Sets the TrustStoreProfile.
- *
- * @param trustStoreProfile
- * The TrustStoreProfile.
- */
- protected void setTrustStoreProfile(TrustStoreProfile trustStoreProfile) {
- this.trustStoreProfile = trustStoreProfile;
- }
-
- /**
- * @see iaik.pki.PKIProfile#getValidationProfile()
- */
- public ValidationProfile getValidationProfile() {
- return validationProfile;
- }
-
- /**
- * Sets the ValidationProfile.
- *
- * @param validationProfile
- * The ValidationProfile to set.
- */
- protected void setValidationProfile(ValidationProfile validationProfile) {
- this.validationProfile = validationProfile;
- }
-
- /**
- * @see iaik.pki.PKIProfile#useAuthorityInfoAccess()
- */
- public boolean useAuthorityInfoAccess() {
- return config.getUseAuthorityInfoAccess();
- }
-
- /**
- * @see iaik.pki.PKIProfile#autoAddCertificates()
- */
- @Override
- public int autoAddCertificates() {
- if(config.getAutoAddCertificates()) {
- if (config.getAutoAddEECertificates())
- return PKIProfile.AUTO_ADD_ENABLE;
- else
- return PKIProfile.AUTO_ADD_EE_DISABLE;
-
- } else
- return PKIProfile.AUTO_ADD_DISABLE;
-
- }
-
- @Override
- public TrustStoreProfile getIndirectRevocationTrustStoreProfile() {
- // TODO AFITZEK IMPLEMENT THIS METHOD
- return null;
- }
+ /** Profile information for revocation checking. */
+ private RevocationProfile revocationProfile;
+ /** Profile information about the trust profile to use. */
+ private TrustStoreProfile trustStoreProfile;
+ /** Profile information about the certificate validation. */
+ private ValidationProfile validationProfile;
+ /**
+ * The ConfigurationProvider to read the MOA configuration data
+ * from.
+ */
+ private final ConfigurationProvider config;
+
+ /**
+ * Create a new PKIProfileImpl.
+ *
+ * @param config The MOA configuration providing configuration data
+ * about certificate path validation.
+ * @param trustProfileID The trust profile ID denoting the location of the trust
+ * store.
+ * @throws MOAApplicationException An error occurred building the profile.
+ */
+ public PKIProfileImpl(ConfigurationProvider config, String trustProfileID) throws MOAApplicationException {
+
+ this.config = config;
+ setRevocationProfile(new RevocationProfileImpl(config));
+ setValidationProfile(new ValidationProfileImpl(config));
+
+ // generate TrustStoreProfile from TrustStore configuration
+ internalTrustProfileBuilder(trustProfileID);
+
+ }
+
+ private void internalTrustProfileBuilder(String trustProfileId) throws MOAApplicationException {
+ final TrustProfile tp = config.getTrustProfile(trustProfileId);
+ if (tp != null) {
+ // build directory based trust store as default
+
+ if (tp.isTSLEnabled()) {
+ TslTrustStoreProfile tslTrustStore;
+ try {
+ if (!TSLServiceFactory.isInitialized()) {
+ Logger.error("Can not build TrustProfile:" + trustProfileId
+ + " Reason: TrustProfile needs TSL support but TSL client NOT initialized.");
+ throw new TslPKIException("Trust Status-List service client is NOT initialized");
+
+ }
+
+ // build TSL truststore if enabled
+ tslTrustStore = TSLServiceFactory.getTSLServiceClient().buildTrustStoreProfile(
+ tp.getCountries(),
+ tp.getAllowedTspStatus(),
+ tp.getAllowedTspServiceTypes(),
+ trustProfileId + "_TSL");
+
+ // build Directory based TrustStore
+ final TrustStoreProfileImpl directoryTrustStore = new TrustStoreProfileImpl(trustProfileId
+ + "_Directory", tp.getUri());
+
+ // generate a virtual truststore that concatenates the TSL TrustStore and the
+ // directory TrustStore
+ final ChainingTrustStoreProfile chainedProfile = new ChainingTrustStoreProfile(
+ Arrays.asList(tslTrustStore, directoryTrustStore),
+ trustProfileId);
+
+ // set this virtual truststore
+ setTrustStoreProfile(chainedProfile);
+
+ } catch (final TslPKIException e) {
+ Logger.error("Virtual TSL based TrustProfile generation FAILED.", e);
+ throw new MOAApplicationException("2900", new Object[] { trustProfileId });
+
+ }
+
+ } else {
+ setTrustStoreProfile(new TrustStoreProfileImpl(trustProfileId, tp.getUri()));
+ }
+
+ } else {
+ throw new MOAApplicationException("2203", new Object[] { trustProfileId });
+
+ }
+
+ }
+
+ /**
+ * @see iaik.pki.PKIProfile#autoAddCertificates()
+ */
+ /*
+ * public boolean autoAddCertificates() { return useAuthorityInfoAccess() ? true
+ * : config.getAutoAddCertificates(); }
+ */
+
+ /**
+ * @see iaik.pki.PKIProfile#getRevocationProfile()
+ */
+ @Override
+ public RevocationProfile getRevocationProfile() {
+ return revocationProfile;
+ }
+
+ /**
+ * Sets the RevocationProfile.
+ *
+ * @param revocationProfile The RevocationProfile used for
+ * revocation checking.
+ */
+ protected void setRevocationProfile(RevocationProfile revocationProfile) {
+ this.revocationProfile = revocationProfile;
+ }
+
+ /**
+ * @see iaik.pki.PKIProfile#getTrustStoreProfile()
+ */
+ @Override
+ public TrustStoreProfile getTrustStoreProfile() {
+ return trustStoreProfile;
+ }
+
+ /**
+ * Sets the TrustStoreProfile.
+ *
+ * @param trustStoreProfile The TrustStoreProfile.
+ */
+ protected void setTrustStoreProfile(TrustStoreProfile trustStoreProfile) {
+ this.trustStoreProfile = trustStoreProfile;
+ }
+
+ /**
+ * @see iaik.pki.PKIProfile#getValidationProfile()
+ */
+ @Override
+ public ValidationProfile getValidationProfile() {
+ return validationProfile;
+ }
+
+ /**
+ * Sets the ValidationProfile.
+ *
+ * @param validationProfile The ValidationProfile to set.
+ */
+ protected void setValidationProfile(ValidationProfile validationProfile) {
+ this.validationProfile = validationProfile;
+ }
+
+ /**
+ * @see iaik.pki.PKIProfile#useAuthorityInfoAccess()
+ */
+ @Override
+ public boolean useAuthorityInfoAccess() {
+ return config.getUseAuthorityInfoAccess();
+ }
+
+ /**
+ * @see iaik.pki.PKIProfile#autoAddCertificates()
+ */
+ @Override
+ public int autoAddCertificates() {
+ if (config.getAutoAddCertificates()) {
+ if (config.getAutoAddEECertificates()) {
+ return PKIProfile.AUTO_ADD_ENABLE;
+ } else {
+ return PKIProfile.AUTO_ADD_EE_DISABLE;
+ }
+
+ } else {
+ return PKIProfile.AUTO_ADD_DISABLE;
+ }
+
+ }
+
+ @Override
+ public TrustStoreProfile getIndirectRevocationTrustStoreProfile() {
+ // TODO AFITZEK IMPLEMENT THIS METHOD
+ return null;
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java
index 7e62d60..76e1ed0 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java
@@ -21,40 +21,39 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.pki.pathvalidation;
-import iaik.pki.pathvalidation.ValidationProfile;
-
import java.util.Collections;
import java.util.Set;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import iaik.pki.pathvalidation.ValidationProfile;
/**
* An implementation of the ValidationProfile interface providing
- * information about certificat path validation.
- *
+ * information about certificat path validation.
+ *
* @author Patrick Peck
* @version $Id$
*/
public class ValidationProfileImpl implements ValidationProfile {
- /** The ConfigurationProvider to read the configuration data
- * from. */
- private ConfigurationProvider config;
- private boolean initialAnyPolicyInhibit;
- private boolean initialExplicitPolicy;
- private boolean initialPolicyMappingInhibit;
- private Set initialPolicySet;
- private boolean nameConstraintsProcessing;
- private boolean policyProcessing;
+ /**
+ * The ConfigurationProvider to read the configuration data from.
+ */
+ private final ConfigurationProvider config;
+ private final boolean initialAnyPolicyInhibit;
+ private final boolean initialExplicitPolicy;
+ private final boolean initialPolicyMappingInhibit;
+ private final Set initialPolicySet;
+ private final boolean nameConstraintsProcessing;
+ private final boolean policyProcessing;
/**
* Create a new ValidationProfileImpl object.
- *
+ *
* This objects's fields are preset to the following values:
- *
+ *
*
* initialAnyPolicyInhibit = trueinitialExplicitPoliy = truenameConstraintsProcessing = falserevocationChecking = false
- *
- * @param config MOA configuration data for additional configuration
- * information (currently unused).
+ *
+ * @param config MOA configuration data for additional configuration information
+ * (currently unused).
*/
public ValidationProfileImpl(ConfigurationProvider config) {
this.config = config;
@@ -81,6 +80,7 @@ public class ValidationProfileImpl implements ValidationProfile {
/**
* @see iaik.pki.pathvalidation.ValidationProfile#getInitialAnyPolicyInhibit()
*/
+ @Override
public boolean getInitialAnyPolicyInhibit() {
return initialAnyPolicyInhibit;
}
@@ -88,6 +88,7 @@ public class ValidationProfileImpl implements ValidationProfile {
/**
* @see iaik.pki.pathvalidation.ValidationProfile#getInitialExplicitPolicy()
*/
+ @Override
public boolean getInitialExplicitPolicy() {
return initialExplicitPolicy;
}
@@ -95,6 +96,7 @@ public class ValidationProfileImpl implements ValidationProfile {
/**
* @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicyMappingInhibit()
*/
+ @Override
public boolean getInitialPolicyMappingInhibit() {
return initialPolicyMappingInhibit;
}
@@ -102,6 +104,7 @@ public class ValidationProfileImpl implements ValidationProfile {
/**
* @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicySet()
*/
+ @Override
public Set getInitialPolicySet() {
return initialPolicySet;
}
@@ -109,6 +112,7 @@ public class ValidationProfileImpl implements ValidationProfile {
/**
* @see iaik.pki.pathvalidation.ValidationProfile#getPolicyProcessing()
*/
+ @Override
public boolean getPolicyProcessing() {
return policyProcessing;
}
@@ -116,6 +120,7 @@ public class ValidationProfileImpl implements ValidationProfile {
/**
* @see iaik.pki.pathvalidation.ValidationProfile#getNameConstraintsProcessing()
*/
+ @Override
public boolean getNameConstraintsProcessing() {
return nameConstraintsProcessing;
}
@@ -123,8 +128,8 @@ public class ValidationProfileImpl implements ValidationProfile {
/**
* @see iaik.pki.pathvalidation.ValidationProfile#getRevocationChecking()
*/
- public boolean getRevocationChecking()
- {
+ @Override
+ public boolean getRevocationChecking() {
return config.getEnableRevocationChecking();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java
index 14627b2..5215131 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java
@@ -21,37 +21,37 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.pki.revocation;
import java.security.cert.X509Certificate;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import iaik.pki.revocation.RevocationProfile;
import iaik.pki.revocation.RevocationSourceTypes;
-import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
-
/**
* An implementation of the RevocationProfile interface providing
* information about revocation status checking, based on MOA configuration
* data.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class RevocationProfileImpl implements RevocationProfile {
/** The default service order. */
private static final String[] DEFAULT_SERVICE_ORDER =
- { RevocationSourceTypes.CRL, RevocationSourceTypes.OCSP };
- /** The ConfigurationProvider to read the MOA configuration data
- * from. */
- private ConfigurationProvider config;
+ { RevocationSourceTypes.CRL, RevocationSourceTypes.OCSP };
+ /**
+ * The ConfigurationProvider to read the MOA configuration data
+ * from.
+ */
+ private final ConfigurationProvider config;
/** The OCSP request hash algorithm. Currently only "SHA" is supported. */
private static final String oCSPRequestHashAlgorithm = "SHA";
/**
* Create a new RevocationProfileImpl.
- *
+ *
* @param config The MOA configuration data.
*/
public RevocationProfileImpl(ConfigurationProvider config) {
@@ -63,14 +63,15 @@ public class RevocationProfileImpl implements RevocationProfile {
/**
* @see iaik.pki.revocation.RevocationProfile#getMaxRevocationAge(String)
*/
- public long getMaxRevocationAge(String distributionPointUri)
- {
+ @Override
+ public long getMaxRevocationAge(String distributionPointUri) {
return config.getMaxRevocationAge();
}
/**
* @see iaik.pki.revocation.RevocationProfile#getOCSPRequestHashAlgorithm()
*/
+ @Override
public String getOCSPRequestHashAlgorithm() {
return oCSPRequestHashAlgorithm;
}
@@ -78,10 +79,12 @@ public class RevocationProfileImpl implements RevocationProfile {
/**
* @see iaik.pki.revocation.RevocationProfile#getPreferredServiceOrder(java.security.cert.X509Certificate)
*/
- public String[] getPreferredServiceOrder(X509Certificate cert)
- {
- String[] serviceOrder = config.getServiceOrder();
- if (serviceOrder == null || serviceOrder.length == 0) return DEFAULT_SERVICE_ORDER;
+ @Override
+ public String[] getPreferredServiceOrder(X509Certificate cert) {
+ final String[] serviceOrder = config.getServiceOrder();
+ if (serviceOrder == null || serviceOrder.length == 0) {
+ return DEFAULT_SERVICE_ORDER;
+ }
return serviceOrder;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java
index c9f4f28..9ef3764 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java
@@ -21,89 +21,82 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore;
import java.util.ArrayList;
-import java.util.Iterator;
import java.util.List;
-import iaik.pki.store.truststore.TrustStoreProfile;
-import iaik.pki.store.truststore.TrustStoreTypes;
-import iaik.pki.store.observer.NotificationData;
-import iaik.pki.store.observer.Observer;
-
import at.gv.egovernment.moa.spss.MOAApplicationException;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.config.TrustProfile;
+import iaik.pki.store.observer.NotificationData;
+import iaik.pki.store.observer.Observer;
+import iaik.pki.store.truststore.TrustStoreProfile;
+import iaik.pki.store.truststore.TrustStoreTypes;
/**
* An implementation of the TrustStoreProfile interface, using data
* from the MOA configuration.
- *
- * @see iaik.pki.store.truststore.TrustStoreProfile
+ *
+ * @see iaik.pki.store.truststore.TrustStoreProfile
* @author Patrick Peck
* @version $Id$
*/
public class TrustStoreProfileImpl implements TrustStoreProfile {
/** The observers of this profile. */
- private List observers = new ArrayList();
-
+ private final List observers = new ArrayList();
+
/**
- * The trust profile identifier.
+ * The trust profile identifier.
*/
private String id_;
-
+
/** The type of the trust profile. */
private String type;
- /** The URI of the trust profile.*/
+ /** The URI of the trust profile. */
private String URI;
-
/**
* Create a new TrustStoreProfileImpl.
- *
- * @param config The MOA configuration data, from which trust store
- * configuration data is read.
+ *
+ * @param config The MOA configuration data, from which trust store
+ * configuration data is read.
* @param trustProfileId The trust profile id on which this
- * TrustStoreProfile is based.
- * @throws MOAApplicationException The trustProfileId could not
- * be found in the MOA configuration.
+ * TrustStoreProfile is based.
+ * @throws MOAApplicationException The trustProfileId could not be
+ * found in the MOA configuration.
*/
public TrustStoreProfileImpl(String trustProfileId, String trustProfileUri)
- throws MOAApplicationException {
- id_ = trustProfileId;
- setURI(trustProfileUri);
- setType(TrustStoreTypes.DIRECTORY);
-
+ throws MOAApplicationException {
+ id_ = trustProfileId;
+ setURI(trustProfileUri);
+ setType(TrustStoreTypes.DIRECTORY);
+
}
-
+
/**
* Create a new TrustStoreProfileImpl.
- *
- * @param config The MOA configuration data, from which trust store
- * configuration data is read.
+ *
+ * @param config The MOA configuration data, from which trust store
+ * configuration data is read.
* @param trustProfileId The trust profile id on which this
- * TrustStoreProfile is based.
- * @throws MOAApplicationException The trustProfileId could not
- * be found in the MOA configuration.
+ * TrustStoreProfile is based.
+ * @throws MOAApplicationException The trustProfileId could not be
+ * found in the MOA configuration.
*/
@Deprecated
public TrustStoreProfileImpl(
- ConfigurationProvider config,
- String trustProfileId)
- throws MOAApplicationException {
+ ConfigurationProvider config,
+ String trustProfileId)
+ throws MOAApplicationException {
- TrustProfile tp = (TrustProfile) config.getTrustProfile(trustProfileId);
- if (tp != null)
- {
+ final TrustProfile tp = config.getTrustProfile(trustProfileId);
+ if (tp != null) {
id_ = trustProfileId;
setURI(tp.getUri());
setType(TrustStoreTypes.DIRECTORY);
- }
- else
- {
+ } else {
throw new MOAApplicationException("2203", new Object[] { trustProfileId });
}
}
@@ -111,14 +104,15 @@ public class TrustStoreProfileImpl implements TrustStoreProfile {
/**
* @see iaik.pki.store.truststore.TrustStoreProfile#getType()
*/
+ @Override
public String getType() {
return type;
}
/**
* Sets the the trust store type.
- *
- * @param type The trust store type to set.
+ *
+ * @param type The trust store type to set.
*/
protected void setType(String type) {
this.type = type;
@@ -127,13 +121,14 @@ public class TrustStoreProfileImpl implements TrustStoreProfile {
/**
* @see iaik.pki.store.truststore.TrustStoreProfile#getURI()
*/
+ @Override
public String getURI() {
return URI;
}
/**
* Sets the trust store URI.
- *
+ *
* @param URI The trust store URI to set.
*/
protected void setURI(String URI) {
@@ -162,8 +157,8 @@ public class TrustStoreProfileImpl implements TrustStoreProfile {
* @see iaik.pki.store.observer.Observable#notify(iaik.pki.store.observer.NotificationData)
*/
public void notify(NotificationData notificationData) {
- for (Iterator iter = observers.iterator(); iter.hasNext();) {
- Observer observer = (Observer) iter.next();
+ for (final Object observer2 : observers) {
+ final Observer observer = (Observer) observer2;
observer.notify(notificationData);
}
}
@@ -171,8 +166,8 @@ public class TrustStoreProfileImpl implements TrustStoreProfile {
/**
* @see iaik.pki.store.truststore.TrustStoreProfile#getId()
*/
- public String getId()
- {
+ @Override
+ public String getId() {
return id_;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java
index cc12861..1bba712 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import iaik.server.modules.xml.Base64Transformation;
@@ -29,39 +28,39 @@ import iaik.server.modules.xml.Base64Transformation;
/**
* An implementation of the Base64Transformation
* Transformation type.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class Base64TransformationImpl
- extends TransformationImpl
- implements Base64Transformation {
-
+ extends TransformationImpl
+ implements Base64Transformation {
+
/**
* Create a new Base64TransformationImpl.
- *
+ *
* @see java.lang.Object#Object()
- */
+ */
public Base64TransformationImpl() {
setAlgorithmURI(Base64Transformation.BASE64_DECODING);
}
/**
* Compare this Base64Transformation to another.
- *
- * @param other The object to compare thisBase64Transformation
- * to.
+ *
+ * @param other The object to compare thisBase64Transformation to.
* @return true, if other is a
- * Base64Transformation and the algorithm URIs match, otherwise
- * false.
+ * Base64Transformation and the algorithm URIs match,
+ * otherwise false.
* @see java.lang.Object#equals(Object)
- */
+ */
+ @Override
public boolean equals(Object other) {
if (other instanceof Base64Transformation) {
- Base64Transformation transform = (Base64Transformation) other;
+ final Base64Transformation transform = (Base64Transformation) other;
return getAlgorithmURI().equals(transform.getAlgorithmURI());
}
return false;
}
-
+
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java
index 4d627d7..e498842 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import java.io.ByteArrayInputStream;
@@ -31,22 +30,21 @@ import iaik.server.modules.xml.BinaryDataObject;
/**
* A BinaryDataObject encapsulating Base64 data.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class ByteArrayDataObjectImpl
- extends DataObjectImpl
- implements BinaryDataObject {
+ extends DataObjectImpl
+ implements BinaryDataObject {
/** The binary data contained in this BinaryDataObject. */
private byte[] bytes;
/**
* Create a new ByteArrayDataObjectImpl.
- *
- * @param bytes The binary data contained in this
- * BinaryDataObject.
+ *
+ * @param bytes The binary data contained in this BinaryDataObject.
*/
public ByteArrayDataObjectImpl(byte[] bytes) {
setBytes(bytes);
@@ -54,23 +52,22 @@ public class ByteArrayDataObjectImpl
/**
* Set the Base64 data.
- *
- * @param bytes The binary data contained in this
- * BinaryDataObject.
+ *
+ * @param bytes The binary data contained in this BinaryDataObject.
*/
public void setBytes(byte[] bytes) {
this.bytes = bytes;
}
/**
- * Return the binary data encoded in the Base64 String as a
- * stream.
- *
+ * Return the binary data encoded in the Base64 String as a stream.
+ *
* @return The binary data contained in this object, as a
- * InputStream. Repeated calls to this function will return a
- * new stream to the Base64 data.
+ * InputStream. Repeated calls to this function will return
+ * a new stream to the Base64 data.
* @see iaik.server.modules.xml.BinaryDataObject#getInputStream()
*/
+ @Override
public InputStream getInputStream() {
return new ByteArrayInputStream(bytes);
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java
index b982c8e..af8ee66 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import java.io.InputStream;
@@ -29,21 +28,21 @@ import java.io.InputStream;
import iaik.server.modules.xml.BinaryDataObject;
/**
- * A BinaryDataObject encapsulating binary data from a stream.
- *
+ * A BinaryDataObject encapsulating binary data from a stream.
+ *
* @author Patrick Peck
* @version $Id$
*/
public class ByteStreamDataObjectImpl
- extends DataObjectImpl
- implements BinaryDataObject {
+ extends DataObjectImpl
+ implements BinaryDataObject {
/** The InputStream containing the binary data. */
private InputStream inputStream;
/**
* Create a new ByteStreamDataObjectImpl.
- *
+ *
* @param inputStream The stream from which to read the binary data.
*/
public ByteStreamDataObjectImpl(InputStream inputStream) {
@@ -52,7 +51,7 @@ public class ByteStreamDataObjectImpl
/**
* Set the input stream from which to read the binary data.
- *
+ *
* @param inputStream The input stream from which to read the binary data.
*/
public void setInputStream(InputStream inputStream) {
@@ -61,11 +60,12 @@ public class ByteStreamDataObjectImpl
/**
* Return the binary data from this object as a stream.
- *
+ *
* @return The stream containing the binary data. Calling this function
- * repeatedly will always return the same InputStream.
+ * repeatedly will always return the same InputStream.
* @see iaik.server.modules.xml.BinaryDataObject#getInputStream()
*/
+ @Override
public InputStream getInputStream() {
return inputStream;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java
index 0c3a8da..1e2a651 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import iaik.server.modules.xml.Canonicalization;
@@ -29,36 +28,36 @@ import iaik.server.modules.xml.Canonicalization;
/**
* An implementation of the CanonicalizationTransform
* Transformation type.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class CanonicalizationImpl
- extends TransformationImpl
- implements Canonicalization {
-
+ extends TransformationImpl
+ implements Canonicalization {
+
/**
* Create a new CanonicalizationTransformImpl object.
- *
+ *
* @param algorithmURI The canonicalization algorithm URI.
- */
+ */
public CanonicalizationImpl(String algorithmURI) {
setAlgorithmURI(algorithmURI);
}
-
+
/**
* Compare this object to another Canonicalization.
- *
- * @param other The object to compare this
- * Canonicalization to.
+ *
+ * @param other The object to compare this Canonicalization to.
* @return true, if other is a
- * Canonicalization and the algorithm URIs match, otherwise
- * false.
+ * Canonicalization and the algorithm URIs match, otherwise
+ * false.
* @see java.lang.Object#equals(Object)
*/
+ @Override
public boolean equals(Object other) {
if (other instanceof Canonicalization) {
- Canonicalization c14n = (Canonicalization) other;
+ final Canonicalization c14n = (Canonicalization) other;
return getAlgorithmURI().equals(c14n.getAlgorithmURI());
}
return false;
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java
index 702caaf..ac36875 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import iaik.server.modules.xml.DataObject;
@@ -29,12 +28,12 @@ import iaik.server.modules.xml.DataObject;
/**
* Abstract base implementation for the classes derived from
* DataObject.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public abstract class DataObjectImpl implements DataObject {
-
+
/** The MIME type of the data object. */
private String mimeType;
/** The refernce ID. */
@@ -43,33 +42,35 @@ public abstract class DataObjectImpl implements DataObject {
private String typeURI;
/** The URI identifying the data. */
private String URI;
-
+
/**
* @see iaik.server.modules.xml.DataObject#getMimeType()
*/
+ @Override
public String getMimeType() {
return mimeType;
}
/**
* Set the mime type.
- *
+ *
* @param mimeType The mime type to set.
*/
public void setMimeType(String mimeType) {
this.mimeType = mimeType;
}
-
+
/**
* @see iaik.server.modules.xml.DataObject#getReferenceID()
*/
+ @Override
public String getReferenceID() {
return referenceID;
}
-
+
/**
* Set the reference ID.
- *
+ *
* @param referenceID The reference ID.
*/
public void setReferenceID(String referenceID) {
@@ -79,13 +80,14 @@ public abstract class DataObjectImpl implements DataObject {
/**
* @see iaik.server.modules.xml.DataObject#getTypeURI()
*/
+ @Override
public String getTypeURI() {
return typeURI;
}
/**
* Set the type URI.
- *
+ *
* @param typeURI The type URI.
*/
public void setTypeURI(String typeURI) {
@@ -95,13 +97,14 @@ public abstract class DataObjectImpl implements DataObject {
/**
* @see iaik.server.modules.xml.DataObject#getURI()
*/
+ @Override
public String getURI() {
return URI;
}
-
+
/**
* Set the URI.
- *
+ *
* @param URI The URI.
*/
public void setURI(String URI) {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java
index d582594..2c9f0e3 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import iaik.server.modules.xml.EnvelopedSignatureTransformation;
@@ -29,13 +28,13 @@ import iaik.server.modules.xml.EnvelopedSignatureTransformation;
/**
* An implementation of the EnvelopedSignatureTransformation
* Transformation type.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class EnvelopedSignatureTransformationImpl
- extends TransformationImpl
- implements EnvelopedSignatureTransformation {
+ extends TransformationImpl
+ implements EnvelopedSignatureTransformation {
/**
* Create a new EnvelopedSignatureTransformationImpl.
@@ -46,18 +45,19 @@ public class EnvelopedSignatureTransformationImpl
/**
* Compare this object to another EnvelopedSignatureTransformation.
- *
- * @param other The object to compare this
- * EnvelopedSignatureTransformation to.
+ *
+ * @param other The object to compare this
+ * EnvelopedSignatureTransformation to.
* @return true, if other is a
- * EnvelopedSignatureTransformation, otherwise
- * false.
+ * EnvelopedSignatureTransformation, otherwise
+ * false.
* @see java.lang.Object#equals(Object)
*/
+ @Override
public boolean equals(Object other) {
if (other instanceof EnvelopedSignatureTransformation) {
- EnvelopedSignatureTransformation transform =
- (EnvelopedSignatureTransformation) other;
+ final EnvelopedSignatureTransformation transform =
+ (EnvelopedSignatureTransformation) other;
return getAlgorithmURI().equals(transform.getAlgorithmURI());
}
return false;
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java
index dfadf0c..ce98e7f 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import java.util.List;
@@ -29,38 +28,39 @@ import java.util.List;
import iaik.server.modules.xml.ExclusiveCanonicalization;
/**
- * An implementation of the ExclusiveCanonicalization type
- * of Transformation.
- *
+ * An implementation of the ExclusiveCanonicalization type of
+ * Transformation.
+ *
* @author Patrick Peck
* @version $Id$
*/
public class ExclusiveCanonicalizationImpl
- extends TransformationImpl
- implements ExclusiveCanonicalization {
+ extends TransformationImpl
+ implements ExclusiveCanonicalization {
/** The prefixes of the namespaces to treat according to canonical XML. */
private List inclusiveNamespacePrefixes;
/**
* Create a new ExclusiveCanonicalizationImpl object.
- *
- * @param algorithmURI The exclusive canonicalization algorithm URI.
+ *
+ * @param algorithmURI The exclusive canonicalization algorithm
+ * URI.
* @param inclusiveNamespacePrefixes The namespace prefixes to be processed
- * according to canonical XML.
+ * according to canonical XML.
*/
public ExclusiveCanonicalizationImpl(
- String algorithmURI,
- List inclusiveNamespacePrefixes) {
+ String algorithmURI,
+ List inclusiveNamespacePrefixes) {
setAlgorithmURI(algorithmURI);
setInclusiveNamespacePrefixes(inclusiveNamespacePrefixes);
}
/**
* Sets the namespace prefixes to be processed according to canonical XML.
- *
+ *
* @param inclusiveNamespacePrefixes The prefixes of the namespaces to treat
- * according to canonical XML.
+ * according to canonical XML.
*/
protected void setInclusiveNamespacePrefixes(List inclusiveNamespacePrefixes) {
this.inclusiveNamespacePrefixes = inclusiveNamespacePrefixes;
@@ -69,29 +69,32 @@ public class ExclusiveCanonicalizationImpl
/**
* @see iaik.server.modules.xml.ExclusiveCanonicalization#getInclusiveNamespacePrefixes()
*/
+ @Override
public List getInclusiveNamespacePrefixes() {
return inclusiveNamespacePrefixes;
}
/**
* Compare this object to another CanonicalizationTransform.
- *
- * @param other The object to compare this
- * ExclusiveCanonicalization to.
+ *
+ * @param other The object to compare this
+ * ExclusiveCanonicalization to.
* @return true, if other is a
- * ExclusiveCanonicalization and the algorithm URIs match,
- * otherwise false.
+ * ExclusiveCanonicalization and the algorithm URIs match,
+ * otherwise false.
* @see java.lang.Object#equals(Object)
*/
+ @Override
public boolean equals(Object other) {
if (other instanceof ExclusiveCanonicalization) {
- ExclusiveCanonicalization eC14n =
- (ExclusiveCanonicalization) other;
- boolean algURIEquals = getAlgorithmURI().equals(eC14n.getAlgorithmURI());
- boolean inclNSPrefs =
- (getInclusiveNamespacePrefixes() == null || getInclusiveNamespacePrefixes().isEmpty())
- ? eC14n.getInclusiveNamespacePrefixes() == null || eC14n.getInclusiveNamespacePrefixes().isEmpty()
- : getInclusiveNamespacePrefixes().equals(eC14n.getInclusiveNamespacePrefixes());
+ final ExclusiveCanonicalization eC14n =
+ (ExclusiveCanonicalization) other;
+ final boolean algURIEquals = getAlgorithmURI().equals(eC14n.getAlgorithmURI());
+ final boolean inclNSPrefs =
+ getInclusiveNamespacePrefixes() == null || getInclusiveNamespacePrefixes().isEmpty()
+ ? eC14n.getInclusiveNamespacePrefixes() == null || eC14n.getInclusiveNamespacePrefixes()
+ .isEmpty()
+ : getInclusiveNamespacePrefixes().equals(eC14n.getInclusiveNamespacePrefixes());
return algURIEquals && inclNSPrefs;
}
return false;
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java
index 9026d33..9f4e22d 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import java.util.Date;
@@ -30,18 +29,18 @@ import iaik.server.modules.xml.SigningTime;
/**
* An implementation of the SigningTime Property.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class SigningTimeImpl implements SigningTime {
-
+
/** The signing time. */
- private Date signingTime;
-
+ private final Date signingTime;
+
/**
* Create a new SigningTimeImpl.
- *
+ *
* @param signingTime The signing time.
*/
public SigningTimeImpl(Date signingTime) {
@@ -51,6 +50,7 @@ public class SigningTimeImpl implements SigningTime {
/**
* @see iaik.server.modules.xml.SigningTime#getSigningTime()
*/
+ @Override
public Date getSigningTime() {
return signingTime;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java
index 1595446..fa3401e 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java
@@ -21,14 +21,13 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import iaik.server.modules.xml.Transformation;
/**
* Base implementation class for Transformation derived classes.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -36,32 +35,34 @@ public abstract class TransformationImpl implements Transformation {
/** The algorithm URI identifying the transformation algorithm. */
private String algorithmURI;
-
+
/**
* @see iaik.server.modules.xml.Transformation#getAlgorithmURI()
*/
+ @Override
public String getAlgorithmURI() {
return algorithmURI;
}
/**
* Sets the algorithm URI.
- *
+ *
* @param algorithmURI The algorithm URI to set.
*/
protected void setAlgorithmURI(String algorithmURI) {
this.algorithmURI = algorithmURI;
}
-
+
/**
* Returns the hash code of the algorithm URI. Should be overridden if a
* transformation distinguishes itself from others by more than just the
* algorithm URI.
- *
+ *
* @see java.lang.Object#hashCode()
*/
+ @Override
public int hashCode() {
return getAlgorithmURI().hashCode();
}
-
+
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java
index e8444b9..0688d0e 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import org.w3c.dom.Element;
@@ -30,22 +29,21 @@ import iaik.server.modules.xml.XMLDataObject;
/**
* A DataObject containing a single DOM element.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class XMLDataObjectImpl
- extends DataObjectImpl
- implements XMLDataObject {
-
- /** The XML data contained in this XMLDataObject. */
+ extends DataObjectImpl
+ implements XMLDataObject {
+
+ /** The XML data contained in this XMLDataObject. */
private Element element;
-
+
/**
* Create a new XMLDataObjectImpl.
- *
- * @param element The DOM element contained in this
- * XMLDataObject.
+ *
+ * @param element The DOM element contained in this XMLDataObject.
*/
public XMLDataObjectImpl(Element element) {
setElement(element);
@@ -54,13 +52,14 @@ public class XMLDataObjectImpl
/**
* @see iaik.server.modules.xml.XMLDataObject#getElement()
*/
+ @Override
public Element getElement() {
return element;
}
/**
* Set the DOM element contained in this XMLDataObject.
- *
+ *
* @param element The DOM element to set.
*/
public void setElement(Element element) {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java
index 2fb9df9..51f96f0 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import org.w3c.dom.NodeList;
@@ -30,22 +29,22 @@ import iaik.server.modules.xml.XMLNodeListDataObject;
/**
* A DataObject containing a list of DOM nodes.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class XMLNodeListDataObjectImpl
- extends DataObjectImpl
- implements XMLNodeListDataObject {
+ extends DataObjectImpl
+ implements XMLNodeListDataObject {
/** The nodes contained in this XMLNodeListDataObject. */
private NodeList nodeList;
/**
* Create a new XMLNodeListDataObjectImpl.
- *
+ *
* @param nodeList The list of DOM nodes contained in this
- * XMLNodeListDataObject.
+ * XMLNodeListDataObject.
*/
public XMLNodeListDataObjectImpl(NodeList nodeList) {
setNodeList(nodeList);
@@ -54,7 +53,7 @@ public class XMLNodeListDataObjectImpl
/**
* Set the list of DOM nodes contained in this
* XMLNodeListDataObject.
- *
+ *
* @param nodeList The list of DOM nodes to set.
*/
public void setNodeList(NodeList nodeList) {
@@ -64,6 +63,7 @@ public class XMLNodeListDataObjectImpl
/**
* @see iaik.server.modules.xml.XMLNodeListDataObject#getNodeList()
*/
+ @Override
public NodeList getNodeList() {
return nodeList;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java
index 0774726..1844780 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import org.w3c.dom.Element;
@@ -29,28 +28,28 @@ import org.w3c.dom.Element;
import iaik.server.modules.xml.XMLSignature;
/**
- * An object containing an XMLDsig signature in the form of a
+ * An object containing an XMLDsig signature in the form of a
* dsig:Signature DOM element.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class XMLSignatureImpl implements XMLSignature {
/** The signature DOM element. */
private Element element;
-
+
/**
* Create a new XMLSignatureImpl.
- *
+ *
* @param element The dsig:Signature DOM element.
*/
public XMLSignatureImpl(Element element) {
setElement(element);
}
-
+
/**
* Set the dsig:Signature DOM element.
- *
+ *
* @param element The dsig:Signature element to set.
*/
public void setElement(Element element) {
@@ -60,6 +59,7 @@ public class XMLSignatureImpl implements XMLSignature {
/**
* @see iaik.server.modules.xml.XMLSignature#getElement()
*/
+ @Override
public Element getElement() {
return element;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java
index d309302..a44196a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import java.util.Map;
@@ -31,7 +30,7 @@ import iaik.server.modules.xml.XPath2Transformation.XPath2Filter;
/**
* An object encapsulating an XPath-Filter2 expression.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -46,17 +45,18 @@ public class XPath2FilterImpl implements XPath2Filter {
/**
* Create a new XPath2FilterImpl object.
- *
- * @param filterType The type of filter. Must be one of the filter type
- * constants declared in iaik.server.modules.xml.XPath2Transformation.XPath2Filter
- * @param xPathExpression The XPath expression belonging to this filter.
+ *
+ * @param filterType The type of filter. Must be one of the filter
+ * type constants declared in
+ * iaik.server.modules.xml.XPath2Transformation.XPath2Filter
+ * @param xPathExpression The XPath expression belonging to this filter.
* @param namespaceDeclarations The namespace declarations visible for this
- * XPath2Filter.
+ * XPath2Filter.
*/
public XPath2FilterImpl(
- String filterType,
- String xPathExpression,
- Map namespaceDeclarations) {
+ String filterType,
+ String xPathExpression,
+ Map namespaceDeclarations) {
setFilterType(filterType);
setXPathExpression(xPathExpression);
@@ -66,13 +66,14 @@ public class XPath2FilterImpl implements XPath2Filter {
/**
* @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getFilterType()
*/
+ @Override
public String getFilterType() {
return filterType;
}
/**
* Set the filter type.
- *
+ *
* @param filterType The filter type to set.
*/
protected void setFilterType(String filterType) {
@@ -82,13 +83,14 @@ public class XPath2FilterImpl implements XPath2Filter {
/**
* @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getXPathExpression()
*/
+ @Override
public String getXPathExpression() {
return xPathExpression;
}
/**
* Set the XPath expression.
- *
+ *
* @param xPathExpression The XPath expression to set.
*/
protected void setXPathExpression(String xPathExpression) {
@@ -98,15 +100,16 @@ public class XPath2FilterImpl implements XPath2Filter {
/**
* @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getNamespaceDeclarations()
*/
+ @Override
public Map getNamespaceDeclarations() {
return namespaceDeclarations;
}
/**
* Set the namespace declarations.
- *
- * @param namespaceDeclarations The mapping between namespace prefixes and
- * their associated URI.
+ *
+ * @param namespaceDeclarations The mapping between namespace prefixes and their
+ * associated URI.
*/
protected void setNamespaceDeclarations(Map namespaceDeclarations) {
this.namespaceDeclarations = namespaceDeclarations;
@@ -114,18 +117,19 @@ public class XPath2FilterImpl implements XPath2Filter {
/**
* Compare this object to another.
- *
+ *
* @param other The object to compare this XPath2Filter to.
* @return true, if other is a
- * XPath2Filter and the filter types match and the XPath
- * expressions match. Otherwise false is returned.
+ * XPath2Filter and the filter types match and the XPath
+ * expressions match. Otherwise false is returned.
* @see java.lang.Object#equals(java.lang.Object)
*/
+ @Override
public boolean equals(Object other) {
if (other instanceof XPath2Transformation.XPath2Filter) {
- XPath2Filter filter = (XPath2Transformation.XPath2Filter) other;
+ final XPath2Filter filter = (XPath2Transformation.XPath2Filter) other;
return getFilterType().equals(filter.getFilterType())
- && getXPathExpression().equals(filter.getXPathExpression());
+ && getXPathExpression().equals(filter.getXPathExpression());
}
return false;
}
@@ -133,6 +137,7 @@ public class XPath2FilterImpl implements XPath2Filter {
/**
* @see java.lang.Object#hashCode()
*/
+ @Override
public int hashCode() {
return getXPathExpression().hashCode() * 31 + getFilterType().hashCode();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java
index f483b18..b49bd64 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import java.util.ArrayList;
@@ -33,20 +32,20 @@ import iaik.server.modules.xml.XPath2Transformation;
/**
* An object encapsulating a Transformation containing several
* XPath-Filter2 expressions.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class XPath2TransformationImpl
- extends TransformationImpl
- implements XPath2Transformation {
+ extends TransformationImpl
+ implements XPath2Transformation {
/** The filters contained in this XPath2Transformation */
- private List xPathFilters = new ArrayList();
+ private final List xPathFilters = new ArrayList();
/**
* Create a new XPath2TransformationImpl.
- *
+ *
* The list of XPath-Filter2 expression is initially empty.
*/
public XPath2TransformationImpl() {
@@ -56,13 +55,14 @@ public class XPath2TransformationImpl
/**
* @see iaik.server.modules.xml.XPath2Transformation#getXPathFilters()
*/
+ @Override
public List getXPathFilters() {
return xPathFilters;
}
/**
* Add an XPath-Filter2 expression to the list of filters.
- *
+ *
* @param filter The filter to add.
*/
public void addXPathFilter(XPath2Filter filter) {
@@ -71,18 +71,18 @@ public class XPath2TransformationImpl
/**
* Compare this XPath2Transformation to another.
- *
- * @param other The object to compare this
- * XPath2Transformation to.
+ *
+ * @param other The object to compare this XPath2Transformation to.
* @return true, if other is an
- * XPath2Transformation and getXPathFilters() equals
- * other.getXPathFilters(). Otherwise false is
- * returned.
+ * XPath2Transformation and getXPathFilters()
+ * equals other.getXPathFilters(). Otherwise
+ * false is returned.
* @see java.lang.Object#equals(Object)
*/
+ @Override
public boolean equals(Object other) {
if (other instanceof XPath2Transformation) {
- XPath2Transformation transform = (XPath2Transformation) other;
+ final XPath2Transformation transform = (XPath2Transformation) other;
return getXPathFilters().equals(transform.getXPathFilters());
}
@@ -92,8 +92,9 @@ public class XPath2TransformationImpl
/**
* @see java.lang.Object#hashCode()
*/
+ @Override
public int hashCode() {
- Iterator iter = getXPathFilters().iterator();
+ final Iterator iter = getXPathFilters().iterator();
int hashCode = 0;
while (iter.hasNext()) {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java
index 06cc319..65b33f4 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xml;
import java.util.Map;
@@ -30,13 +29,13 @@ import iaik.server.modules.xml.XPathTransformation;
/**
* A Transformation containing an XPath expression.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class XPathTransformationImpl
- extends TransformationImpl
- implements XPathTransformation {
+ extends TransformationImpl
+ implements XPathTransformation {
/** The XPath expression. */
private String xPathExpression;
@@ -45,16 +44,16 @@ public class XPathTransformationImpl
/**
* Create a new XPathTransformationImpl.
- *
+ *
* The namespace declarations are initialized empty.
- *
- * @param xPathExpression The XPath expression this object will contain.
+ *
+ * @param xPathExpression The XPath expression this object will contain.
* @param namespaceDeclarations The namespace declarations visible for this
- * XPath.
+ * XPath.
*/
public XPathTransformationImpl(
- String xPathExpression,
- Map namespaceDeclarations) {
+ String xPathExpression,
+ Map namespaceDeclarations) {
setAlgorithmURI(XPathTransformation.XPATH);
setXPathExpression(xPathExpression);
@@ -63,7 +62,7 @@ public class XPathTransformationImpl
/**
* Set the XPath expression.
- *
+ *
* @param xPathExpression The XPath expression.
*/
protected void setXPathExpression(String xPathExpression) {
@@ -73,6 +72,7 @@ public class XPathTransformationImpl
/**
* @see iaik.server.modules.xml.XPathTransformation#getXPathExpression()
*/
+ @Override
public String getXPathExpression() {
return xPathExpression;
}
@@ -80,15 +80,16 @@ public class XPathTransformationImpl
/**
* @see iaik.server.modules.xml.XPathTransformation#getNamespaceDeclarations()
*/
+ @Override
public Map getNamespaceDeclarations() {
return namespaceDeclarations;
}
/**
* Set the namespace declarations.
- *
- * @param namespaceDeclarations The mapping between namespace prefixes and
- * their associated URI.
+ *
+ * @param namespaceDeclarations The mapping between namespace prefixes and their
+ * associated URI.
*/
protected void setNamespaceDeclarations(Map namespaceDeclarations) {
this.namespaceDeclarations = namespaceDeclarations;
@@ -96,17 +97,18 @@ public class XPathTransformationImpl
/**
* Compare this XPathTransformation to another.
- *
- * @param other The object to compare this
- * XPathTransformation to.
+ *
+ * @param other The object to compare this XPathTransformation to.
* @return true, if other is an
- * XPathTransformation and if this object contains the same XPath
- * expression as other. Otherwise false is returned.
+ * XPathTransformation and if this object contains the same
+ * XPath expression as other. Otherwise false
+ * is returned.
* @see java.lang.Object#equals(Object)
*/
+ @Override
public boolean equals(Object other) {
if (other instanceof XPathTransformation) {
- XPathTransformation transform = (XPathTransformation) other;
+ final XPathTransformation transform = (XPathTransformation) other;
return getXPathExpression().equals(transform.getXPathExpression());
}
return false;
@@ -115,6 +117,7 @@ public class XPathTransformationImpl
/**
* @see java.lang.Object#hashCode()
*/
+ @Override
public int hashCode() {
return getXPathExpression().hashCode();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java
index 9dc45fc..6c71f42 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java
@@ -45,204 +45,194 @@ import at.gv.egovernment.moaspss.util.XPathException;
import at.gv.egovernment.moaspss.util.XPathUtils;
import iaik.server.modules.xml.MOAXSecProvider;
import iaik.server.modules.xml.XSLTTransformation;
-import iaik.xml.crypto.dsig.XMLSignatureFactory;
-import iaik.xml.filter.impl.dsig.CanonInputStream;
-import iaik.xml.filter.impl.dsig.Canonicalizer;
-import iaik.xml.filter.impl.dsig.Traverser;
/**
* A Transformation containing an XSLT transformation.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class XSLTTransformationImpl extends TransformationImpl implements XSLTTransformation {
- /** The XSLT stylesheet. */
- private Element styleSheetElement;
- /**
- * The hash code of the canonicalized stylesheet. If calculated, this value
- * should be != 0.
- */
- private int hashCode;
-
- /**
- * Create a new XSLTTransformationImpl object.
- *
- * @param styleSheetElement
- * The XSLT stylesheet element.
- */
- public XSLTTransformationImpl(Element styleSheetElement) {
- setAlgorithmURI(XSLTTransformation.XSLT);
- setStyleSheetElement(styleSheetElement);
- }
-
- /**
- * Set the XSLT stylesheet element.
- *
- * @param styleSheetElement
- * The XSLT stylesheet element to set.
- */
- protected void setStyleSheetElement(Element styleSheetElement) {
- this.styleSheetElement = styleSheetElement;
- this.hashCode = 0;
- }
-
- /**
- * @see iaik.server.modules.xml.XSLTTransformation#getStylesheetElement()
- */
- public Element getStylesheetElement() {
- return styleSheetElement;
- }
-
- /**
- * Compare this XSLTTransformation to another.
- *
- * @param other
- * The object to compare this XSLTTransformation to.
- * @return true, if other is an
- * XSLTTransformation and if the canonicalized
- * representations of the stylesheets contained in this
- * and other match. Otherwise, false is
- * returned.
- * @see java.lang.Object#equals(Object)
- */
- public boolean equals(Object other) {
- if (other instanceof XSLTTransformation) {
- XSLTTransformation xslt = (XSLTTransformation) other;
-
- return compareElements(getStylesheetElement(), xslt.getStylesheetElement());
- }
- return false;
- }
-
- /**
- * @see java.lang.Object#hashCode()
- */
- public int hashCode() {
- if (hashCode == 0) {
- hashCode = calculateHashCode(getStylesheetElement());
- }
- return hashCode;
- }
-
- /**
- * Calculate the hash code for a DOM element by canonicalizing it.
- *
- * @param element
- * The DOM element for which the hash code is to be calculated.
- * @return int The hash code, or 0, if it could not be
- * calculated.
- */
- private static int calculateHashCode(Element element) {
- try {
- InputStream is = canonicalize(element);
- byte[] buf = new byte[256];
- int hashCode = 1;
- int length;
- int i;
-
- while ((length = is.read(buf)) > 0) {
- for (i = 0; i < length; i++) {
- hashCode += buf[i] * 31 + i;
- }
- }
- is.close();
- return hashCode;
- } catch (IOException e) {
- return 0;
- } catch (NoSuchAlgorithmException e) {
- return 0;
- } catch (InvalidAlgorithmParameterException e) {
- return 0;
- } catch (TransformException e) {
- return 0;
- }
- }
-
- /**
- * Compare two DOM elements by canonicalizing their contents and comparing
- * the resulting byte stream.
- *
- * @param elem1
- * The 1st element to compare.
- * @param elem2
- * The 2nd element to compare.
- * @return boolean true, if the elements are considered equal
- * after canonicalization. Otherwise false is returned.
- */
- private static boolean compareElements(Element elem1, Element elem2) {
- try {
- InputStream is1 = canonicalize(elem1);
- InputStream is2 = canonicalize(elem2);
- return StreamUtils.compareStreams(is1, is2);
- } catch (IOException e) {
- return false;
- } catch (NoSuchAlgorithmException e) {
- return false;
- } catch (InvalidAlgorithmParameterException e) {
- return false;
- } catch (TransformException e) {
- return false;
- }
- }
-
- /**
- * Canonicalize a DOM element.
+ /** The XSLT stylesheet. */
+ private Element styleSheetElement;
+ /**
+ * The hash code of the canonicalized stylesheet. If calculated, this value
+ * should be != 0.
+ */
+ private int hashCode;
+
+ /**
+ * Create a new XSLTTransformationImpl object.
+ *
+ * @param styleSheetElement The XSLT stylesheet element.
+ */
+ public XSLTTransformationImpl(Element styleSheetElement) {
+ setAlgorithmURI(XSLTTransformation.XSLT);
+ setStyleSheetElement(styleSheetElement);
+ }
+
+ /**
+ * Set the XSLT stylesheet element.
+ *
+ * @param styleSheetElement The XSLT stylesheet element to set.
+ */
+ protected void setStyleSheetElement(Element styleSheetElement) {
+ this.styleSheetElement = styleSheetElement;
+ this.hashCode = 0;
+ }
+
+ /**
+ * @see iaik.server.modules.xml.XSLTTransformation#getStylesheetElement()
+ */
+ @Override
+ public Element getStylesheetElement() {
+ return styleSheetElement;
+ }
+
+ /**
+ * Compare this XSLTTransformation to another.
+ *
+ * @param other The object to compare this XSLTTransformation to.
+ * @return true, if other is an
+ * XSLTTransformation and if the canonicalized
+ * representations of the stylesheets contained in this and
+ * other match. Otherwise, false is returned.
+ * @see java.lang.Object#equals(Object)
+ */
+ @Override
+ public boolean equals(Object other) {
+ if (other instanceof XSLTTransformation) {
+ final XSLTTransformation xslt = (XSLTTransformation) other;
+
+ return compareElements(getStylesheetElement(), xslt.getStylesheetElement());
+ }
+ return false;
+ }
+
+ /**
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode() {
+ if (hashCode == 0) {
+ hashCode = calculateHashCode(getStylesheetElement());
+ }
+ return hashCode;
+ }
+
+ /**
+ * Calculate the hash code for a DOM element by canonicalizing it.
*
+ * @param element The DOM element for which the hash code is to be calculated.
+ * @return int The hash code, or 0, if it could not be calculated.
+ */
+ private static int calculateHashCode(Element element) {
+ try {
+ final InputStream is = canonicalize(element);
+ final byte[] buf = new byte[256];
+ int hashCode = 1;
+ int length;
+ int i;
+
+ while ((length = is.read(buf)) > 0) {
+ for (i = 0; i < length; i++) {
+ hashCode += buf[i] * 31 + i;
+ }
+ }
+ is.close();
+ return hashCode;
+ } catch (final IOException e) {
+ return 0;
+ } catch (final NoSuchAlgorithmException e) {
+ return 0;
+ } catch (final InvalidAlgorithmParameterException e) {
+ return 0;
+ } catch (final TransformException e) {
+ return 0;
+ }
+ }
+
+ /**
+ * Compare two DOM elements by canonicalizing their contents and comparing the
+ * resulting byte stream.
+ *
+ * @param elem1 The 1st element to compare.
+ * @param elem2 The 2nd element to compare.
+ * @return boolean true, if the elements are considered equal after
+ * canonicalization. Otherwise false is returned.
+ */
+ private static boolean compareElements(Element elem1, Element elem2) {
+ try {
+ final InputStream is1 = canonicalize(elem1);
+ final InputStream is2 = canonicalize(elem2);
+ return StreamUtils.compareStreams(is1, is2);
+ } catch (final IOException e) {
+ return false;
+ } catch (final NoSuchAlgorithmException e) {
+ return false;
+ } catch (final InvalidAlgorithmParameterException e) {
+ return false;
+ } catch (final TransformException e) {
+ return false;
+ }
+ }
+
+ /**
+ * Canonicalize a DOM element.
+ *
* @param element The element to canonicalize.
* @return InputStream A stream with the canonicalized data.
- * @throws InvalidAlgorithmParameterException
- * @throws IOException
- * @throws TransformException
- * @throws AlgorithmException An error occurred canonicalizing the element.
+ * @throws InvalidAlgorithmParameterException
+ * @throws IOException
+ * @throws TransformException
+ * @throws AlgorithmException An error occurred canonicalizing
+ * the element.
*/
private static InputStream canonicalize(Element element)
- throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, IOException, TransformException {
- // CanonicalizationMethod canonicalizationMethod =
- // MOAXSecProvider.getXMLSignatureFactory().newCanonicalizationMethod(
- // CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec());
-
- //CanonicalizationAlgorithm c14n =
- // new CanonicalizationAlgorithmImplExclusiveCanonicalXML();
- //Traverser traverser = new Traverser(element, true, true);
- //Canonicalizer canonicalizer = new Canonicalizer(traverser, false, true, null);
-
- //return new CanonInputStream(canonicalizer);
-
- CanonicalizationMethod canonicalizationMethod =
- MOAXSecProvider.getXMLSignatureFactory().newCanonicalizationMethod(
- CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec());
-
- //CanonicalizationAlgorithm c14n =
- // new CanonicalizationAlgorithmImplExclusiveCanonicalXML();
- NodeList nodeList;
-
- try {
- nodeList = XPathUtils.selectNodeList(element,
- XPathUtils.ALL_NODES_XPATH);
- } catch (XPathException e) {
- nodeList = new NodeListAdapter(Collections.EMPTY_LIST);
- }
- //c14n.setInput(nodeList);
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- canonicalizationMethod.transform(new
- NodeListToNodeSetDataAdapter(nodeList), null, baos);
- baos.close();
- return new ByteArrayInputStream(baos.toByteArray());
- /*
- NodeList nodeList;
-
+ throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, IOException, TransformException {
+ // CanonicalizationMethod canonicalizationMethod =
+ // MOAXSecProvider.getXMLSignatureFactory().newCanonicalizationMethod(
+ // CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec());
+
+ // CanonicalizationAlgorithm c14n =
+ // new CanonicalizationAlgorithmImplExclusiveCanonicalXML();
+ // Traverser traverser = new Traverser(element, true, true);
+ // Canonicalizer canonicalizer = new Canonicalizer(traverser, false, true,
+ // null);
+
+ // return new CanonInputStream(canonicalizer);
+
+ final CanonicalizationMethod canonicalizationMethod =
+ MOAXSecProvider.getXMLSignatureFactory().newCanonicalizationMethod(
+ CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec());
+
+ // CanonicalizationAlgorithm c14n =
+ // new CanonicalizationAlgorithmImplExclusiveCanonicalXML();
+ NodeList nodeList;
+
try {
- nodeList = XPathUtils.selectNodeList(element, XPathUtils.ALL_NODES_XPATH);
- } catch (XPathException e) {
+ nodeList = XPathUtils.selectNodeList(element,
+ XPathUtils.ALL_NODES_XPATH);
+ } catch (final XPathException e) {
nodeList = new NodeListAdapter(Collections.EMPTY_LIST);
}
- //c14n.setInput(nodeList);
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ // c14n.setInput(nodeList);
+ final ByteArrayOutputStream baos = new ByteArrayOutputStream();
canonicalizationMethod.transform(new NodeListToNodeSetDataAdapter(nodeList), null, baos);
baos.close();
- return new ByteArrayInputStream(baos.toByteArray());*/
+ return new ByteArrayInputStream(baos.toByteArray());
+ /*
+ * NodeList nodeList;
+ *
+ * try { nodeList = XPathUtils.selectNodeList(element,
+ * XPathUtils.ALL_NODES_XPATH); } catch (XPathException e) { nodeList = new
+ * NodeListAdapter(Collections.EMPTY_LIST); } //c14n.setInput(nodeList);
+ * ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ * canonicalizationMethod.transform(new NodeListToNodeSetDataAdapter(nodeList),
+ * null, baos); baos.close(); return new
+ * ByteArrayInputStream(baos.toByteArray());
+ */
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java
index 310f2dd..6eb565a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java
@@ -21,19 +21,17 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xmlsign;
import java.util.List;
-import iaik.server.modules.xmlsign.DataObjectTreatment;
-
import at.gv.egovernment.moa.spss.server.util.IdGenerator;
+import iaik.server.modules.xmlsign.DataObjectTreatment;
/**
* An object encapsulating how to treat an associated DataObject
* when creating a signature.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -51,29 +49,30 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment {
/** Whether to include the associated data object in the manifest. */
private boolean referenceInManifest;
/** The object ID generator. */
- private IdGenerator objIdGen;
-
+ private final IdGenerator objIdGen;
+
/**
* Create a new DataObjectTreatmentImpl.
- *
+ *
* @param objIdGen The IdGenerator for unique object IDs.
*/
public DataObjectTreatmentImpl(IdGenerator objIdGen) {
this.objIdGen = objIdGen;
}
-
+
/**
* @see iaik.server.modules.xmlsign.DataObjectTreatment#getFinalContentType()
*/
+ @Override
public String getFinalContentType() {
return finalContentType;
}
/**
* Sets the final content type.
- *
+ *
* @param finalContentType The final content type to set (a MIME-type type of
- * String).
+ * String).
*/
public void setFinalContentType(String finalContentType) {
this.finalContentType = finalContentType;
@@ -82,13 +81,14 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment {
/**
* @see iaik.server.modules.xmlsign.DataObjectTreatment#getHashAlgorithmName()
*/
+ @Override
public String getHashAlgorithmName() {
return hashAlgorithmName;
}
/**
* Sets the hash algorithm name.
- *
+ *
* @param hashAlgorithmName The hash algorithm name to set.
*/
public void setHashAlgorithmName(String hashAlgorithmName) {
@@ -98,16 +98,18 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment {
/**
* @see iaik.server.modules.xmlsign.DataObjectTreatment#isIncludedInSignature()
*/
+ @Override
public boolean isIncludedInSignature() {
return includedInSignature;
}
/**
- * Sets whether the associated DataObject is to be included in
- * the signature.
- *
+ * Sets whether the associated DataObject is to be included in the
+ * signature.
+ *
* @param includedInSignature If true, the associated
- * DataObject will be included in the signature, otherwise not.
+ * DataObject will be included in the
+ * signature, otherwise not.
*/
public void setIncludedInSignature(boolean includedInSignature) {
this.includedInSignature = includedInSignature;
@@ -116,16 +118,18 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment {
/**
* @see iaik.server.modules.xmlsign.DataObjectTreatment#isReferenceInManifest()
*/
+ @Override
public boolean isReferenceInManifest() {
return referenceInManifest;
}
/**
- * Sets whether the associated DataObject is
- * to be included in the dsig:Manifest.
- *
+ * Sets whether the associated DataObject is to be included in the
+ * dsig:Manifest.
+ *
* @param referenceInManifest If true, the associated
- * DataObject will be included in the manifest, otherwise not.
+ * DataObject will be included in the
+ * manifest, otherwise not.
*/
public void setReferenceInManifest(boolean referenceInManifest) {
this.referenceInManifest = referenceInManifest;
@@ -134,13 +138,14 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment {
/**
* @see iaik.server.modules.xmlsign.DataObjectTreatment#getTransformationList()
*/
+ @Override
public List getTransformationList() {
return transformationList;
}
/**
* Set the list of transformations for the associated DataObject.
- *
+ *
* @param transformationList The transformations to set.
*/
public void setTransformationList(List transformationList) {
@@ -150,6 +155,7 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment {
/**
* @see iaik.server.modules.xmlsign.DataObjectTreatment#getTransformationSupplements()
*/
+ @Override
public List getTransformationSupplements() {
return transformationSupplements;
}
@@ -157,16 +163,17 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment {
/**
* Sets the transformation supplements for the associated
* DataObject.
- *
+ *
* @param transformationSupplements The transformation supplements to set.
*/
public void setTransformationSupplements(List transformationSupplements) {
this.transformationSupplements = transformationSupplements;
}
-
+
/**
* @see iaik.server.modules.xmlsign.DataObjectTreatment#getDsigDataObjectID()
*/
+ @Override
public String getDsigDataObjectID() {
return objIdGen.uniqueId();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
index 9d6e3d2..516e3d8 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
@@ -21,9 +21,16 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xmlsign;
+import java.util.List;
+import java.util.Set;
+
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.server.util.IdGenerator;
+import at.gv.egovernment.moaspss.logging.Logger;
import iaik.server.modules.algorithms.SignatureAlgorithms;
import iaik.server.modules.keys.AlgorithmUnavailableException;
import iaik.server.modules.keys.KeyEntryID;
@@ -34,23 +41,14 @@ import iaik.server.modules.xml.Canonicalization;
import iaik.server.modules.xmlsign.XMLSignatureCreationProfile;
import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation;
-import java.util.List;
-import java.util.Set;
-
-import at.gv.egovernment.moa.spss.server.logging.TransactionId;
-import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
-import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
-import at.gv.egovernment.moa.spss.server.util.IdGenerator;
-import at.gv.egovernment.moaspss.logging.Logger;
-
/**
* An object providing auxiliary information for creating an XML signature.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class XMLSignatureCreationProfileImpl
- implements XMLSignatureCreationProfile {
+ implements XMLSignatureCreationProfile {
/** The transformations to apply to a data object. */
private List dataObjectTreatmentList;
@@ -58,7 +56,7 @@ public class XMLSignatureCreationProfileImpl
private Set keySet;
/** The type URI of the signature manifest. */
private String securityLayerManifestTypeURI;
- /** Whether the created signature is to be Security Layer conform. */
+ /** Whether the created signature is to be Security Layer conform. */
private boolean securityLayerConform;
/** Where to insert the signature into the signature environment. */
private XMLSignatureInsertionLocation signatureInsertionLocation;
@@ -66,55 +64,55 @@ public class XMLSignatureCreationProfileImpl
private String signatureStructureType;
/** The type of Canonicalization to use for the signed info. */
private Canonicalization signedInfoCanonicalization;
- /** Properties to be signed during signature creation. */
+ /** Properties to be signed during signature creation. */
private List signedProperties;
/** The ID generator for signature IDs. */
- private IdGenerator signatureIDGenerator;
+ private final IdGenerator signatureIDGenerator;
/** The ID generator for manifst IDs. */
- private IdGenerator manifestIDGenerator;
+ private final IdGenerator manifestIDGenerator;
/** The ID generator for XMLDsig manifest IDs. */
- private IdGenerator dsigManifestIDGenerator;
+ private final IdGenerator dsigManifestIDGenerator;
/** The ID generator for signed property IDs. */
- private IdGenerator propertyIDGenerator;
- /** The selected digest method algorithm if XAdES 1.4.2 is used */
- private String digestMethodXAdES142;
-
-
+ private final IdGenerator propertyIDGenerator;
+ /** The selected digest method algorithm if XAdES 1.4.2 is used */
+ private final String digestMethodXAdES142;
+
/**
* Create a new XMLSignatureCreationProfileImpl.
- *
- * @param createProfileCount Provides external information about the
- * number of calls to the signature creation module, using the same request.
- * @param reservedIDs The set of IDs that must not be used while generating
- * new IDs.
+ *
+ * @param createProfileCount Provides external information about the number of
+ * calls to the signature creation module, using the
+ * same request.
+ * @param reservedIDs The set of IDs that must not be used while
+ * generating new IDs.
*/
public XMLSignatureCreationProfileImpl(
- int createProfileCount,
- Set reservedIDs,
- String digestMethodXAdES142) {
+ int createProfileCount,
+ Set reservedIDs,
+ String digestMethodXAdES142) {
signatureIDGenerator =
- new IdGenerator("signature-" + createProfileCount, reservedIDs);
+ new IdGenerator("signature-" + createProfileCount, reservedIDs);
manifestIDGenerator =
- new IdGenerator("manifest-" + createProfileCount, reservedIDs);
+ new IdGenerator("manifest-" + createProfileCount, reservedIDs);
dsigManifestIDGenerator =
- new IdGenerator("dsig-manifest-" + createProfileCount, reservedIDs);
+ new IdGenerator("dsig-manifest-" + createProfileCount, reservedIDs);
propertyIDGenerator =
- new IdGenerator("etsi-signed-" + createProfileCount, reservedIDs);
+ new IdGenerator("etsi-signed-" + createProfileCount, reservedIDs);
this.digestMethodXAdES142 = digestMethodXAdES142;
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getDataObjectTreatmentList()
*/
+ @Override
public List getDataObjectTreatmentList() {
return dataObjectTreatmentList;
}
/**
* Sets the list of DataObjectTreatments.
- *
- * @param dataObjectTreatmentList The DataObjectTreatments to
- * set.
+ *
+ * @param dataObjectTreatmentList The DataObjectTreatments to set.
*/
public void setDataObjectTreatmentList(List dataObjectTreatmentList) {
this.dataObjectTreatmentList = dataObjectTreatmentList;
@@ -123,6 +121,7 @@ public class XMLSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getKeySet()
*/
+ @Override
public Set getKeySet() {
return keySet;
}
@@ -130,7 +129,7 @@ public class XMLSignatureCreationProfileImpl
/**
* Set the set of KeyEntryIDs which may be used for signature
* creation.
- *
+ *
* @param keySet The set of KeyEntryIDs to set.
*/
public void setKeySet(Set keySet) {
@@ -140,15 +139,15 @@ public class XMLSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSecurityLayerManifestTypeURI()
*/
+ @Override
public String getSecurityLayerManifestTypeURI() {
return securityLayerManifestTypeURI;
}
/**
* Set the SecurityLayerManifestTypeURI.
- *
- * @param securityLayerManifestTypeURI The SecurityLayerManifestTypeURI to
- * set.
+ *
+ * @param securityLayerManifestTypeURI The SecurityLayerManifestTypeURI to set.
*/
public void setSecurityLayerManifestTypeURI(String securityLayerManifestTypeURI) {
this.securityLayerManifestTypeURI = securityLayerManifestTypeURI;
@@ -157,132 +156,131 @@ public class XMLSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureAlgorithmName(KeyEntryID)
*/
+ @Override
public String getSignatureAlgorithmName(KeyEntryID selectedKeyID)
- throws AlgorithmUnavailableException {
+ throws AlgorithmUnavailableException {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- TransactionId tid = new TransactionId(context.getTransactionID());
- KeyModule module = KeyModuleFactory.getInstance(tid);
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final TransactionId tid = new TransactionId(context.getTransactionID());
+ final KeyModule module = KeyModuleFactory.getInstance(tid);
Set algorithms;
try {
algorithms = module.getSupportedSignatureAlgorithms(selectedKeyID);
- } catch (UnknownKeyException e) {
+ } catch (final UnknownKeyException e) {
throw new AlgorithmUnavailableException(
- "Unknown key entry: " + selectedKeyID,
- e,
- null);
+ "Unknown key entry: " + selectedKeyID,
+ e,
+ null);
}
-
+
if (digestMethodXAdES142 == null) {
- // XAdES 1.4.2 not enabled - legacy MOA
- if (algorithms.contains(SignatureAlgorithms.MD2_WITH_RSA)
- || algorithms.contains(SignatureAlgorithms.MD5_WITH_RSA)
- || algorithms.contains(SignatureAlgorithms.RIPEMD128_WITH_RSA)
- || algorithms.contains(SignatureAlgorithms.RIPEMD160_WITH_RSA)
- || algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)
- || algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
-
- return SignatureAlgorithms.SHA1_WITH_RSA;
- } else if (
- algorithms.contains(SignatureAlgorithms.ECDSA)) {
- return SignatureAlgorithms.ECDSA;
- } else if (
- algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
+ // XAdES 1.4.2 not enabled - legacy MOA
+ if (algorithms.contains(SignatureAlgorithms.MD2_WITH_RSA)
+ || algorithms.contains(SignatureAlgorithms.MD5_WITH_RSA)
+ || algorithms.contains(SignatureAlgorithms.RIPEMD128_WITH_RSA)
+ || algorithms.contains(SignatureAlgorithms.RIPEMD160_WITH_RSA)
+ || algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)
+ || algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
+
+ return SignatureAlgorithms.SHA1_WITH_RSA;
+ } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) {
+ return SignatureAlgorithms.ECDSA;
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else {
+ // XAdES 1.4.2 is enabled: select signature algorithm according to selected
+ // digest method
+ if (digestMethodXAdES142.compareTo("SHA-1") == 0) {
+ Logger.warn(
+ "XAdES version 1.4.2 is enabled, but SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)");
+
+ if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) {
+ return SignatureAlgorithms.SHA1_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) {
+ return SignatureAlgorithms.ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
} else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
}
+
+ } else if (digestMethodXAdES142.compareTo("SHA-256") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
+ return SignatureAlgorithms.SHA256_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA256_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else if (digestMethodXAdES142.compareTo("SHA-384") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) {
+ return SignatureAlgorithms.SHA384_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA384_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else if (digestMethodXAdES142.compareTo("SHA-512") == 0) {
+ if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) {
+ return SignatureAlgorithms.SHA512_WITH_RSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) {
+ return SignatureAlgorithms.SHA512_WITH_ECDSA;
+
+ } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
+ return SignatureAlgorithms.DSA;
+
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No algorithm for key entry: " + selectedKeyID,
+ null,
+ null);
+ }
+ } else {
+ throw new AlgorithmUnavailableException(
+ "No signature algorithm found for digest algorithm '" + digestMethodXAdES142,
+ null,
+ null);
+ }
+
}
- else {
- // XAdES 1.4.2 is enabled: select signature algorithm according to selected digest method
- if (digestMethodXAdES142.compareTo("SHA-1") == 0) {
- Logger.warn("XAdES version 1.4.2 is enabled, but SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)");
-
- if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) {
- return SignatureAlgorithms.SHA1_WITH_RSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) {
- return SignatureAlgorithms.ECDSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
-
- } else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
- }
-
- } else if (digestMethodXAdES142.compareTo("SHA-256") == 0) {
- if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
- return SignatureAlgorithms.SHA256_WITH_RSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) {
- return SignatureAlgorithms.SHA256_WITH_ECDSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
-
- } else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
- }
- } else if (digestMethodXAdES142.compareTo("SHA-384") == 0) {
- if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) {
- return SignatureAlgorithms.SHA384_WITH_RSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) {
- return SignatureAlgorithms.SHA384_WITH_ECDSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
-
- } else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
- }
- } else if (digestMethodXAdES142.compareTo("SHA-512") == 0) {
- if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) {
- return SignatureAlgorithms.SHA512_WITH_RSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) {
- return SignatureAlgorithms.SHA512_WITH_ECDSA;
-
- } else if (algorithms.contains(SignatureAlgorithms.DSA)) {
- return SignatureAlgorithms.DSA;
-
- } else {
- throw new AlgorithmUnavailableException(
- "No algorithm for key entry: " + selectedKeyID,
- null,
- null);
- }
- }
- else {
- throw new AlgorithmUnavailableException(
- "No signature algorithm found for digest algorithm '" + digestMethodXAdES142,
- null,
- null);
- }
-
- }
-
}
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureInsertionLocation()
*/
+ @Override
public XMLSignatureInsertionLocation getSignatureInsertionLocation() {
return signatureInsertionLocation;
}
@@ -290,7 +288,7 @@ public class XMLSignatureCreationProfileImpl
/**
* Set the location where the signature is to be inserted into the signature
* parent.
- *
+ *
* @param signatureInsertionLocation The location to set.
*/
public void setSignatureInsertionLocation(XMLSignatureInsertionLocation signatureInsertionLocation) {
@@ -300,12 +298,14 @@ public class XMLSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureStructureType()
*/
+ @Override
public String getSignatureStructureType() {
return signatureStructureType;
}
/**
* Set the signature structure type.
+ *
* @param signatureStructureType The signature structure type to set.
*/
public void setSignatureStructureType(String signatureStructureType) {
@@ -315,13 +315,14 @@ public class XMLSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedInfoCanonicalization()
*/
+ @Override
public Canonicalization getSignedInfoCanonicalization() {
return signedInfoCanonicalization;
}
/**
* Sets the canonicalization method to use for the SignedInfo object.
- *
+ *
* @param signedInfoCanonicalization The canonicalization method to set.
*/
public void setSignedInfoCanonicalization(Canonicalization signedInfoCanonicalization) {
@@ -331,13 +332,14 @@ public class XMLSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedProperties()
*/
+ @Override
public List getSignedProperties() {
return signedProperties;
}
/**
* Set the signed properties.
- *
+ *
* @param signedProperties The signed properties to set.
*/
public void setSignedProperties(List signedProperties) {
@@ -347,15 +349,16 @@ public class XMLSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#isSecurityLayerConform()
*/
+ @Override
public boolean isSecurityLayerConform() {
return securityLayerConform;
}
/**
* Sets the security layer conformity.
- *
- * @param securityLayerConform true, if the created signature
- * is to be conform to the Security Layer specification.
+ *
+ * @param securityLayerConform true, if the created signature is to
+ * be conform to the Security Layer specification.
*/
public void setSecurityLayerConform(boolean securityLayerConform) {
this.securityLayerConform = securityLayerConform;
@@ -364,6 +367,7 @@ public class XMLSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureID()
*/
+ @Override
public String getSignatureID() {
return signatureIDGenerator.uniqueId();
}
@@ -371,6 +375,7 @@ public class XMLSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSecurityLayerManifestID()
*/
+ @Override
public String getSecurityLayerManifestID() {
return manifestIDGenerator.uniqueId();
}
@@ -378,6 +383,7 @@ public class XMLSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getDsigManifestID()
*/
+ @Override
public String getDsigManifestID() {
return dsigManifestIDGenerator.uniqueId();
}
@@ -385,13 +391,15 @@ public class XMLSignatureCreationProfileImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedPropertiesID()
*/
+ @Override
public String getSignedPropertiesID() {
return propertyIDGenerator.uniqueId();
}
-
+
/**
* @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getPermitFileURIs()
*/
+ @Override
public boolean getPermitFileURIs() {
return false;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java
index 90c1f49..a5290a7 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java
@@ -21,29 +21,28 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xmlsign;
import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation;
/**
- * An object giving the location of where the signature will be
- * inserted into the parent element.
- *
+ * An object giving the location of where the signature will be inserted into
+ * the parent element.
+ *
* @author Patrick Peck
* @version $Id$
*/
public class XMLSignatureInsertionLocationImpl
- implements XMLSignatureInsertionLocation {
+ implements XMLSignatureInsertionLocation {
/** Where to put the signature into the signature parent element. */
private int signatureChildIndex;
-
+
/**
* Create a new XMLSignatureInsertLocationImpl.
- *
+ *
* @param signatureChildIndex The position index at which to append the
- * signature to the parent element.
+ * signature to the parent element.
*/
public XMLSignatureInsertionLocationImpl(int signatureChildIndex) {
setSignatureChildIndex(signatureChildIndex);
@@ -52,6 +51,7 @@ public class XMLSignatureInsertionLocationImpl
/**
* @see iaik.server.modules.xmlsign.XMLSignatureInsertionLocation#getSignatureChildIndex()
*/
+ @Override
public int getSignatureChildIndex() {
return signatureChildIndex;
}
@@ -59,7 +59,7 @@ public class XMLSignatureInsertionLocationImpl
/**
* Sets the position index at which to append the signature to the parent
* element.
- *
+ *
* @param signatureChildIndex The position index to set.
*/
public void setSignatureChildIndex(int signatureChildIndex) {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java
index 0ad3d79..6e4883f 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java
@@ -21,22 +21,22 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.xmlverify;
import java.util.List;
import iaik.pki.PKIProfile;
+import iaik.server.modules.SignatureVerificationProfile;
import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile;
/**
* An object providing auxiliary information for verifying an XML signature.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class XMLSignatureVerificationProfileImpl
- implements XMLSignatureVerificationProfile {
+ implements XMLSignatureVerificationProfile {
/** Whether to check the Security Layer manifest. */
private boolean checkSecurityLayerManifest;
@@ -52,18 +52,20 @@ public class XMLSignatureVerificationProfileImpl
private boolean includeReferenceInputData;
/** Whether the file URIs are permitted */
private boolean permitFileURIs;
+
/**
* @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#checkSecurityLayerManifest()
*/
+ @Override
public boolean checkSecurityLayerManifest() {
return checkSecurityLayerManifest;
}
/**
* Set whether to check the references in the Security Layer manifest.
- *
- * @param checkSecurityLayerManifest true, if the references
- * in the Security Layer manifest must be checked.
+ *
+ * @param checkSecurityLayerManifest true, if the references in the
+ * Security Layer manifest must be checked.
*/
public void setCheckSecurityLayerManifest(boolean checkSecurityLayerManifest) {
this.checkSecurityLayerManifest = checkSecurityLayerManifest;
@@ -72,15 +74,16 @@ public class XMLSignatureVerificationProfileImpl
/**
* @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#checkXMLDsigManifests()
*/
+ @Override
public boolean checkXMLDsigManifests() {
return checkXMLDsigManifests;
}
/**
* Sets whether to check the references of all XML Dsig manifests.
- *
- * @param checkXMLDSigManifests true, if the references in the
- * XML Dsig manifest must be checked.
+ *
+ * @param checkXMLDSigManifests true, if the references in the XML
+ * Dsig manifest must be checked.
*/
public void setCheckXMLDsigManifests(boolean checkXMLDSigManifests) {
this.checkXMLDsigManifests = checkXMLDSigManifests;
@@ -89,15 +92,16 @@ public class XMLSignatureVerificationProfileImpl
/**
* @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getCertificateValidationProfile()
*/
+ @Override
public PKIProfile getCertificateValidationProfile() {
return certificateValidationProfile;
}
/**
* Sets the profile for validating the signer certificate.
- *
+ *
* @param certificateValidationProfile The certificate validation profile to
- * set.
+ * set.
*/
public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) {
this.certificateValidationProfile = certificateValidationProfile;
@@ -106,13 +110,14 @@ public class XMLSignatureVerificationProfileImpl
/**
* @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getTransformationSupplements()
*/
+ @Override
public List getTransformationSupplements() {
return transformationSupplements;
}
/**
* Sets the transformation supplements.
- *
+ *
* @param transformationSupplements The transformation supplements to set.
*/
public void setTransformationSupplements(List transformationSupplements) {
@@ -122,15 +127,16 @@ public class XMLSignatureVerificationProfileImpl
/**
* @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#includeHashInputData()
*/
+ @Override
public boolean includeHashInputData() {
return includeHashInputData;
}
/**
* Set whether to include the hash input data in the result.
- *
- * @param includeHashInputData If true, the hash input data
- * will be returned in the result.
+ *
+ * @param includeHashInputData If true, the hash input data will be
+ * returned in the result.
*/
public void setIncludeHashInputData(boolean includeHashInputData) {
this.includeHashInputData = includeHashInputData;
@@ -139,39 +145,40 @@ public class XMLSignatureVerificationProfileImpl
/**
* @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#includeReferenceInputData()
*/
+ @Override
public boolean includeReferenceInputData() {
return includeReferenceInputData;
}
/**
* Set whether to include the reference input data in the result.
- *
- * @param includeReferenceInputData If true, the reference
- * input data will be included in the result.
+ *
+ * @param includeReferenceInputData If true, the reference input
+ * data will be included in the result.
*/
public void setIncludeReferenceInputData(boolean includeReferenceInputData) {
this.includeReferenceInputData = includeReferenceInputData;
}
-
+
/**
- * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getPermitFileURIs()
+ * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getPermitFileURIs()
*/
+ @Override
public boolean getPermitFileURIs() {
return permitFileURIs;
}
-
+
/**
* Set whether the file URIs are permitted or not
- *
+ *
* @param permitFileURIs whether the file URIs are permitted or not
*/
- public void setPermitFileURIs(boolean permitFileURIs)
- {
+ public void setPermitFileURIs(boolean permitFileURIs) {
this.permitFileURIs = permitFileURIs;
}
@Override
public String getTargetLevel() {
- return XMLSignatureVerificationProfile.LEVEL_LTA;
+ return SignatureVerificationProfile.LEVEL_LTA;
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ConfiguratorImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ConfiguratorImpl.java
index 32654d4..5726220 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ConfiguratorImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ConfiguratorImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.init;
import at.gv.egovernment.moa.spss.MOAException;
@@ -33,7 +32,7 @@ import iaik.server.ConfigurationData;
/**
* Default implementation of Configurator.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -42,41 +41,44 @@ public class ConfiguratorImpl extends Configurator {
private boolean initialized = false;
StartupConfigurationHolder result;
-
+
+ @Override
public StartupConfigurationHolder getCurrentConfiguration() {
- return result;
-
+ return result;
+
}
-
+
+ @Override
public StartupConfigurationHolder init() throws MOAException {
if (!initialized) {
result = SystemInitializer.init();
initialized = true;
-
+
}
-
+
return result;
-
+
}
+ @Override
public StartupConfigurationHolder update() throws MOAException {
if (!initialized) {
return null;
}
-
- try {
+
+ try {
// reconfigure the system
- ConfigurationProvider config = ConfigurationProvider.reload();
- ConfigurationData iaikConfig = new IaikConfigurator().configure(config);
+ final ConfigurationProvider config = ConfigurationProvider.reload();
+ final ConfigurationData iaikConfig = new IaikConfigurator().configure(config);
result = new StartupConfigurationHolder(config, iaikConfig);
return result;
-
- } catch (MOAException e) {
+
+ } catch (final MOAException e) {
throw e;
-
- } catch (Throwable t) {
+
+ } catch (final Throwable t) {
throw new ConfigurationException("MOA-SPSS initialization FAILED with a generic error", null, t);
-
+
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ExternalInitializer.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ExternalInitializer.java
index 692ee53..73a183f 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ExternalInitializer.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/ExternalInitializer.java
@@ -3,5 +3,5 @@ package at.gv.egovernment.moa.spss.server.init;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
public interface ExternalInitializer {
- public void initialize(ConfigurationProvider configurationProvider);
+ void initialize(ConfigurationProvider configurationProvider);
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/StartupConfigurationHolder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/StartupConfigurationHolder.java
index 229a8b2..903b08b 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/StartupConfigurationHolder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/StartupConfigurationHolder.java
@@ -4,39 +4,37 @@ import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import iaik.server.ConfigurationData;
public class StartupConfigurationHolder {
-
- private final ConfigurationProvider moaSpssConfig;
- private final ConfigurationData iaikConfiguration;
-
- /**
- * Holder for IAIK and MOA-SPSS related configuration object.
- *
- * @param config MOA-SPSS specific configuration
- * @param iaikConfig Internal IAIK module configuration
- */
- public StartupConfigurationHolder(ConfigurationProvider config, ConfigurationData iaikConfig) {
- this.moaSpssConfig = config;
- this.iaikConfiguration = iaikConfig;
- }
- /**
- * Get MOA-SPSS configuration object from start-up process.
- *
- * @return MOA-SPSS configuration
- */
- public ConfigurationProvider getMoaSpssConfig() {
- return moaSpssConfig;
- }
+ private final ConfigurationProvider moaSpssConfig;
+ private final ConfigurationData iaikConfiguration;
- /**
- * Get configuration object for IAIK modules from start-up process.
- *
- * @return IAIK module configuration
- */
- public ConfigurationData getIaikConfiguration() {
- return iaikConfiguration;
- }
-
-
+ /**
+ * Holder for IAIK and MOA-SPSS related configuration object.
+ *
+ * @param config MOA-SPSS specific configuration
+ * @param iaikConfig Internal IAIK module configuration
+ */
+ public StartupConfigurationHolder(ConfigurationProvider config, ConfigurationData iaikConfig) {
+ this.moaSpssConfig = config;
+ this.iaikConfiguration = iaikConfig;
+ }
+
+ /**
+ * Get MOA-SPSS configuration object from start-up process.
+ *
+ * @return MOA-SPSS configuration
+ */
+ public ConfigurationProvider getMoaSpssConfig() {
+ return moaSpssConfig;
+ }
+
+ /**
+ * Get configuration object for IAIK modules from start-up process.
+ *
+ * @return IAIK module configuration
+ */
+ public ConfigurationData getIaikConfiguration() {
+ return iaikConfiguration;
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
index 25bb6d9..a1bb145 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
@@ -21,13 +21,11 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.init;
import java.io.IOException;
import java.util.Calendar;
import java.util.Date;
-import java.util.GregorianCalendar;
import java.util.Iterator;
import java.util.ServiceLoader;
import java.util.Timer;
@@ -39,7 +37,6 @@ import at.gv.egovernment.moa.spss.MOAException;
import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
-import at.gv.egovernment.moa.spss.server.iaik.config.LoggerConfigImpl;
import at.gv.egovernment.moa.spss.server.service.RevocationArchiveCleaner;
import at.gv.egovernment.moa.spss.tsl.TSLServiceFactory;
import at.gv.egovernment.moa.spss.tsl.timer.TSLUpdaterTimerTask;
@@ -56,7 +53,7 @@ import iaik.utils.RFC2253NameParser;
/**
* MOA SP/SS web service initialization.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -67,40 +64,40 @@ public class SystemInitializer {
private static final String LOGGING_HIERARCHY = "moa.spss.server";
/** Whether XML schema grammars have been initialized. */
private static boolean grammarsInitialized = false;
-
+
private static final org.slf4j.Logger logger = LoggerFactory.getLogger(SystemInitializer.class);
- private static ServiceLoader initializerServices =
- ServiceLoader.load(ExternalInitializer.class);
+ private static ServiceLoader initializerServices =
+ ServiceLoader.load(ExternalInitializer.class);
private static ConfigurationData iaikConfiguration;
private static ConfigurationProvider config;
-
-
+
private static void runInitializer(ConfigurationProvider configurationProvider) {
- Iterator initializerIterator = initializerServices.iterator();
- logger.info("Running external initializers");
- while(initializerIterator.hasNext()) {
- ExternalInitializer externalInitializer = initializerIterator.next();
- externalInitializer.initialize(configurationProvider);
- }
+ final Iterator initializerIterator = initializerServices.iterator();
+ logger.info("Running external initializers");
+ while (initializerIterator.hasNext()) {
+ final ExternalInitializer externalInitializer = initializerIterator.next();
+ externalInitializer.initialize(configurationProvider);
+ }
}
-
+
/**
* Initialize the MOA SP/SS webservice.
- * @return
+ *
+ * @return
*/
public static StartupConfigurationHolder init() {
-
- logger.info("##############################################################################");
- logger.info("##############################################################################");
- logger.info("### ###");
- logger.info("### LOADING MOA-SPSS ###");
- logger.info("### ================ ###");
- logger.info("### ###");
- logger.info("##############################################################################");
- logger.info("##############################################################################");
-
- MessageProvider msg = MessageProvider.getInstance();
+
+ logger.info("##############################################################################");
+ logger.info("##############################################################################");
+ logger.info("### ###");
+ logger.info("### LOADING MOA-SPSS ###");
+ logger.info("### ================ ###");
+ logger.info("### ###");
+ logger.info("##############################################################################");
+ logger.info("##############################################################################");
+
+ final MessageProvider msg = MessageProvider.getInstance();
Thread archiveCleaner;
@@ -109,96 +106,93 @@ public class SystemInitializer {
// set up a logging context for logging the startup
LoggingContextManager.getInstance().setLoggingContext(
- new LoggingContext("startup"));
-
+ new LoggingContext("startup"));
+
// AxisProperties.setProperty("enableNamespacePrefixOptimization","false");
// AxisProperties.setProperty("disablePrettyXML", "true");
// AxisProperties.setProperty("axis.doAutoTypes", "true");
-
- // initialize preparsed Xerces grammar pool for faster XML
+
+ // initialize preparsed Xerces grammar pool for faster XML
// parsing/validating
try {
if (!grammarsInitialized) {
- Class clazz = SystemInitializer.class;
+ final Class clazz = SystemInitializer.class;
// preparse XML schema
DOMUtils.addSchemaToPool(
- clazz.getResourceAsStream(Constants.XML_SCHEMA_LOCATION),
- Constants.XML_NS_URI);
+ clazz.getResourceAsStream(Constants.XML_SCHEMA_LOCATION),
+ Constants.XML_NS_URI);
// preparse XMLDsig Filter2 schema
DOMUtils.addSchemaToPool(
- clazz.getResourceAsStream(Constants.DSIG_FILTER2_SCHEMA_LOCATION),
- Constants.DSIG_FILTER2_NS_URI);
+ clazz.getResourceAsStream(Constants.DSIG_FILTER2_SCHEMA_LOCATION),
+ Constants.DSIG_FILTER2_NS_URI);
// preparse XMLDsig schema
DOMUtils.addSchemaToPool(
- clazz.getResourceAsStream(Constants.DSIG_SCHEMA_LOCATION),
- Constants.DSIG_NS_URI);
+ clazz.getResourceAsStream(Constants.DSIG_SCHEMA_LOCATION),
+ Constants.DSIG_NS_URI);
// preparse MOA schema
DOMUtils.addSchemaToPool(
- clazz.getResourceAsStream(Constants.MOA_SCHEMA_LOCATION),
- Constants.MOA_NS_URI);
+ clazz.getResourceAsStream(Constants.MOA_SCHEMA_LOCATION),
+ Constants.MOA_NS_URI);
grammarsInitialized = true;
}
- } catch (IOException e) {
+ } catch (final IOException e) {
Logger.warn(new LogMsg(msg.getMessage("init.04", null)), e);
}
-
+
// initialize configuration
try {
- Logger.info("Initialize MOA-SP/SS configuration ... ");
- config = ConfigurationProvider.getInstance();
-
- //initialize TSL module
- TSLConfiguration moaSPTslConfig = config.getTSLConfiguration();
- if (moaSPTslConfig != null) {
- Logger.debug("Starting TSL-Service initialization ... ");
- TslConfigurationImpl tslConfig = new TslConfigurationImpl();
- tslConfig.setEuTslURL(moaSPTslConfig.getEuTSLUrl());
- tslConfig.setTslWorkingDirectory(moaSPTslConfig.getWorkingDirectory());
- tslConfig.setNetworkReadTimeout(config.getReadTimeout() / 1000);
-
- Logger.info(new LogMsg(msg.getMessage("config.41", null)));
- TSLServiceFactory.initialize(tslConfig);
- Logger.info("TSL-Service client initialization finished");
-
- //initialize TSL Update Task
- initTSLUpdateTask(moaSPTslConfig);
-
- }
-
- Logger.info("Register additional RFC2253 Object identifier");
- RFC2253NameParser.register(
- "organizationIdentifier",
- new ObjectID("2.5.4.97", "organizationIdentifier", (String) null, false));
-
-
- Logger.info("Building IAIK-MOA configuration ... ");
- iaikConfiguration = new IaikConfigurator().configure(config);
-
-
- runInitializer(config);
- Logger.info(new LogMsg(msg.getMessage("init.01", null)));
-
-
- } catch (MOAException e) {
- Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
- throw new RuntimeException(e);
-
- } catch (Throwable e) {
- Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
- throw new RuntimeException(e);
-
- }
-
+ Logger.info("Initialize MOA-SP/SS configuration ... ");
+ config = ConfigurationProvider.getInstance();
+
+ // initialize TSL module
+ final TSLConfiguration moaSPTslConfig = config.getTSLConfiguration();
+ if (moaSPTslConfig != null) {
+ Logger.debug("Starting TSL-Service initialization ... ");
+ final TslConfigurationImpl tslConfig = new TslConfigurationImpl();
+ tslConfig.setEuTslURL(moaSPTslConfig.getEuTSLUrl());
+ tslConfig.setTslWorkingDirectory(moaSPTslConfig.getWorkingDirectory());
+ tslConfig.setNetworkReadTimeout(config.getReadTimeout() / 1000);
+
+ Logger.info(new LogMsg(msg.getMessage("config.41", null)));
+ TSLServiceFactory.initialize(tslConfig);
+ Logger.info("TSL-Service client initialization finished");
+
+ // initialize TSL Update Task
+ initTSLUpdateTask(moaSPTslConfig);
+
+ }
+
+ Logger.info("Register additional RFC2253 Object identifier");
+ RFC2253NameParser.register(
+ "organizationIdentifier",
+ new ObjectID("2.5.4.97", "organizationIdentifier", (String) null, false));
+
+ Logger.info("Building IAIK-MOA configuration ... ");
+ iaikConfiguration = new IaikConfigurator().configure(config);
+
+ runInitializer(config);
+ Logger.info(new LogMsg(msg.getMessage("init.01", null)));
+
+ } catch (final MOAException e) {
+ Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
+ throw new RuntimeException(e);
+
+ } catch (final Throwable e) {
+ Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
+ throw new RuntimeException(e);
+
+ }
+
// CHANGE IXSIL to XSECT
// set IXSIL debug output
- //IXSILInit.setPrintDebugLog(
- // Logger.isDebugEnabled(IaikLog.IAIK_LOG_HIERARCHY));
- //Logger.info("Registering XSECT");
- //XSecProvider.addAsProvider(true);
-
+ // IXSILInit.setPrintDebugLog(
+ // Logger.isDebugEnabled(IaikLog.IAIK_LOG_HIERARCHY));
+ // Logger.info("Registering XSECT");
+ // XSecProvider.addAsProvider(true);
+
// start the archive cleanup thread
archiveCleaner =
- new Thread(new RevocationArchiveCleaner(ARCHIVE_CLEANUP_INTERVAL));
+ new Thread(new RevocationArchiveCleaner(ARCHIVE_CLEANUP_INTERVAL));
archiveCleaner.setName("RevocationArchiveCleaner");
archiveCleaner.setDaemon(true);
archiveCleaner.setPriority(Thread.MIN_PRIORITY);
@@ -209,56 +203,57 @@ public class SystemInitializer {
logger.info("==============================================================================");
logger.info("=== CONFIGURATION DONE ===");
logger.info("==============================================================================");
-
-
+
return new StartupConfigurationHolder(config, iaikConfiguration);
-
+
}
-
+
/**
* Get configuration object from IAIK modules.
- *
+ *
* @return Configuration or null of it was not configurated yet
*/
public static ConfigurationData getIaikConfiguration() {
- return iaikConfiguration;
-
+ return iaikConfiguration;
+
}
-
+
private static void initTSLUpdateTask(TSLConfiguration tslconfig) {
- MessageProvider msg = MessageProvider.getInstance();
- if (tslconfig != null) {
- // get start time and period from config
- long period = tslconfig.getUpdateSchedulePeriod();
- Date startConfig = tslconfig.getUpdateScheduleStartTime();
-
- // get hh:mm:ss from config date
- Calendar calendar = GregorianCalendar.getInstance(); // creates a new calendar instance
- calendar.setTime(startConfig); // assigns calendar to given date
- int hour = calendar.get(Calendar.HOUR_OF_DAY);
- int min = calendar.get(Calendar.MINUTE);
- int sec = calendar.get(Calendar.SECOND);
-
- // create date with today and time from config
- Calendar cal = Calendar.getInstance();
- Date now = cal.getTime();
- cal.set(Calendar.HOUR_OF_DAY, hour);
- cal.set(Calendar.MINUTE, min);
- cal.set(Calendar.SECOND, sec);
-
- // proposed start time
- Date start = cal.getTime();
-
- // if start time has already passed today - add one day (86400000 milliseconds = 1 day)
- if (start.before(now))
- start = new Date(start.getTime() + 86400000);
-
- Logger.debug(new LogMsg(msg.getMessage("config.46", new String[]{start.toString(), "" + period})));
-
- // start TSL updater task
- Timer timer = new Timer("TSL_DB_Updater");
- timer.schedule(new TSLUpdaterTimerTask(), start, period);
+ final MessageProvider msg = MessageProvider.getInstance();
+ if (tslconfig != null) {
+ // get start time and period from config
+ final long period = tslconfig.getUpdateSchedulePeriod();
+ final Date startConfig = tslconfig.getUpdateScheduleStartTime();
+
+ // get hh:mm:ss from config date
+ final Calendar calendar = Calendar.getInstance(); // creates a new calendar instance
+ calendar.setTime(startConfig); // assigns calendar to given date
+ final int hour = calendar.get(Calendar.HOUR_OF_DAY);
+ final int min = calendar.get(Calendar.MINUTE);
+ final int sec = calendar.get(Calendar.SECOND);
+
+ // create date with today and time from config
+ final Calendar cal = Calendar.getInstance();
+ final Date now = cal.getTime();
+ cal.set(Calendar.HOUR_OF_DAY, hour);
+ cal.set(Calendar.MINUTE, min);
+ cal.set(Calendar.SECOND, sec);
+
+ // proposed start time
+ Date start = cal.getTime();
+
+ // if start time has already passed today - add one day (86400000 milliseconds =
+ // 1 day)
+ if (start.before(now)) {
+ start = new Date(start.getTime() + 86400000);
}
+
+ Logger.debug(new LogMsg(msg.getMessage("config.46", new String[] { start.toString(), "" + period })));
+
+ // start TSL updater task
+ final Timer timer = new Timer("TSL_DB_Updater");
+ timer.schedule(new TSLUpdaterTimerTask(), start, period);
+ }
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
index 4050ebc..2e7445e 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
@@ -21,19 +21,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
-import iaik.server.modules.algorithms.HashAlgorithms;
-import iaik.server.modules.cmssign.CMSSignature;
-import iaik.server.modules.cmssign.CMSSignatureCreationException;
-import iaik.server.modules.cmssign.CMSSignatureCreationModule;
-import iaik.server.modules.cmssign.CMSSignatureCreationModuleFactory;
-import iaik.server.modules.cmssign.CMSSignatureCreationProfile;
-import iaik.server.modules.keys.KeyEntryID;
-import iaik.server.modules.keys.KeyModule;
-import iaik.server.modules.keys.KeyModuleFactory;
-
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
@@ -76,38 +65,46 @@ import at.gv.egovernment.moa.spss.util.MessageProvider;
import at.gv.egovernment.moaspss.logging.LogMsg;
import at.gv.egovernment.moaspss.logging.Logger;
import at.gv.egovernment.moaspss.util.Constants;
+import iaik.server.modules.algorithms.HashAlgorithms;
+import iaik.server.modules.cmssign.CMSSignature;
+import iaik.server.modules.cmssign.CMSSignatureCreationException;
+import iaik.server.modules.cmssign.CMSSignatureCreationModule;
+import iaik.server.modules.cmssign.CMSSignatureCreationModuleFactory;
+import iaik.server.modules.cmssign.CMSSignatureCreationProfile;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
/**
* A class providing an API based interface to the
* CMSSignatureCreationModule.
- *
- * This class performs the invocation of the
+ *
+ * This class performs the invocation of the
* iaik.server.modules.cmssign.CMSSignatureCreationModule from a
* CreateCMSSignatureRequest given as an API object. The result of
* the invocation is integrated into a CreateCMSSignatureResponse
* and returned.
- *
+ *
* @version $Id$
*/
public class CMSSignatureCreationInvoker {
-
- private static Map HASH_ALGORITHM_MAPPING;
-
- static {
- HASH_ALGORITHM_MAPPING = new HashMap();
- HASH_ALGORITHM_MAPPING.put(Constants.SHA1_URI, HashAlgorithms.SHA1);
- HASH_ALGORITHM_MAPPING.put(Constants.SHA256_URI, HashAlgorithms.SHA256);
- HASH_ALGORITHM_MAPPING.put(Constants.SHA384_URI, HashAlgorithms.SHA384);
- HASH_ALGORITHM_MAPPING.put(Constants.SHA512_URI, HashAlgorithms.SHA512);
- }
-
+
+ private static Map HASH_ALGORITHM_MAPPING;
+
+ static {
+ HASH_ALGORITHM_MAPPING = new HashMap();
+ HASH_ALGORITHM_MAPPING.put(Constants.SHA1_URI, HashAlgorithms.SHA1);
+ HASH_ALGORITHM_MAPPING.put(Constants.SHA256_URI, HashAlgorithms.SHA256);
+ HASH_ALGORITHM_MAPPING.put(Constants.SHA384_URI, HashAlgorithms.SHA384);
+ HASH_ALGORITHM_MAPPING.put(Constants.SHA512_URI, HashAlgorithms.SHA512);
+ }
/** The single instance of this class. */
private static CMSSignatureCreationInvoker instance = null;
/**
* Get the only instance of this class.
- *
+ *
* @return The only instance of this class.
*/
public static synchronized CMSSignatureCreationInvoker getInstance() {
@@ -119,273 +116,271 @@ public class CMSSignatureCreationInvoker {
/**
* Create a new CMSSignatureCreationInvoker.
- *
+ *
* Protected to disallow multiple instances.
*/
protected CMSSignatureCreationInvoker() {
}
-
-
/**
* Process the CreateCMSSignatureRequest message and invoke the
* XMLSignatureCreationModule for every
* SingleSignatureInfo contained in the request.
- *
+ *
* @param request A CreateCMSSignatureRequest API object
* containing the information for creating the signature(s).
- * @param reserved A Set of reserved object IDs.
- *
- * @return A CreateCMSSignatureResponse API object containing
- * the created signature(s). The response contains either a
- * SignatureEnvironment or a ErrorResponse
- * for each SingleSignatureInfo in the request.
- * @throws MOAException An error occurred during signature creation.
+ * @param reserved A Set of reserved object IDs.
+ *
+ * @return A CreateCMSSignatureResponse API object containing the
+ * created signature(s). The response contains either a
+ * SignatureEnvironment or a ErrorResponse for
+ * each SingleSignatureInfo in the request.
+ * @throws MOAException An error occurred during signature creation.
*/
public CreateCMSSignatureResponse createCMSSignature(
- CreateCMSSignatureRequest request,
- Set reserved)
- throws MOAException {
+ CreateCMSSignatureRequest request,
+ Set reserved)
+ throws MOAException {
+
+ final TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ // LoggingContext loggingCtx =
+ // LoggingContextManager.getInstance().getLoggingContext();
- TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
- //LoggingContext loggingCtx = LoggingContextManager.getInstance().getLoggingContext();
+ final CreateCMSSignatureResponseBuilder responseBuilder = new CreateCMSSignatureResponseBuilder();
+ final CreateCMSSignatureResponse response = new CreateCMSSignatureResponseImpl();
- CreateCMSSignatureResponseBuilder responseBuilder = new CreateCMSSignatureResponseBuilder();
- CreateCMSSignatureResponse response = new CreateCMSSignatureResponseImpl();
+ boolean isSecurityLayerConform = false;
+ boolean isPAdESConformRequired = false;
+ String structure = null;
+ String mimetype = null;
- boolean isSecurityLayerConform = false;
- boolean isPAdESConformRequired = false;
- String structure = null;
- String mimetype = null;
-
- // select the SingleSignatureInfo elements
- Iterator singleSignatureInfoIter = request.getSingleSignatureInfos().iterator();
+ // select the SingleSignatureInfo elements
+ final Iterator singleSignatureInfoIter = request.getSingleSignatureInfos().iterator();
// iterate over all the SingleSignatureInfo elements in the request
- while (singleSignatureInfoIter.hasNext()) {
- SingleSignatureInfo singleSignatureInfo = (SingleSignatureInfo) singleSignatureInfoIter.next();
- isSecurityLayerConform = singleSignatureInfo.isSecurityLayerConform();
- isPAdESConformRequired = singleSignatureInfo.isPAdESConform();
-
- //PAdES conformity always requires SecurityLayer conformity, because certificates must be included
- if (isPAdESConformRequired && !isSecurityLayerConform) {
- isSecurityLayerConform = isPAdESConformRequired;
- Logger.debug("Set SecurityLayerConformity to 'true' because PAdES conformity is requested");
-
- }
-
-
- DataObjectInfo dataObjectInfo = singleSignatureInfo.getDataObjectInfo();
- structure = dataObjectInfo.getStructure();
-
- CMSDataObject dataobject = dataObjectInfo.getDataObject();
- MetaInfo metainfo = dataobject.getMetaInfo();
-
- /*TODO: do not set SigningTime in IAIK-MOA request or any other
- * API method/parameter when IAIK-MOA API is updated.
- * Maybe also update mimetype solution below
- */
- //does not set mimetype if PAdES conformity is requested
- if (!isPAdESConformRequired) {
- mimetype = metainfo.getMimeType();
-
- } else
- Logger.debug("PAdES conformity requested. Does not set mimetype into CAdES signature");
-
- CMSContent content = dataobject.getContent();
- InputStream contentIs = null;
- // build the content data
- switch (content.getContentType()) {
- case CMSContent.EXPLICIT_CONTENT :
- contentIs = ((CMSContentExcplicit) content).getBinaryContent();
- break;
- case CMSContent.REFERENCE_CONTENT :
- String reference = ((CMSContentReference) content).getReference();
- if (!"".equals(reference)) {
- ExternalURIResolver resolver = new ExternalURIResolver();
- contentIs = resolver.resolve(reference);
- } else {
- throw new MOAApplicationException("2301", null);
- }
- break;
- default : {
- throw new MOAApplicationException("2301", null);
- }
- }
-
- // create CMSSignatureCreationModuleFactory
- CMSSignatureCreationModule module = CMSSignatureCreationModuleFactory.getInstance();
-
- List signedProperties = null;
- boolean includeData = true;
- if (structure.compareTo("enveloping") == 0)
- includeData = true;
- if (structure.compareTo("detached") == 0)
- includeData = false;
-
- ConfigurationProvider config = context.getConfiguration();
-
- // get the key group id
- String keyGroupID = request.getKeyIdentifier();
- // set the key set
- Set keySet = buildKeySet(keyGroupID);
- if (keySet == null) {
- throw new MOAApplicationException("2231", null);
- } else if (keySet.size() == 0) {
- throw new MOAApplicationException("2232", null);
- }
-
- // get digest algorithm
- String digestAlgorithm = getDigestAlgorithm(config, keyGroupID);
-
- // create CMSSignatureCreation profile:
- CMSSignatureCreationProfile profile = new CMSSignatureCreationProfileImpl(
- keySet,
- digestAlgorithm,
- signedProperties,
- isSecurityLayerConform,
- includeData,
- mimetype,
- isPAdESConformRequired);
-
- // create CMSSignature from the CMSSignatureCreationModule
- // build the additionalSignedProperties
- List additionalSignedProperties = buildAdditionalSignedProperties();
- TransactionId tid = new TransactionId(context.getTransactionID());
- try {
- CMSSignature signature = module.createSignature(profile, additionalSignedProperties, tid);
- ByteArrayOutputStream out = new ByteArrayOutputStream();
- // get CMS SignedData output stream from the CMSSignature and wrap it around out
- boolean base64 = true;
- OutputStream signedDataStream = signature.getSignature(out, base64);
-
- // now write the data to be signed to the signedDataStream
- // Stream based, this should have a better performance
- FilteredOutputStream filteredOuputStream = new FilteredOutputStream(
- signedDataStream, 4096, dataobject.getExcludeByteRangeFrom(),
- dataobject.getExcludeByteRangeTo());
-
- IOUtils.copyLarge(contentIs, filteredOuputStream);
- filteredOuputStream.flush();
-
- // finish SignedData processing by closing signedDataStream
- signedDataStream.close();
- String base64value = out.toString();
-
- responseBuilder.addCMSSignature(base64value);
-
-
- } catch (CMSSignatureCreationException e) {
- MOAException moaException = IaikExceptionMapper.getInstance().map(e);
-
- responseBuilder.addError(
- moaException.getMessageId(),
- moaException.getMessage());
- Logger.warn(moaException.getMessage(), e);
-
- }
- catch (IOException e) {
- throw new MOAApplicationException("2301", null, e);
- }
-
- }
-
+ while (singleSignatureInfoIter.hasNext()) {
+ final SingleSignatureInfo singleSignatureInfo = (SingleSignatureInfo) singleSignatureInfoIter.next();
+ isSecurityLayerConform = singleSignatureInfo.isSecurityLayerConform();
+ isPAdESConformRequired = singleSignatureInfo.isPAdESConform();
+
+ // PAdES conformity always requires SecurityLayer conformity, because
+ // certificates must be included
+ if (isPAdESConformRequired && !isSecurityLayerConform) {
+ isSecurityLayerConform = isPAdESConformRequired;
+ Logger.debug("Set SecurityLayerConformity to 'true' because PAdES conformity is requested");
+
+ }
+
+ final DataObjectInfo dataObjectInfo = singleSignatureInfo.getDataObjectInfo();
+ structure = dataObjectInfo.getStructure();
+
+ final CMSDataObject dataobject = dataObjectInfo.getDataObject();
+ final MetaInfo metainfo = dataobject.getMetaInfo();
+
+ /*
+ * TODO: do not set SigningTime in IAIK-MOA request or any other API
+ * method/parameter when IAIK-MOA API is updated. Maybe also update mimetype
+ * solution below
+ */
+ // does not set mimetype if PAdES conformity is requested
+ if (!isPAdESConformRequired) {
+ mimetype = metainfo.getMimeType();
+
+ } else {
+ Logger.debug("PAdES conformity requested. Does not set mimetype into CAdES signature");
+ }
+
+ final CMSContent content = dataobject.getContent();
+ InputStream contentIs = null;
+ // build the content data
+ switch (content.getContentType()) {
+ case CMSContent.EXPLICIT_CONTENT:
+ contentIs = ((CMSContentExcplicit) content).getBinaryContent();
+ break;
+ case CMSContent.REFERENCE_CONTENT:
+ final String reference = ((CMSContentReference) content).getReference();
+ if (!"".equals(reference)) {
+ final ExternalURIResolver resolver = new ExternalURIResolver();
+ contentIs = resolver.resolve(reference);
+ } else {
+ throw new MOAApplicationException("2301", null);
+ }
+ break;
+ default: {
+ throw new MOAApplicationException("2301", null);
+ }
+ }
+
+ // create CMSSignatureCreationModuleFactory
+ final CMSSignatureCreationModule module = CMSSignatureCreationModuleFactory.getInstance();
+
+ final List signedProperties = null;
+ boolean includeData = true;
+ if (structure.compareTo("enveloping") == 0) {
+ includeData = true;
+ }
+ if (structure.compareTo("detached") == 0) {
+ includeData = false;
+ }
+
+ final ConfigurationProvider config = context.getConfiguration();
+
+ // get the key group id
+ final String keyGroupID = request.getKeyIdentifier();
+ // set the key set
+ final Set keySet = buildKeySet(keyGroupID);
+ if (keySet == null) {
+ throw new MOAApplicationException("2231", null);
+ } else if (keySet.size() == 0) {
+ throw new MOAApplicationException("2232", null);
+ }
+
+ // get digest algorithm
+ final String digestAlgorithm = getDigestAlgorithm(config, keyGroupID);
+
+ // create CMSSignatureCreation profile:
+ final CMSSignatureCreationProfile profile = new CMSSignatureCreationProfileImpl(
+ keySet,
+ digestAlgorithm,
+ signedProperties,
+ isSecurityLayerConform,
+ includeData,
+ mimetype,
+ isPAdESConformRequired);
+
+ // create CMSSignature from the CMSSignatureCreationModule
+ // build the additionalSignedProperties
+ final List additionalSignedProperties = buildAdditionalSignedProperties();
+ final TransactionId tid = new TransactionId(context.getTransactionID());
+ try {
+ final CMSSignature signature = module.createSignature(profile, additionalSignedProperties, tid);
+ final ByteArrayOutputStream out = new ByteArrayOutputStream();
+ // get CMS SignedData output stream from the CMSSignature and wrap it around out
+ final boolean base64 = true;
+ final OutputStream signedDataStream = signature.getSignature(out, base64);
+
+ // now write the data to be signed to the signedDataStream
+ // Stream based, this should have a better performance
+ final FilteredOutputStream filteredOuputStream = new FilteredOutputStream(
+ signedDataStream, 4096, dataobject.getExcludeByteRangeFrom(),
+ dataobject.getExcludeByteRangeTo());
+
+ IOUtils.copyLarge(contentIs, filteredOuputStream);
+ filteredOuputStream.flush();
+
+ // finish SignedData processing by closing signedDataStream
+ signedDataStream.close();
+ final String base64value = out.toString();
+
+ responseBuilder.addCMSSignature(base64value);
+
+ } catch (final CMSSignatureCreationException e) {
+ final MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+
+ responseBuilder.addError(
+ moaException.getMessageId(),
+ moaException.getMessage());
+ Logger.warn(moaException.getMessage(), e);
+
+ } catch (final IOException e) {
+ throw new MOAApplicationException("2301", null, e);
+ }
+
+ }
return responseBuilder.getResponse();
}
-
+
private boolean inRange(BigDecimal counter, CMSDataObject dataobject) {
- BigDecimal from = dataobject.getExcludeByteRangeFrom();
- BigDecimal to = dataobject.getExcludeByteRangeTo();
-
- if ( (from == null) || (to == null))
- return false;
-
- int compare = counter.compareTo(from);
- if (compare == -1)
- return false;
- else {
- compare = counter.compareTo(to);
- if (compare == 1)
- return false;
- else
- return true;
- }
-
-
-
+ final BigDecimal from = dataobject.getExcludeByteRangeFrom();
+ final BigDecimal to = dataobject.getExcludeByteRangeTo();
+
+ if (from == null || to == null) {
+ return false;
+ }
+
+ int compare = counter.compareTo(from);
+ if (compare == -1) {
+ return false;
+ } else {
+ compare = counter.compareTo(to);
+ if (compare == 1) {
+ return false;
+ } else {
+ return true;
+ }
+ }
+
}
-
- private String getDigestAlgorithm(ConfigurationProvider config, String keyGroupID) throws MOASystemException {
- // get digest method on key group level (if configured)
- String configDigestMethodKG = config.getKeyGroup(keyGroupID).getDigestMethodAlgorithm();
- // get default digest method (if configured)
- String configDigestMethod = config.getDigestMethodAlgorithmName();
-
-
- String digestMethod = null;
- if (configDigestMethodKG != null) {
- // if KG specific digest method is configured
- digestMethod = (String) HASH_ALGORITHM_MAPPING.get(configDigestMethodKG);
- if (digestMethod == null) {
- error(
- "config.17",
- new Object[] { configDigestMethodKG});
- throw new MOASystemException("2900", null);
- }
- Logger.debug("Digest algorithm: " + digestMethod + "(configured in KeyGroup)");
- }
- else {
- // else get default configured digest method
- digestMethod = (String) HASH_ALGORITHM_MAPPING.get(configDigestMethod);
- if (digestMethod == null) {
- error(
- "config.17",
- new Object[] { configDigestMethod});
- throw new MOASystemException("2900", null);
- }
- Logger.debug("Digest algorithm: " + digestMethod + "(default)");
-
- }
- return digestMethod;
+ private String getDigestAlgorithm(ConfigurationProvider config, String keyGroupID)
+ throws MOASystemException {
+ // get digest method on key group level (if configured)
+ final String configDigestMethodKG = config.getKeyGroup(keyGroupID).getDigestMethodAlgorithm();
+ // get default digest method (if configured)
+ final String configDigestMethod = config.getDigestMethodAlgorithmName();
+
+ String digestMethod = null;
+ if (configDigestMethodKG != null) {
+ // if KG specific digest method is configured
+ digestMethod = (String) HASH_ALGORITHM_MAPPING.get(configDigestMethodKG);
+ if (digestMethod == null) {
+ error(
+ "config.17",
+ new Object[] { configDigestMethodKG });
+ throw new MOASystemException("2900", null);
+ }
+ Logger.debug("Digest algorithm: " + digestMethod + "(configured in KeyGroup)");
+ } else {
+ // else get default configured digest method
+ digestMethod = (String) HASH_ALGORITHM_MAPPING.get(configDigestMethod);
+ if (digestMethod == null) {
+ error(
+ "config.17",
+ new Object[] { configDigestMethod });
+ throw new MOASystemException("2900", null);
+ }
+ Logger.debug("Digest algorithm: " + digestMethod + "(default)");
+
+ }
+ return digestMethod;
}
-
+
/**
* Utility function to issue an error message to the log.
- *
- * @param messageId The ID of the message to log.
+ *
+ * @param messageId The ID of the message to log.
* @param parameters Additional message parameters.
*/
private static void error(String messageId, Object[] parameters) {
- MessageProvider msg = MessageProvider.getInstance();
+ final MessageProvider msg = MessageProvider.getInstance();
Logger.error(new LogMsg(msg.getMessage(messageId, parameters)));
}
-
+
/**
* Build the set of KeyEntryIDs available to the given
* keyGroupID.
- *
+ *
* @param keyGroupID The keygroup ID for which the available keys should be
- * returned.
- * @return The Set of KeyEntryIDs
- * identifying the available keys.
+ * returned.
+ * @return The Set of KeyEntryIDs identifying the
+ * available keys.
*/
private Set buildKeySet(String keyGroupID) {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
Set keyGroupEntries;
// get the KeyGroup entries from the configuration
if (context.getClientCertificate() != null) {
- X509Certificate cert = context.getClientCertificate()[0];
- Principal issuer = cert.getIssuerDN();
- BigInteger serialNumber = cert.getSerialNumber();
+ final X509Certificate cert = context.getClientCertificate()[0];
+ final Principal issuer = cert.getIssuerDN();
+ final BigInteger serialNumber = cert.getSerialNumber();
keyGroupEntries =
- config.getKeyGroupEntries(issuer, serialNumber, keyGroupID);
+ config.getKeyGroupEntries(issuer, serialNumber, keyGroupID);
} else {
keyGroupEntries = config.getKeyGroupEntries(null, null, keyGroupID);
}
@@ -396,23 +391,23 @@ public class CMSSignatureCreationInvoker {
} else if (keyGroupEntries.size() == 0) {
return Collections.EMPTY_SET;
} else {
- KeyModule module =
- KeyModuleFactory.getInstance(
- new TransactionId(context.getTransactionID()));
- Set keyEntryIDs = module.getPrivateKeyEntryIDs();
- Set keySet = new HashSet();
+ final KeyModule module =
+ KeyModuleFactory.getInstance(
+ new TransactionId(context.getTransactionID()));
+ final Set keyEntryIDs = module.getPrivateKeyEntryIDs();
+ final Set keySet = new HashSet();
Iterator iter;
// filter out the keys that do not exist in the IAIK configuration
// by walking through the key entries and checking if the exist in the
// keyGroupEntries
for (iter = keyEntryIDs.iterator(); iter.hasNext();) {
- KeyEntryID entryID = (KeyEntryID) iter.next();
- KeyGroupEntry entry =
- new KeyGroupEntry(
- entryID.getModuleID(),
- entryID.getCertificateIssuer(),
- entryID.getCertificateSerialNumber());
+ final KeyEntryID entryID = (KeyEntryID) iter.next();
+ final KeyGroupEntry entry =
+ new KeyGroupEntry(
+ entryID.getModuleID(),
+ entryID.getCertificateIssuer(),
+ entryID.getCertificateSerialNumber());
if (keyGroupEntries.contains(entry)) {
keySet.add(entryID);
}
@@ -423,18 +418,18 @@ public class CMSSignatureCreationInvoker {
/**
* Build the list of additional signed properties.
- *
+ *
* Based on the generic configuration setting
- * ConfigurationProvider.TEST_SIGNING_TIME_PROPERTY, a
- * constant SigningTime will be added to the properties.
- *
+ * ConfigurationProvider.TEST_SIGNING_TIME_PROPERTY, a constant
+ * SigningTime will be added to the properties.
+ *
* @return The List of additional signed properties.
*/
private List buildAdditionalSignedProperties() {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- List additionalSignedProperties = Collections.EMPTY_LIST;
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final List additionalSignedProperties = Collections.EMPTY_LIST;
return additionalSignedProperties;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
index 74fa9ab..e18f957 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
@@ -28,7 +28,6 @@ import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigDecimal;
-import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
@@ -55,12 +54,8 @@ import at.gv.egovernment.moa.spss.util.QCSSCDResult;
import at.gv.egovernment.moaspss.logging.Logger;
import at.gv.egovernment.moaspss.logging.LoggingContext;
import at.gv.egovernment.moaspss.logging.LoggingContextManager;
-import iaik.server.ConfigurationException;
-import iaik.server.modules.AdESConstants;
-import iaik.server.modules.AdESFormVerificationResult;
import iaik.server.modules.IAIKException;
import iaik.server.modules.IAIKRuntimeException;
-import iaik.server.modules.SignatureVerificationProfile;
import iaik.server.modules.cmsverify.CMSSignatureVerificationModule;
import iaik.server.modules.cmsverify.CMSSignatureVerificationModuleFactory;
import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
@@ -75,449 +70,459 @@ import iaik.x509.X509Certificate;
/**
* A class providing an interface to the
* CMSSignatureVerificationModule.
- *
+ *
* This class performs the invocation of the
* iaik.server.modules.cmsverify.CMSSignatureVerificationModule
* from a VerifyCMSSignatureRequest. The result of the invocation
* is integrated into a VerifyCMSSignatureResponse returned.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class CMSSignatureVerificationInvoker {
- /** The single instance of this class. */
- private static CMSSignatureVerificationInvoker instance = null;
-
- /**
- * Return the only instance of this class.
- *
- * @return The only instance of this class.
- */
- public static synchronized CMSSignatureVerificationInvoker getInstance() {
- if (instance == null) {
- instance = new CMSSignatureVerificationInvoker();
- }
- return instance;
- }
-
- /**
- * Create a new CMSSignatureVerificationInvoker.
- *
- * Protected to disallow multiple instances.
- */
- protected CMSSignatureVerificationInvoker() {
- }
-
- /**
- * Verify a CMS signature.
- *
- * @param request
- * The VerifyCMSSignatureRequest containing the CMS
- * signature, as well as additional data needed for verification.
- * @return Element A VerifyCMSSignatureResponse containing the
- * answer to the VerifyCMSSignatureRequest.
- * @throws MOAException
- * An error occurred while processing the request.
- */
- public VerifyCMSSignatureResponse verifyCMSSignature(VerifyCMSSignatureRequest request) throws MOAException {
-
- CMSSignatureVerificationProfileFactory profileFactory = new CMSSignatureVerificationProfileFactory(request);
- VerifyCMSSignatureResponseBuilder responseBuilder = new VerifyCMSSignatureResponseBuilder();
- TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
- LoggingContext loggingCtx = LoggingContextManager.getInstance().getLoggingContext();
- InputStream signature;
- InputStream signedContent = null;
- Date signingTime;
- List results;
- int[] signatories;
- InputStream input;
- byte[] buf = new byte[2048];
-
- // get the signature
- signature = request.getCMSSignature();
-
- // get the actual trustprofile
- TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId());
-
- try {
- // get the signing time
- signingTime = request.getDateTime();
-
- // build the profile
- if (request.isPDF()) {
- PDFSignatureVerificationProfile profile = profileFactory.createPDFProfile();
- Logger.debug("Sending PDFSignatureVerificationProfile to IAIK-MOA");
-
- PDFSignatureVerificationModule module = iaik.server.modules.pdfverify.PDFSignatureVerificationModuleFactory
- .getInstance();
-
- module.setLog(new IaikLog(loggingCtx.getNodeID()));
- //Logger.info(" Available: " + signature.available());
- module.init(signature, profile, new TransactionId(context.getTransactionID()));
-
- // input = module.getInputStream();
-
- // while (input.read(buf) > 0);
- if(request.isExtended()) {
- Logger.info("Running extended validation");
- results = module.verifyPAdESSignature(signingTime);
- } else {
- Logger.info("Running not extended validation");
- results = module.verifySignature(signingTime);
- }
-
- //PAdES module had to be closed manually
- module.closeModule();
-
- } else {
- // get the signed content
- signedContent = getSignedContent(request);
- CMSSignatureVerificationProfile profile = profileFactory.createProfile();
- Logger.debug("Sending CMSSignatureVerificationProfile to IAIK-MOA");
-
- // verify the signature
- CMSSignatureVerificationModule module = CMSSignatureVerificationModuleFactory.getInstance();
-
- module.setLog(new IaikLog(loggingCtx.getNodeID()));
-
- module.init(signature, signedContent, profile, new TransactionId(context.getTransactionID()));
- input = module.getInputStream();
-
- while (input.read(buf) > 0)
- ;
-
- if(request.isExtended()) {
- Logger.info("Running extended validation");
- results = module.verifyCAdESSignature(signingTime);
- } else {
- Logger.info("Running not extended validation");
- results = module.verifySignature(signingTime);
- }
- // results = module.verifySignature(signingTime);
- }
-
- } catch (IAIKException e) {
- MOAException moaException = IaikExceptionMapper.getInstance().map(e);
- throw moaException;
- } catch (IAIKRuntimeException e) {
- MOAException moaException = IaikExceptionMapper.getInstance().map(e);
- throw moaException;
- } catch (IOException e) {
- throw new MOAApplicationException("2244", null, e);
- } catch (MOAException e) {
- throw e;
- } finally {
- try {
- if (signedContent != null)
- signedContent.close();
-
- if (signature != null)
- signature.close();
-
- } catch (Throwable t) {
- // Intentionally do nothing here
- }
- }
-
- QCSSCDResult qcsscdresult = new QCSSCDResult();
-
- // build the response: for each signatory add the result to the response
- signatories = request.getSignatories();
- if (signatories == VerifyCMSSignatureRequest.ALL_SIGNATORIES) {
- Iterator resultIter;
-
- for (resultIter = results.iterator(); resultIter.hasNext();) {
- Object resultObject = resultIter.next();
- if (!request.isPDF()) {
- handleCMSResult(resultObject, responseBuilder, trustProfile);
- } else {
- handlePDFResult(resultObject, responseBuilder, trustProfile);
- }
- }
- } else {
- int i;
-
- for (i = 0; i < signatories.length; i++) {
- int sigIndex = signatories[i] - 1;
-
- try {
- Object resultObject = results.get(signatories[i] - 1);
- if (!request.isPDF()) {
- handleCMSResult(resultObject, responseBuilder, trustProfile);
- } else {
- handlePDFResult(resultObject, responseBuilder, trustProfile);
- }
- } catch (IndexOutOfBoundsException e) {
- throw new MOAApplicationException("2249", new Object[] { new Integer(sigIndex) });
- }
- }
- }
-
- return responseBuilder.getResponse();
- }
-
- private void handleCMSResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder,
- TrustProfile trustProfile) throws MOAException {
- QCSSCDResult qcsscdresult = new QCSSCDResult();
-
- if(resultObject == null) {
- Logger.warn("Result Object is null!");
- return;
- }
-
- CMSSignatureVerificationResult cmsResult = null;
- List adesResults = null;
- boolean extendedVerification = false;
-
- ExtendedCertificateCheckResult extCheckResult = null;
- if (resultObject instanceof ExtendedCMSSignatureVerificationResult) {
- Logger.info("Got ExtendedCMSSignatureVerificationResult");
- extendedVerification = true;
- ExtendedCMSSignatureVerificationResult result = (ExtendedCMSSignatureVerificationResult) resultObject;
- cmsResult = result.getCMSSignatureVerificationResult();
- adesResults = AdESResultUtils.getAdESResult(result.getFormVerificationResult());
-
-
- if (Logger.isDebugEnabled() && adesResults != null) {
- Iterator adesIterator = adesResults.iterator();
- while (adesIterator.hasNext())
- Logger.debug("ADES Formresults: " + adesIterator.next().toString());
-
- }
-
- try {
- //Logger.info("Extended Validation Report: " + result.getName());
- Logger.debug("Extended Validation Code: " + result.getResultCode().toString());
- Logger.debug("Extended Validation Info: " + result.getInfo());
-
- extCheckResult = AdESResultUtils.getExtendedResult(result.getResultCode());
-
- } catch (NullPointerException e) {
- Logger.info("No extendend validation result available.");
-
- }
- } else {
- Logger.debug("Got CMSSignatureVerificationResult");
- cmsResult = (CMSSignatureVerificationResult) resultObject;
-
- }
-
- String issuerCountryCode = null;
- // QC/SSCD check
-
- if(cmsResult.getCertificateValidationResult() != null) {
- List list = cmsResult.getCertificateValidationResult().getCertificateChain();
- if (list != null) {
- X509Certificate[] chain = new X509Certificate[list.size()];
-
- Iterator it = list.iterator();
- int i = 0;
- while (it.hasNext()) {
- chain[i] = (X509Certificate) it.next();
- i++;
- }
-
- qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile.isTSLEnabled(), ConfigurationProvider.getInstance());
-
- // get signer certificate issuer country code
- issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
- }
- }
-
- responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(),
- qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults, extCheckResult,
- qcsscdresult.getTslInfos(), extendedVerification);
- }
-
- private void handlePDFResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder,
- TrustProfile trustProfile) throws MOAException {
- QCSSCDResult qcsscdresult = new QCSSCDResult();
-
- if(resultObject == null) {
- Logger.warn("Result Object is null!");
- return;
- }
-
- PDFSignatureVerificationResult cmsResult = null;
- List adesResults = null;
- boolean extendedVerification = false;
- Boolean coversFullDoc = null;
- int[] sigByteRange = null;
-
- ExtendedCertificateCheckResult extCheckResult = null;
- if (resultObject instanceof ExtendedPDFSignatureVerificationResult) {
- Logger.info("Got ExtendedPDFSignatureVerificationResult");
- extendedVerification = true;
- ExtendedPDFSignatureVerificationResult result = (ExtendedPDFSignatureVerificationResult) resultObject;
- cmsResult = result.getPDFSignatureVerificationResult();
- adesResults = AdESResultUtils.getAdESResult(result.getFormVerificationResult());
-
- if (Logger.isDebugEnabled() && adesResults != null) {
- Iterator adesIterator = adesResults.iterator();
- while (adesIterator.hasNext())
- Logger.debug("ADES Formresults: " + adesIterator.next().toString());
-
- }
-
-
- try {
- Logger.debug("Extended Validation Code: " + result.getResultCode().toString());
-
- if (result.getDetailedExtendedReport() != null)
- Logger.debug("Extended Validation Info: " + result.getDetailedExtendedReport().getMessage());
- else
- Logger.debug("Extended Validation Info: " + result.getInfo());
-
-
- Logger.debug("Full extended Validation Infos: " + result.getInfo());
- extCheckResult = AdESResultUtils.getExtendedResult(result.getResultCode());
-
- } catch (NullPointerException e) {
- Logger.info("No extendend validation result available.");
-
- }
-
- } else {
- Logger.debug("Got PDFSignatureVerificationResult");
- cmsResult = (PDFSignatureVerificationResult) resultObject;
- }
-
- if (MiscUtil.isNotEmpty(cmsResult.getError()))
- Logger.info("Signature validation stopped with an error: " + cmsResult.getError());
-
- String issuerCountryCode = null;
- // QC/SSCD check
-
- if (cmsResult.getCertificateValidationResult() != null) {
- List list = cmsResult.getCertificateValidationResult().getCertificateChain();
- if (list != null) {
- X509Certificate[] chain = new X509Certificate[list.size()];
-
- Iterator it = list.iterator();
- int i = 0;
- while (it.hasNext()) {
- chain[i] = (X509Certificate) it.next();
- i++;
- }
-
- qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile.isTSLEnabled(), ConfigurationProvider.getInstance());
-
- // get signer certificate issuer country code
- issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
-
- }
- }
-
- responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(),
- qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults,
- extCheckResult, qcsscdresult.getTslInfos(), extendedVerification);
- }
-
- /**
- * Get the signed content contained either in the request itself or given as
- * a reference to external data.
- *
- * @param request
- * The VerifyCMSSignatureRequest containing the
- * signed content (or the reference to the signed content).
- * @return InputStream A stream providing the signed content data, or
- * null if no signed content was provided with the
- * request.
- * @throws MOAApplicationException
- * An error occurred building the stream.
- */
- private InputStream getSignedContent(VerifyCMSSignatureRequest request) throws MOAApplicationException {
-
- InputStream is = null;
- CMSDataObject dataObj;
- CMSContent content;
-
- // select the Content element
- dataObj = request.getDataObject();
- if (dataObj == null) {
- return null;
- }
- content = dataObj.getContent();
-
- // build the content data
- switch (content.getContentType()) {
- case CMSContent.EXPLICIT_CONTENT:
- is = ((CMSContentExcplicit) content).getBinaryContent();
- is = excludeByteRange(is, request);
- return is;
- case CMSContent.REFERENCE_CONTENT:
- String reference = ((CMSContentReference) content).getReference();
- if (!"".equals(reference)) {
- ExternalURIResolver resolver = new ExternalURIResolver();
- is = resolver.resolve(reference);
- is = excludeByteRange(is, request);
- return is;
- } else {
- return null;
- }
- default:
- return null;
- }
-
- }
-
- private InputStream excludeByteRange(InputStream contentIs, VerifyCMSSignatureRequest request)
- throws MOAApplicationException {
-
- int byteRead;
-
- ByteArrayOutputStream contentOs = new ByteArrayOutputStream();
-
- CMSDataObject dataobject = request.getDataObject();
- BigDecimal from = dataobject.getExcludeByteRangeFrom();
- BigDecimal to = dataobject.getExcludeByteRangeTo();
-
- if ((from == null) || (to == null))
- return contentIs;
-
- BigDecimal counter = new BigDecimal("0");
- BigDecimal one = new BigDecimal("1");
-
- try {
- while ((byteRead = contentIs.read()) >= 0) {
-
- if (inRange(counter, dataobject)) {
- // if byte is in byte range, set byte to 0x00
- contentOs.write(0);
- } else
- contentOs.write(byteRead);
-
- counter = counter.add(one);
- }
-
- InputStream is = new ByteArrayInputStream(contentOs.toByteArray());
-
- return is;
-
- } catch (IOException e) {
- throw new MOAApplicationException("2301", null, e);
- }
-
- }
-
- private boolean inRange(BigDecimal counter, CMSDataObject dataobject) {
- BigDecimal from = dataobject.getExcludeByteRangeFrom();
- BigDecimal to = dataobject.getExcludeByteRangeTo();
-
- if ((from == null) || (to == null))
- return false;
-
- int compare = counter.compareTo(from);
- if (compare == -1)
- return false;
- else {
- compare = counter.compareTo(to);
- if (compare == 1)
- return false;
- else
- return true;
- }
-
- }
+ /** The single instance of this class. */
+ private static CMSSignatureVerificationInvoker instance = null;
+
+ /**
+ * Return the only instance of this class.
+ *
+ * @return The only instance of this class.
+ */
+ public static synchronized CMSSignatureVerificationInvoker getInstance() {
+ if (instance == null) {
+ instance = new CMSSignatureVerificationInvoker();
+ }
+ return instance;
+ }
+
+ /**
+ * Create a new CMSSignatureVerificationInvoker.
+ *
+ * Protected to disallow multiple instances.
+ */
+ protected CMSSignatureVerificationInvoker() {
+ }
+
+ /**
+ * Verify a CMS signature.
+ *
+ * @param request The VerifyCMSSignatureRequest containing the CMS
+ * signature, as well as additional data needed for verification.
+ * @return Element A VerifyCMSSignatureResponse containing the
+ * answer to the VerifyCMSSignatureRequest.
+ * @throws MOAException An error occurred while processing the request.
+ */
+ public VerifyCMSSignatureResponse verifyCMSSignature(VerifyCMSSignatureRequest request)
+ throws MOAException {
+
+ final CMSSignatureVerificationProfileFactory profileFactory = new CMSSignatureVerificationProfileFactory(
+ request);
+ final VerifyCMSSignatureResponseBuilder responseBuilder = new VerifyCMSSignatureResponseBuilder();
+ final TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ final LoggingContext loggingCtx = LoggingContextManager.getInstance().getLoggingContext();
+ InputStream signature;
+ InputStream signedContent = null;
+ Date signingTime;
+ List results;
+ int[] signatories;
+ InputStream input;
+ final byte[] buf = new byte[2048];
+
+ // get the signature
+ signature = request.getCMSSignature();
+
+ // get the actual trustprofile
+ final TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId());
+
+ try {
+ // get the signing time
+ signingTime = request.getDateTime();
+
+ // build the profile
+ if (request.isPDF()) {
+ final PDFSignatureVerificationProfile profile = profileFactory.createPDFProfile();
+ Logger.debug("Sending PDFSignatureVerificationProfile to IAIK-MOA");
+
+ final PDFSignatureVerificationModule module =
+ iaik.server.modules.pdfverify.PDFSignatureVerificationModuleFactory
+ .getInstance();
+
+ module.setLog(new IaikLog(loggingCtx.getNodeID()));
+ // Logger.info(" Available: " + signature.available());
+ module.init(signature, profile, new TransactionId(context.getTransactionID()));
+
+ // input = module.getInputStream();
+
+ // while (input.read(buf) > 0);
+ if (request.isExtended()) {
+ Logger.info("Running extended validation");
+ results = module.verifyPAdESSignature(signingTime);
+ } else {
+ Logger.info("Running not extended validation");
+ results = module.verifySignature(signingTime);
+ }
+
+ // PAdES module had to be closed manually
+ module.closeModule();
+
+ } else {
+ // get the signed content
+ signedContent = getSignedContent(request);
+ final CMSSignatureVerificationProfile profile = profileFactory.createProfile();
+ Logger.debug("Sending CMSSignatureVerificationProfile to IAIK-MOA");
+
+ // verify the signature
+ final CMSSignatureVerificationModule module = CMSSignatureVerificationModuleFactory.getInstance();
+
+ module.setLog(new IaikLog(loggingCtx.getNodeID()));
+
+ module.init(signature, signedContent, profile, new TransactionId(context.getTransactionID()));
+ input = module.getInputStream();
+
+ while (input.read(buf) > 0) {
+ ;
+ }
+
+ if (request.isExtended()) {
+ Logger.info("Running extended validation");
+ results = module.verifyCAdESSignature(signingTime);
+ } else {
+ Logger.info("Running not extended validation");
+ results = module.verifySignature(signingTime);
+ }
+ // results = module.verifySignature(signingTime);
+ }
+
+ } catch (final IAIKException e) {
+ final MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+ throw moaException;
+ } catch (final IAIKRuntimeException e) {
+ final MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+ throw moaException;
+ } catch (final IOException e) {
+ throw new MOAApplicationException("2244", null, e);
+ } catch (final MOAException e) {
+ throw e;
+ } finally {
+ try {
+ if (signedContent != null) {
+ signedContent.close();
+ }
+
+ if (signature != null) {
+ signature.close();
+ }
+
+ } catch (final Throwable t) {
+ // Intentionally do nothing here
+ }
+ }
+
+ final QCSSCDResult qcsscdresult = new QCSSCDResult();
+
+ // build the response: for each signatory add the result to the response
+ signatories = request.getSignatories();
+ if (signatories == VerifyCMSSignatureRequest.ALL_SIGNATORIES) {
+ Iterator resultIter;
+
+ for (resultIter = results.iterator(); resultIter.hasNext();) {
+ final Object resultObject = resultIter.next();
+ if (!request.isPDF()) {
+ handleCMSResult(resultObject, responseBuilder, trustProfile);
+ } else {
+ handlePDFResult(resultObject, responseBuilder, trustProfile);
+ }
+ }
+ } else {
+ int i;
+
+ for (i = 0; i < signatories.length; i++) {
+ final int sigIndex = signatories[i] - 1;
+
+ try {
+ final Object resultObject = results.get(signatories[i] - 1);
+ if (!request.isPDF()) {
+ handleCMSResult(resultObject, responseBuilder, trustProfile);
+ } else {
+ handlePDFResult(resultObject, responseBuilder, trustProfile);
+ }
+ } catch (final IndexOutOfBoundsException e) {
+ throw new MOAApplicationException("2249", new Object[] { new Integer(sigIndex) });
+ }
+ }
+ }
+
+ return responseBuilder.getResponse();
+ }
+
+ private void handleCMSResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder,
+ TrustProfile trustProfile) throws MOAException {
+ QCSSCDResult qcsscdresult = new QCSSCDResult();
+
+ if (resultObject == null) {
+ Logger.warn("Result Object is null!");
+ return;
+ }
+
+ CMSSignatureVerificationResult cmsResult = null;
+ List adesResults = null;
+ boolean extendedVerification = false;
+
+ ExtendedCertificateCheckResult extCheckResult = null;
+ if (resultObject instanceof ExtendedCMSSignatureVerificationResult) {
+ Logger.info("Got ExtendedCMSSignatureVerificationResult");
+ extendedVerification = true;
+ final ExtendedCMSSignatureVerificationResult result =
+ (ExtendedCMSSignatureVerificationResult) resultObject;
+ cmsResult = result.getCMSSignatureVerificationResult();
+ adesResults = AdESResultUtils.getAdESResult(result.getFormVerificationResult());
+
+ if (Logger.isDebugEnabled() && adesResults != null) {
+ final Iterator adesIterator = adesResults.iterator();
+ while (adesIterator.hasNext()) {
+ Logger.debug("ADES Formresults: " + adesIterator.next().toString());
+ }
+
+ }
+
+ try {
+ // Logger.info("Extended Validation Report: " + result.getName());
+ Logger.debug("Extended Validation Code: " + result.getResultCode().toString());
+ Logger.debug("Extended Validation Info: " + result.getInfo());
+
+ extCheckResult = AdESResultUtils.getExtendedResult(result.getResultCode());
+
+ } catch (final NullPointerException e) {
+ Logger.info("No extendend validation result available.");
+
+ }
+ } else {
+ Logger.debug("Got CMSSignatureVerificationResult");
+ cmsResult = (CMSSignatureVerificationResult) resultObject;
+
+ }
+
+ String issuerCountryCode = null;
+ // QC/SSCD check
+
+ if (cmsResult.getCertificateValidationResult() != null) {
+ final List list = cmsResult.getCertificateValidationResult().getCertificateChain();
+ if (list != null) {
+ final X509Certificate[] chain = new X509Certificate[list.size()];
+
+ final Iterator it = list.iterator();
+ int i = 0;
+ while (it.hasNext()) {
+ chain[i] = (X509Certificate) it.next();
+ i++;
+ }
+
+ qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile
+ .isTSLEnabled(), ConfigurationProvider.getInstance());
+
+ // get signer certificate issuer country code
+ issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
+ }
+ }
+
+ responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(),
+ qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults, extCheckResult,
+ qcsscdresult.getTslInfos(), extendedVerification);
+ }
+
+ private void handlePDFResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder,
+ TrustProfile trustProfile) throws MOAException {
+ QCSSCDResult qcsscdresult = new QCSSCDResult();
+
+ if (resultObject == null) {
+ Logger.warn("Result Object is null!");
+ return;
+ }
+
+ PDFSignatureVerificationResult cmsResult = null;
+ List adesResults = null;
+ boolean extendedVerification = false;
+ final Boolean coversFullDoc = null;
+ final int[] sigByteRange = null;
+
+ ExtendedCertificateCheckResult extCheckResult = null;
+ if (resultObject instanceof ExtendedPDFSignatureVerificationResult) {
+ Logger.info("Got ExtendedPDFSignatureVerificationResult");
+ extendedVerification = true;
+ final ExtendedPDFSignatureVerificationResult result =
+ (ExtendedPDFSignatureVerificationResult) resultObject;
+ cmsResult = result.getPDFSignatureVerificationResult();
+ adesResults = AdESResultUtils.getAdESResult(result.getFormVerificationResult());
+
+ if (Logger.isDebugEnabled() && adesResults != null) {
+ final Iterator adesIterator = adesResults.iterator();
+ while (adesIterator.hasNext()) {
+ Logger.debug("ADES Formresults: " + adesIterator.next().toString());
+ }
+
+ }
+
+ try {
+ Logger.debug("Extended Validation Code: " + result.getResultCode().toString());
+
+ if (result.getDetailedExtendedReport() != null) {
+ Logger.debug("Extended Validation Info: " + result.getDetailedExtendedReport().getMessage());
+ } else {
+ Logger.debug("Extended Validation Info: " + result.getInfo());
+ }
+
+ Logger.debug("Full extended Validation Infos: " + result.getInfo());
+ extCheckResult = AdESResultUtils.getExtendedResult(result.getResultCode());
+
+ } catch (final NullPointerException e) {
+ Logger.info("No extendend validation result available.");
+
+ }
+
+ } else {
+ Logger.debug("Got PDFSignatureVerificationResult");
+ cmsResult = (PDFSignatureVerificationResult) resultObject;
+ }
+
+ if (MiscUtil.isNotEmpty(cmsResult.getError())) {
+ Logger.info("Signature validation stopped with an error: " + cmsResult.getError());
+ }
+
+ String issuerCountryCode = null;
+ // QC/SSCD check
+
+ if (cmsResult.getCertificateValidationResult() != null) {
+ final List list = cmsResult.getCertificateValidationResult().getCertificateChain();
+ if (list != null) {
+ final X509Certificate[] chain = new X509Certificate[list.size()];
+
+ final Iterator it = list.iterator();
+ int i = 0;
+ while (it.hasNext()) {
+ chain[i] = (X509Certificate) it.next();
+ i++;
+ }
+
+ qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile
+ .isTSLEnabled(), ConfigurationProvider.getInstance());
+
+ // get signer certificate issuer country code
+ issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
+
+ }
+ }
+
+ responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(),
+ qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults,
+ extCheckResult, qcsscdresult.getTslInfos(), extendedVerification);
+ }
+
+ /**
+ * Get the signed content contained either in the request itself or given as a
+ * reference to external data.
+ *
+ * @param request The VerifyCMSSignatureRequest containing the
+ * signed content (or the reference to the signed content).
+ * @return InputStream A stream providing the signed content data, or
+ * null if no signed content was provided with the request.
+ * @throws MOAApplicationException An error occurred building the stream.
+ */
+ private InputStream getSignedContent(VerifyCMSSignatureRequest request) throws MOAApplicationException {
+
+ InputStream is = null;
+ CMSDataObject dataObj;
+ CMSContent content;
+
+ // select the Content element
+ dataObj = request.getDataObject();
+ if (dataObj == null) {
+ return null;
+ }
+ content = dataObj.getContent();
+
+ // build the content data
+ switch (content.getContentType()) {
+ case CMSContent.EXPLICIT_CONTENT:
+ is = ((CMSContentExcplicit) content).getBinaryContent();
+ is = excludeByteRange(is, request);
+ return is;
+ case CMSContent.REFERENCE_CONTENT:
+ final String reference = ((CMSContentReference) content).getReference();
+ if (!"".equals(reference)) {
+ final ExternalURIResolver resolver = new ExternalURIResolver();
+ is = resolver.resolve(reference);
+ is = excludeByteRange(is, request);
+ return is;
+ } else {
+ return null;
+ }
+ default:
+ return null;
+ }
+
+ }
+
+ private InputStream excludeByteRange(InputStream contentIs, VerifyCMSSignatureRequest request)
+ throws MOAApplicationException {
+
+ int byteRead;
+
+ final ByteArrayOutputStream contentOs = new ByteArrayOutputStream();
+
+ final CMSDataObject dataobject = request.getDataObject();
+ final BigDecimal from = dataobject.getExcludeByteRangeFrom();
+ final BigDecimal to = dataobject.getExcludeByteRangeTo();
+
+ if (from == null || to == null) {
+ return contentIs;
+ }
+
+ BigDecimal counter = new BigDecimal("0");
+ final BigDecimal one = new BigDecimal("1");
+
+ try {
+ while ((byteRead = contentIs.read()) >= 0) {
+
+ if (inRange(counter, dataobject)) {
+ // if byte is in byte range, set byte to 0x00
+ contentOs.write(0);
+ } else {
+ contentOs.write(byteRead);
+ }
+
+ counter = counter.add(one);
+ }
+
+ final InputStream is = new ByteArrayInputStream(contentOs.toByteArray());
+
+ return is;
+
+ } catch (final IOException e) {
+ throw new MOAApplicationException("2301", null, e);
+ }
+
+ }
+
+ private boolean inRange(BigDecimal counter, CMSDataObject dataobject) {
+ final BigDecimal from = dataobject.getExcludeByteRangeFrom();
+ final BigDecimal to = dataobject.getExcludeByteRangeTo();
+
+ if (from == null || to == null) {
+ return false;
+ }
+
+ int compare = counter.compareTo(from);
+ if (compare == -1) {
+ return false;
+ } else {
+ compare = counter.compareTo(to);
+ if (compare == 1) {
+ return false;
+ } else {
+ return true;
+ }
+ }
+
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java
index bd5db6d..5e343c4 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
import at.gv.egovernment.moa.spss.MOAException;
@@ -39,71 +38,71 @@ import iaik.server.modules.pdfverify.PDFSignatureVerificationProfile;
* A factory to create a CMSSignatureVerificationProfile from a
* VerifyCMSSignatureRequest and the current MOA configuration
* data.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class CMSSignatureVerificationProfileFactory {
- /** The VerifyCMSSignatureRequest to draw profile data from. */
- private VerifyCMSSignatureRequest request;
+ /** The VerifyCMSSignatureRequest to draw profile data from. */
+ private final VerifyCMSSignatureRequest request;
/**
* Create a new CMSSignatureVerificationProfileFactory.
*
- * @param request The VerifyCMSSignatureRequest to draw profile
- * data from.
+ * @param request The VerifyCMSSignatureRequest to draw profile
+ * data from.
*/
public CMSSignatureVerificationProfileFactory(VerifyCMSSignatureRequest request) {
this.request = request;
}
/**
- * Create a CMSSignatureVerificationProfile from the given
- * request and the current MOA configuration.
- *
+ * Create a CMSSignatureVerificationProfile from the given request
+ * and the current MOA configuration.
+ *
* @return The CMSSignatureVerificationProfile for the
- * request, based on the current configuration.
+ * request, based on the current configuration.
* @throws MOAException An error occurred creating the profile.
*/
public PDFSignatureVerificationProfile createPDFProfile()
- throws MOAException {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- PDFSignatureVerificationProfileImpl profile =
- new PDFSignatureVerificationProfileImpl();
+ throws MOAException {
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final PDFSignatureVerificationProfileImpl profile =
+ new PDFSignatureVerificationProfileImpl();
String trustProfileID;
// set the certificate validation profile
trustProfileID = request.getTrustProfileId();
profile.setCertificateValidationProfile(
- new PKIProfileImpl(config, trustProfileID));
+ new PKIProfileImpl(config, trustProfileID));
return profile;
}
-
+
/**
- * Create a CMSSignatureVerificationProfile from the given
- * request and the current MOA configuration.
- *
+ * Create a CMSSignatureVerificationProfile from the given request
+ * and the current MOA configuration.
+ *
* @return The CMSSignatureVerificationProfile for the
- * request, based on the current configuration.
+ * request, based on the current configuration.
* @throws MOAException An error occurred creating the profile.
*/
public CMSSignatureVerificationProfile createProfile()
- throws MOAException {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- CMSSignatureVerificationProfileImpl profile =
- new CMSSignatureVerificationProfileImpl();
+ throws MOAException {
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final CMSSignatureVerificationProfileImpl profile =
+ new CMSSignatureVerificationProfileImpl();
String trustProfileID;
// set the certificate validation profile
trustProfileID = request.getTrustProfileId();
profile.setCertificateValidationProfile(
- new PKIProfileImpl(config, trustProfileID));
+ new PKIProfileImpl(config, trustProfileID));
return profile;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateCMSSignatureResponseBuilder.java
index aa52fe0..bc5d884 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateCMSSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateCMSSignatureResponseBuilder.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
import java.util.ArrayList;
@@ -34,29 +33,33 @@ import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
/**
* A class to build a CreateCMSSignatureResponse.
- *
- * The methods addSignature() and addError() may be
+ *
+ *
+ * The methods addSignature() and addError() may be
* called in any combination to add CMSignature and
* ErrorResponse elements to the response. One of these functions
- * must be called at least once to produce a
- * CreateCMSSignatureResponse.
- *
- * The getResponseElement() method then returns the
- * CreateXMLSignatureResponse built so far.
- *
+ * must be called at least once to produce a
+ * CreateCMSSignatureResponse.
+ *
+ *
+ *
+ * The getResponseElement() method then returns the
+ * CreateXMLSignatureResponse built so far.
+ *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class CreateCMSSignatureResponseBuilder {
/** The SPSSFactory for creating API objects. */
- private SPSSFactory factory = SPSSFactory.getInstance();
+ private final SPSSFactory factory = SPSSFactory.getInstance();
/** The elements to add to the response. */
- private List responseElements = new ArrayList();
+ private final List responseElements = new ArrayList();
/**
* Get the CreateCMSSignatureResponse built so far.
- *
+ *
* @return The CreateCMSSignatureResponse built so far.
*/
public CreateCMSSignatureResponse getResponse() {
@@ -65,28 +68,29 @@ public class CreateCMSSignatureResponseBuilder {
/**
* Add a SignatureEnvironment element to the response.
- *
+ *
* @param signatureEnvironment The content to put under the
- * SignatureEnvironment element. This should either be a
- * dsig:Signature element (in case of a detached signature) or
- * the signature environment containing the signature (in case of
- * an enveloping signature).
+ * SignatureEnvironment element. This
+ * should either be a dsig:Signature
+ * element (in case of a detached signature) or the
+ * signature environment containing the signature
+ * (in case of an enveloping signature).
*/
public void addCMSSignature(String base64value) {
- CMSSignatureResponse responseElement =
- factory.createCMSSignatureResponse(base64value);
+ final CMSSignatureResponse responseElement =
+ factory.createCMSSignatureResponse(base64value);
responseElements.add(responseElement);
}
/**
* Add a ErrorResponse element to the response.
- *
+ *
* @param errorCode The error code.
- * @param info Additional information about the error.
+ * @param info Additional information about the error.
*/
public void addError(String errorCode, String info) {
- ErrorResponse errorResponse =
- factory.createErrorResponse(Integer.parseInt(errorCode), info);
+ final ErrorResponse errorResponse =
+ factory.createErrorResponse(Integer.parseInt(errorCode), info);
responseElements.add(errorResponse);
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateXMLSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateXMLSignatureResponseBuilder.java
index 7a7161d..0a7e70d 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateXMLSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CreateXMLSignatureResponseBuilder.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
import java.util.ArrayList;
@@ -36,29 +35,33 @@ import at.gv.egovernment.moa.spss.api.xmlsign.SignatureEnvironmentResponse;
/**
* A class to build a CreateXMLSignatureResponse.
- *
- * The methods addSignature() and addError() may be
+ *
+ *
+ * The methods addSignature() and addError() may be
* called in any combination to add SignatureEnvironment and
* ErrorResponse elements to the response. One of these functions
- * must be called at least once to produce a
- * CreateXMLSignatureResponse.
- *
- * The getResponseElement() method then returns the
- * CreateXMLSignatureResponse built so far.
- *
+ * must be called at least once to produce a
+ * CreateXMLSignatureResponse.
+ *
+ *
+ *
+ * The getResponseElement() method then returns the
+ * CreateXMLSignatureResponse built so far.
+ *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class CreateXMLSignatureResponseBuilder {
/** The SPSSFactory for creating API objects. */
- private SPSSFactory factory = SPSSFactory.getInstance();
+ private final SPSSFactory factory = SPSSFactory.getInstance();
/** The elements to add to the response. */
- private List responseElements = new ArrayList();
+ private final List responseElements = new ArrayList();
/**
* Get the CreateXMLSignatureResponse built so far.
- *
+ *
* @return The CreateXMLSignatureResponse built so far.
*/
public CreateXMLSignatureResponse getResponse() {
@@ -67,28 +70,29 @@ public class CreateXMLSignatureResponseBuilder {
/**
* Add a SignatureEnvironment element to the response.
- *
+ *
* @param signatureEnvironment The content to put under the
- * SignatureEnvironment element. This should either be a
- * dsig:Signature element (in case of a detached signature) or
- * the signature environment containing the signature (in case of
- * an enveloping signature).
+ * SignatureEnvironment element. This
+ * should either be a dsig:Signature
+ * element (in case of a detached signature) or the
+ * signature environment containing the signature
+ * (in case of an enveloping signature).
*/
public void addSignatureEnvironment(Element signatureEnvironment) {
- SignatureEnvironmentResponse responseElement =
- factory.createSignatureEnvironmentResponse(signatureEnvironment);
+ final SignatureEnvironmentResponse responseElement =
+ factory.createSignatureEnvironmentResponse(signatureEnvironment);
responseElements.add(responseElement);
}
/**
* Add a ErrorResponse element to the response.
- *
+ *
* @param errorCode The error code.
- * @param info Additional information about the error.
+ * @param info Additional information about the error.
*/
public void addError(String errorCode, String info) {
- ErrorResponse errorResponse =
- factory.createErrorResponse(Integer.parseInt(errorCode), info);
+ final ErrorResponse errorResponse =
+ factory.createErrorResponse(Integer.parseInt(errorCode), info);
responseElements.add(errorResponse);
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java
index 0740a73..b8d4df5 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java
@@ -21,10 +21,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
-
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
@@ -84,8 +82,8 @@ import iaik.server.modules.xml.XMLDataObject;
import iaik.xml.crypto.utils.URIDereferencerImpl;
/**
- * A class to create DataObjects contained in different
- * locations of the MOA XML request format.
+ * A class to create DataObjects contained in different locations
+ * of the MOA XML request format.
*
* @author Patrick Peck
* @author Gregor Karlinger
@@ -94,15 +92,15 @@ import iaik.xml.crypto.utils.URIDereferencerImpl;
public class DataObjectFactory {
/**
- * XPATH for registering ID attributes of known schemas if
- * validating parsing fails.
+ * XPATH for registering ID attributes of known schemas if validating parsing
+ * fails.
*/
private static final String XPATH =
- "descendant-or-self::node()[" +
- "namespace-uri()='http://www.w3.org/2000/09/xmldsig#' " +
- "or namespace-uri()='http://reference.e-government.gv.at/namespace/persondata/20020228#' " +
- "or starts-with(namespace-uri(), 'http://uri.etsi.org/01903/')" +
- "]/attribute::Id";
+ "descendant-or-self::node()[" +
+ "namespace-uri()='http://www.w3.org/2000/09/xmldsig#' " +
+ "or namespace-uri()='http://reference.e-government.gv.at/namespace/persondata/20020228#' " +
+ "or starts-with(namespace-uri(), 'http://uri.etsi.org/01903/')" +
+ "]/attribute::Id";
/** The single instance of this class. */
private static DataObjectFactory instance = null;
@@ -128,26 +126,27 @@ public class DataObjectFactory {
}
/**
- * Return the signature environment, i.e., the root element of the
- * document, into which the signature will be inserted (if created) or which
- * contains the signature (if verified).
+ * Return the signature environment, i.e., the root element of the document,
+ * into which the signature will be inserted (if created) or which contains the
+ * signature (if verified).
*
- * @param content The Content object containing the signature
- * environment.
+ * @param content The Content object containing the signature
+ * environment.
* @param supplements Additional schema or DTD information.
- * @return The signature environment or null, if no
- * signature environment exists.
- * @throws MOASystemException A system error occurred building the signature
- * environment (see message for details).
+ * @return The signature environment or null, if no signature
+ * environment exists.
+ * @throws MOASystemException A system error occurred building the
+ * signature environment (see message for
+ * details).
* @throws MOAApplicationException An error occurred building the signature
- * environment (see message for details).
+ * environment (see message for details).
*/
public XMLDataObject createSignatureEnvironment(
- Content content,
- List supplements)
- throws MOASystemException, MOAApplicationException {
+ Content content,
+ List supplements)
+ throws MOASystemException, MOAApplicationException {
- String reference = content.getReference();
+ final String reference = content.getReference();
EntityResolver entityResolver;
byte[] contentBytes;
@@ -155,10 +154,10 @@ public class DataObjectFactory {
checkAllowContentAndReference(content, false);
// build the EntityResolver for validating parsing
- if ((supplements == null) || supplements.isEmpty()) {
+ if (supplements == null || supplements.isEmpty()) {
entityResolver = new MOASPSSEntityResolver();
} else {
- EntityResolverChain chain = new EntityResolverChain();
+ final EntityResolverChain chain = new EntityResolverChain();
chain.addEntityResolver(buildSupplementEntityResolver(supplements));
chain.addEntityResolver(new MOASPSSEntityResolver());
@@ -168,83 +167,70 @@ public class DataObjectFactory {
// convert the content into a byte array
try {
switch (content.getContentType()) {
- case Content.BINARY_CONTENT :
- {
- InputStream is = ((ContentBinary) content).getBinaryContent();
- contentBytes = StreamUtils.readStream(is);
- break;
- }
- case Content.LOCREF_CONTENT:
- {
- String locRefURI = ((ContentLocRef) content).getLocationReferenceURI();
- InputStream is = null;
- try
- {
- TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
- is = context.ResolveURI(locRefURI);
- if (is == null) {
- ExternalURIResolver uriResolver = new ExternalURIResolver();
- is = uriResolver.resolve(locRefURI);
- }
- contentBytes = StreamUtils.readStream(is);
- }
- catch (MOAApplicationException e)
- {
- throw new MOAApplicationException("3203", new Object[]{reference, locRefURI}, e);
- }
- finally
- {
- closeInputStream(is);
+ case Content.BINARY_CONTENT: {
+ final InputStream is = ((ContentBinary) content).getBinaryContent();
+ contentBytes = StreamUtils.readStream(is);
+ break;
+ }
+ case Content.LOCREF_CONTENT: {
+ final String locRefURI = ((ContentLocRef) content).getLocationReferenceURI();
+ InputStream is = null;
+ try {
+ final TransactionContext context = TransactionContextManager.getInstance()
+ .getTransactionContext();
+ is = context.ResolveURI(locRefURI);
+ if (is == null) {
+ final ExternalURIResolver uriResolver = new ExternalURIResolver();
+ is = uriResolver.resolve(locRefURI);
}
- break;
+ contentBytes = StreamUtils.readStream(is);
+ } catch (final MOAApplicationException e) {
+ throw new MOAApplicationException("3203", new Object[] { reference, locRefURI }, e);
+ } finally {
+ closeInputStream(is);
}
- case Content.REFERENCE_CONTENT :
- {
- ExternalURIResolver uriResolver = new ExternalURIResolver();
- InputStream is = null;
- try
- {
- is = uriResolver.resolve(reference);
- contentBytes = StreamUtils.readStream(is);
- }
- catch (Exception e)
- {
- throw e;
- }
- finally
- {
- closeInputStream(is);
- }
- break;
+ break;
+ }
+ case Content.REFERENCE_CONTENT: {
+ final ExternalURIResolver uriResolver = new ExternalURIResolver();
+ InputStream is = null;
+ try {
+ is = uriResolver.resolve(reference);
+ contentBytes = StreamUtils.readStream(is);
+ } catch (final Exception e) {
+ throw e;
+ } finally {
+ closeInputStream(is);
}
- case Content.XML_CONTENT :
- {
- Element element =
+ break;
+ }
+ case Content.XML_CONTENT: {
+ final Element element =
checkForSingleElement(((ContentXML) content).getXMLContent());
- contentBytes = DOMUtils.serializeNode(element, "UTF-8");
+ contentBytes = DOMUtils.serializeNode(element, "UTF-8");
- break;
- }
- default : {
+ break;
+ }
+ default: {
contentBytes = null; // this will not happen
}
}
- } catch (MOAApplicationException e) {
+ } catch (final MOAApplicationException e) {
throw e;
- } catch (Exception e) {
+ } catch (final Exception e) {
throw new MOAApplicationException("2219", null);
}
if (Logger.isTraceEnabled()) {
// For logging in Debug-Mode: Mask baseid with xxx
- String logString = new String(contentBytes);
+ final String logString = new String(contentBytes);
// TODO use RegExp
- String startS = "";
- String endS = " urn:publicid:gv.at:baseid ";
+ final String startS = "";
+ final String endS = " urn:publicid:gv.at:baseid ";
String logWithMaskedBaseid = logString;
- int start = logString.indexOf(startS);
+ final int start = logString.indexOf(startS);
if (start > -1) {
- int end = logString.indexOf(endS);
+ final int end = logString.indexOf(endS);
if (end > -1) {
logWithMaskedBaseid = logString.substring(0, start);
logWithMaskedBaseid += startS;
@@ -257,37 +243,37 @@ public class DataObjectFactory {
Logger.trace(">>> parsing the following content: \n" + logWithMaskedBaseid);
}
try {
- ByteArrayInputStream is = new ByteArrayInputStream(contentBytes);
- Document doc =
- DOMUtils.parseDocument(
- is,
- true,
- Constants.ALL_SCHEMA_LOCATIONS,
- null,
- entityResolver,
- new MOAErrorHandler());
+ final ByteArrayInputStream is = new ByteArrayInputStream(contentBytes);
+ final Document doc =
+ DOMUtils.parseDocument(
+ is,
+ true,
+ Constants.ALL_SCHEMA_LOCATIONS,
+ null,
+ entityResolver,
+ new MOAErrorHandler());
Logger.trace("<<< parsed");
return new XMLDataObjectImpl(doc.getDocumentElement());
- } catch (Exception e) {
+ } catch (final Exception e) {
// never mind, we'll try non-validating
- MessageProvider msg = MessageProvider.getInstance();
+ final MessageProvider msg = MessageProvider.getInstance();
Logger.info(new LogMsg(msg.getMessage("invoker.00", null)));
Logger.info(new LogMsg(e.getMessage()));
}
// try to parse non-validating
try {
- ByteArrayInputStream is = new ByteArrayInputStream(contentBytes);
- Document doc = DOMUtils.parseDocument(is, false, null, null);
+ final ByteArrayInputStream is = new ByteArrayInputStream(contentBytes);
+ final Document doc = DOMUtils.parseDocument(is, false, null, null);
// Since the parse tree will not contain any post schema validation information,
// we need to register any attributes known to be of type xsd:Id manually.
- NodeList idAttributes = XPathUtils.selectNodeList(doc.getDocumentElement(), XPATH);
+ final NodeList idAttributes = XPathUtils.selectNodeList(doc.getDocumentElement(), XPATH);
for (int i = 0; i < idAttributes.getLength(); i++) {
- Node item = idAttributes.item(i);
+ final Node item = idAttributes.item(i);
if (item instanceof Attr) {
- Attr attr = (Attr) item;
- Element owner = attr.getOwnerElement();
+ final Attr attr = (Attr) item;
+ final Element owner = attr.getOwnerElement();
// Only available in DOM-Level 3 (Java 1.5):
// owner.setIdAttributeNode(attr, true);
if (doc instanceof CoreDocumentImpl) {
@@ -296,7 +282,7 @@ public class DataObjectFactory {
}
}
return new XMLDataObjectImpl(doc.getDocumentElement());
- } catch (Exception e) {
+ } catch (final Exception e) {
throw new MOAApplicationException("2218", null);
}
}
@@ -305,68 +291,69 @@ public class DataObjectFactory {
* Create an XMLDataObject from the given signature environment.
*
* @param signatureEnvironment The signature environment contained in the
- * result.
- * @param uri The URI identifying the data. This must be either the empty
- * URI, an URI starting with "#xpointer", "#xmlns"
- * or "#element"; or an URI starting with "#" and
- * followed by an element ID.
- * @param referenceID The reference ID to set for the data object.
+ * result.
+ * @param uri The URI identifying the data. This must be either
+ * the empty URI, an URI starting with
+ * "#xpointer", "#xmlns"
+ * or "#element"; or an URI starting
+ * with "#" and followed by an element
+ * ID.
+ * @param referenceID The reference ID to set for the data object.
* @return A data object containing the signature environment.
*/
public DataObject createFromSignatureEnvironment(
- Element signatureEnvironment,
- String uri,
- String referenceID)
- throws MOAApplicationException {
+ Element signatureEnvironment,
+ String uri,
+ String referenceID)
+ throws MOAApplicationException {
DataObjectImpl dataObject = null;
if ("".equals(uri)) {
dataObject = new XMLDataObjectImpl(signatureEnvironment);
- } else if (
- uri.startsWith("#xpointer")
+ } else if (uri.startsWith("#xpointer")
|| uri.startsWith("#xmlns")
|| uri.startsWith("#element")) {
try {
- // CHANGE IXSIL to XSECT
- // maybe use URIDereferencerImpl or XPath ...??
- //XPointerReferenceResolver resolver = new XPointerReferenceResolver();
- URIDereferencerImpl uriDereferencer = new URIDereferencerImpl();
- URIReference uriReference = new URIReferenceImpl(uri, null, signatureEnvironment);
- Data returnedData = uriDereferencer.dereference(uriReference, null);
-
- if(returnedData instanceof NodeSetData) {
- NodeSetData nodeSetData = (NodeSetData)returnedData;
- Iterator nodesIterator = nodeSetData.iterator();
- List nodeList = new ArrayList();
-
- while(nodesIterator.hasNext()) {
- nodeList.add(nodesIterator.next());
- }
-
- NodeList nodes = new NodeListImplementation(nodeList);
- dataObject = new XMLNodeListDataObjectImpl(nodes);
- } else if(returnedData instanceof OctetStreamData) {
- OctetStreamData streamData = (OctetStreamData)returnedData;
- dataObject = new ByteStreamDataObjectImpl(streamData.getOctetStream());
+ // CHANGE IXSIL to XSECT
+ // maybe use URIDereferencerImpl or XPath ...??
+ // XPointerReferenceResolver resolver = new XPointerReferenceResolver();
+ final URIDereferencerImpl uriDereferencer = new URIDereferencerImpl();
+ final URIReference uriReference = new URIReferenceImpl(uri, null, signatureEnvironment);
+ final Data returnedData = uriDereferencer.dereference(uriReference, null);
+
+ if (returnedData instanceof NodeSetData) {
+ final NodeSetData nodeSetData = (NodeSetData) returnedData;
+ final Iterator nodesIterator = nodeSetData.iterator();
+ final List nodeList = new ArrayList();
+
+ while (nodesIterator.hasNext()) {
+ nodeList.add(nodesIterator.next());
+ }
+
+ final NodeList nodes = new NodeListImplementation(nodeList);
+ dataObject = new XMLNodeListDataObjectImpl(nodes);
+ } else if (returnedData instanceof OctetStreamData) {
+ final OctetStreamData streamData = (OctetStreamData) returnedData;
+ dataObject = new ByteStreamDataObjectImpl(streamData.getOctetStream());
} else {
- throw new MOAApplicationException("2237", new Object[] { uri });
+ throw new MOAApplicationException("2237", new Object[] { uri });
}
-
- //URI uriObj = new URI(uri);
- //NodeList nodes =
- // resolver.resolveForest(
- // uriObj,
- // signatureEnvironment.getOwnerDocument(),
- // null);
-
- } catch (Exception e) {
+
+ // URI uriObj = new URI(uri);
+ // NodeList nodes =
+ // resolver.resolveForest(
+ // uriObj,
+ // signatureEnvironment.getOwnerDocument(),
+ // null);
+
+ } catch (final Exception e) {
throw new MOAApplicationException("2237", new Object[] { uri });
}
} else if (uri.startsWith("#")) {
- String id = uri.substring(1);
- Element refElem =
- signatureEnvironment.getOwnerDocument().getElementById(id);
+ final String id = uri.substring(1);
+ final Element refElem =
+ signatureEnvironment.getOwnerDocument().getElementById(id);
if (refElem == null) {
throw new MOAApplicationException("2237", new Object[] { id });
@@ -385,87 +372,75 @@ public class DataObjectFactory {
* supplements.
*
* @param supplements The supplements, given as
- * XMLDataObjectAssociations.
- * @return A StreamEntityResolver mapping the supplements by
- * their reference URI to an InputStream of their respective
- * content.
+ * XMLDataObjectAssociations.
+ * @return A StreamEntityResolver mapping the supplements by their
+ * reference URI to an InputStream of their respective
+ * content.
*/
private static StreamEntityResolver buildSupplementEntityResolver(List supplements)
- throws MOAApplicationException
- {
- Map entities = new HashMap();
+ throws MOAApplicationException {
+ final Map entities = new HashMap();
Iterator iter;
for (iter = supplements.iterator(); iter.hasNext();) {
- XMLDataObjectAssociation supplement =
- (XMLDataObjectAssociation) iter.next();
- Content content = supplement.getContent();
- String reference = content.getReference();
+ final XMLDataObjectAssociation supplement =
+ (XMLDataObjectAssociation) iter.next();
+ final Content content = supplement.getContent();
+ final String reference = content.getReference();
switch (content.getContentType()) {
- case Content.BINARY_CONTENT :
- {
- entities.put(reference, ((ContentBinary) content).getBinaryContent());
- break;
+ case Content.BINARY_CONTENT: {
+ entities.put(reference, ((ContentBinary) content).getBinaryContent());
+ break;
+ }
+ case Content.LOCREF_CONTENT: {
+ final String locRefURI = ((ContentLocRef) content).getLocationReferenceURI();
+
+ final TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ if (context.FindResolvedEntity(locRefURI) == null) {
+
+ final ExternalURIResolver uriResolver = new ExternalURIResolver();
+ InputStream uriStream = null;
+ byte[] contentBytes;
+ String contentType = null;
+ try {
+ uriStream = uriResolver.resolve(locRefURI);
+ contentBytes = StreamUtils.readStream(uriStream);
+ contentType = uriResolver.getContentType();
+ } catch (final Exception e) {
+ throw new MOAApplicationException("3202", new Object[] { reference, locRefURI }, e);
+ } finally {
+ closeInputStream(uriStream);
+ }
+ context.PutResolvedEntity(locRefURI, contentBytes, contentType);
}
- case Content.LOCREF_CONTENT:
- {
- String locRefURI = ((ContentLocRef) content).getLocationReferenceURI();
-
- TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
- if (context.FindResolvedEntity(locRefURI)==null) {
-
- ExternalURIResolver uriResolver = new ExternalURIResolver();
- InputStream uriStream = null;
- byte[] contentBytes;
- String contentType = null;
- try
- {
- uriStream = uriResolver.resolve(locRefURI);
- contentBytes = StreamUtils.readStream(uriStream);
- contentType = uriResolver.getContentType();
- }
- catch (Exception e)
- {
- throw new MOAApplicationException("3202", new Object[]{reference, locRefURI}, e);
- }
- finally
- {
- closeInputStream(uriStream);
- }
- context.PutResolvedEntity(locRefURI, contentBytes, contentType);
- }
- InputStream contentIS = context.ResolveURI(locRefURI);
- entities.put(reference, contentIS);
- break;
+ final InputStream contentIS = context.ResolveURI(locRefURI);
+ entities.put(reference, contentIS);
+ break;
+ }
+ case Content.XML_CONTENT: {
+ // serialize the first element node that is found in the supplement
+ // and make it available as a stream
+ final NodeList nodes = ((ContentXML) content).getXMLContent();
+ int i = 0;
+
+ // find the first element node
+ while (i < nodes.getLength()
+ && nodes.item(i).getNodeType() != Node.ELEMENT_NODE) {
+ i++;
}
- case Content.XML_CONTENT :
- {
- // serialize the first element node that is found in the supplement
- // and make it available as a stream
- NodeList nodes = ((ContentXML) content).getXMLContent();
- int i = 0;
-
- // find the first element node
- while ((i < nodes.getLength())
- && (nodes.item(i).getNodeType() != Node.ELEMENT_NODE)) {
- i++;
- }
- // serialize the node
- if (i < nodes.getLength()) {
- try
- {
- byte[] serialized = DOMUtils.serializeNode(nodes.item(i), "UTF-8");
- entities.put(reference, new ByteArrayInputStream(serialized));
- }
- catch (Exception e)
- {
- throw new MOAApplicationException("2281", new Object[]{reference}, e);
- }
+ // serialize the node
+ if (i < nodes.getLength()) {
+ try {
+ final byte[] serialized = DOMUtils.serializeNode(nodes.item(i), "UTF-8");
+ entities.put(reference, new ByteArrayInputStream(serialized));
+ } catch (final Exception e) {
+ throw new MOAApplicationException("2281", new Object[] { reference }, e);
}
- break;
}
+ break;
+ }
}
}
@@ -475,82 +450,87 @@ public class DataObjectFactory {
/**
* Create a DataObject from a Content object.
*
- * @param content The Content object containing the data.
- * @param finalDataMetaInfo The meta information corresponding with content.
- * @param referenceID The reference ID to set in the resulting
- * DataObject. May be null.
+ * @param content The Content object containing
+ * the data.
+ * @param finalDataMetaInfo The meta information corresponding with
+ * content.
+ * @param referenceID The reference ID to set in the resulting
+ * DataObject. May be
+ * null.
* @param allowContentAndReference If true, then
- * content is allowed to contain both a Reference
- * attribute and content. Otherwise, either a Reference
- * attribute or content must be set.
- * @param binaryAsXml If true, a content child given as
- * Base64Content must contain XML data.
- * @param xmlAsNodeList If true, the children of a
- * XMLContent child element are returned as a
- * XMLNodeListDataObject. Otherwise, XMLContent may
- * only contain a single child node, which must be an element and which is
- * returned as an XMLDataObject.
- * @param referenceAsXml If true, then content loaded from the
- * URI given as the Reference attribute must be XML data.
- * If false, an attempt is made to parse the data as XML and
- * return an XMLDataObject but if this fails, a
- * BinaryDataObject is returned containing a byte stream to the
- * data.
+ * content is allowed to contain
+ * both a Reference attribute and
+ * content. Otherwise, either a
+ * Reference attribute or content
+ * must be set.
+ * @param binaryAsXml If true, a content child given
+ * as Base64Content must contain
+ * XML data.
+ * @param xmlAsNodeList If true, the children of a
+ * XMLContent child element are
+ * returned as a
+ * XMLNodeListDataObject.
+ * Otherwise, XMLContent may only
+ * contain a single child node, which must be an
+ * element and which is returned as an
+ * XMLDataObject.
+ * @param referenceAsXml If true, then content loaded
+ * from the URI given as the
+ * Reference attribute must be XML
+ * data. If false, an attempt is
+ * made to parse the data as XML and return an
+ * XMLDataObject but if this fails,
+ * a BinaryDataObject is returned
+ * containing a byte stream to the data.
* @return A DataObject representing the data in
- * content. If base64AsXml==true and
- * xmlAsNodeList==false and referenceAsXml==true,
- * then the result can safely be cast to an XMLDataObject.
- * @throws MOASystemException An error indicating an internal problem. See the
- * wrapped exception for details.
+ * content. If base64AsXml==true and
+ * xmlAsNodeList==false and
+ * referenceAsXml==true, then the result can safely be cast
+ * to an XMLDataObject.
+ * @throws MOASystemException An error indicating an internal problem. See
+ * the wrapped exception for details.
* @throws MOAApplicationException An error occurred handling the content
- * (probably while opening a reference or parsing the data). See the wrapped
- * exception for details.
+ * (probably while opening a reference or
+ * parsing the data). See the wrapped exception
+ * for details.
*/
public DataObject createFromContentOptionalRefType(
- Content content,
- MetaInfo finalDataMetaInfo,
- String referenceID,
- boolean allowContentAndReference,
- boolean binaryAsXml,
- boolean xmlAsNodeList,
- boolean referenceAsXml)
- throws MOASystemException, MOAApplicationException {
-
- String reference = content.getReference();
+ Content content,
+ MetaInfo finalDataMetaInfo,
+ String referenceID,
+ boolean allowContentAndReference,
+ boolean binaryAsXml,
+ boolean xmlAsNodeList,
+ boolean referenceAsXml)
+ throws MOASystemException, MOAApplicationException {
+
+ final String reference = content.getReference();
DataObjectImpl dataObject = null;
checkAllowContentAndReference(content, allowContentAndReference);
// ok, build the data object; use content first, if available
- switch (content.getContentType())
- {
- case Content.XML_CONTENT :
- {
- ContentXML contentXml = (ContentXML) content;
+ switch (content.getContentType()) {
+ case Content.XML_CONTENT: {
+ final ContentXML contentXml = (ContentXML) content;
dataObject = createFromXmlContent(contentXml, xmlAsNodeList);
break;
}
- case Content.BINARY_CONTENT :
- {
- ContentBinary contentBinary = (ContentBinary) content;
+ case Content.BINARY_CONTENT: {
+ final ContentBinary contentBinary = (ContentBinary) content;
dataObject = createFromBinaryContent(contentBinary, binaryAsXml, false);
break;
}
- case Content.LOCREF_CONTENT :
- {
- String locRefURI = ((ContentLocRef) content).getLocationReferenceURI();
- try
- {
+ case Content.LOCREF_CONTENT: {
+ final String locRefURI = ((ContentLocRef) content).getLocationReferenceURI();
+ try {
dataObject = createFromURIImpl(locRefURI, referenceAsXml);
- }
- catch (MOAApplicationException e)
- {
- throw new MOAApplicationException("3201", new Object[]{reference, locRefURI}, e);
+ } catch (final MOAApplicationException e) {
+ throw new MOAApplicationException("3201", new Object[] { reference, locRefURI }, e);
}
break;
}
- case Content.REFERENCE_CONTENT :
- {
+ case Content.REFERENCE_CONTENT: {
dataObject = createFromURIImpl(reference, referenceAsXml);
break;
}
@@ -567,97 +547,91 @@ public class DataObjectFactory {
}
/**
- * Check, if content and reference URIs are allowed in the content an throw
- * an exception if an illegal combination of the two occurs.
+ * Check, if content and reference URIs are allowed in the content an throw an
+ * exception if an illegal combination of the two occurs.
*
- * @param content The Content to check.
- * @param allowContentAndReference Whether explicit content and a reference
- * are allowed at the same time.
- * @throws MOAApplicationException If allowContentAndRefernece
- * is false and both explicit content and reference are set,
- * an exception is thrown.
+ * @param content The Content to check.
+ * @param allowContentAndReference Whether explicit content and a reference are
+ * allowed at the same time.
+ * @throws MOAApplicationException If allowContentAndRefernece is
+ * false and both explicit content
+ * and reference are set, an exception is
+ * thrown.
*/
private static void checkAllowContentAndReference(
- Content content,
- boolean allowContentAndReference)
- throws MOAApplicationException {
- String reference = content.getReference();
+ Content content,
+ boolean allowContentAndReference)
+ throws MOAApplicationException {
+ final String reference = content.getReference();
// check for content and reference not being set
- if ((content.getContentType() == Content.REFERENCE_CONTENT)
- && (reference == null)) {
- String errorCode = allowContentAndReference ? "1111" : "1110";
+ if (content.getContentType() == Content.REFERENCE_CONTENT
+ && reference == null) {
+ final String errorCode = allowContentAndReference ? "1111" : "1110";
throw new MOAApplicationException(errorCode, null);
}
// if we only allow either content or reference being set at once, check
if (!allowContentAndReference
- && (content.getContentType() != Content.REFERENCE_CONTENT)
- && (reference != null)) {
+ && content.getContentType() != Content.REFERENCE_CONTENT
+ && reference != null) {
throw new MOAApplicationException("1110", null);
}
}
/**
- * Create a DataObject from a
- * XMLDataObjectAssociation object.
+ * Create a DataObject from a XMLDataObjectAssociation
+ * object.
*
- * @param xmlDataObjAssoc The XMLDataObjectAssociation object.
- * @param xmlContentAllowed Whether the content contained in the
- * xmlDataObjAssoc is allowed to be of type
- * XML_CONTENT.
+ * @param xmlDataObjAssoc The XMLDataObjectAssociation
+ * object.
+ * @param xmlContentAllowed Whether the content contained in the
+ * xmlDataObjAssoc is allowed to be
+ * of type XML_CONTENT.
* @param binaryContentRepeatable If binary content must be provided as a
- * DataObject that can be read multiple times.
+ * DataObject that can be read
+ * multiple times.
* @return A DataObject representing the data in
- * xmlDataObjAssoc.
- * @throws MOASystemException An error indicating an internal problem. See the
- * wrapped exception for details.
+ * xmlDataObjAssoc.
+ * @throws MOASystemException An error indicating an internal problem. See
+ * the wrapped exception for details.
* @throws MOAApplicationException An error occurred handling the content
- * (probably while parsing the data). See the wrapped exception for details.
+ * (probably while parsing the data). See the
+ * wrapped exception for details.
*/
public DataObject createFromXmlDataObjectAssociation(
- XMLDataObjectAssociation xmlDataObjAssoc,
- boolean xmlContentAllowed,
- boolean binaryContentRepeatable)
- throws MOASystemException, MOAApplicationException {
-
- Content content = xmlDataObjAssoc.getContent();
- MetaInfo metaInfo = xmlDataObjAssoc.getMetaInfo();
- String mimeType = metaInfo != null ? metaInfo.getMimeType() : null;
+ XMLDataObjectAssociation xmlDataObjAssoc,
+ boolean xmlContentAllowed,
+ boolean binaryContentRepeatable)
+ throws MOASystemException, MOAApplicationException {
+
+ final Content content = xmlDataObjAssoc.getContent();
+ final MetaInfo metaInfo = xmlDataObjAssoc.getMetaInfo();
+ final String mimeType = metaInfo != null ? metaInfo.getMimeType() : null;
DataObjectImpl dataObject = null;
- switch (content.getContentType())
- {
- case Content.XML_CONTENT :
- {
- if (xmlContentAllowed)
- {
+ switch (content.getContentType()) {
+ case Content.XML_CONTENT: {
+ if (xmlContentAllowed) {
dataObject = createFromXmlContent((ContentXML) content, true);
- }
- else
- {
+ } else {
throw new MOAApplicationException("2280", null);
}
break;
}
- case Content.BINARY_CONTENT :
- {
+ case Content.BINARY_CONTENT: {
dataObject = createFromBinaryContent(
- (ContentBinary) content,
- false,
- binaryContentRepeatable);
+ (ContentBinary) content,
+ false,
+ binaryContentRepeatable);
break;
}
- case Content.LOCREF_CONTENT :
- {
- String locRefURI = ((ContentLocRef) content).getLocationReferenceURI();
- try
- {
+ case Content.LOCREF_CONTENT: {
+ final String locRefURI = ((ContentLocRef) content).getLocationReferenceURI();
+ try {
dataObject = createFromURIImpl(locRefURI, false);
- }
- catch (MOAApplicationException e)
- {
- throw new MOAApplicationException("3201", new Object[]{content.getReference(), locRefURI}, e);
+ } catch (final MOAApplicationException e) {
+ throw new MOAApplicationException("3201", new Object[] { content.getReference(), locRefURI }, e);
}
break;
}
@@ -673,53 +647,49 @@ public class DataObjectFactory {
* object.
*
* @param transformParameter The TransformParameter object
- * containing the data.
- * @return A DataObject representing the data in
- * root.
- * @throws MOASystemException An error indicating an internal problem. See the
- * wrapped exception for details.
+ * containing the data.
+ * @return A DataObject representing the data in root.
+ * @throws MOASystemException An error indicating an internal problem. See
+ * the wrapped exception for details.
* @throws MOAApplicationException An error occurred handling the content
- * (probably while opening a reference or parsing the data). See the wrapped
- * exception for details.
+ * (probably while opening a reference or
+ * parsing the data). See the wrapped exception
+ * for details.
*/
public DataObject createFromTransformParameter(TransformParameter transformParameter)
- throws MOASystemException, MOAApplicationException {
+ throws MOASystemException, MOAApplicationException {
DataObjectImpl dataObject;
switch (transformParameter.getTransformParameterType()) {
- case TransformParameter.BINARY_TRANSFORMPARAMETER :
- TransformParameterBinary tpBinary =
- (TransformParameterBinary) transformParameter;
+ case TransformParameter.BINARY_TRANSFORMPARAMETER:
+ final TransformParameterBinary tpBinary =
+ (TransformParameterBinary) transformParameter;
try {
- //dataObject = new ByteArrayDataObjectImpl(Base64Utils.encode(tpBinary.getBinaryContent()));
+ // dataObject = new
+ // ByteArrayDataObjectImpl(Base64Utils.encode(tpBinary.getBinaryContent()));
dataObject =
- new ByteArrayDataObjectImpl(
- StreamUtils.readStream(tpBinary.getBinaryContent()));
- } catch (Exception e) {
+ new ByteArrayDataObjectImpl(
+ StreamUtils.readStream(tpBinary.getBinaryContent()));
+ } catch (final Exception e) {
return null;
}
- //dataObject = new ByteStreamDataObjectImpl(tpBinary.getBinaryContent());
+ // dataObject = new ByteStreamDataObjectImpl(tpBinary.getBinaryContent());
break;
- default :
+ default:
// resolve uri and build the content
- ExternalURIResolver resolver = new ExternalURIResolver();
- InputStream is = resolver.resolve(transformParameter.getURI());
+ final ExternalURIResolver resolver = new ExternalURIResolver();
+ final InputStream is = resolver.resolve(transformParameter.getURI());
ByteArrayInputStream bis;
- try
- {
+ try {
bis = new ByteArrayInputStream(StreamUtils.readStream(is));
- }
- catch (IOException e)
- {
- throw new MOAApplicationException("2238", new Object[] {transformParameter.getURI()}, e);
- }
- finally
- {
+ } catch (final IOException e) {
+ throw new MOAApplicationException("2238", new Object[] { transformParameter.getURI() }, e);
+ } finally {
closeInputStream(is);
}
- String contentType = resolver.getContentType();
+ final String contentType = resolver.getContentType();
dataObject = new ByteStreamDataObjectImpl(bis);
dataObject.setMimeType(contentType);
break;
@@ -733,62 +703,65 @@ public class DataObjectFactory {
/**
* Create a DataObject from data located at the given URI.
*
- * @param uri The URI where the data is located. This method uses
- * an ExternalURIResolver to resolve URIs.
+ * @param uri The URI where the data is located. This method uses
+ * an ExternalURIResolver to resolve URIs.
* @param asXml If true, a DataObject is only
- * returned, if the content consists of XML data. If it does not consist of
- * XML data, an MOAApplicationException will be thrown. If this
- * parameter is false and the content consists of XML data, this
- * method will still attempt to parse it.
+ * returned, if the content consists of XML data. If it does not
+ * consist of XML data, an MOAApplicationException
+ * will be thrown. If this parameter is false and the
+ * content consists of XML data, this method will still attempt to
+ * parse it.
* @return The DataObject contained at the URI.
- * @throws MOASystemException A system error parsing the XML content.
+ * @throws MOASystemException A system error parsing the XML content.
* @throws MOAApplicationException An error occurred on opening, reading or
- * parsing the data behind the URI.
+ * parsing the data behind the URI.
*/
public DataObject createFromURI(String uri, boolean asXml)
- throws MOASystemException, MOAApplicationException {
+ throws MOASystemException, MOAApplicationException {
return createFromURIImpl(uri, asXml);
}
/**
* Create a DataObject from data located at the given URI.
*
- * @param uri The URI where the data is located. This method uses
- * an ExternalURIResolver to resolve URIs.
+ * @param uri The URI where the data is located. This method uses
+ * an ExternalURIResolver to resolve URIs.
* @param asXml If true, a DataObject is only
- * returned, if the content consists of XML data. If it does not consist of
- * XML data, an MOAApplicationException will be thrown. If this
- * parameter is false and the content type is detected as being
- * XML data, this method will still attemt to parse it.
+ * returned, if the content consists of XML data. If it does not
+ * consist of XML data, an MOAApplicationException
+ * will be thrown. If this parameter is false and the
+ * content type is detected as being XML data, this method will
+ * still attemt to parse it.
* @return The DataObject contained at the URI.
- * @throws MOASystemException A system error parsing the XML content.
+ * @throws MOASystemException A system error parsing the XML content.
* @throws MOAApplicationException An error occurred on opening, reading or
- * parsing the data behind the URI.
+ * parsing the data behind the URI.
*/
private DataObjectImpl createFromURIImpl(String uri, boolean asXml)
- throws MOASystemException, MOAApplicationException {
+ throws MOASystemException, MOAApplicationException {
Logger.trace(">>> resolving uri \"" + uri + "\"");
- ExternalURIResolver resolver = new ExternalURIResolver();
+ final ExternalURIResolver resolver = new ExternalURIResolver();
- TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ final TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
InputStream is = context.ResolveURI(uri);
String contentType = null;
boolean foundURI = false;
if (is == null) {
- is = resolver.resolve(uri);
- contentType = resolver.getContentType();
+ is = resolver.resolve(uri);
+ contentType = resolver.getContentType();
} else {
- foundURI = true;
- contentType = (String) context.FindResolvedEntity(uri).get(1);
- Logger.trace("found \"" + uri + "\" InputStream in preread Supplements!, do not read any more. Content=" + contentType);
+ foundURI = true;
+ contentType = (String) context.FindResolvedEntity(uri).get(1);
+ Logger.trace("found \"" + uri + "\" InputStream in preread Supplements!, do not read any more. Content="
+ + contentType);
}
DataObjectImpl dataObject;
// read the content
- if ((contentType != null) && contentTypeIsXml(contentType)) {
+ if (contentType != null && contentTypeIsXml(contentType)) {
Document doc;
if (asXml) {
@@ -798,15 +771,13 @@ public class DataObjectFactory {
is = resolver.resolve(uri);
doc = DOMUtils.parseDocument(is, false, null, null);
dataObject = new XMLDataObjectImpl(doc.getDocumentElement());
- } catch (ParserConfigurationException e) {
+ } catch (final ParserConfigurationException e) {
throw new MOASystemException("1106", null, e);
- } catch (SAXException e) {
+ } catch (final SAXException e) {
throw new MOAApplicationException("2209", null, e);
- } catch (IOException e) {
+ } catch (final IOException e) {
throw new MOAApplicationException("2210", null, e);
- }
- finally
- {
+ } finally {
closeInputStream(is);
}
} else {
@@ -816,22 +787,17 @@ public class DataObjectFactory {
doc = DOMUtils.parseDocument(is, false, null, null);
closeInputStream(is);
dataObject = new XMLDataObjectImpl(doc.getDocumentElement());
- } catch (Exception e) {
+ } catch (final Exception e) {
// this is the last chance: return the data as a byte stream
Logger.trace(">>> reading stream for \"" + uri + "\"");
is = resolver.resolve(uri);
ByteArrayInputStream bis;
- try
- {
+ try {
bis = new ByteArrayInputStream(StreamUtils.readStream(is));
dataObject = new ByteStreamDataObjectImpl(bis);
- }
- catch (IOException e1)
- {
+ } catch (final IOException e1) {
throw new MOAApplicationException("2210", new Object[] { uri }, e1);
- }
- finally
- {
+ } finally {
closeInputStream(is);
}
Logger.trace(">>> read stream for \"" + uri + "\"");
@@ -839,34 +805,26 @@ public class DataObjectFactory {
}
}
- else if (asXml)
- {
+ else if (asXml) {
// if we need XML data, we're in the wrong place here
closeInputStream(is);
throw new MOAApplicationException("2211", new Object[] { uri });
- }
- else
- {
+ } else {
// content is binary: make it available as a binary input stream
Logger.trace(">>> getting binary input for \"" + uri + "\"");
byte[] contentBytes;
ByteArrayInputStream bis;
- try
- {
- contentBytes = StreamUtils.readStream(is);
- bis = new ByteArrayInputStream(contentBytes);
- }
- catch (IOException e)
- {
+ try {
+ contentBytes = StreamUtils.readStream(is);
+ bis = new ByteArrayInputStream(contentBytes);
+ } catch (final IOException e) {
throw new MOAApplicationException("2210", null, e);
- }
- finally
- {
+ } finally {
closeInputStream(is);
}
- if (!foundURI) {
- context.PutResolvedEntity(uri, contentBytes, contentType);
- }
+ if (!foundURI) {
+ context.PutResolvedEntity(uri, contentBytes, contentType);
+ }
dataObject = new ByteStreamDataObjectImpl(bis);
Logger.trace("<<< got binary input for \"" + uri + "\"");
}
@@ -884,16 +842,12 @@ public class DataObjectFactory {
*
* @param is The input stream to be closed.
*/
- private static void closeInputStream(InputStream is)
- {
- try
- {
+ private static void closeInputStream(InputStream is) {
+ try {
if (is != null) {
is.close();
}
- }
- catch (Throwable t)
- {
+ } catch (final Throwable t) {
// Intentionally do nothing here
}
}
@@ -905,42 +859,43 @@ public class DataObjectFactory {
* application/xml.
*
* @param contentType The content MIME type.
- * @return boolean If true, the content type is XML, otherwise
- * not.
+ * @return boolean If true, the content type is XML, otherwise not.
*/
private static boolean contentTypeIsXml(String contentType) {
return contentType.startsWith("text/xml")
- || (contentType.startsWith("application/xml"));
+ || contentType.startsWith("application/xml");
}
/**
* Create a DataObject from a ContentXML object.
*
- * @param xmlContent The ContentXML object from
- * which the DataObject is to be built.
+ * @param xmlContent The ContentXML object from which the
+ * DataObject is to be built.
* @param xmlAsNodeList If true, the children of
- * xmlContent are returned as a
- * XMLNodeListDataObject. Otherwise,
- * xmlContent may only contain a single child node, which must be
- * an element and which is returned as an XMLDataObject.
+ * xmlContent are returned as a
+ * XMLNodeListDataObject. Otherwise,
+ * xmlContent may only contain a single child
+ * node, which must be an element and which is returned as
+ * an XMLDataObject.
* @return A DataObject representing the XML content in
- * xmlContent.
+ * xmlContent.
* @throws MOAApplicationException If xmlAsNodeList is
- * false and xmlContent does not have a single child
- * element.
+ * false and
+ * xmlContent does not have a
+ * single child element.
*/
private DataObjectImpl createFromXmlContent(
- ContentXML xmlContent,
- boolean xmlAsNodeList)
- throws MOAApplicationException {
+ ContentXML xmlContent,
+ boolean xmlAsNodeList)
+ throws MOAApplicationException {
DataObjectImpl dataObject;
if (xmlAsNodeList) {
dataObject = new XMLNodeListDataObjectImpl(xmlContent.getXMLContent());
} else {
- NodeList nodes = xmlContent.getXMLContent();
- Element element = checkForSingleElement(nodes);
+ final NodeList nodes = xmlContent.getXMLContent();
+ final Element element = checkForSingleElement(nodes);
// build the XMLDataObject
dataObject = new XMLDataObjectImpl(element);
@@ -955,10 +910,10 @@ public class DataObjectFactory {
* @param nodes The NodeList to check for a single element.
* @return The single element contained in nodes.
* @throws MOAApplicationException Thrown, if nodes does not
- * contain exactly 1 element node.
+ * contain exactly 1 element node.
*/
private Element checkForSingleElement(NodeList nodes)
- throws MOAApplicationException {
+ throws MOAApplicationException {
Element element = null;
int i;
@@ -986,26 +941,28 @@ public class DataObjectFactory {
* Create a DataObject from a ContentBinary object.
*
* @param binaryContent The ContentBinary object containing the
- * data.
- * @param asXml If true, binaryContent must
- * contain XML data. Otherwise, a BinaryDataObject will be
- * returned containing a byte stream to the decoded Base64 data.
- * @param repeatable If multiple calls to getInputStream() must
- * repeatedly return the content of the data object.
+ * data.
+ * @param asXml If true, binaryContent must
+ * contain XML data. Otherwise, a
+ * BinaryDataObject will be returned
+ * containing a byte stream to the decoded Base64 data.
+ * @param repeatable If multiple calls to getInputStream() must
+ * repeatedly return the content of the data object.
* @return A DataObject representing the content contained in
- * binaryContent.
- * @throws MOASystemException An error indicating an internal problem. See the
- * wrapped exception for details.
+ * binaryContent.
+ * @throws MOASystemException An error indicating an internal problem. See
+ * the wrapped exception for details.
* @throws MOAApplicationException An error occurred handling the content
- * (probably while parsing the data). See the wrapped exception for details.
+ * (probably while parsing the data). See the
+ * wrapped exception for details.
*/
private DataObjectImpl createFromBinaryContent(
- ContentBinary binaryContent,
- boolean asXml,
- boolean repeatable)
- throws MOASystemException, MOAApplicationException {
+ ContentBinary binaryContent,
+ boolean asXml,
+ boolean repeatable)
+ throws MOASystemException, MOAApplicationException {
- InputStream byteStream = binaryContent.getBinaryContent();
+ final InputStream byteStream = binaryContent.getBinaryContent();
DataObjectImpl dataObject;
if (asXml) {
@@ -1014,19 +971,19 @@ public class DataObjectFactory {
try {
doc = DOMUtils.parseDocument(byteStream, false, null, null);
dataObject = new XMLDataObjectImpl(doc.getDocumentElement());
- } catch (ParserConfigurationException e) {
+ } catch (final ParserConfigurationException e) {
throw new MOASystemException("1106", null, e);
- } catch (SAXException e) {
+ } catch (final SAXException e) {
throw new MOAApplicationException("2209", null, e);
- } catch (IOException e) {
+ } catch (final IOException e) {
throw new MOAApplicationException("2210", null, e);
}
} else {
if (repeatable) {
try {
dataObject =
- new ByteArrayDataObjectImpl(StreamUtils.readStream(byteStream));
- } catch (IOException e) {
+ new ByteArrayDataObjectImpl(StreamUtils.readStream(byteStream));
+ } catch (final IOException e) {
throw new MOAApplicationException("2210", null);
}
} else {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ExternalURIResolver.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ExternalURIResolver.java
index 933d058..5668a36 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ExternalURIResolver.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ExternalURIResolver.java
@@ -21,12 +21,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
-import iaik.xml.crypto.utils.URI;
-import iaik.xml.crypto.utils.URIException;
-
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
@@ -38,10 +34,12 @@ import at.gv.egovernment.moa.spss.MOAApplicationException;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
import at.gv.egovernment.moa.spss.util.ExternalURIVerifier;
+import iaik.xml.crypto.utils.URI;
+import iaik.xml.crypto.utils.URIException;
/**
* Resolve external URIs and provide them as a stream.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -52,14 +50,15 @@ public class ExternalURIResolver {
/**
* Return a stream to data at the given URI.
- *
- * This method will try to open an URLConnection to the given
- * URI. Access to the file system is disallowed.
- *
+ *
+ * This method will try to open an URLConnection to the given URI.
+ * Access to the file system is disallowed.
+ *
* @param uriStr The URI to resolve.
* @return InputStream The data contained at the URI.
* @throws MOAApplicationException An error occurred resolving the URI (e.g.,
- * the URI is syntactically incorrect or the stream could not be opened).
+ * the URI is syntactically incorrect or the
+ * stream could not be opened).
*/
public InputStream resolve(String uriStr) throws MOAApplicationException {
URI uri;
@@ -70,7 +69,7 @@ public class ExternalURIResolver {
// build the URI
try {
uri = new URI(uriStr);
- } catch (URIException e) {
+ } catch (final URIException e) {
throw new MOAApplicationException("2207", new Object[] { uriStr });
}
@@ -81,30 +80,30 @@ public class ExternalURIResolver {
// if we have local content (SOAP with attachments)
if ("formdata".equals(uri.getScheme())) {
- TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
- if (context==null) {
- //no transaction
+ final TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ if (context == null) {
+ // no transaction
throw new MOAApplicationException("2282", new Object[] { uri });
} else {
- InputStream attachmentIs = context.getAttachmentInputStream(uri);
+ final InputStream attachmentIs = context.getAttachmentInputStream(uri);
if (attachmentIs != null) {
setContentType(context.getAttachmentContentType(uri.getPath()));
return attachmentIs;
} else {
- //maybe attachments provided but no suiting attachment found
+ // maybe attachments provided but no suiting attachment found
throw new MOAApplicationException("2282", new Object[] { uri });
}
- }
- }
-
+ }
+ }
+
// convert URI to URL
try {
// create the URL
url = new URL(uriStr);
- //System.out.println("ExternalURIResolver: " + url);
+ // System.out.println("ExternalURIResolver: " + url);
ExternalURIVerifier.verify(url.getHost(), url.getPort());
-
- } catch (MalformedURLException e) {
+
+ } catch (final MalformedURLException e) {
throw new MOAApplicationException("2214", new Object[] { uriStr });
}
@@ -112,7 +111,7 @@ public class ExternalURIResolver {
try {
connection = url.openConnection();
if ("http".equals(url.getProtocol())) {
- HttpURLConnection httpConnection = (HttpURLConnection) connection;
+ final HttpURLConnection httpConnection = (HttpURLConnection) connection;
// disallow redirects
httpConnection.setInstanceFollowRedirects(false);
@@ -121,33 +120,31 @@ public class ExternalURIResolver {
throw new MOAApplicationException("2208", new Object[] { uri });
}
} else if ("https".equals(url.getProtocol())) {
- /*
- * this doesn't work because of some interaction between the IAIK
- * JCE and Sun JSSE that results in an "Invalid AVA format" exception
+ /*
+ * this doesn't work because of some interaction between the IAIK JCE and Sun
+ * JSSE that results in an "Invalid AVA format" exception
*/
/*
- HttpsURLConnection httpsConnection = (HttpsURLConnection) connection;
- InputStream trustStore =
- getClass().getResourceAsStream(DEFAULT_TRUST_STORE);
- SSLSocketFactory factory =
- SSLUtils.getSSLSocketFactory("jks", trustStore, "changeit");
- httpsConnection.setSSLSocketFactory(factory);
- httpsConnection.connect();
- if (httpConnection.getResponseCode() != HttpURLConnection.HTTP_OK) {
- throw new MOAApplicationException("2208", new Object[] { uri });
- }
- */
+ * HttpsURLConnection httpsConnection = (HttpsURLConnection) connection;
+ * InputStream trustStore = getClass().getResourceAsStream(DEFAULT_TRUST_STORE);
+ * SSLSocketFactory factory = SSLUtils.getSSLSocketFactory("jks", trustStore,
+ * "changeit"); httpsConnection.setSSLSocketFactory(factory);
+ * httpsConnection.connect(); if (httpConnection.getResponseCode() !=
+ * HttpURLConnection.HTTP_OK) { throw new MOAApplicationException("2208", new
+ * Object[] { uri }); }
+ */
connection.connect();
} else {
connection.connect();
}
is = connection.getInputStream();
- } catch (IOException e) {
+ } catch (final IOException e) {
throw new MOAApplicationException("2208", new Object[] { uri }, e);
- } /*catch (GeneralSecurityException e) {
- throw new MOAApplicationException("2208", new Object[] { uri }, e);
- }*/
+ } /*
+ * catch (GeneralSecurityException e) { throw new
+ * MOAApplicationException("2208", new Object[] { uri }, e); }
+ */
// set the content type
setContentType(connection.getContentType());
@@ -157,7 +154,7 @@ public class ExternalURIResolver {
/**
* Set the content type of the data at the URI.
- *
+ *
* @param contentType The content type to set.
*/
protected void setContentType(String contentType) {
@@ -167,7 +164,7 @@ public class ExternalURIResolver {
/**
* Return the content type of the data detected at the URI from the previous
* call of resolve().
- *
+ *
* @return String The content type.
*/
public String getContentType() {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java
index 6e8448b..8817937 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java
@@ -21,12 +21,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
-import iaik.server.modules.IAIKException;
-import iaik.server.modules.IAIKRuntimeException;
-
import java.lang.reflect.Constructor;
import java.util.HashMap;
import java.util.Map;
@@ -34,12 +30,13 @@ import java.util.Map;
import at.gv.egovernment.moa.spss.MOAApplicationException;
import at.gv.egovernment.moa.spss.MOAException;
import at.gv.egovernment.moa.spss.MOASystemException;
-
+import iaik.server.modules.IAIKException;
+import iaik.server.modules.IAIKRuntimeException;
/**
* Map an exception from the iaik namespace to a
* MOAException.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -47,57 +44,80 @@ public class IaikExceptionMapper {
/** The argument classes for MOAExceptions. */
private static final Class[] CONSTRUCTOR_ARGS =
- new Class[] { String.class, Object[].class, Throwable.class };
+ new Class[] { String.class, Object[].class, Throwable.class };
/** The exception mapping, as an array. */
private static final Object[][] MESSAGES =
- {
- { iaik.server.modules.IAIKException.class, "9900", MOASystemException.class },
- { iaik.server.modules.IAIKRuntimeException.class, "9901", MOASystemException.class },
- { iaik.server.modules.xmlsign.XMLSignatureCreationException.class, "2220", MOAApplicationException.class },
- { iaik.server.modules.xmlsign.XMLSignatureCreationRuntimeException.class, "2220", MOAApplicationException.class },
- { iaik.server.modules.xmlsign.InvalidKeyException.class, "2221", MOAApplicationException.class },
- { iaik.server.modules.xmlsign.ManifestException.class, "2222", MOAApplicationException.class },
- { iaik.server.modules.xmlsign.ReferenceException.class, "2223", MOAApplicationException.class },
- { iaik.server.modules.xmlsign.HashUnavailableException.class, "2224", MOAApplicationException.class },
- { iaik.server.modules.xmlsign.SignatureAlgorithmException.class, "2225", MOAApplicationException.class },
- { iaik.server.modules.xmlsign.SignatureEmbeddingException.class, "2226", MOAApplicationException.class },
- { iaik.server.modules.xmlsign.SignatureValueException.class, "2227", MOAApplicationException.class },
- { iaik.server.modules.xmlsign.SignedPropertyException.class, "2228", MOAApplicationException.class },
- { iaik.server.modules.xmlsign.SignerCertificateUnavailableException.class, "2229", MOAApplicationException.class },
- { iaik.server.modules.xmlsign.SupplementException.class, "2230", MOAApplicationException.class },
- { iaik.server.modules.xmlsign.TransformationException.class, "2233", MOAApplicationException.class },
- { iaik.server.modules.cmsverify.CMSSignatureVerificationException.class, "2240", MOAApplicationException.class },
- { iaik.server.modules.cmsverify.CMSSignatureVerificationRuntimeException.class, "2240", MOAApplicationException.class },
- { iaik.server.modules.cmsverify.AlgorithmNotSupportedException.class, "2241", MOAApplicationException.class },
- { iaik.server.modules.cmsverify.CMSSignatureParsingException.class, "2242", MOAApplicationException.class },
- { iaik.server.modules.cmsverify.SignerCertificateUnavailableException.class, "2243", MOAApplicationException.class },
- { iaik.server.modules.cmsverify.CMSSignatureVerificationRuntimeException.class, "2247", MOAApplicationException.class },
- { iaik.server.modules.cmsverify.InitException.class, "2248", MOAApplicationException.class },
- { iaik.server.modules.xmlverify.XMLSignatureVerificationException.class, "2240", MOAApplicationException.class },
- { iaik.server.modules.xmlverify.XMLSignatureVerificationRuntimeException.class, "2240", MOAApplicationException.class },
- { iaik.server.modules.xmlverify.AlgorithmNotSupportedException.class, "2241", MOAApplicationException.class },
- { iaik.server.modules.xmlverify.ManifestException.class, "2262", MOAApplicationException.class },
- { iaik.server.modules.xmlverify.PropertiesException.class, "2263", MOAApplicationException.class },
- { iaik.server.modules.xmlverify.ReferenceException.class, "2264", MOAApplicationException.class },
- { iaik.server.modules.xmlverify.HashUnavailableException.class, "2224", MOAApplicationException.class },
- { iaik.server.modules.xmlverify.SignerCertificateUnavailableException.class, "2243", MOAApplicationException.class },
- { iaik.server.modules.xmlverify.SupplementException.class, "2230", MOAApplicationException.class },
- { iaik.server.modules.xmlverify.TransformationException.class, "2265", MOAApplicationException.class },
- { iaik.server.modules.xmlverify.TransformationParsingException.class, "2269", MOAApplicationException.class },
- { at.gv.egovernment.moa.sig.tsl.exception.TslException.class, "2290", MOAApplicationException.class },
- { iaik.server.modules.cmssign.CMSSignatureCreationException.class, "2300", MOAApplicationException.class } ,
-
-
- };
-
+ {
+ { iaik.server.modules.IAIKException.class, "9900", MOASystemException.class },
+ { iaik.server.modules.IAIKRuntimeException.class, "9901", MOASystemException.class },
+ { iaik.server.modules.xmlsign.XMLSignatureCreationException.class, "2220",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.XMLSignatureCreationRuntimeException.class, "2220",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.InvalidKeyException.class, "2221", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.ManifestException.class, "2222", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.ReferenceException.class, "2223", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.HashUnavailableException.class, "2224",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.SignatureAlgorithmException.class, "2225",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.SignatureEmbeddingException.class, "2226",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.SignatureValueException.class, "2227",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.SignedPropertyException.class, "2228",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.SignerCertificateUnavailableException.class, "2229",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.SupplementException.class, "2230", MOAApplicationException.class },
+ { iaik.server.modules.xmlsign.TransformationException.class, "2233",
+ MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.CMSSignatureVerificationException.class, "2240",
+ MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.CMSSignatureVerificationRuntimeException.class, "2240",
+ MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.AlgorithmNotSupportedException.class, "2241",
+ MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.CMSSignatureParsingException.class, "2242",
+ MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.SignerCertificateUnavailableException.class, "2243",
+ MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.CMSSignatureVerificationRuntimeException.class, "2247",
+ MOAApplicationException.class },
+ { iaik.server.modules.cmsverify.InitException.class, "2248", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.XMLSignatureVerificationException.class, "2240",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.XMLSignatureVerificationRuntimeException.class, "2240",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.AlgorithmNotSupportedException.class, "2241",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.ManifestException.class, "2262", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.PropertiesException.class, "2263", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.ReferenceException.class, "2264", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.HashUnavailableException.class, "2224",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.SignerCertificateUnavailableException.class, "2243",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.SupplementException.class, "2230", MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.TransformationException.class, "2265",
+ MOAApplicationException.class },
+ { iaik.server.modules.xmlverify.TransformationParsingException.class, "2269",
+ MOAApplicationException.class },
+ { at.gv.egovernment.moa.sig.tsl.exception.TslException.class, "2290",
+ MOAApplicationException.class },
+ { iaik.server.modules.cmssign.CMSSignatureCreationException.class, "2300",
+ MOAApplicationException.class },
+
+ };
+
/** The single instance of this class. */
private static IaikExceptionMapper instance;
/** The exception mapping, as a Map for fast lookup. */
- private Map messages = new HashMap();
+ private final Map messages = new HashMap();
/**
* Get the single instance of this class.
- *
+ *
* @return The single instance of this class.
*/
public static synchronized IaikExceptionMapper getInstance() {
@@ -109,7 +129,7 @@ public class IaikExceptionMapper {
/**
* Create a new IaikExceptionMapper.
- *
+ *
* Protected to disallow multple instances.
*/
protected IaikExceptionMapper() {
@@ -124,59 +144,63 @@ public class IaikExceptionMapper {
for (i = 0; i < MESSAGES.length; i++) {
registerMessage(
- (Class) MESSAGES[i][0],
- (String) MESSAGES[i][1],
- (Class) MESSAGES[i][2]);
+ (Class) MESSAGES[i][0],
+ (String) MESSAGES[i][1],
+ (Class) MESSAGES[i][2]);
}
}
/**
* Register a single IAIKException to message mapping.
- *
- * @param iaikExceptionClass An exception from the iaik package.
- * @param messageId The corresponding error message id.
- * @param moaExceptionClass The type of MOAException that the
- * IAIKException is mapped to (usually
- * MOAApplicationException or MOASystemException).
+ *
+ * @param iaikExceptionClass An exception from the iaik package.
+ * @param messageId The corresponding error message id.
+ * @param moaExceptionClass The type of MOAException that the
+ * IAIKException is mapped to (usually
+ * MOAApplicationException or
+ * MOASystemException).
*/
protected void registerMessage(
- Class iaikExceptionClass,
- String messageId,
- Class moaExceptionClass) {
+ Class iaikExceptionClass,
+ String messageId,
+ Class moaExceptionClass) {
messages.put(
- iaikExceptionClass,
- new ExceptionMappingInfo(messageId, moaExceptionClass));
+ iaikExceptionClass,
+ new ExceptionMappingInfo(messageId, moaExceptionClass));
}
/**
- * Map an iaik.xml.crypto.tsl.ex.TSLSearchException to a MOAException.
- *
- * @param tslSearchException The iaik.xml.crypto.tsl.ex.TSLSearchException to map.
- * @return A MOAException containing the message for the
- * given IAIKException.
+ * Map an iaik.xml.crypto.tsl.ex.TSLSearchException to a
+ * MOAException.
+ *
+ * @param tslSearchException The
+ * iaik.xml.crypto.tsl.ex.TSLSearchException
+ * to map.
+ * @return A MOAException containing the message for the given
+ * IAIKException.
*/
public MOAException map(at.gv.egovernment.moa.sig.tsl.exception.TslException tslSearchException) {
return mapImpl(tslSearchException);
}
-
+
/**
* Map an IAIKException to a MOAException.
- *
- * @param iaikException The IAIKException to map.
- * @return A MOAException containing the message for the
- * given IAIKException.
+ *
+ * @param iaikException The IAIKException to map.
+ * @return A MOAException containing the message for the given
+ * IAIKException.
*/
public MOAException map(IAIKException iaikException) {
return mapImpl(iaikException);
}
-
+
/**
* Map an IAIKRuntimeException to a MOAException.
- *
- * @param iaikException The IAIKException to map.
- * @return A MOAException containing the message for the
- * given IAIKRuntimeException.
+ *
+ * @param iaikException The IAIKException to map.
+ * @return A MOAException containing the message for the given
+ * IAIKRuntimeException.
*/
public MOAException map(IAIKRuntimeException iaikException) {
return mapImpl(iaikException);
@@ -185,14 +209,14 @@ public class IaikExceptionMapper {
/**
* Map an IAIKException or IAIKRuntimeException to a
* MOAException.
- *
+ *
* @param iaikException The IAIKException or
- * IAIKRuntimeException to map.
- * @return A MOAException containing the message for the
- * given IAIKRuntimeException.
+ * IAIKRuntimeException to map.
+ * @return A MOAException containing the message for the given
+ * IAIKRuntimeException.
*/
private MOAException mapImpl(Exception iaikException) {
- MOAException moaException = createMoaException(iaikException);
+ final MOAException moaException = createMoaException(iaikException);
if (moaException == null) {
return new MOASystemException("9999", null, iaikException);
@@ -201,16 +225,16 @@ public class IaikExceptionMapper {
}
/**
- * Create a MOAException from a given IAIKException
- * by looking it up in the mapping.
- *
+ * Create a MOAException from a given IAIKException by
+ * looking it up in the mapping.
+ *
* @param iaikException The IAIKException to map.
- * @return A MOAException with an error code corresponding to
- * the given IAIKException. Returns null, if no
- * mapping could be found.
+ * @return A MOAException with an error code corresponding to the
+ * given IAIKException. Returns null, if no
+ * mapping could be found.
*/
protected MOAException createMoaException(Exception iaikException) {
- ExceptionMappingInfo info = lookupMessage(iaikException.getClass());
+ final ExceptionMappingInfo info = lookupMessage(iaikException.getClass());
Constructor constructor;
if (info == null) {
@@ -220,13 +244,13 @@ public class IaikExceptionMapper {
// instantiate the proper MOAException and return it
try {
constructor =
- info.getMoaExceptionClass().getConstructor(CONSTRUCTOR_ARGS);
+ info.getMoaExceptionClass().getConstructor(CONSTRUCTOR_ARGS);
return (MOAException) constructor.newInstance(
- new Object[] {
- info.getMessageId(),
- new Object[] { iaikException.getMessage()},
- iaikException });
- } catch (Exception e) {
+ new Object[] {
+ info.getMessageId(),
+ new Object[] { iaikException.getMessage() },
+ iaikException });
+ } catch (final Exception e) {
return null;
}
}
@@ -234,19 +258,19 @@ public class IaikExceptionMapper {
/**
* Recursively look up the message associated with an
* IAIKException.
- *
+ *
* This method walks up the exception inheritance hierarchy until it finds a
* mapping.
- *
+ *
* @param iaikExceptionClass The IAIKException to look up.
- * @return Information about the message id and
- * MOAException class that the iaikExceptionClass
- * maps to. If no mapping could be found, null is returned.
+ * @return Information about the message id and MOAException class
+ * that the iaikExceptionClass maps to. If no mapping could
+ * be found, null is returned.
*/
protected ExceptionMappingInfo lookupMessage(Class iaikExceptionClass) {
ExceptionMappingInfo info;
- // break if
+ // break if
if (iaikExceptionClass.equals(Exception.class)) {
return null;
}
@@ -264,21 +288,21 @@ public class IaikExceptionMapper {
/**
* A class containing a mapping from an error message ID to a
* MOAException class.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
class ExceptionMappingInfo {
/** The message ID. */
- private String messageId;
+ private final String messageId;
/** The MOAException class. */
- private Class moaExceptionClass;
+ private final Class moaExceptionClass;
/**
* Create a new ExceptionMappingInfo.
- *
- * @param messageId The message ID.
- * @param moaExceptionClass The MOAException class.
+ *
+ * @param messageId The message ID.
+ * @param moaExceptionClass The MOAException class.
*/
public ExceptionMappingInfo(String messageId, Class moaExceptionClass) {
this.messageId = messageId;
@@ -287,7 +311,7 @@ class ExceptionMappingInfo {
/**
* Return the message ID.
- *
+ *
* @return The message ID.
*/
public String getMessageId() {
@@ -296,7 +320,7 @@ class ExceptionMappingInfo {
/**
* Returns the MOAException class that the message ID maps to.
- *
+ *
* @return The MOAException class.
*/
public Class getMoaExceptionClass() {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/InvokerUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/InvokerUtils.java
index 0128e6a..43c993b 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/InvokerUtils.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/InvokerUtils.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
import org.w3c.dom.Element;
@@ -35,7 +34,7 @@ import at.gv.egovernment.moaspss.util.XPathUtils;
/**
* Utility methods for invoking the IAIK MOA modules.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -43,44 +42,44 @@ public class InvokerUtils {
/**
* Select the signature parent element.
- *
- * @param root The root DOM element which contains the signature parent
- * element somewhere in its subtree.
- * @param location The ElementSelector containing the XPath
- * expression to select the signature parent element from the document.
- * It is also contains the namespace prefix to URI mapping.
+ *
+ * @param root The root DOM element which contains the signature parent
+ * element somewhere in its subtree.
+ * @param location The ElementSelector containing the XPath
+ * expression to select the signature parent element from the
+ * document. It is also contains the namespace prefix to URI
+ * mapping.
* @return Element The signature parent element.
* @throws MOAApplicationException An error occurred evaluating the
- * location.
+ * location.
*/
public static Element evaluateSignatureLocation(
- Element root,
- ElementSelector location)
- throws MOAApplicationException {
+ Element root,
+ ElementSelector location)
+ throws MOAApplicationException {
NodeList nodes;
try {
nodes =
- XPathUtils.selectNodeList(
- root,
- location.getNamespaceDeclarations(),
- location.getXPathExpression());
- } catch (XPathException e) {
+ XPathUtils.selectNodeList(
+ root,
+ location.getNamespaceDeclarations(),
+ location.getXPathExpression());
+ } catch (final XPathException e) {
throw new MOAApplicationException(
- "2212",
- new Object[] { location.getXPathExpression()},
- e);
+ "2212",
+ new Object[] { location.getXPathExpression() },
+ e);
}
if (nodes.getLength() != 1
- || !(nodes.item(0).getNodeType() == Node.ELEMENT_NODE)) {
+ || !(nodes.item(0).getNodeType() == Node.ELEMENT_NODE)) {
throw new MOAApplicationException(
- "2212",
- new Object[] { location.getXPathExpression()});
+ "2212",
+ new Object[] { location.getXPathExpression() });
}
return (Element) nodes.item(0);
}
-
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ProfileMapper.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ProfileMapper.java
index c6eaa4f..474e74b 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ProfileMapper.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ProfileMapper.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
import java.util.ArrayList;
@@ -48,7 +47,7 @@ import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
/**
* Map ProfileID objects to their explicit represantation.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -58,83 +57,79 @@ public class ProfileMapper {
private static ProfileParser profileParser = new ProfileParser();
/**
- * Map a CreateTransformsInfoProfile to a
+ * Map a CreateTransformsInfoProfile to a
* CreateTransformsInfoProfileExplicit.
- *
+ *
* @param profile The profile object to map.
- * @param config The MOA configuration to use for looking up the profile.
+ * @param config The MOA configuration to use for looking up the profile.
* @return profile, if the given profile is of type
- * EXPLICIT_CREATETRANSFORMSINFOPROFILE, otherwise the profile
- * that is looked up and parsed from the configuration.
+ * EXPLICIT_CREATETRANSFORMSINFOPROFILE, otherwise the
+ * profile that is looked up and parsed from the configuration.
* @throws MOAApplicationException An error occurred parsing the profile.
*/
public static CreateTransformsInfoProfileExplicit mapCreateTransformsInfoProfile(
- CreateTransformsInfoProfile profile,
- ConfigurationProvider config)
- throws MOAApplicationException {
+ CreateTransformsInfoProfile profile,
+ ConfigurationProvider config)
+ throws MOAApplicationException {
switch (profile.getCreateTransformsInfoProfileType()) {
- case CreateTransformsInfoProfile.EXPLICIT_CREATETRANSFORMSINFOPROFILE :
+ case CreateTransformsInfoProfile.EXPLICIT_CREATETRANSFORMSINFOPROFILE:
return (CreateTransformsInfoProfileExplicit) profile;
- case CreateTransformsInfoProfile.ID_CREATETRANSFORMSINFOPROFILE :
- CreateTransformsInfoProfileID profileIdObj =
- (CreateTransformsInfoProfileID) profile;
- String profileID = profileIdObj.getCreateTransformsInfoProfileID();
- Element profileElem = config.getCreateTransformsInfoProfile(profileID);
+ case CreateTransformsInfoProfile.ID_CREATETRANSFORMSINFOPROFILE:
+ final CreateTransformsInfoProfileID profileIdObj =
+ (CreateTransformsInfoProfileID) profile;
+ final String profileID = profileIdObj.getCreateTransformsInfoProfileID();
+ final Element profileElem = config.getCreateTransformsInfoProfile(profileID);
if (profileElem == null) {
throw new MOAApplicationException("2234", new Object[] { profileID });
}
- return (
- CreateTransformsInfoProfileExplicit) profileParser
+ return (CreateTransformsInfoProfileExplicit) profileParser
.parseCreateTransformsInfoProfile(
- profileElem);
+ profileElem);
}
return null; // this will not happen
}
/**
- * Map a CreateSignatureEnvironmentProfile to a
+ * Map a CreateSignatureEnvironmentProfile to a
* CreateSignatureEnvironmentProfileExplicit.
- *
+ *
* @param profile The profile object to map.
- * @param config The MOA configuration to use for looking up the profile.
+ * @param config The MOA configuration to use for looking up the profile.
* @return profile, if the given profile is of type
- * EXPLICIT_CREATESIGNATUREENVIRONMENTPROFILE, otherwise the
- * profile that is looked up and parsed from the configuration.
+ * EXPLICIT_CREATESIGNATUREENVIRONMENTPROFILE, otherwise
+ * the profile that is looked up and parsed from the configuration.
* @throws MOAApplicationException An error occurred parsing the profile.
*/
public static CreateSignatureEnvironmentProfileExplicit mapCreateSignatureEnvironmentProfile(
- CreateSignatureEnvironmentProfile profile,
- ConfigurationProvider config)
- throws MOAApplicationException {
+ CreateSignatureEnvironmentProfile profile,
+ ConfigurationProvider config)
+ throws MOAApplicationException {
switch (profile.getCreateSignatureEnvironmentProfileType()) {
- case CreateSignatureEnvironmentProfile
- .EXPLICIT_CREATESIGNATUREENVIRONMENTPROFILE :
+ case CreateSignatureEnvironmentProfile.EXPLICIT_CREATESIGNATUREENVIRONMENTPROFILE:
return (CreateSignatureEnvironmentProfileExplicit) profile;
- case CreateSignatureEnvironmentProfile
- .ID_CREATESIGNATUREENVIRONMENTPROFILE :
+ case CreateSignatureEnvironmentProfile.ID_CREATESIGNATUREENVIRONMENTPROFILE:
- CreateSignatureEnvironmentProfileID profileIdObj =
- (CreateSignatureEnvironmentProfileID) profile;
- String profileID =
- profileIdObj.getCreateSignatureEnvironmentProfileID();
- Element profileElem =
- config.getCreateSignatureEnvironmentProfile(profileID);
+ final CreateSignatureEnvironmentProfileID profileIdObj =
+ (CreateSignatureEnvironmentProfileID) profile;
+ final String profileID =
+ profileIdObj.getCreateSignatureEnvironmentProfileID();
+ final Element profileElem =
+ config.getCreateSignatureEnvironmentProfile(profileID);
if (profileElem == null) {
throw new MOAApplicationException("2236", new Object[] { profileID });
}
- return (
- CreateSignatureEnvironmentProfileExplicit) profileParser
+ return (CreateSignatureEnvironmentProfileExplicit) profileParser
.parseCreateSignatureEnvironmentProfile(
- profileElem);
+ profileElem);
}
return null;
@@ -142,25 +137,25 @@ public class ProfileMapper {
}
/**
- * Map a List of SupplementProfiles to their
- * explicit representation.
- *
+ * Map a List of SupplementProfiles to their explicit
+ * representation.
+ *
* @param profiles The profiles to map.
- * @param config The MOA configuration to use for looking up profiles.
+ * @param config The MOA configuration to use for looking up profiles.
* @return The mapped profiles.
* @throws MOAApplicationException An error occurred mapping one of the
- * profiles.
+ * profiles.
*/
public static List mapSupplementProfiles(
- List profiles,
- ConfigurationProvider config)
- throws MOAApplicationException {
+ List profiles,
+ ConfigurationProvider config)
+ throws MOAApplicationException {
- List mappedProfiles = new ArrayList();
+ final List mappedProfiles = new ArrayList();
Iterator iter;
for (iter = profiles.iterator(); iter.hasNext();) {
- SupplementProfile profile = (SupplementProfile) iter.next();
+ final SupplementProfile profile = (SupplementProfile) iter.next();
mappedProfiles.add(mapSupplementProfile(profile, config));
}
@@ -168,63 +163,62 @@ public class ProfileMapper {
}
/**
- * Map a SupplementProfile to a
+ * Map a SupplementProfile to a
* SupplementProfileExplicit.
- *
+ *
* @param profile The profile object to map.
- * @param config The MOA configuration to use for looking up the profile.
+ * @param config The MOA configuration to use for looking up the profile.
* @return profile, if the given profile is of type
- * EXPLICIT_SUPPLEMENTPROFILE, otherwise the
- * profile that is looked up and parsed from the configuration.
+ * EXPLICIT_SUPPLEMENTPROFILE, otherwise the profile that
+ * is looked up and parsed from the configuration.
* @throws MOAApplicationException An error occurred parsing the profile.
*/
public static SupplementProfileExplicit mapSupplementProfile(
- SupplementProfile profile,
- ConfigurationProvider config)
- throws MOAApplicationException {
+ SupplementProfile profile,
+ ConfigurationProvider config)
+ throws MOAApplicationException {
switch (profile.getSupplementProfileType()) {
- case SupplementProfile.EXPLICIT_SUPPLEMENTPROFILE :
+ case SupplementProfile.EXPLICIT_SUPPLEMENTPROFILE:
return (SupplementProfileExplicit) profile;
- case SupplementProfile.ID_SUPPLEMENTPROFILE :
- SupplementProfileID profileIdObj = (SupplementProfileID) profile;
- String profileID = profileIdObj.getSupplementProfileID();
- Element profileElem = config.getSupplementProfile(profileID);
+ case SupplementProfile.ID_SUPPLEMENTPROFILE:
+ final SupplementProfileID profileIdObj = (SupplementProfileID) profile;
+ final String profileID = profileIdObj.getSupplementProfileID();
+ final Element profileElem = config.getSupplementProfile(profileID);
if (profileElem == null) {
throw new MOAApplicationException("2267", new Object[] { profileID });
}
- return (
- SupplementProfileExplicit) profileParser.parseSupplementProfile(
- profileElem);
+ return (SupplementProfileExplicit) profileParser.parseSupplementProfile(
+ profileElem);
}
return null;
}
/**
- * Map a List of VerifyTransformsInfoProfiles to
- * their explicit representation.
- *
+ * Map a List of VerifyTransformsInfoProfiles to their
+ * explicit representation.
+ *
* @param profiles The profiles to map.
- * @param config The MOA configuration to use for looking up profiles.
+ * @param config The MOA configuration to use for looking up profiles.
* @return The mapped profiles.
* @throws MOAApplicationException An error occurred mapping one of the
- * profiles.
+ * profiles.
*/
public static List mapVerifyTransformsInfoProfiles(
- List profiles,
- ConfigurationProvider config)
- throws MOAApplicationException {
+ List profiles,
+ ConfigurationProvider config)
+ throws MOAApplicationException {
- List mappedProfiles = new ArrayList();
+ final List mappedProfiles = new ArrayList();
Iterator iter;
for (iter = profiles.iterator(); iter.hasNext();) {
- VerifyTransformsInfoProfile profile =
- (VerifyTransformsInfoProfile) iter.next();
+ final VerifyTransformsInfoProfile profile =
+ (VerifyTransformsInfoProfile) iter.next();
mappedProfiles.add(mapVerifyTransformsInfoProfile(profile, config));
}
@@ -232,40 +226,39 @@ public class ProfileMapper {
}
/**
- * Map a VerifyTransformsInfoProfile to a
+ * Map a VerifyTransformsInfoProfile to a
* VerifyTransformsInfoProfileExplicit.
- *
+ *
* @param profile The profile object to map.
- * @param config The MOA configuration to use for looking up the profile.
+ * @param config The MOA configuration to use for looking up the profile.
* @return profile, if the given profile is of type
- * EXPLICIT_VERIFYTRANSFORMSINFOPROFILE, otherwise the
- * profile that is looked up and parsed from the configuration.
+ * EXPLICIT_VERIFYTRANSFORMSINFOPROFILE, otherwise the
+ * profile that is looked up and parsed from the configuration.
* @throws MOAApplicationException An error occurred parsing the profile.
*/
public static VerifyTransformsInfoProfileExplicit mapVerifyTransformsInfoProfile(
- VerifyTransformsInfoProfile profile,
- ConfigurationProvider config)
- throws MOAApplicationException {
+ VerifyTransformsInfoProfile profile,
+ ConfigurationProvider config)
+ throws MOAApplicationException {
switch (profile.getVerifyTransformsInfoProfileType()) {
- case VerifyTransformsInfoProfile.EXPLICIT_VERIFYTRANSFORMSINFOPROFILE :
+ case VerifyTransformsInfoProfile.EXPLICIT_VERIFYTRANSFORMSINFOPROFILE:
return (VerifyTransformsInfoProfileExplicit) profile;
- case VerifyTransformsInfoProfile.ID_VERIFYTRANSFORMSINFOPROFILE :
- VerifyTransformsInfoProfileID profileIdObj =
- (VerifyTransformsInfoProfileID) profile;
- String profileID = profileIdObj.getVerifyTransformsInfoProfileID();
- Element profileElem =
- config.getVerifyTransformsInfoProfile(profileID);
-
+ case VerifyTransformsInfoProfile.ID_VERIFYTRANSFORMSINFOPROFILE:
+ final VerifyTransformsInfoProfileID profileIdObj =
+ (VerifyTransformsInfoProfileID) profile;
+ final String profileID = profileIdObj.getVerifyTransformsInfoProfileID();
+ final Element profileElem =
+ config.getVerifyTransformsInfoProfile(profileID);
+
if (profileElem == null) {
- throw new MOAApplicationException("2268", new Object[] { profileID });
+ throw new MOAApplicationException("2268", new Object[] { profileID });
}
- return (
- VerifyTransformsInfoProfileExplicit) profileParser
+ return (VerifyTransformsInfoProfileExplicit) profileParser
.parseVerifyTransformsInfoProfile(
- profileElem);
+ profileElem);
}
return null;
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ServiceContextUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ServiceContextUtils.java
index 330ffdd..0674103 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ServiceContextUtils.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ServiceContextUtils.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
@@ -32,37 +31,38 @@ import at.gv.egovernment.moaspss.logging.LoggingContext;
import at.gv.egovernment.moaspss.logging.LoggingContextManager;
/**
- * A utility class for setting up and tearing down thread-local context
+ * A utility class for setting up and tearing down thread-local context
* information needed for calling the Invoker classes.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class ServiceContextUtils {
-
+
/**
- * Set up the thread-local context information needed for calling the various
+ * Set up the thread-local context information needed for calling the various
* Invoker classes.
- *
- * @throws ConfigurationException An error occurred setting up the
- * configuration in the TransactionContext.
+ *
+ * @throws ConfigurationException An error occurred setting up the configuration
+ * in the TransactionContext.
*/
public static void setUpContexts() throws ConfigurationException {
- TransactionContextManager txMgr = TransactionContextManager.getInstance();
- LoggingContextManager logMgr = LoggingContextManager.getInstance();
- String transactionID = Thread.currentThread().getName();
-
+ final TransactionContextManager txMgr = TransactionContextManager.getInstance();
+ final LoggingContextManager logMgr = LoggingContextManager.getInstance();
+ final String transactionID = Thread.currentThread().getName();
+
if (txMgr.getTransactionContext() == null) {
- TransactionContext ctx = new TransactionContext(transactionID, null, ConfigurationProvider.getInstance());
+ final TransactionContext ctx = new TransactionContext(transactionID, null, ConfigurationProvider
+ .getInstance());
txMgr.setTransactionContext(ctx);
}
-
+
if (logMgr.getLoggingContext() == null) {
- LoggingContext ctx = new LoggingContext(transactionID);
+ final LoggingContext ctx = new LoggingContext(transactionID);
logMgr.setLoggingContext(ctx);
}
}
-
+
/**
* Tear down thread-local context information.
*/
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureCreationServiceImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureCreationServiceImpl.java
index b746333..ec4bdd9 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureCreationServiceImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureCreationServiceImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
import java.util.Collections;
@@ -33,9 +32,9 @@ import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest;
import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse;
/**
- * An implementation of the SignatureCreationService, using
- * the XMLSignatureCreationInvoker.
- *
+ * An implementation of the SignatureCreationService, using the
+ * XMLSignatureCreationInvoker.
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -43,25 +42,26 @@ public class SignatureCreationServiceImpl extends SignatureCreationService {
/**
* Create an XML signature.
- *
+ *
* @param request The CreateXMLSignatureRequest containing
- * information about the signature(s) to create.
+ * information about the signature(s) to create.
* @return The created signature(s).
* @throws MOAException An error occurred creating the signature(s).
*/
+ @Override
public CreateXMLSignatureResponse createXMLSignature(CreateXMLSignatureRequest request)
- throws MOAException {
+ throws MOAException {
- XMLSignatureCreationInvoker invoker =
- XMLSignatureCreationInvoker.getInstance();
+ final XMLSignatureCreationInvoker invoker =
+ XMLSignatureCreationInvoker.getInstance();
CreateXMLSignatureResponse response;
try {
-
+
Configurator.getInstance().init();
ServiceContextUtils.setUpContexts();
response = invoker.createXMLSignature(request, Collections.EMPTY_SET);
-
+
return response;
} finally {
ServiceContextUtils.tearDownContexts();
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureVerificationServiceImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureVerificationServiceImpl.java
index 5b6033c..50b7c53 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureVerificationServiceImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/SignatureVerificationServiceImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
import at.gv.egovernment.moa.spss.MOAException;
@@ -33,36 +32,37 @@ import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
/**
- * An implementation of the SignatureVerificationService using
- * the XMLSignatureVerificationInvoker and the
+ * An implementation of the SignatureVerificationService using the
+ * XMLSignatureVerificationInvoker and the
* CMSSignatureVerificationInvoker.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class SignatureVerificationServiceImpl
- extends SignatureVerificationService {
+ extends SignatureVerificationService {
/**
* Verify a CMS signature.
- *
- * @param request The VerifyCMSSignatureRequest containing
- * information about the signature verification.
+ *
+ * @param request The VerifyCMSSignatureRequest containing
+ * information about the signature verification.
* @return The result of the signature verification.
* @throws MOAException An error occurred during signature verification.
*/
+ @Override
public VerifyCMSSignatureResponse verifyCMSSignature(VerifyCMSSignatureRequest request)
- throws MOAException {
+ throws MOAException {
- CMSSignatureVerificationInvoker invoker =
- CMSSignatureVerificationInvoker.getInstance();
+ final CMSSignatureVerificationInvoker invoker =
+ CMSSignatureVerificationInvoker.getInstance();
VerifyCMSSignatureResponse response;
try {
Configurator.getInstance().init();
ServiceContextUtils.setUpContexts();
response = invoker.verifyCMSSignature(request);
-
+
return response;
} finally {
ServiceContextUtils.tearDownContexts();
@@ -71,26 +71,26 @@ public class SignatureVerificationServiceImpl
/**
* Verify an XML signature.
- *
+ *
* @param request The VerifyXMLSignatureRequest containinig
- * information about the signature verification.
+ * information about the signature verification.
* @return The result of the signature verification.
* @throws MOAException An error occurred during signature verification.
*/
+ @Override
public VerifyXMLSignatureResponse verifyXMLSignature(VerifyXMLSignatureRequest request)
- throws MOAException {
+ throws MOAException {
- XMLSignatureVerificationInvoker invoker =
- XMLSignatureVerificationInvoker.getInstance();
+ final XMLSignatureVerificationInvoker invoker =
+ XMLSignatureVerificationInvoker.getInstance();
VerifyXMLSignatureResponse response;
try {
-
Configurator.getInstance().init();
ServiceContextUtils.setUpContexts();
response = invoker.verifyXMLSignature(request);
-
+
return response;
} finally {
ServiceContextUtils.tearDownContexts();
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/TransformationFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/TransformationFactory.java
index 7842f14..1eec502 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/TransformationFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/TransformationFactory.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
import java.util.ArrayList;
@@ -30,14 +29,6 @@ import java.util.Iterator;
import java.util.List;
import java.util.Map;
-import iaik.server.modules.xml.Base64Transformation;
-import iaik.server.modules.xml.Canonicalization;
-import iaik.server.modules.xml.EnvelopedSignatureTransformation;
-import iaik.server.modules.xml.Transformation;
-import iaik.server.modules.xml.XPath2Transformation;
-import iaik.server.modules.xml.XPathTransformation;
-import iaik.server.modules.xml.XSLTTransformation;
-
import at.gv.egovernment.moa.spss.MOAApplicationException;
import at.gv.egovernment.moa.spss.api.common.ExclusiveCanonicalizationTransform;
import at.gv.egovernment.moa.spss.api.common.Transform;
@@ -53,41 +44,49 @@ import at.gv.egovernment.moa.spss.server.iaik.xml.XPath2FilterImpl;
import at.gv.egovernment.moa.spss.server.iaik.xml.XPath2TransformationImpl;
import at.gv.egovernment.moa.spss.server.iaik.xml.XPathTransformationImpl;
import at.gv.egovernment.moa.spss.server.iaik.xml.XSLTTransformationImpl;
+import iaik.server.modules.xml.Base64Transformation;
+import iaik.server.modules.xml.Canonicalization;
+import iaik.server.modules.xml.EnvelopedSignatureTransformation;
+import iaik.server.modules.xml.Transformation;
+import iaik.server.modules.xml.XPath2Transformation;
+import iaik.server.modules.xml.XPathTransformation;
+import iaik.server.modules.xml.XSLTTransformation;
/**
- * A factory to create Transformation objects from
+ * A factory to create Transformation objects from
* Transform objects.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class TransformationFactory {
-
/** The single instance of this class. */
private static TransformationFactory instance = null;
- /** Maps XPathFilter filter types to
- * XPath2Transformation filter types. */
+ /**
+ * Maps XPathFilter filter types to
+ * XPath2Transformation filter types.
+ */
private static Map FILTER_TYPE_MAPPING;
static {
FILTER_TYPE_MAPPING = new HashMap();
FILTER_TYPE_MAPPING.put(
- XPathFilter.INTERSECT_TYPE,
- XPath2Transformation.XPath2Filter.INTERSECTION);
+ XPathFilter.INTERSECT_TYPE,
+ XPath2Transformation.XPath2Filter.INTERSECTION);
FILTER_TYPE_MAPPING.put(
- XPathFilter.SUBTRACT_TYPE,
- XPath2Transformation.XPath2Filter.SUBTRACTION);
+ XPathFilter.SUBTRACT_TYPE,
+ XPath2Transformation.XPath2Filter.SUBTRACTION);
FILTER_TYPE_MAPPING.put(
- XPathFilter.UNION_TYPE,
- XPath2Transformation.XPath2Filter.UNION);
+ XPathFilter.UNION_TYPE,
+ XPath2Transformation.XPath2Filter.UNION);
}
/**
* Get the single instance of the factory.
- *
+ *
* @return TransformationFactory The single instance.
*/
public static synchronized TransformationFactory getInstance() {
@@ -99,37 +98,36 @@ public class TransformationFactory {
/**
* Create a new TransformationFactory.
- *
+ *
* Protected to disallow multiple instances.
*/
protected TransformationFactory() {
}
/**
- * Create a Transformation based on a
- * Transform object.
- *
- * @param transform The Transform object to extract
- * transformation data from.
- * @return The transformation contained in the transform
+ * Create a Transformation based on a Transform
* object.
+ *
+ * @param transform The Transform object to extract transformation
+ * data from.
+ * @return The transformation contained in the transform object.
* @throws MOAApplicationException An error occured creating the
- * Transformation. See exception message for details.
+ * Transformation. See exception
+ * message for details.
*/
public Transformation createTransformation(Transform transform)
- throws MOAApplicationException {
- String algorithmUri = transform.getAlgorithmURI();
+ throws MOAApplicationException {
+ final String algorithmUri = transform.getAlgorithmURI();
if (Canonicalization.CANONICAL_XML.equals(algorithmUri)
- || Canonicalization.CANONICAL_XML_WITH_COMMENTS.equals(algorithmUri)) {
+ || Canonicalization.CANONICAL_XML_WITH_COMMENTS.equals(algorithmUri)) {
return createC14nTransformation(algorithmUri);
- } else if (
- Canonicalization.EXCLUSIVE_CANONICAL_XML.equals(algorithmUri)
+ } else if (Canonicalization.EXCLUSIVE_CANONICAL_XML.equals(algorithmUri)
|| Canonicalization.EXCLUSIVE_CANONICAL_XML_WITH_COMMENTS.equals(
- algorithmUri)) {
+ algorithmUri)) {
return createExclusiveC14nTransformation(
- (ExclusiveCanonicalizationTransform) transform);
+ (ExclusiveCanonicalizationTransform) transform);
} else if (Base64Transformation.ALL.contains(algorithmUri)) {
return createBase64Transformation();
@@ -147,23 +145,24 @@ public class TransformationFactory {
}
/**
- * Create a List of Transformations from a
+ * Create a List of Transformations from a
* List of Transforms.
- *
- * @param transforms The List containing the
- * Transforms.
+ *
+ * @param transforms The List containing the
+ * Transforms.
* @return The List of Transformations corresponding
- * to the transforms.
+ * to the transforms.
* @throws MOAApplicationException An error occurred building one of the
- * transformations. See exception message for details.
+ * transformations. See exception message for
+ * details.
*/
public List createTransformationList(List transforms)
- throws MOAApplicationException {
- List transformationList = new ArrayList();
+ throws MOAApplicationException {
+ final List transformationList = new ArrayList();
Iterator trIter;
for (trIter = transforms.iterator(); trIter.hasNext();) {
- Transform transform = (Transform) trIter.next();
+ final Transform transform = (Transform) trIter.next();
transformationList.add(createTransformation(transform));
}
@@ -172,7 +171,7 @@ public class TransformationFactory {
/**
* Create a Canonicalization.
- *
+ *
* @param algorithmUri The algorithm URI of the canonicalization.
* @return The Canonicalization.
*/
@@ -182,20 +181,20 @@ public class TransformationFactory {
/**
* Create a ExclusiveCanonicalization.
- *
- * @param transform The ExclusiveCanonicalizationTransform
- * containing the transformation data.
+ *
+ * @param transform The ExclusiveCanonicalizationTransform
+ * containing the transformation data.
* @return The ExclusiveCanonicalization.
*/
private Transformation createExclusiveC14nTransformation(ExclusiveCanonicalizationTransform transform) {
return new ExclusiveCanonicalizationImpl(
- transform.getAlgorithmURI(),
- transform.getInclusiveNamespacePrefixes());
+ transform.getAlgorithmURI(),
+ transform.getInclusiveNamespacePrefixes());
}
/**
* Create a Base64Transformation.
- *
+ *
* @return The EnvelopedSignatureTransformation.
- *
+ *
* @return An EnvelopedSignatureTransformation.
*/
private Transformation createEnvelopedSignatureTransformation() {
@@ -213,47 +212,47 @@ public class TransformationFactory {
/**
* Create an XPathTransformation.
- *
- * @param transform The Transform object containing the
- * XPath transformation.
- * @return An XPathTransformation corresponding the
- * transformation given in transform.
- * @throws MOAApplicationException An error occurred creating the
- * Transformation.
+ *
+ * @param transform The Transform object containing the XPath
+ * transformation.
+ * @return An XPathTransformation corresponding the transformation
+ * given in transform.
+ * @throws MOAApplicationException An error occurred creating the
+ * Transformation.
*/
private Transformation createXPathTransformation(XPathTransform transform)
- throws MOAApplicationException {
+ throws MOAApplicationException {
return new XPathTransformationImpl(
- transform.getXPathExpression(),
- transform.getNamespaceDeclarations());
+ transform.getXPathExpression(),
+ transform.getNamespaceDeclarations());
}
/**
* Create an XPath2Transformation.
- *
- * @param transform The Transform object containing the
- * XPath filter transformation.
- * @return An XPath2Transformation corresponding the
- * transformation given in transform.
+ *
+ * @param transform The Transform object containing the XPath
+ * filter transformation.
+ * @return An XPath2Transformation corresponding the transformation
+ * given in transform.
* @throws MOAApplicationException An error occurred creating the
- * Transformation.
+ * Transformation.
*/
private Transformation createXPath2Transformation(XPathFilter2Transform transform)
- throws MOAApplicationException {
+ throws MOAApplicationException {
- XPath2TransformationImpl xpath2 = new XPath2TransformationImpl();
+ final XPath2TransformationImpl xpath2 = new XPath2TransformationImpl();
Iterator iter;
for (iter = transform.getFilters().iterator(); iter.hasNext();) {
- XPathFilter filter = (XPathFilter) iter.next();
- String mappedFilterType =
- (String) FILTER_TYPE_MAPPING.get(filter.getFilterType());
- XPath2FilterImpl mappedFilter =
- new XPath2FilterImpl(
- mappedFilterType,
- filter.getXPathExpression(),
- filter.getNamespaceDeclarations());
+ final XPathFilter filter = (XPathFilter) iter.next();
+ final String mappedFilterType =
+ (String) FILTER_TYPE_MAPPING.get(filter.getFilterType());
+ final XPath2FilterImpl mappedFilter =
+ new XPath2FilterImpl(
+ mappedFilterType,
+ filter.getXPathExpression(),
+ filter.getNamespaceDeclarations());
xpath2.addXPathFilter(mappedFilter);
}
@@ -266,15 +265,15 @@ public class TransformationFactory {
/**
* Create an XSLTTransformation.
- *
+ *
* @param transform The Transform containing the XSLT stylesheet.
* @return An XSLTTransformation corresponding the transformation
- * given in transform.
+ * given in transform.
* @throws MOAApplicationException An error occurred creating the
- * Transformation.
+ * Transformation.
*/
private Transformation createXSLTTransformation(XSLTTransform transform)
- throws MOAApplicationException {
+ throws MOAApplicationException {
return new XSLTTransformationImpl(transform.getStylesheet());
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
index 7ebea52..813d28e 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
@@ -21,13 +21,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
-import iaik.server.modules.cmsverify.CMSSignatureVerificationResult;
-import iaik.server.modules.pdfverify.PDFSignatureVerificationResult;
-import iaik.server.cmspdfverify.CertificateValidationResult;
-
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
@@ -41,28 +36,35 @@ import at.gv.egovernment.moa.spss.api.common.ExtendedCertificateCheckResult;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
import at.gv.egovernment.moa.spss.api.common.TslInfos;
import at.gv.egovernment.moa.spss.server.config.TrustProfile;
+import iaik.server.cmspdfverify.CertificateValidationResult;
+import iaik.server.modules.cmsverify.CMSSignatureVerificationResult;
+import iaik.server.modules.pdfverify.PDFSignatureVerificationResult;
/**
* A class to build a VerifyCMSSignatureResponse object.
- *
- * Via subsequent calls to addResult() a number of results from
- * a CMS signature verification can be added to the response.
- *
- * The getResponseElement() method then returns the
- * VerifyCMSSignatureResponse built so far.
- *
+ *
+ *
+ * Via subsequent calls to addResult() a number of results from a
+ * CMS signature verification can be added to the response.
+ *
+ *
+ *
+ * The getResponseElement() method then returns the
+ * VerifyCMSSignatureResponse built so far.
+ *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class VerifyCMSSignatureResponseBuilder {
/** The SPSSFactory for creating API objects. */
- private SPSSFactory factory = SPSSFactory.getInstance();
+ private final SPSSFactory factory = SPSSFactory.getInstance();
/** The elements making up the response. */
- private List responseElements = new ArrayList();
+ private final List responseElements = new ArrayList();
/**
* Get the VerifyCMSSignatureResponse built so far.
- *
+ *
* @return The VerifyCMSSignatureResponse built so far.
*/
public VerifyCMSSignatureResponse getResponse() {
@@ -71,141 +73,146 @@ public class VerifyCMSSignatureResponseBuilder {
/**
* Add a verification result to the response.
- *
- * @param result The result to add.
- * @param trustprofile The actual trustprofile
- * @param checkQCFromTSL true, if the TSL check verifies the
- * certificate as qualified, otherwise false.
- * @param checkSSCD true, if the TSL check verifies the
- * signature based on a SSDC, otherwise false.
- * @param sscdSourceTSL true, if the SSCD information comes from the TSL,
- * otherwise false.
- * @throws MOAException
+ *
+ * @param result The result to add.
+ * @param trustprofile The actual trustprofile
+ * @param checkQCFromTSL true, if the TSL check verifies the
+ * certificate as qualified, otherwise false.
+ * @param checkSSCD true, if the TSL check verifies the
+ * signature based on a SSDC, otherwise
+ * false.
+ * @param sscdSourceTSL true, if the SSCD information comes from
+ * the TSL, otherwise false.
+ * @throws MOAException
*/
- public void addResult(CMSSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, List adesResults,
- ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos, boolean extendedVerification)
- throws MOAException {
-
-
- int signatureCheckCode = result.getSignatureValueVerificationCode().intValue();
- CertificateValidationResult certResult = result.getCertificateValidationResult();
-
+ public void addResult(CMSSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC,
+ boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode,
+ List adesResults,
+ ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos,
+ boolean extendedVerification)
+ throws MOAException {
+
+ final int signatureCheckCode = result.getSignatureValueVerificationCode().intValue();
+ final CertificateValidationResult certResult = result.getCertificateValidationResult();
+
VerifyCMSSignatureResponseElement responseElement;
SignerInfo signerInfo = null;
CheckResult signatureCheck;
CheckResult certificateCheck;
- boolean qualifiedCertificate = checkQC;
-
- //add signature algorithm name in case of extended validation
+ final boolean qualifiedCertificate = checkQC;
+
+ // add signature algorithm name in case of extended validation
String sigAlgName = null;
if (extendedVerification) {
- sigAlgName = result.getSignatureAlgorithmName();
-
+ sigAlgName = result.getSignatureAlgorithmName();
+
}
-
- //set code 99 if not certcheckresult exists
+
+ // set code 99 if not certcheckresult exists
int certificateCheckCode = 99;
if (certResult != null) {
- certificateCheckCode = certResult.getValidationResultCode().intValue();
-
- // add SignerInfo element
- signerInfo =
- factory.createSignerInfo(
- (X509Certificate) certResult.getCertificateChain().get(0),
- qualifiedCertificate,
- qcSourceTSL,
- certResult.isPublicAuthorityCertificate(),
- certResult.getPublicAuthorityID(),
- checkSSCD,
- sscdSourceTSL,
- issuerCountryCode,
- result.getSigningTime(),
- tslInfos);
+ certificateCheckCode = certResult.getValidationResultCode().intValue();
+
+ // add SignerInfo element
+ signerInfo =
+ factory.createSignerInfo(
+ (X509Certificate) certResult.getCertificateChain().get(0),
+ qualifiedCertificate,
+ qcSourceTSL,
+ certResult.isPublicAuthorityCertificate(),
+ certResult.getPublicAuthorityID(),
+ checkSSCD,
+ sscdSourceTSL,
+ issuerCountryCode,
+ result.getSigningTime(),
+ tslInfos);
}
-
+
// add SignatureCheck element
signatureCheck = factory.createCheckResult(signatureCheckCode, null);
// add CertificateCheck element
certificateCheck = factory.createCheckResult(certificateCheckCode, null);
-
+
// build the response element
responseElement =
- factory.createVerifyCMSSignatureResponseElement(
- signerInfo,
- signatureCheck,
- certificateCheck,
- adesResults,
- extendedCertificateCheckResult,
- sigAlgName,
- null,
- null);
+ factory.createVerifyCMSSignatureResponseElement(
+ signerInfo,
+ signatureCheck,
+ certificateCheck,
+ adesResults,
+ extendedCertificateCheckResult,
+ sigAlgName,
+ null,
+ null);
responseElements.add(responseElement);
}
-
-/**
- *
- * @param result
- * @param trustProfile
- * @param checkQC
- * @param qcSourceTSL
- * @param checkSSCD
- * @param sscdSourceTSL
- * @param issuerCountryCode
- * @param adesResults
- * @param extendedCertificateCheckResult
- * @param tslInfos
- * @param extendedVerification
- * @throws MOAException
- */
- public void addResult(PDFSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, List adesResults,
- ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos, boolean extendedVerification)
- throws MOAException {
-
- CertificateValidationResult certResult =
- result.getCertificateValidationResult();
- int signatureCheckCode =
- result.getSignatureValueVerificationCode().intValue();
-
+
+ /**
+ *
+ * @param result
+ * @param trustProfile
+ * @param checkQC
+ * @param qcSourceTSL
+ * @param checkSSCD
+ * @param sscdSourceTSL
+ * @param issuerCountryCode
+ * @param adesResults
+ * @param extendedCertificateCheckResult
+ * @param tslInfos
+ * @param extendedVerification
+ * @throws MOAException
+ */
+ public void addResult(PDFSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC,
+ boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode,
+ List adesResults,
+ ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos,
+ boolean extendedVerification)
+ throws MOAException {
+
+ final CertificateValidationResult certResult =
+ result.getCertificateValidationResult();
+ final int signatureCheckCode =
+ result.getSignatureValueVerificationCode().intValue();
+
VerifyCMSSignatureResponseElement responseElement;
SignerInfo signerInfo = null;
CheckResult signatureCheck;
CheckResult certificateCheck;
- boolean qualifiedCertificate = checkQC;
-
- //add signature algorithm name in case of extended validation
+ final boolean qualifiedCertificate = checkQC;
+
+ // add signature algorithm name in case of extended validation
String sigAlgName = null;
Boolean coversFullDoc = null;
int[] sigByteRange = null;
-
+
if (extendedVerification) {
- sigAlgName = result.getSignatureAlgorithmName();
- coversFullDoc = result.byteRangeCoversWholeDocument();
- sigByteRange = result.getByteRange();
-
- }
+ sigAlgName = result.getSignatureAlgorithmName();
+ coversFullDoc = result.byteRangeCoversWholeDocument();
+ sigByteRange = result.getByteRange();
+ }
- //set code 99 if not certcheckresult exists
+ // set code 99 if not certcheckresult exists
int certificateCheckCode = 99;
if (certResult != null) {
- certificateCheckCode = certResult.getValidationResultCode().intValue();
-
- // add SignerInfo element
- signerInfo =
- factory.createSignerInfo(
- (X509Certificate) certResult.getCertificateChain().get(0),
- qualifiedCertificate,
- qcSourceTSL,
- certResult.isPublicAuthorityCertificate(),
- certResult.getPublicAuthorityID(),
- checkSSCD,
- sscdSourceTSL,
- issuerCountryCode,
- result.getSigningTime(),
- tslInfos);
+ certificateCheckCode = certResult.getValidationResultCode().intValue();
+
+ // add SignerInfo element
+ signerInfo =
+ factory.createSignerInfo(
+ (X509Certificate) certResult.getCertificateChain().get(0),
+ qualifiedCertificate,
+ qcSourceTSL,
+ certResult.isPublicAuthorityCertificate(),
+ certResult.getPublicAuthorityID(),
+ checkSSCD,
+ sscdSourceTSL,
+ issuerCountryCode,
+ result.getSigningTime(),
+ tslInfos);
}
// add SignatureCheck element
@@ -213,18 +220,18 @@ public class VerifyCMSSignatureResponseBuilder {
// add CertificateCheck element
certificateCheck = factory.createCheckResult(certificateCheckCode, null);
-
+
// build the response element
responseElement =
- factory.createVerifyCMSSignatureResponseElement(
- signerInfo,
- signatureCheck,
- certificateCheck,
- adesResults,
- extendedCertificateCheckResult,
- sigAlgName,
- coversFullDoc,
- sigByteRange);
+ factory.createVerifyCMSSignatureResponseElement(
+ signerInfo,
+ signatureCheck,
+ certificateCheck,
+ adesResults,
+ extendedCertificateCheckResult,
+ sigAlgName,
+ coversFullDoc,
+ sigByteRange);
responseElements.add(responseElement);
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
index 22ef789..7e882ed 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
@@ -21,16 +21,15 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.util.ArrayList;
+import java.util.Date;
import java.util.Iterator;
import java.util.List;
-import java.util.Date;
import javax.xml.crypto.OctetStreamData;
import javax.xml.crypto.dsig.CanonicalizationMethod;
@@ -69,25 +68,28 @@ import iaik.server.modules.xmlverify.SecurityLayerManifest;
import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile;
import iaik.server.modules.xmlverify.XMLSignatureVerificationResult;
import iaik.x509.X509Certificate;
-import iaik.xml.crypto.alg.transform.C14NTransformService;
import iaik.xml.crypto.dsig.CanonicalizationMethodImpl;
/**
* A class to build a VerifyXMLSignatureResponse object.
- *
- * Via a call to addResult() the only result of the
- * signature verification must be added.
- *
- * The getResponseElement() method then returns the
- * VerifyXMLSignatureResponse built so far.
- *
+ *
+ *
+ * Via a call to addResult() the only result of the signature
+ * verification must be added.
+ *
+ *
+ *
+ * The getResponseElement() method then returns the
+ * VerifyXMLSignatureResponse built so far.
+ *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class VerifyXMLSignatureResponseBuilder {
/** The SPSSFactory for creating API objects. */
- private SPSSFactory factory = SPSSFactory.getInstance();
+ private final SPSSFactory factory = SPSSFactory.getInstance();
/** Information about the signer certificate. */
private SignerInfo signerInfo;
@@ -106,216 +108,203 @@ public class VerifyXMLSignatureResponseBuilder {
private List adesFormResults = null;
private ExtendedCertificateCheckResult extCheckResult = null;
private Date signingTime;
-
+
private String signatureAlgorithm = null;
-
+
/**
* Get the VerifyMLSignatureResponse built so far.
- *
+ *
* @return The VerifyXMLSignatureResponse built so far.
*/
public VerifyXMLSignatureResponse getResponse() {
return factory.createVerifyXMLSignatureResponse(
- signerInfo,
- hashInputDatas,
- referenceInputDatas,
- signatureCheck,
- signatureManifestCheck,
- xmlDsigManifestChecks,
- certificateCheck,
- adesFormResults,
- extCheckResult,
- signatureAlgorithm);
+ signerInfo,
+ hashInputDatas,
+ referenceInputDatas,
+ signatureCheck,
+ signatureManifestCheck,
+ xmlDsigManifestChecks,
+ certificateCheck,
+ adesFormResults,
+ extCheckResult,
+ signatureAlgorithm);
}
-
+
public void setExtendedCertificateCheckResult(ExtendedCertificateCheckResult extCheckResult) {
- this.extCheckResult = extCheckResult;
+ this.extCheckResult = extCheckResult;
}
-
+
public void setAdESFormResults(List adesForm) {
- this.adesFormResults = adesForm;
+ this.adesFormResults = adesForm;
}
/**
* Sets the verification result to the response.
- *
+ *
* This method must be called exactly once to ensure a valid
* VerifyXMLSignatureResponse.
- *
- * @param result The result to set for the response.
- * @param profile The profile used for verifying the signature.
- * @param transformsSignatureManifestCheck The overall result for the signature
- * manifest check.
- * @param certificateCheck The overall result for the certificate check.
- * @param checkQC true, if the certificate is QC, otherwise false.
- * @param qcSourceTSL true, if the QC information comes from the TSL,
- * otherwise false.
- * @param checkSSCD true, if the signature is created by an SSCD, otherwise false.
- * @param sscdSourceTSL true, if the SSCD information comes from the TSL,
- * otherwise false.
+ *
+ * @param result The result to set for the response.
+ * @param profile The profile used for verifying the
+ * signature.
+ * @param transformsSignatureManifestCheck The overall result for the signature
+ * manifest check.
+ * @param certificateCheck The overall result for the
+ * certificate check.
+ * @param checkQC true, if the certificate
+ * is QC, otherwise false.
+ * @param qcSourceTSL true, if the QC
+ * information comes from the TSL,
+ * otherwise false.
+ * @param checkSSCD true, if the signature
+ * is created by an SSCD, otherwise
+ * false.
+ * @param sscdSourceTSL true, if the SSCD
+ * information comes from the TSL,
+ * otherwise false.
* @throws MOAApplicationException An error occurred adding the result.
*/
public void setResult(
- XMLSignatureVerificationResult result,
- XMLSignatureVerificationProfile profile,
- ReferencesCheckResult transformsSignatureManifestCheck,
- CheckResult certificateCheck,
- boolean checkQC,
- boolean qcSourceTSL,
- boolean checkSSCD,
- boolean sscdSourceTSL,
- boolean isTSLEnabledTrustprofile,
- String issuerCountryCode,
- TslInfos tslInfos,
- boolean isExtendedValidation)
- throws MOAApplicationException {
-
- CertificateValidationResult certResult =
- result.getCertificateValidationResult();
+ XMLSignatureVerificationResult result,
+ XMLSignatureVerificationProfile profile,
+ ReferencesCheckResult transformsSignatureManifestCheck,
+ CheckResult certificateCheck,
+ boolean checkQC,
+ boolean qcSourceTSL,
+ boolean checkSSCD,
+ boolean sscdSourceTSL,
+ boolean isTSLEnabledTrustprofile,
+ String issuerCountryCode,
+ TslInfos tslInfos,
+ boolean isExtendedValidation)
+ throws MOAApplicationException {
+
+ final CertificateValidationResult certResult =
+ result.getCertificateValidationResult();
List referenceDataList;
- ReferenceData referenceData;
+ final ReferenceData referenceData;
List dsigManifestList;
ReferencesCheckResultInfo checkResultInfo;
int[] failedReferences;
Iterator iter;
boolean qualifiedCertificate = false;
-
+
qualifiedCertificate = checkQC;
-
- if (isExtendedValidation)
- signatureAlgorithm = result.getSignatureAlgorithmName();
-
+
+ if (isExtendedValidation) {
+ signatureAlgorithm = result.getSignatureAlgorithmName();
+ }
+
// create the SignerInfo;
signerInfo =
- factory.createSignerInfo(
- (X509Certificate) certResult.getCertificateChain().get(0),
- qualifiedCertificate,
- qcSourceTSL,
- certResult.isPublicAuthorityCertificate(),
- certResult.getPublicAuthorityID(),
- checkSSCD,
- sscdSourceTSL,
- issuerCountryCode,
- result.getSigningTime(),
- tslInfos);
-
-
-
- //TODO: add hash algo. infos
+ factory.createSignerInfo(
+ (X509Certificate) certResult.getCertificateChain().get(0),
+ qualifiedCertificate,
+ qcSourceTSL,
+ certResult.isPublicAuthorityCertificate(),
+ certResult.getPublicAuthorityID(),
+ checkSSCD,
+ sscdSourceTSL,
+ issuerCountryCode,
+ result.getSigningTime(),
+ tslInfos);
+
+ // TODO: add hash algo. infos
// Create HashInputData Content objects
referenceDataList = result.getReferenceDataList();
if (profile.includeHashInputData()) {
hashInputDatas = new ArrayList();
-
+
// Include SignedInfo references
addHashInputDatas(
- hashInputDatas,
- referenceDataList,
- InputData.CONTAINER_SIGNEDINFO_,
- InputData.REFERER_NONE_);
-
+ hashInputDatas,
+ referenceDataList,
+ InputData.CONTAINER_SIGNEDINFO_,
+ InputData.REFERER_NONE_);
+
// Include XMLDSIGManifest references
- List xMLDSIGManifests = result.getDsigManifestList();
- for (iter = xMLDSIGManifests.iterator(); iter.hasNext();)
- {
- DsigManifest currentMF = (DsigManifest) iter.next();
- List xMLDSIGMFReferenceDataList = currentMF.getReferenceDataList();
+ final List xMLDSIGManifests = result.getDsigManifestList();
+ for (iter = xMLDSIGManifests.iterator(); iter.hasNext();) {
+ final DsigManifest currentMF = (DsigManifest) iter.next();
+ final List xMLDSIGMFReferenceDataList = currentMF.getReferenceDataList();
addHashInputDatas(
- hashInputDatas,
- xMLDSIGMFReferenceDataList,
- InputData.CONTAINER_XMLDSIGMANIFEST_,
- currentMF.getReferringReferenceInfo().getReferenceIndex());
+ hashInputDatas,
+ xMLDSIGMFReferenceDataList,
+ InputData.CONTAINER_XMLDSIGMANIFEST_,
+ currentMF.getReferringReferenceInfo().getReferenceIndex());
}
}
// Create the ReferenceInputData Content objects
if (profile.includeReferenceInputData()) {
referenceInputDatas = new ArrayList();
-
+
// Include SignedInfo references
addReferenceInputDatas(
- referenceInputDatas,
- referenceDataList,
- InputData.CONTAINER_SIGNEDINFO_,
- InputData.REFERER_NONE_);
+ referenceInputDatas,
+ referenceDataList,
+ InputData.CONTAINER_SIGNEDINFO_,
+ InputData.REFERER_NONE_);
// Include XMLDSIGManifest references
- List xMLDSIGManifests = result.getDsigManifestList();
- for (iter = xMLDSIGManifests.iterator(); iter.hasNext();)
- {
- DsigManifest currentMF = (DsigManifest) iter.next();
- List xMLDSIGMFReferenceDataList = currentMF.getReferenceDataList();
+ final List xMLDSIGManifests = result.getDsigManifestList();
+ for (iter = xMLDSIGManifests.iterator(); iter.hasNext();) {
+ final DsigManifest currentMF = (DsigManifest) iter.next();
+ final List xMLDSIGMFReferenceDataList = currentMF.getReferenceDataList();
addReferenceInputDatas(
- referenceInputDatas,
- xMLDSIGMFReferenceDataList,
- InputData.CONTAINER_XMLDSIGMANIFEST_,
- currentMF.getReferringReferenceInfo().getReferenceIndex());
+ referenceInputDatas,
+ xMLDSIGMFReferenceDataList,
+ InputData.CONTAINER_XMLDSIGMANIFEST_,
+ currentMF.getReferringReferenceInfo().getReferenceIndex());
}
}
// create the signature check
failedReferences = buildFailedReferences(result.getReferenceDataList());
checkResultInfo =
- failedReferences != null
- ? factory.createReferencesCheckResultInfo(null, failedReferences)
- : null;
+ failedReferences != null
+ ? factory.createReferencesCheckResultInfo(null, failedReferences)
+ : null;
signatureCheck =
- factory.createReferencesCheckResult(
- result.getSignatureValueVerificationCode().intValue(),
- checkResultInfo);
+ factory.createReferencesCheckResult(
+ result.getSignatureValueVerificationCode().intValue(),
+ checkResultInfo);
// create the signature manifest check
- if (profile.checkSecurityLayerManifest())
- {
- if (transformsSignatureManifestCheck.getCode() == 1)
- {
+ if (profile.checkSecurityLayerManifest()) {
+ if (transformsSignatureManifestCheck.getCode() == 1) {
// checking the transforms failed
signatureManifestCheck = transformsSignatureManifestCheck;
- }
- else if (result.isSecurityLayerManifestRequired())
- {
- if (!result.containsSecurityLayerManifest())
- {
+ } else if (result.isSecurityLayerManifestRequired()) {
+ if (!result.containsSecurityLayerManifest()) {
// required security layer manifest is missing in signature
signatureManifestCheck = factory.createReferencesCheckResult(2, null);
- }
- else
- {
+ } else {
// security layer manifest exists, so we have to check its validity
- SecurityLayerManifest slManifest = result.getSecurityLayerManifest();
- int verificationResult = slManifest.getManifestVerificationResult().intValue();
+ final SecurityLayerManifest slManifest = result.getSecurityLayerManifest();
+ final int verificationResult = slManifest.getManifestVerificationResult().intValue();
- if (SecurityLayerManifest.CODE_MANIFEST_VALID.intValue() == verificationResult)
- {
+ if (SecurityLayerManifest.CODE_MANIFEST_VALID.intValue() == verificationResult) {
// security layer manifest exists and is free of errors
signatureManifestCheck = factory.createReferencesCheckResult(0, null);
- }
- else
- {
+ } else {
// security layer manifest exists, but has errors
failedReferences = buildFailedReferences(slManifest.getReferenceDataList());
- checkResultInfo = (failedReferences != null)
- ? factory.createReferencesCheckResultInfo(null, failedReferences)
- : null;
- if (SecurityLayerManifest.CODE_MANIFEST_INCOMPLETE.intValue() == verificationResult)
- {
- signatureManifestCheck = factory.createReferencesCheckResult(3, checkResultInfo);
- }
- else if (SecurityLayerManifest.CODE_REFERENCE_HASH_INVALID.intValue() == verificationResult)
- {
- signatureManifestCheck = factory.createReferencesCheckResult(4, checkResultInfo);
- }
- else
- {
+ checkResultInfo = failedReferences != null
+ ? factory.createReferencesCheckResultInfo(null, failedReferences)
+ : null;
+ if (SecurityLayerManifest.CODE_MANIFEST_INCOMPLETE.intValue() == verificationResult) {
+ signatureManifestCheck = factory.createReferencesCheckResult(3, checkResultInfo);
+ } else if (SecurityLayerManifest.CODE_REFERENCE_HASH_INVALID.intValue() == verificationResult) {
+ signatureManifestCheck = factory.createReferencesCheckResult(4, checkResultInfo);
+ } else {
// Should not happen
throw new RuntimeException("Unexpected result from security layer manifest verification.");
}
}
}
- }
- else
- {
+ } else {
// no security layer manifest is required, so the signature manifest check is ok
signatureManifestCheck = factory.createReferencesCheckResult(0, null);
}
@@ -326,172 +315,181 @@ public class VerifyXMLSignatureResponseBuilder {
xmlDsigManifestChecks = new ArrayList();
dsigManifestList = result.getDsigManifestList();
for (iter = dsigManifestList.iterator(); iter.hasNext();) {
- DsigManifest dsigManifest = (DsigManifest) iter.next();
- int refIndex =
- dsigManifest.getReferringReferenceInfo().getReferenceIndex();
+ final DsigManifest dsigManifest = (DsigManifest) iter.next();
+ final int refIndex =
+ dsigManifest.getReferringReferenceInfo().getReferenceIndex();
ManifestRefsCheckResultInfo manifestCheckResultInfo;
failedReferences =
- buildFailedReferences(dsigManifest.getReferenceDataList());
+ buildFailedReferences(dsigManifest.getReferenceDataList());
manifestCheckResultInfo =
- factory.createManifestRefsCheckResultInfo(
- null,
- failedReferences,
- refIndex);
+ factory.createManifestRefsCheckResultInfo(
+ null,
+ failedReferences,
+ refIndex);
xmlDsigManifestChecks.add(
- factory.createManifestRefsCheckResult(
- dsigManifest.getManifestVerificationResult().intValue(),
- manifestCheckResultInfo));
+ factory.createManifestRefsCheckResult(
+ dsigManifest.getManifestVerificationResult().intValue(),
+ manifestCheckResultInfo));
}
}
- // create the certificate check
+ // create the certificate check
this.certificateCheck = certificateCheck;
-
+
this.signingTime = result.getSigningTime();
-
+
}
/**
- * Adds {@link InputData} entries to the specified inputDatas list. The content of the entry will
- * be created from {@link ReferenceData#getHashInputData()}.
- *
- * @param inputDatas The list to be amended.
- *
- * @param referenceDataList The list of {@link ReferenceData} objects to be investigated.
- *
- * @param containerType The type of container of the {@link InputData} objects to be created.
- *
- * @param refererNumber The number of the referring reference for the {@link InputData} objects to be created.
- *
- * @throws MOAApplicationException if creating an {@link InputData} fails.
+ * Adds {@link InputData} entries to the specified inputDatas list.
+ * The content of the entry will be created from
+ * {@link ReferenceData#getHashInputData()}.
+ *
+ * @param inputDatas The list to be amended.
+ *
+ * @param referenceDataList The list of {@link ReferenceData} objects to be
+ * investigated.
+ *
+ * @param containerType The type of container of the {@link InputData}
+ * objects to be created.
+ *
+ * @param refererNumber The number of the referring reference for the
+ * {@link InputData} objects to be created.
+ *
+ * @throws MOAApplicationException if creating an {@link InputData} fails.
*/
- private void addHashInputDatas(List inputDatas, List referenceDataList, String containerType, int refererNumber)
- throws MOAApplicationException
- {
- for (Iterator iter = referenceDataList.iterator(); iter.hasNext();)
- {
- ReferenceData referenceData = (ReferenceData) iter.next();
+ private void addHashInputDatas(List inputDatas, List referenceDataList, String containerType,
+ int refererNumber)
+ throws MOAApplicationException {
+ for (final Object element : referenceDataList) {
+ final ReferenceData referenceData = (ReferenceData) element;
inputDatas.add(buildInputData(
- referenceData.getHashInputData(),
- containerType,
- refererNumber,
- referenceData.getHashAlgorithmName()));
+ referenceData.getHashInputData(),
+ containerType,
+ refererNumber,
+ referenceData.getHashAlgorithmName()));
}
}
-
+
/**
- * Adds {@link InputData} entries to the specified inputDatas list. The content of the entry will
- * be created from {@link ReferenceData#getReferenceInputData()}.
- *
- * @param inputDatas The list to be amended.
- *
- * @param referenceDataList The list of {@link ReferenceData} objects to be investigated.
- *
- * @param containerType The type of container of the {@link InputData} objects to be created.
- *
- * @param refererNumber The number of the referring reference for the {@link InputData} objects to be created.
- *
- * @throws MOAApplicationException if creating an {@link InputData} fails.
+ * Adds {@link InputData} entries to the specified inputDatas list.
+ * The content of the entry will be created from
+ * {@link ReferenceData#getReferenceInputData()}.
+ *
+ * @param inputDatas The list to be amended.
+ *
+ * @param referenceDataList The list of {@link ReferenceData} objects to be
+ * investigated.
+ *
+ * @param containerType The type of container of the {@link InputData}
+ * objects to be created.
+ *
+ * @param refererNumber The number of the referring reference for the
+ * {@link InputData} objects to be created.
+ *
+ * @throws MOAApplicationException if creating an {@link InputData} fails.
*/
- private void addReferenceInputDatas(List inputDatas, List referenceDataList, String containerType, int refererNumber)
- throws MOAApplicationException
- {
- for (Iterator iter = referenceDataList.iterator(); iter.hasNext();)
- {
- ReferenceData referenceData = (ReferenceData) iter.next();
+ private void addReferenceInputDatas(List inputDatas, List referenceDataList, String containerType,
+ int refererNumber)
+ throws MOAApplicationException {
+ for (final Object element : referenceDataList) {
+ final ReferenceData referenceData = (ReferenceData) element;
inputDatas.add(buildInputData(
- referenceData.getReferenceInputData(),
- containerType,
- refererNumber,
- referenceData.getHashAlgorithmName()));
+ referenceData.getReferenceInputData(),
+ containerType,
+ refererNumber,
+ referenceData.getHashAlgorithmName()));
}
}
/**
* Build a InputDataBinaryImpl or an InputDataXMLImpl
* object from the given DataObject and the given attributes.
- *
- * @param dataObject The DataObject from which to build the result.
- * Based on the type of this parameter, the type of the result will either be
- * InputDataBinaryImpl or InputDataXMLImpl.
- *
- * @param partof see {@link InputData}
- *
+ *
+ * @param dataObject The DataObject from which to
+ * build the result. Based on the type of this
+ * parameter, the type of the result will either
+ * be InputDataBinaryImpl or
+ * InputDataXMLImpl.
+ *
+ * @param partof see {@link InputData}
+ *
* @param referringReferenceNumber see {@link InputData}
- *
- * @param hashAlg see {@link InputData}
- *
- * @return The corresponinding input data implementation.
+ *
+ * @param hashAlg see {@link InputData}
+ *
+ * @return The corresponinding input data implementation.
* @throws MOAApplicationException An error occurred creating the result.
*/
- private Content buildInputData(DataObject dataObject, String partOf, int referringReferenceNumber, String hashAlg)
- throws MOAApplicationException {
+ private Content buildInputData(DataObject dataObject, String partOf, int referringReferenceNumber,
+ String hashAlg)
+ throws MOAApplicationException {
if (dataObject instanceof BinaryDataObject) {
- BinaryDataObject binaryData = (BinaryDataObject) dataObject;
+ final BinaryDataObject binaryData = (BinaryDataObject) dataObject;
return new InputDataBinaryImpl(
- factory.createContent(binaryData.getInputStream(), null),
- partOf,
- referringReferenceNumber,
- hashAlg);
+ factory.createContent(binaryData.getInputStream(), null),
+ partOf,
+ referringReferenceNumber,
+ hashAlg);
} else if (dataObject instanceof XMLDataObject) {
- XMLDataObject xmlData = (XMLDataObject) dataObject;
- List nodes = new ArrayList();
+ final XMLDataObject xmlData = (XMLDataObject) dataObject;
+ final List nodes = new ArrayList();
nodes.add(xmlData.getElement());
return new InputDataXMLImpl(
- factory.createContent(new NodeListAdapter(nodes), null),
- partOf,
- referringReferenceNumber,
- hashAlg);
+ factory.createContent(new NodeListAdapter(nodes), null),
+ partOf,
+ referringReferenceNumber,
+ hashAlg);
} else { // dataObject instanceof XMLNodeListDataObject
// if the data in the NodeList can be converted back to valid XML,
- // write it as XMLContent; otherwise, write it as Base64Content
- XMLNodeListDataObject nodeData = (XMLNodeListDataObject) dataObject;
- NodeList nodes = nodeData.getNodeList();
-
+ // write it as XMLContent; otherwise, write it as Base64Content
+ final XMLNodeListDataObject nodeData = (XMLNodeListDataObject) dataObject;
+ final NodeList nodes = nodeData.getNodeList();
+
if (DOMUtils.checkAttributeParentsInNodeList(nodes)) {
// insert as XMLContent
try {
- DocumentFragment fragment = DOMUtils.nodeList2DocumentFragment(nodes);
+ final DocumentFragment fragment = DOMUtils.nodeList2DocumentFragment(nodes);
return new InputDataXMLImpl(
- factory.createContent(fragment.getChildNodes(), null),
- partOf,
- referringReferenceNumber,
- hashAlg);
- } catch (Exception e) {
+ factory.createContent(fragment.getChildNodes(), null),
+ partOf,
+ referringReferenceNumber,
+ hashAlg);
+ } catch (final Exception e) {
// not successful -> fall through to the Base64Content
}
}
-
+
// insert canonicalized NodeList as binary content
try {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- for(int i = 0; i < nodes.getLength(); i++) {
- baos.write(DOMUtils.nodeToByteArray(nodes.item(i)));
- }
- baos.close();
- ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray());
- OctetStreamData inputData = new OctetStreamData(bais);
-
- CanonicalizationMethodImpl canonicalizationMethodImpl = new CanonicalizationMethodImpl(
- CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, new ExcC14NParameterSpec());
- OctetStreamData data = (OctetStreamData)canonicalizationMethodImpl.transform(inputData, null);
- bais.close();
- //CanonicalizationAlgorithm c14n =
- //new CanonicalizationAlgorithmImplExclusiveCanonicalXMLWithComments();
- InputStream is = data.getOctetStream();
-
- //c14n.setInput(nodes);
- //is = c14n.canonicalize();
+ final ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ for (int i = 0; i < nodes.getLength(); i++) {
+ baos.write(DOMUtils.nodeToByteArray(nodes.item(i)));
+ }
+ baos.close();
+ final ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray());
+ final OctetStreamData inputData = new OctetStreamData(bais);
+
+ final CanonicalizationMethodImpl canonicalizationMethodImpl = new CanonicalizationMethodImpl(
+ CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, new ExcC14NParameterSpec());
+ final OctetStreamData data = (OctetStreamData) canonicalizationMethodImpl.transform(inputData, null);
+ bais.close();
+ // CanonicalizationAlgorithm c14n =
+ // new CanonicalizationAlgorithmImplExclusiveCanonicalXMLWithComments();
+ final InputStream is = data.getOctetStream();
+
+ // c14n.setInput(nodes);
+ // is = c14n.canonicalize();
return new InputDataBinaryImpl(
- factory.createContent(is, null),
- partOf,
- referringReferenceNumber,
- hashAlg);
- } catch (Exception e) {
+ factory.createContent(is, null),
+ partOf,
+ referringReferenceNumber,
+ hashAlg);
+ } catch (final Exception e) {
throw new MOAApplicationException("2200", null);
}
}
@@ -499,27 +497,27 @@ public class VerifyXMLSignatureResponseBuilder {
/**
* Build the failed references.
- *
+ *
* Failed references are references for which the isHashValid()
* method returns false.
- *
- * @param refInfos A List containing the
- * ReferenceInfo objects to be checked.
- * @return The indexes of the failed references.
+ *
+ * @param refInfos A List containing the ReferenceInfo
+ * objects to be checked.
+ * @return The indexes of the failed references.
*/
private int[] buildFailedReferences(List refInfos) {
- List failedReferencesList = new ArrayList();
+ final List failedReferencesList = new ArrayList();
int i;
// find out the failed references
for (i = 0; i < refInfos.size(); i++) {
- ReferenceInfo refInfo = (ReferenceInfo) refInfos.get(i);
+ final ReferenceInfo refInfo = (ReferenceInfo) refInfos.get(i);
try {
if (refInfo.isHashCalculated() && !refInfo.isHashValid()) {
failedReferencesList.add(new Integer(i + 1));
}
- } catch (HashUnavailableException e) {
+ } catch (final HashUnavailableException e) {
// nothing to do here because we called refInfo.isHashCalculated first
}
}
@@ -528,7 +526,7 @@ public class VerifyXMLSignatureResponseBuilder {
if (failedReferencesList.isEmpty()) {
return null;
} else {
- int[] failedReferences = CollectionUtils.toIntArray(failedReferencesList);
+ final int[] failedReferences = CollectionUtils.toIntArray(failedReferencesList);
return failedReferences;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvoker.java
index ecdd811..e039cb9 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvoker.java
@@ -21,18 +21,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
-import iaik.server.modules.IAIKException;
-import iaik.server.modules.IAIKRuntimeException;
-import iaik.server.modules.xml.DataObject;
-import iaik.server.modules.xml.XMLDataObject;
-import iaik.server.modules.xml.XMLSignature;
-import iaik.server.modules.xmlsign.XMLSignatureCreationModule;
-import iaik.server.modules.xmlsign.XMLSignatureCreationModuleFactory;
-import iaik.server.modules.xmlsign.XMLSignatureCreationProfile;
-
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
@@ -71,17 +61,25 @@ import at.gv.egovernment.moaspss.logging.LoggingContext;
import at.gv.egovernment.moaspss.logging.LoggingContextManager;
import at.gv.egovernment.moaspss.util.Constants;
import at.gv.egovernment.moaspss.util.XPathUtils;
+import iaik.server.modules.IAIKException;
+import iaik.server.modules.IAIKRuntimeException;
+import iaik.server.modules.xml.DataObject;
+import iaik.server.modules.xml.XMLDataObject;
+import iaik.server.modules.xml.XMLSignature;
+import iaik.server.modules.xmlsign.XMLSignatureCreationModule;
+import iaik.server.modules.xmlsign.XMLSignatureCreationModuleFactory;
+import iaik.server.modules.xmlsign.XMLSignatureCreationProfile;
/**
* A class providing an API based interface to the
* XMLSignatureCreationModule.
- *
- * This class performs the invocation of the
+ *
+ * This class performs the invocation of the
* iaik.server.modules.xmlsign.XMLSignatureCreationModule from a
* CreateXMLSignatureRequest given as an API object. The result of
* the invocation is integrated into a CreateXMLSignatureResponse
* and returned.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -92,7 +90,7 @@ public class XMLSignatureCreationInvoker {
/**
* Get the only instance of this class.
- *
+ *
* @return The only instance of this class.
*/
public static synchronized XMLSignatureCreationInvoker getInstance() {
@@ -104,7 +102,7 @@ public class XMLSignatureCreationInvoker {
/**
* Create a new XMLSignatureCreationInvoker.
- *
+ *
* Protected to disallow multiple instances.
*/
protected XMLSignatureCreationInvoker() {
@@ -114,31 +112,31 @@ public class XMLSignatureCreationInvoker {
* Process the CreateXMLSignatureRequest message and invoke the
* XMLSignatureCreationModule for every
* SingleSignatureInfo contained in the request.
- *
+ *
* @param request A CreateXMLSignatureRequest API object
* containing the information for creating the signature(s).
- * @param reserved A Set of reserved object IDs.
- *
- * @return A CreateXMLSignatureResponse API object containing
- * the created signature(s). The response contains either a
- * SignatureEnvironment or a ErrorResponse
- * for each SingleSignatureInfo in the request.
- * @throws MOAException An error occurred during signature creation.
+ * @param reserved A Set of reserved object IDs.
+ *
+ * @return A CreateXMLSignatureResponse API object containing the
+ * created signature(s). The response contains either a
+ * SignatureEnvironment or a ErrorResponse for
+ * each SingleSignatureInfo in the request.
+ * @throws MOAException An error occurred during signature creation.
*/
public CreateXMLSignatureResponse createXMLSignature(
- CreateXMLSignatureRequest request,
- Set reserved)
- throws MOAException {
-
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- LoggingContext loggingCtx =
- LoggingContextManager.getInstance().getLoggingContext();
+ CreateXMLSignatureRequest request,
+ Set reserved)
+ throws MOAException {
+
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final LoggingContext loggingCtx =
+ LoggingContextManager.getInstance().getLoggingContext();
reserved = new HashSet(reserved);
- XMLSignatureCreationProfileFactory profileFactory =
- new XMLSignatureCreationProfileFactory(request, reserved);
- CreateXMLSignatureResponseBuilder responseBuilder =
- new CreateXMLSignatureResponseBuilder();
+ final XMLSignatureCreationProfileFactory profileFactory =
+ new XMLSignatureCreationProfileFactory(request, reserved);
+ final CreateXMLSignatureResponseBuilder responseBuilder =
+ new CreateXMLSignatureResponseBuilder();
int createCount = 1;
IdGenerator refIdGen;
XMLSignatureCreationModule module;
@@ -153,8 +151,8 @@ public class XMLSignatureCreationInvoker {
// iterate over all the SingleSignatureInfo elements in the request
while (singleSignatureInfoIter.hasNext()) {
- SingleSignatureInfo singleSignatureInfo =
- (SingleSignatureInfo) singleSignatureInfoIter.next();
+ final SingleSignatureInfo singleSignatureInfo =
+ (SingleSignatureInfo) singleSignatureInfoIter.next();
CreateSignatureInfo createSignatureInfo;
List dataObjectList;
XMLSignatureCreationProfile profile;
@@ -170,44 +168,47 @@ public class XMLSignatureCreationInvoker {
// build the signature environment
createSignatureInfo = singleSignatureInfo.getCreateSignatureInfo();
if (createSignatureInfo != null) {
- DataObjectFactory dataObjFactory = DataObjectFactory.getInstance();
+ final DataObjectFactory dataObjFactory = DataObjectFactory.getInstance();
signatureEnvironment =
- dataObjFactory.createSignatureEnvironment(
- createSignatureInfo.getCreateSignatureEnvironment(),
- getCreateSignatureEnvironmentProfileSupplements(singleSignatureInfo));
+ dataObjFactory.createSignatureEnvironment(
+ createSignatureInfo.getCreateSignatureEnvironment(),
+ getCreateSignatureEnvironmentProfileSupplements(singleSignatureInfo));
} else {
signatureEnvironment = null;
}
-
- HashSet sigInfoReservedIDs = new HashSet();
- if (signatureEnvironment != null)
- {
+
+ final HashSet sigInfoReservedIDs = new HashSet();
+ if (signatureEnvironment != null) {
// Find Id attributes of existing XML signatures in signature environment
- HashMap nSMap = new HashMap();
- String dsp = Constants.DSIG_PREFIX;
- nSMap.put(dsp, Constants.DSIG_NS_URI);
- String xPathExpr = "//" + dsp + ":Signature/@Id | //" + dsp + ":Reference/@Id | //"
- + dsp + ":Object/@Id | //" + dsp + ":Manifest/@Id";
- NodeList idAttrs = XPathUtils.selectNodeList(signatureEnvironment.getElement(), nSMap, xPathExpr);
-
- // Add found Id attributes to set of reserved IDs
- for (int i = 0; i < idAttrs.getLength(); i++) sigInfoReservedIDs.add(idAttrs.item(i).getNodeValue());
+ final HashMap nSMap = new HashMap();
+ final String dsp = Constants.DSIG_PREFIX;
+ nSMap.put(dsp, Constants.DSIG_NS_URI);
+ final String xPathExpr = "//" + dsp + ":Signature/@Id | //" + dsp + ":Reference/@Id | //"
+ + dsp + ":Object/@Id | //" + dsp + ":Manifest/@Id";
+ final NodeList idAttrs = XPathUtils.selectNodeList(signatureEnvironment.getElement(), nSMap,
+ xPathExpr);
+
+ // Add found Id attributes to set of reserved IDs
+ for (int i = 0; i < idAttrs.getLength(); i++) {
+ sigInfoReservedIDs.add(idAttrs.item(i).getNodeValue());
+ }
}
// create the reference id generator
- HashSet allReservedIDs = new HashSet(reserved);
+ final HashSet allReservedIDs = new HashSet(reserved);
allReservedIDs.addAll(sigInfoReservedIDs);
refIdGen = new IdGenerator("reference-" + createCount++, allReservedIDs);
// build the list of DataObjects
- List createTransformsProfiles = profileFactory.getCreateTransformsInfoProfiles(singleSignatureInfo);
+ final List createTransformsProfiles = profileFactory.getCreateTransformsInfoProfiles(
+ singleSignatureInfo);
dataObjectList =
- buildDataObjectList(
- singleSignatureInfo,
- createTransformsProfiles,
- signatureEnvironment,
- refIdGen);
+ buildDataObjectList(
+ singleSignatureInfo,
+ createTransformsProfiles,
+ signatureEnvironment,
+ refIdGen);
// build the XMLSignatureCreationProfile
profile = profileFactory.createProfile(singleSignatureInfo, sigInfoReservedIDs);
@@ -218,78 +219,78 @@ public class XMLSignatureCreationInvoker {
// build the signatureParentElement
if (signatureEnvironment != null) {
signatureParent =
- buildSignatureParentElement(
- signatureEnvironment.getElement(),
- singleSignatureInfo);
+ buildSignatureParentElement(
+ signatureEnvironment.getElement(),
+ singleSignatureInfo);
} else {
signatureParent = null;
}
- // make the signature environment the root of the document, if it is
- // not a separate document anyway; this is done to assure that
- // canonicalization of the signature environment contains the correct
+ // make the signature environment the root of the document, if it is
+ // not a separate document anyway; this is done to assure that
+ // canonicalization of the signature environment contains the correct
// namespace declarations
if (signatureEnvironment != null) {
- Document requestDoc =
- signatureEnvironment.getElement().getOwnerDocument();
+ final Document requestDoc =
+ signatureEnvironment.getElement().getOwnerDocument();
requestElement = requestDoc.getDocumentElement();
if (requestElement != signatureEnvironment.getElement()) {
signatureEnvironmentParent =
- signatureEnvironment.getElement().getParentNode();
+ signatureEnvironment.getElement().getParentNode();
requestElement.getOwnerDocument().replaceChild(
- signatureEnvironment.getElement(),
- requestElement);
+ signatureEnvironment.getElement(),
+ requestElement);
}
}
try {
- ConfigurationProvider config = context.getConfiguration();
- String xadesVersion = config.getXAdESVersion();
-
- if (xadesVersion!= null && xadesVersion.compareTo(XMLSignatureCreationModule.XADES_VERSION_1_4_2) == 0) {
- // create the signature (XAdES 1.4.2)
- signature =
- module.createSignature(
+ final ConfigurationProvider config = context.getConfiguration();
+ final String xadesVersion = config.getXAdESVersion();
+
+ if (xadesVersion != null && xadesVersion.compareTo(
+ XMLSignatureCreationModule.XADES_VERSION_1_4_2) == 0) {
+ // create the signature (XAdES 1.4.2)
+ signature =
+ module.createSignature(
dataObjectList,
profile,
additionalSignedProperties,
signatureParent,
XMLSignatureCreationModule.XADES_VERSION_1_4_2,
new TransactionId(context.getTransactionID()));
- }
- else {
- // create the signature (XAdES 1.1.1 = default)
- signature =
- module.createSignature(
+ } else {
+ // create the signature (XAdES 1.1.1 = default)
+ signature =
+ module.createSignature(
dataObjectList,
profile,
additionalSignedProperties,
signatureParent,
XMLSignatureCreationModule.XADES_VERSION_1_1_1,
new TransactionId(context.getTransactionID()));
- }
+ }
// insert the result into the response
if (signatureParent != null) {
responseBuilder.addSignatureEnvironment(
- signatureEnvironment.getElement());
+ signatureEnvironment.getElement());
} else {
responseBuilder.addSignatureEnvironment(signature.getElement());
}
- } catch (IAIKException e) {
- MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+ } catch (final IAIKException e) {
+ final MOAException moaException = IaikExceptionMapper.getInstance().map(e);
responseBuilder.addError(
- moaException.getMessageId(),
- moaException.getMessage());
+ moaException.getMessageId(),
+ moaException.getMessage());
Logger.warn(moaException.getMessage(), e);
- } catch (IAIKRuntimeException e) {
- MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+ } catch (final IAIKRuntimeException e) {
+ final MOAException moaException = IaikExceptionMapper.getInstance().map(e);
responseBuilder.addError(
- moaException.getMessageId(),
- moaException.getMessage());
+ moaException.getMessageId(),
+ moaException.getMessage());
Logger.warn(moaException.getMessage(), e);
}
@@ -297,14 +298,14 @@ public class XMLSignatureCreationInvoker {
if (signatureEnvironment != null) {
if (requestElement != signatureEnvironment.getElement()) {
requestElement.getOwnerDocument().replaceChild(
- requestElement,
- signatureEnvironment.getElement());
+ requestElement,
+ signatureEnvironment.getElement());
signatureEnvironmentParent.appendChild(
- signatureEnvironment.getElement());
+ signatureEnvironment.getElement());
}
}
- } catch (MOAException e) {
+ } catch (final MOAException e) {
responseBuilder.addError(e.getMessageId(), e.getMessage());
Logger.warn(e.getMessage(), e);
}
@@ -317,85 +318,88 @@ public class XMLSignatureCreationInvoker {
/**
* Build the list of DataObjects from the given
* SingleSignatureInfo object.
- *
+ *
*
- * Only the following cases of DataObjects are
- * valid in case of an enveloping signature:
- *
+ * Only the following cases of DataObjects are valid in case of an
+ * enveloping signature:
+ *
*
- * Reference == null && Content != null: The
+ * Reference == null && Content != null: The
* Content will be used in the DataObject.Reference != null && Content == null: Resolve the
- * Reference and use it as DataObject.
- * Set the Reference in the DataObject as well.Reference and use it as DataObject. Set the
+ * Reference in the DataObject as well.
*
*
- *
+ *
*
- * Only the following cases of DataObjects are valid in case
- * of a detached signature:
- *
+ * Only the following cases of DataObjects are valid in case of a
+ * detached signature:
+ *
*
* Reference != null && Content == null: Resolve the
- * Reference and use it as DataObject.
- * Set the Reference in the DataObject as well.Reference and use it as DataObject. Set the
+ * Reference in the DataObject as well.
* Reference != null && Content != null: The
- * Content will be used in the DataObject.
- * Set the Reference in the DataObject as well.Content will be used in the DataObject. Set the
+ * Reference in the DataObject as well.
*
*
- *
+ *
*
* All other cases will lead to an error.
*
- *
- * @param singleSignatureInfo The SingleSignatureInfo object
- * containing the DataObjectInfo objects.
- * @param createTransformsProfiles A list of objects of type {@link CreateTransformsInfoProfileExplicit},
- * each representing the transforms info profile information for the corresponding DataObject.
- * @param signatureEnvironment The
- * @param idGen The ID generator for DataObject references.
+ *
+ * @param singleSignatureInfo The SingleSignatureInfo object
+ * containing the DataObjectInfo
+ * objects.
+ * @param createTransformsProfiles A list of objects of type
+ * {@link CreateTransformsInfoProfileExplicit},
+ * each representing the transforms info profile
+ * information for the corresponding
+ * DataObject.
+ * @param signatureEnvironment The
+ * @param idGen The ID generator for DataObject
+ * references.
* @return The List of DataObjects contained in the
- * given singleSignatureInfo.
- * @throws MOASystemException A system error occurred building the data
- * objects.
- * @throws MOAApplicationException An error occurred building the data
- * objects.
+ * given singleSignatureInfo.
+ * @throws MOASystemException A system error occurred building the data
+ * objects.
+ * @throws MOAApplicationException An error occurred building the data objects.
*/
private List buildDataObjectList(
- SingleSignatureInfo singleSignatureInfo,
- List createTransformsProfiles,
- XMLDataObject signatureEnvironment,
- IdGenerator idGen)
- throws MOASystemException, MOAApplicationException {
-
- List dataObjInfos = singleSignatureInfo.getDataObjectInfos();
- List dataObjects = new ArrayList();
+ SingleSignatureInfo singleSignatureInfo,
+ List createTransformsProfiles,
+ XMLDataObject signatureEnvironment,
+ IdGenerator idGen)
+ throws MOASystemException, MOAApplicationException {
+
+ final List dataObjInfos = singleSignatureInfo.getDataObjectInfos();
+ final List dataObjects = new ArrayList();
Iterator dtIter;
- Iterator ctpIter = createTransformsProfiles.iterator();
+ final Iterator ctpIter = createTransformsProfiles.iterator();
- for (dtIter = dataObjInfos.iterator(); dtIter.hasNext();)
- {
- DataObjectInfo dataObjInfo = (DataObjectInfo) dtIter.next();
- String structure = dataObjInfo.getStructure();
-
- CreateTransformsInfoProfileExplicit transformsProfile =
- (CreateTransformsInfoProfileExplicit) ctpIter.next();
- MetaInfo finalDataMetaInfo = transformsProfile.getCreateTransformsInfo().getFinalDataMetaInfo();
+ for (dtIter = dataObjInfos.iterator(); dtIter.hasNext();) {
+ final DataObjectInfo dataObjInfo = (DataObjectInfo) dtIter.next();
+ final String structure = dataObjInfo.getStructure();
+
+ final CreateTransformsInfoProfileExplicit transformsProfile =
+ (CreateTransformsInfoProfileExplicit) ctpIter.next();
+ final MetaInfo finalDataMetaInfo = transformsProfile.getCreateTransformsInfo().getFinalDataMetaInfo();
if (DataObjectInfo.STRUCTURE_ENVELOPING.equals(structure)) {
dataObjects.add(
- buildEnvelopingDataObject(
- dataObjInfo.getDataObject(),
- finalDataMetaInfo,
- idGen.uniqueId()));
+ buildEnvelopingDataObject(
+ dataObjInfo.getDataObject(),
+ finalDataMetaInfo,
+ idGen.uniqueId()));
} else if (DataObjectInfo.STRUCTURE_DETACHED.equals(structure)) {
dataObjects.add(
- buildDetachedDataObject(
- dataObjInfo.getDataObject(),
- finalDataMetaInfo,
- signatureEnvironment,
- idGen.uniqueId()));
+ buildDetachedDataObject(
+ dataObjInfo.getDataObject(),
+ finalDataMetaInfo,
+ signatureEnvironment,
+ idGen.uniqueId()));
} else {
throw new MOAApplicationException("1103", new Object[] { structure });
}
@@ -406,126 +410,128 @@ public class XMLSignatureCreationInvoker {
}
/**
- * Build a DataObject to be used in an enveloping
- * signature.
- *
- * @param content The Content object containing the data object.
- * ContentOptionalRefType.
- * @param finalDataMetaInfo The meta information corresponding with content.
- * @param referenceID The reference ID to use in the signature for the
- * DataObject created.
+ * Build a DataObject to be used in an enveloping signature.
+ *
+ * @param content The Content object containing the data
+ * object. ContentOptionalRefType.
+ * @param finalDataMetaInfo The meta information corresponding with
+ * content.
+ * @param referenceID The reference ID to use in the signature for the
+ * DataObject created.
* @return The DataObject representing the data contained in
- * dataObjectElem.
- * @throws MOAApplicationException An error occurred during the creation of
- * the DataObject.
- * @throws MOASystemException A system error occurred during the creation of
- * the DataObject.
+ * dataObjectElem.
+ * @throws MOAApplicationException An error occurred during the creation of the
+ * DataObject.
+ * @throws MOASystemException A system error occurred during the creation
+ * of the DataObject.
*/
private DataObject buildEnvelopingDataObject(
- Content content,
- MetaInfo finalDataMetaInfo,
- String referenceID)
- throws MOASystemException, MOAApplicationException {
+ Content content,
+ MetaInfo finalDataMetaInfo,
+ String referenceID)
+ throws MOASystemException, MOAApplicationException {
- DataObjectFactory factory = DataObjectFactory.getInstance();
+ final DataObjectFactory factory = DataObjectFactory.getInstance();
DataObject dataObject;
dataObject =
- factory.createFromContentOptionalRefType(
- content,
- finalDataMetaInfo,
- referenceID,
- false,
- false,
- true,
- false);
+ factory.createFromContentOptionalRefType(
+ content,
+ finalDataMetaInfo,
+ referenceID,
+ false,
+ false,
+ true,
+ false);
return dataObject;
}
/**
* Build a DataObject to be used in a detached signature.
- *
- * @param content The Content object containing an the data.
- * @param finalDataMetaInfo The meta information corresponding with content.
+ *
+ * @param content The Content object containing an the
+ * data.
+ * @param finalDataMetaInfo The meta information corresponding with
+ * content.
* @param signatureEnvironment The signature environment where the signature
- * will be inserted.
- * @param referenceID The reference ID to use in the signature for the
- * DataObject created.
+ * will be inserted.
+ * @param referenceID The reference ID to use in the signature for the
+ * DataObject created.
* @return The DataObject representing the data contained in
- * dataObjectElem.
- * @throws MOAApplicationException An error occurred during the creation of
- * the DataObject.
- * @throws MOASystemException A system error occurred during the creation of
- * the DataObject.
+ * dataObjectElem.
+ * @throws MOAApplicationException An error occurred during the creation of the
+ * DataObject.
+ * @throws MOASystemException A system error occurred during the creation
+ * of the DataObject.
*/
private DataObject buildDetachedDataObject(
- Content content,
- MetaInfo finalDataMetaInfo,
- XMLDataObject signatureEnvironment,
- String referenceID)
- throws MOASystemException, MOAApplicationException {
-
- String reference = content.getReference();
- DataObjectFactory factory = DataObjectFactory.getInstance();
+ Content content,
+ MetaInfo finalDataMetaInfo,
+ XMLDataObject signatureEnvironment,
+ String referenceID)
+ throws MOASystemException, MOAApplicationException {
+
+ final String reference = content.getReference();
+ final DataObjectFactory factory = DataObjectFactory.getInstance();
DataObject dataObject;
if (reference == null) {
throw new MOAApplicationException("1102", null);
} else if ("".equals(reference) || reference.startsWith("#")) {
dataObject =
- factory.createFromSignatureEnvironment(
- signatureEnvironment.getElement(),
- reference,
- referenceID);
+ factory.createFromSignatureEnvironment(
+ signatureEnvironment.getElement(),
+ reference,
+ referenceID);
} else {
dataObject =
- factory.createFromContentOptionalRefType(
- content,
- finalDataMetaInfo,
- referenceID,
- true,
- false,
- true,
- false);
+ factory.createFromContentOptionalRefType(
+ content,
+ finalDataMetaInfo,
+ referenceID,
+ true,
+ false,
+ true,
+ false);
}
return dataObject;
}
/**
* Build the signature parent element.
- *
- * @param signatureEnvironment The signature environment containing the
- * document in which to insert the signature.
- * @param singleSignatureInfo The SingleSignatureInfo
- * containing the signature parent element.
- * @return An XMLDataObject containing the signature parent
- * element or null, if the CreateSignatureInfo is
- * null.
- * @throws MOAApplicationException An error occurred during the creation of
- * the signature parent.
+ *
+ * @param signatureEnvironment The signature environment containing the document
+ * in which to insert the signature.
+ * @param singleSignatureInfo The SingleSignatureInfo containing
+ * the signature parent element.
+ * @return An XMLDataObject containing the signature parent element
+ * or null, if the CreateSignatureInfo is
+ * null.
+ * @throws MOAApplicationException An error occurred during the creation of the
+ * signature parent.
*/
private XMLDataObject buildSignatureParentElement(
- Element signatureEnvironment,
- SingleSignatureInfo singleSignatureInfo)
- throws MOAApplicationException {
+ Element signatureEnvironment,
+ SingleSignatureInfo singleSignatureInfo)
+ throws MOAApplicationException {
- CreateSignatureInfo createInfo =
- singleSignatureInfo.getCreateSignatureInfo();
+ final CreateSignatureInfo createInfo =
+ singleSignatureInfo.getCreateSignatureInfo();
// evaluate the CreateSignatureLocation
if (createInfo != null) {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- CreateSignatureEnvironmentProfileExplicit createProfile =
- ProfileMapper.mapCreateSignatureEnvironmentProfile(
- createInfo.getCreateSignatureEnvironmentProfile(),
- config);
- CreateSignatureLocation location =
- createProfile.getCreateSignatureLocation();
- Element signatureParent =
- InvokerUtils.evaluateSignatureLocation(signatureEnvironment, location);
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final CreateSignatureEnvironmentProfileExplicit createProfile =
+ ProfileMapper.mapCreateSignatureEnvironmentProfile(
+ createInfo.getCreateSignatureEnvironmentProfile(),
+ config);
+ final CreateSignatureLocation location =
+ createProfile.getCreateSignatureLocation();
+ final Element signatureParent =
+ InvokerUtils.evaluateSignatureLocation(signatureEnvironment, location);
return new XMLDataObjectImpl(signatureParent);
} else {
@@ -534,31 +540,31 @@ public class XMLSignatureCreationInvoker {
}
/**
- * Get the supplements contained in the
- * CreateSignatureEnvironmentProfile of the given
+ * Get the supplements contained in the
+ * CreateSignatureEnvironmentProfile of the given
* SingleSignatureInfo.
- *
- * @param singleSigInfo The SingleSignatureInfo from which
- * to extract the supplements.
- * @return A List of XMLDataObjectAssociations
- * or null, if the singleSigInfo does not contain
- * supplements.
- * @throws MOAApplicationException An error occurred parsing the
- * CreateSignatureEnvironmentProfile.
+ *
+ * @param singleSigInfo The SingleSignatureInfo from which to
+ * extract the supplements.
+ * @return A List of XMLDataObjectAssociations or
+ * null, if the singleSigInfo does not contain
+ * supplements.
+ * @throws MOAApplicationException An error occurred parsing the
+ * CreateSignatureEnvironmentProfile.
*/
private List getCreateSignatureEnvironmentProfileSupplements(SingleSignatureInfo singleSigInfo)
- throws MOAApplicationException {
- CreateSignatureInfo sigInfo = singleSigInfo.getCreateSignatureInfo();
+ throws MOAApplicationException {
+ final CreateSignatureInfo sigInfo = singleSigInfo.getCreateSignatureInfo();
if (sigInfo != null) {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- CreateSignatureEnvironmentProfileExplicit profile =
- ProfileMapper.mapCreateSignatureEnvironmentProfile(
- sigInfo.getCreateSignatureEnvironmentProfile(),
- config);
- List supplements = profile.getSupplements();
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final CreateSignatureEnvironmentProfileExplicit profile =
+ ProfileMapper.mapCreateSignatureEnvironmentProfile(
+ sigInfo.getCreateSignatureEnvironmentProfile(),
+ config);
+ final List supplements = profile.getSupplements();
return supplements;
}
@@ -567,18 +573,18 @@ public class XMLSignatureCreationInvoker {
/**
* Build the list of additional signed properties.
- *
+ *
* Based on the generic configuration setting
- * ConfigurationProvider.TEST_SIGNING_TIME_PROPERTY, a
- * constant SigningTime will be added to the properties.
- *
+ * ConfigurationProvider.TEST_SIGNING_TIME_PROPERTY, a constant
+ * SigningTime will be added to the properties.
+ *
* @return The List of additional signed properties.
*/
private List buildAdditionalSignedProperties() {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- List additionalSignedProperties = Collections.EMPTY_LIST;
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final List additionalSignedProperties = Collections.EMPTY_LIST;
return additionalSignedProperties;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java
index 32eab9e..c097b0c 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java
@@ -21,18 +21,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
-import iaik.server.modules.algorithms.HashAlgorithms;
-import iaik.server.modules.keys.KeyEntryID;
-import iaik.server.modules.keys.KeyModule;
-import iaik.server.modules.keys.KeyModuleFactory;
-import iaik.server.modules.xml.Canonicalization;
-import iaik.server.modules.xmlsign.SignatureStructureTypes;
-import iaik.server.modules.xmlsign.XMLSignatureCreationProfile;
-import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation;
-
import java.math.BigInteger;
import java.security.Principal;
import java.security.cert.X509Certificate;
@@ -70,12 +60,20 @@ import at.gv.egovernment.moa.spss.util.MessageProvider;
import at.gv.egovernment.moaspss.logging.LogMsg;
import at.gv.egovernment.moaspss.logging.Logger;
import at.gv.egovernment.moaspss.util.Constants;
+import iaik.server.modules.algorithms.HashAlgorithms;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
+import iaik.server.modules.xml.Canonicalization;
+import iaik.server.modules.xmlsign.SignatureStructureTypes;
+import iaik.server.modules.xmlsign.XMLSignatureCreationProfile;
+import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation;
/**
* A factory to create XMLSignatureCreationProfiles from a
* CreateXMLSignatureRequest, based on the current MOA
* configuration.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -91,24 +89,25 @@ public class XMLSignatureCreationProfileFactory {
HASH_ALGORITHM_MAPPING.put(Constants.SHA512_URI, HashAlgorithms.SHA512);
}
- /** The CreateXMLSignatureRequest for which to create the
- * profile.*/
- private CreateXMLSignatureRequest request;
+ /**
+ * The CreateXMLSignatureRequest for which to create the profile.
+ */
+ private final CreateXMLSignatureRequest request;
/** How many profiles have been created based on the same request. */
private int createProfileCount;
- /** The Set of reserved object IDs.*/
- private Set reserved;
+ /** The Set of reserved object IDs. */
+ private final Set reserved;
/**
* Create a new XMLSignatureCreationProfileFactory.
- *
- * @param request The request for which to create profiles.
- * @param reserved The Set of reserved object IDs. IDs will
- * be added during signature creation.
+ *
+ * @param request The request for which to create profiles.
+ * @param reserved The Set of reserved object IDs. IDs will be
+ * added during signature creation.
*/
public XMLSignatureCreationProfileFactory(
- CreateXMLSignatureRequest request,
- Set reserved) {
+ CreateXMLSignatureRequest request,
+ Set reserved) {
this.request = request;
this.reserved = reserved;
createProfileCount = 1;
@@ -117,98 +116,98 @@ public class XMLSignatureCreationProfileFactory {
/**
* Create a XMLSignatureCreationProfile for the given
* SingleSignatureInfo object..
- *
+ *
* @param singleSignatureInfo The SingleSignatureInfo object
- * containing information about the creation of a signature.
- * @param sigInfoReservedIDs The Set of reserved ID attribue values
- * for the particular singleSignatureInfo.
+ * containing information about the creation of a
+ * signature.
+ * @param sigInfoReservedIDs The Set of reserved ID attribue
+ * values for the particular
+ * singleSignatureInfo.
* @return The XMLSignatureCreationProfile containing additional
- * information for creating an XML signature.
- * @throws MOASystemException A system error occurred during creation of the
- * profile. See message for details
- * @throws MOAApplicationException An application error occurred during
- * creation of the profile. See message for details.
+ * information for creating an XML signature.
+ * @throws MOASystemException A system error occurred during creation of
+ * the profile. See message for details
+ * @throws MOAApplicationException An application error occurred during creation
+ * of the profile. See message for details.
*/
public XMLSignatureCreationProfile createProfile(SingleSignatureInfo singleSignatureInfo,
- Set sigInfoReservedIDs) throws MOASystemException, MOAApplicationException {
+ Set sigInfoReservedIDs) throws MOASystemException, MOAApplicationException {
- HashSet allReservedIDs = new HashSet(reserved);
+ final HashSet allReservedIDs = new HashSet(reserved);
allReservedIDs.addAll(sigInfoReservedIDs);
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
List dataObjectTreatmentList;
Set keySet;
List transformationSupplements;
List createTransformsProfiles;
// get the key group id
- String keyGroupID = request.getKeyIdentifier();
+ final String keyGroupID = request.getKeyIdentifier();
// get digest method on key group level (if configured)
- KeyGroup keygroup = config.getKeyGroup(keyGroupID);
- if(null == keygroup) {
- Logger.error("Could not find key group '" + keyGroupID + "'");
- throw new MOAApplicationException("2231", null);
+ final KeyGroup keygroup = config.getKeyGroup(keyGroupID);
+ if (null == keygroup) {
+ Logger.error("Could not find key group '" + keyGroupID + "'");
+ throw new MOAApplicationException("2231", null);
}
- String configDigestMethodKG = keygroup.getDigestMethodAlgorithm();
+ final String configDigestMethodKG = keygroup.getDigestMethodAlgorithm();
// get default digest method (if configured)
- String configDigestMethod = config.getDigestMethodAlgorithmName();
-
- String xadesVersion = config.getXAdESVersion();
-
+ final String configDigestMethod = config.getDigestMethodAlgorithmName();
+
+ final String xadesVersion = config.getXAdESVersion();
+
String digestMethodXAdES142 = null;
boolean isXAdES142 = false;
// if XAdES Version 1.4.2 is configured
if (xadesVersion != null && xadesVersion.compareTo("1.4.2") == 0) {
- isXAdES142 = true;
- Logger.debug("XAdES version '" + xadesVersion + "' used");
+ isXAdES142 = true;
+ Logger.debug("XAdES version '" + xadesVersion + "' used");
}
-
+
if (isXAdES142) {
- if (configDigestMethodKG != null) {
- // if KG specific digest method is configured
- digestMethodXAdES142 = (String) HASH_ALGORITHM_MAPPING.get(configDigestMethodKG);
- if (digestMethodXAdES142 == null) {
- error(
- "config.17",
- new Object[] { configDigestMethodKG});
- throw new MOASystemException("2900", null);
- }
- Logger.debug("Digest algorithm: " + digestMethodXAdES142 + "(configured in KeyGroup)");
- }
- else {
- // else get default configured digest method
- digestMethodXAdES142 = (String) HASH_ALGORITHM_MAPPING.get(configDigestMethod);
- if (digestMethodXAdES142 == null) {
- error(
- "config.17",
- new Object[] { configDigestMethod});
- throw new MOASystemException("2900", null);
- }
- Logger.debug("Digest algorithm: " + digestMethodXAdES142 + "(default)");
-
- }
+ if (configDigestMethodKG != null) {
+ // if KG specific digest method is configured
+ digestMethodXAdES142 = (String) HASH_ALGORITHM_MAPPING.get(configDigestMethodKG);
+ if (digestMethodXAdES142 == null) {
+ error(
+ "config.17",
+ new Object[] { configDigestMethodKG });
+ throw new MOASystemException("2900", null);
+ }
+ Logger.debug("Digest algorithm: " + digestMethodXAdES142 + "(configured in KeyGroup)");
+ } else {
+ // else get default configured digest method
+ digestMethodXAdES142 = (String) HASH_ALGORITHM_MAPPING.get(configDigestMethod);
+ if (digestMethodXAdES142 == null) {
+ error(
+ "config.17",
+ new Object[] { configDigestMethod });
+ throw new MOASystemException("2900", null);
+ }
+ Logger.debug("Digest algorithm: " + digestMethodXAdES142 + "(default)");
+
+ }
}
-
- XMLSignatureCreationProfileImpl profile =
- new XMLSignatureCreationProfileImpl(createProfileCount, allReservedIDs, digestMethodXAdES142);
-
+ final XMLSignatureCreationProfileImpl profile =
+ new XMLSignatureCreationProfileImpl(createProfileCount, allReservedIDs, digestMethodXAdES142);
+
// build the transformation supplements
createTransformsProfiles =
- getCreateTransformsInfoProfiles(singleSignatureInfo);
+ getCreateTransformsInfoProfiles(singleSignatureInfo);
transformationSupplements =
- buildTransformationSupplements(createTransformsProfiles);
+ buildTransformationSupplements(createTransformsProfiles);
// build and set the data object treatment list
dataObjectTreatmentList =
- buildDataObjectTreatmentList(
- singleSignatureInfo,
- createTransformsProfiles,
- transformationSupplements,
- allReservedIDs,
- digestMethodXAdES142);
+ buildDataObjectTreatmentList(
+ singleSignatureInfo,
+ createTransformsProfiles,
+ transformationSupplements,
+ allReservedIDs,
+ digestMethodXAdES142);
profile.setDataObjectTreatmentList(dataObjectTreatmentList);
// set the key set
@@ -232,27 +231,28 @@ public class XMLSignatureCreationProfileFactory {
// set insertion location
profile.setSignatureInsertionLocation(
- getSignatureInsertionLocationIndex(singleSignatureInfo));
+ getSignatureInsertionLocationIndex(singleSignatureInfo));
// set the canonicalization algorithm
- String canonicalizationURI = config.getCanonicalizationAlgorithmName();
+ final String canonicalizationURI = config.getCanonicalizationAlgorithmName();
if (Canonicalization.ALL_EXCLUSIVE.contains(canonicalizationURI)) {
- ExclusiveCanonicalizationImpl canonicalization = new ExclusiveCanonicalizationImpl(config.getCanonicalizationAlgorithmName(), null);
- profile.setSignedInfoCanonicalization(canonicalization);
-
+ final ExclusiveCanonicalizationImpl canonicalization = new ExclusiveCanonicalizationImpl(config
+ .getCanonicalizationAlgorithmName(), null);
+ profile.setSignedInfoCanonicalization(canonicalization);
+
} else {
- CanonicalizationImpl canonicalization =
- new CanonicalizationImpl(config.getCanonicalizationAlgorithmName());
- profile.setSignedInfoCanonicalization(canonicalization);
-
+ final CanonicalizationImpl canonicalization =
+ new CanonicalizationImpl(config.getCanonicalizationAlgorithmName());
+ profile.setSignedInfoCanonicalization(canonicalization);
+
}
-
+
// set the signed properties
profile.setSignedProperties(Collections.EMPTY_LIST);
// set security layer conformity
profile.setSecurityLayerConform(
- singleSignatureInfo.isSecurityLayerConform());
+ singleSignatureInfo.isSecurityLayerConform());
// update the createProfileCount
createProfileCount++;
@@ -262,31 +262,32 @@ public class XMLSignatureCreationProfileFactory {
/**
* Get the List of all CreateTransformsInfoProfiles
- * contained in all the DataObjectInfos of the given
+ * contained in all the DataObjectInfos of the given
* SingleSignatureInfo.
- *
+ *
* @param singleSignatureInfo The SingleSignatureInfo object from
- * which to extract the CreateTransformsInfoProfiles.
- * @return All CreateTransformsInfoProfiles of all
- * DataObjectInfos of singleSignatureInfo.
+ * which to extract the
+ * CreateTransformsInfoProfiles.
+ * @return All CreateTransformsInfoProfiles of all
+ * DataObjectInfos of singleSignatureInfo.
* @throws MOAApplicationException An error occurred creating one of the
- * profiles.
+ * profiles.
*/
List getCreateTransformsInfoProfiles(SingleSignatureInfo singleSignatureInfo)
- throws MOAApplicationException {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- List dataObjInfos = singleSignatureInfo.getDataObjectInfos();
- List profiles = new ArrayList();
+ throws MOAApplicationException {
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final List dataObjInfos = singleSignatureInfo.getDataObjectInfos();
+ final List profiles = new ArrayList();
Iterator dtIter;
for (dtIter = dataObjInfos.iterator(); dtIter.hasNext();) {
- DataObjectInfo dataObjInfo = (DataObjectInfo) dtIter.next();
- CreateTransformsInfoProfileExplicit profile =
- ProfileMapper.mapCreateTransformsInfoProfile(
- dataObjInfo.getCreateTransformsInfoProfile(),
- config);
+ final DataObjectInfo dataObjInfo = (DataObjectInfo) dtIter.next();
+ final CreateTransformsInfoProfileExplicit profile =
+ ProfileMapper.mapCreateTransformsInfoProfile(
+ dataObjInfo.getCreateTransformsInfoProfile(),
+ config);
profiles.add(profile);
}
@@ -296,41 +297,42 @@ public class XMLSignatureCreationProfileFactory {
/**
* Build the List of transformation supplements contained in a
* SingleSignatureInfo object.
- *
- * @param createTransformsInfoProfiles The
- * CreateTransformsInfoProfile object from which to extract the
- * transformation supplements.
+ *
+ * @param createTransformsInfoProfiles The
+ * CreateTransformsInfoProfile
+ * object from which to extract the
+ * transformation supplements.
* @return A List of DataObjects containing the
- * transformation supplements.
- * @throws MOASystemException A system error occurred creating one of the
- * transformation supplements.
+ * transformation supplements.
+ * @throws MOASystemException A system error occurred creating one of the
+ * transformation supplements.
* @throws MOAApplicationException An error occurred creating one of the
- * transformation supplements.
+ * transformation supplements.
*/
private List buildTransformationSupplements(List createTransformsInfoProfiles)
- throws MOASystemException, MOAApplicationException {
+ throws MOASystemException, MOAApplicationException {
- List transformationSupplements = new ArrayList();
- DataObjectFactory factory = DataObjectFactory.getInstance();
+ final List transformationSupplements = new ArrayList();
+ final DataObjectFactory factory = DataObjectFactory.getInstance();
Iterator iter;
for (iter = createTransformsInfoProfiles.iterator(); iter.hasNext();) {
- CreateTransformsInfoProfileExplicit profile =
- (CreateTransformsInfoProfileExplicit) iter.next();
- List supplements = profile.getSupplements();
+ final CreateTransformsInfoProfileExplicit profile =
+ (CreateTransformsInfoProfileExplicit) iter.next();
+ final List supplements = profile.getSupplements();
if (supplements != null) {
Iterator supplIter;
for (supplIter = supplements.iterator(); supplIter.hasNext();) {
- XMLDataObjectAssociation supplement =
- (XMLDataObjectAssociation) supplIter.next();
+ final XMLDataObjectAssociation supplement =
+ (XMLDataObjectAssociation) supplIter.next();
transformationSupplements.add(
- factory.createFromXmlDataObjectAssociation(
- supplement,
- false,
- true));
+ factory.createFromXmlDataObjectAssociation(
+ supplement,
+ false,
+ true));
}
}
}
@@ -341,35 +343,40 @@ public class XMLSignatureCreationProfileFactory {
/**
* Build the List of DataObjectTreatments for the
* given SingleSignatureInfo object..
- *
- * @param singleSignatureInfo The SingleSignatureInfo object
- * from which to exctract the CreateTransformsInfoProfiles
- * containing the data for the DataObjectTreatments.
- * @param createTransformsInfoProfiles The
- * CreateTransformsInfoProfiles contained in the
- * singleSignatureInfo.
- * @param transformationSupplements Additional parameters for
- * transformations contained in DataObjectTreatments.
- * @param reservedIDs The Set of reserved object IDs.
+ *
+ * @param singleSignatureInfo The SingleSignatureInfo
+ * object from which to exctract the
+ * CreateTransformsInfoProfiles
+ * containing the data for the
+ * DataObjectTreatments.
+ * @param createTransformsInfoProfiles The
+ * CreateTransformsInfoProfiles
+ * contained in the
+ * singleSignatureInfo.
+ * @param transformationSupplements Additional parameters for transformations
+ * contained in
+ * DataObjectTreatments.
+ * @param reservedIDs The Set of reserved object
+ * IDs.
* @return A List of DataObjectTreatment objects.
* @throws MOAApplicationException An error occurred building one of the
- * DataObjectTreatments.
- * @throws MOASystemException A system error occurred building one of the
- * DataObjectTreatments.
+ * DataObjectTreatments.
+ * @throws MOASystemException A system error occurred building one of the
+ * DataObjectTreatments.
*/
private List buildDataObjectTreatmentList(
- SingleSignatureInfo singleSignatureInfo,
- List createTransformsInfoProfiles,
- List transformationSupplements,
- Set reservedIDs,
- String digestMethodXAdES142)
- throws MOASystemException, MOAApplicationException {
-
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- List treatments = new ArrayList();
- List dataObjInfos = singleSignatureInfo.getDataObjectInfos();
+ SingleSignatureInfo singleSignatureInfo,
+ List createTransformsInfoProfiles,
+ List transformationSupplements,
+ Set reservedIDs,
+ String digestMethodXAdES142)
+ throws MOASystemException, MOAApplicationException {
+
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final List treatments = new ArrayList();
+ final List dataObjInfos = singleSignatureInfo.getDataObjectInfos();
int dataObjectTreatmentCount = 1;
String hashAlgorithmName;
Iterator dtIter;
@@ -377,44 +384,40 @@ public class XMLSignatureCreationProfileFactory {
prIter = createTransformsInfoProfiles.iterator();
for (dtIter = dataObjInfos.iterator(); dtIter.hasNext();) {
- CreateTransformsInfoProfileExplicit profile =
- (CreateTransformsInfoProfileExplicit) prIter.next();
- DataObjectInfo dataObjInfo = (DataObjectInfo) dtIter.next();
- IdGenerator objIdGen =
- new IdGenerator(
- ("signed-data-" + createProfileCount)
- + ("-" + dataObjectTreatmentCount++),
- reservedIDs);
- DataObjectTreatmentImpl treatment = new DataObjectTreatmentImpl(objIdGen);
+ final CreateTransformsInfoProfileExplicit profile =
+ (CreateTransformsInfoProfileExplicit) prIter.next();
+ final DataObjectInfo dataObjInfo = (DataObjectInfo) dtIter.next();
+ final IdGenerator objIdGen =
+ new IdGenerator(
+ "signed-data-" + createProfileCount
+ + "-" + dataObjectTreatmentCount++,
+ reservedIDs);
+ final DataObjectTreatmentImpl treatment = new DataObjectTreatmentImpl(objIdGen);
treatment.setFinalContentType(
- profile.getCreateTransformsInfo().getFinalDataMetaInfo().getMimeType());
+ profile.getCreateTransformsInfo().getFinalDataMetaInfo().getMimeType());
treatment.setTransformationList(buildTransformationList(profile));
treatment.setReferenceInManifest(dataObjInfo.isChildOfManifest());
// if XAdES version is 1.4.2
if (digestMethodXAdES142 != null) {
- // use configured digest algorithm
- hashAlgorithmName = digestMethodXAdES142;
- }
- else {
- // stay as it is
- hashAlgorithmName = (String) HASH_ALGORITHM_MAPPING.get(
- config.getDigestMethodAlgorithmName());
- if (hashAlgorithmName == null) {
- error(
- "config.17",
- new Object[] { config.getDigestMethodAlgorithmName()});
- throw new MOASystemException("2900", null);
- }
+ // use configured digest algorithm
+ hashAlgorithmName = digestMethodXAdES142;
+ } else {
+ // stay as it is
+ hashAlgorithmName = (String) HASH_ALGORITHM_MAPPING.get(
+ config.getDigestMethodAlgorithmName());
+ if (hashAlgorithmName == null) {
+ error(
+ "config.17",
+ new Object[] { config.getDigestMethodAlgorithmName() });
+ throw new MOASystemException("2900", null);
+ }
}
-
-
-
treatment.setHashAlgorithmName(hashAlgorithmName);
treatment.setIncludedInSignature(
- DataObjectInfo.STRUCTURE_ENVELOPING.equals(dataObjInfo.getStructure()));
+ DataObjectInfo.STRUCTURE_ENVELOPING.equals(dataObjInfo.getStructure()));
treatment.setTransformationSupplements(transformationSupplements);
treatments.add(treatment);
@@ -427,48 +430,48 @@ public class XMLSignatureCreationProfileFactory {
/**
* Build the List of transformations contained in a
* CreateTransformsInfoProfile object.
- *
- * @param profile The CreateTransformsInfoProfile object
- * from which to extract the Transforms.
- * @return A List of Transformations contained in
- * the given CreateTransformsInfoProfile.
+ *
+ * @param profile The CreateTransformsInfoProfile object from which
+ * to extract the Transforms.
+ * @return A List of Transformations contained in the
+ * given CreateTransformsInfoProfile.
* @throws MOAApplicationException An error occurred building one of the
- * Transformations.
+ * Transformations.
*/
private List buildTransformationList(CreateTransformsInfoProfileExplicit profile)
- throws MOAApplicationException {
+ throws MOAApplicationException {
- TransformationFactory factory = TransformationFactory.getInstance();
- List transforms = profile.getCreateTransformsInfo().getTransforms();
+ final TransformationFactory factory = TransformationFactory.getInstance();
+ final List transforms = profile.getCreateTransformsInfo().getTransforms();
return transforms != null
- ? factory.createTransformationList(transforms)
- : Collections.EMPTY_LIST;
+ ? factory.createTransformationList(transforms)
+ : Collections.EMPTY_LIST;
}
/**
* Build the set of KeyEntryIDs available to the given
* keyGroupID.
- *
+ *
* @param keyGroupID The keygroup ID for which the available keys should be
- * returned.
- * @return The Set of KeyEntryIDs
- * identifying the available keys.
+ * returned.
+ * @return The Set of KeyEntryIDs identifying the
+ * available keys.
*/
private Set buildKeySet(String keyGroupID) {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
Set keyGroupEntries;
// get the KeyGroup entries from the configuration
if (context.getClientCertificate() != null) {
- X509Certificate cert = context.getClientCertificate()[0];
- Principal issuer = cert.getIssuerDN();
- BigInteger serialNumber = cert.getSerialNumber();
+ final X509Certificate cert = context.getClientCertificate()[0];
+ final Principal issuer = cert.getIssuerDN();
+ final BigInteger serialNumber = cert.getSerialNumber();
keyGroupEntries =
- config.getKeyGroupEntries(issuer, serialNumber, keyGroupID);
+ config.getKeyGroupEntries(issuer, serialNumber, keyGroupID);
} else {
keyGroupEntries = config.getKeyGroupEntries(null, null, keyGroupID);
}
@@ -479,23 +482,23 @@ public class XMLSignatureCreationProfileFactory {
} else if (keyGroupEntries.size() == 0) {
return Collections.EMPTY_SET;
} else {
- KeyModule module =
- KeyModuleFactory.getInstance(
- new TransactionId(context.getTransactionID()));
- Set keyEntryIDs = module.getPrivateKeyEntryIDs();
- Set keySet = new HashSet();
+ final KeyModule module =
+ KeyModuleFactory.getInstance(
+ new TransactionId(context.getTransactionID()));
+ final Set keyEntryIDs = module.getPrivateKeyEntryIDs();
+ final Set keySet = new HashSet();
Iterator iter;
// filter out the keys that do not exist in the IAIK configuration
// by walking through the key entries and checking if the exist in the
// keyGroupEntries
for (iter = keyEntryIDs.iterator(); iter.hasNext();) {
- KeyEntryID entryID = (KeyEntryID) iter.next();
- KeyGroupEntry entry =
- new KeyGroupEntry(
- entryID.getModuleID(),
- entryID.getCertificateIssuer(),
- entryID.getCertificateSerialNumber());
+ final KeyEntryID entryID = (KeyEntryID) iter.next();
+ final KeyGroupEntry entry =
+ new KeyGroupEntry(
+ entryID.getModuleID(),
+ entryID.getCertificateIssuer(),
+ entryID.getCertificateSerialNumber());
if (keyGroupEntries.contains(entry)) {
keySet.add(entryID);
}
@@ -507,29 +510,31 @@ public class XMLSignatureCreationProfileFactory {
/**
* Get the signature location index where the signature will be inserted into
* the signature parent element.
- *
+ *
* @param singleSignatureInfo The SingleSignatureInfo object
- * containing the CreateSignatureLocation.
+ * containing the
+ * CreateSignatureLocation.
* @return The index at which to insert the signature into the signature
- * environment.
- * @throws MOAApplicationException An error occurred parsing the
- * CreateSignatureEnvironmentProfile.
+ * environment.
+ * @throws MOAApplicationException An error occurred parsing the
+ * CreateSignatureEnvironmentProfile.
*/
- private XMLSignatureInsertionLocation getSignatureInsertionLocationIndex(SingleSignatureInfo singleSignatureInfo)
- throws MOAApplicationException {
+ private XMLSignatureInsertionLocation getSignatureInsertionLocationIndex(
+ SingleSignatureInfo singleSignatureInfo)
+ throws MOAApplicationException {
- CreateSignatureInfo createInfo =
- singleSignatureInfo.getCreateSignatureInfo();
+ final CreateSignatureInfo createInfo =
+ singleSignatureInfo.getCreateSignatureInfo();
if (createInfo != null) {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- CreateSignatureEnvironmentProfileExplicit profile =
- ProfileMapper.mapCreateSignatureEnvironmentProfile(
- createInfo.getCreateSignatureEnvironmentProfile(),
- config);
- int index = profile.getCreateSignatureLocation().getIndex();
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final CreateSignatureEnvironmentProfileExplicit profile =
+ ProfileMapper.mapCreateSignatureEnvironmentProfile(
+ createInfo.getCreateSignatureEnvironmentProfile(),
+ config);
+ final int index = profile.getCreateSignatureLocation().getIndex();
return new XMLSignatureInsertionLocationImpl(index);
} else {
@@ -539,12 +544,12 @@ public class XMLSignatureCreationProfileFactory {
/**
* Utility function to issue an error message to the log.
- *
- * @param messageId The ID of the message to log.
+ *
+ * @param messageId The ID of the message to log.
* @param parameters Additional message parameters.
*/
private static void error(String messageId, Object[] parameters) {
- MessageProvider msg = MessageProvider.getInstance();
+ final MessageProvider msg = MessageProvider.getInstance();
Logger.error(new LogMsg(msg.getMessage(messageId, parameters)));
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
index 74c4f0b..b97cc95 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
@@ -37,8 +37,6 @@ import java.util.List;
import java.util.Map;
import java.util.Set;
-import javax.xml.ws.soap.AddressingFeature.Responses;
-
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -49,7 +47,6 @@ import at.gv.egovernment.moa.spss.api.SPSSFactory;
import at.gv.egovernment.moa.spss.api.common.CheckResult;
import at.gv.egovernment.moa.spss.api.common.ExtendedCertificateCheckResult;
import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
-import at.gv.egovernment.moa.spss.api.impl.AdESFormResultsImpl;
import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo;
import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResultInfo;
@@ -78,12 +75,9 @@ import at.gv.egovernment.moaspss.logging.LoggingContextManager;
import at.gv.egovernment.moaspss.util.CollectionUtils;
import at.gv.egovernment.moaspss.util.Constants;
import iaik.server.ConfigurationException;
-import iaik.server.modules.AdESConstants;
-import iaik.server.modules.AdESFormVerificationResult;
import iaik.server.modules.IAIKException;
import iaik.server.modules.IAIKRuntimeException;
import iaik.server.modules.SignatureVerificationProfile;
-import iaik.server.modules.SignatureVerificationResult;
import iaik.server.modules.xml.DataObject;
import iaik.server.modules.xml.XMLDataObject;
import iaik.server.modules.xml.XMLSignature;
@@ -103,667 +97,667 @@ import iaik.xml.crypto.utils.URIException;
/**
* A class providing a DOM based interface to the
* XMLSignatureVerificationModule.
- *
+ *
* This class performs the invocation of the
* iaik.server.modules.xmlverify.XMLSignatureVerificationModule
* from a VerifyXMLSignatureRequest given as a DOM element. The
* result of the invocation is integrated into a
* VerifyXMLSignatureResponse and returned.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class XMLSignatureVerificationInvoker {
- /** The single instance of this class. */
- private static XMLSignatureVerificationInvoker instance = null;
-
- private static Set FILTERED_REF_TYPES;
-
- static {
- FILTERED_REF_TYPES = new HashSet();
- FILTERED_REF_TYPES.add(DsigManifest.XML_DSIG_MANIFEST_TYPE);
- FILTERED_REF_TYPES.add(SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE);
- FILTERED_REF_TYPES.add(SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE_OLD);
- FILTERED_REF_TYPES.add(XMLConstants.NAMESPACE_ETSI_STRING + "SignedProperties");
- FILTERED_REF_TYPES.add("http://uri.etsi.org/01903#SignedProperties");
- }
-
- /**
- * Get the single instance of this class.
- *
- * @return The single instance of this class.
- */
- public static synchronized XMLSignatureVerificationInvoker getInstance() {
- if (instance == null) {
- instance = new XMLSignatureVerificationInvoker();
- }
- return instance;
- }
-
- /**
- * Create a new XMLSignatureCreationInvoker.
- *
- * Protected to disallow multiple instances.
- */
- protected XMLSignatureVerificationInvoker() {
- }
-
- /**
- * Process the VerifyXMLSignatureRequest message and invoke the
- * XMLSignatureVerificationModule.
- *
- * @param request
- * A VerifyXMLSignatureRequest API object
- * containing the data for verifying an XML signature.
- * @return A VerifyXMLSignatureResponse containing the answert
- * to the VerifyXMLSignatureRequest. MOA schema
- * definition.
- * @throws MOAException
- * An error occurred during signature verification.
- */
- public VerifyXMLSignatureResponse verifyXMLSignature(VerifyXMLSignatureRequest request) throws MOAException {
-
- TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
- LoggingContext loggingCtx = LoggingContextManager.getInstance().getLoggingContext();
- XMLSignatureVerificationProfileFactory profileFactory = new XMLSignatureVerificationProfileFactory(request);
- VerifyXMLSignatureResponseBuilder responseBuilder = new VerifyXMLSignatureResponseBuilder();
- ExtendedXMLSignatureVerificationResult result = null;
- XMLSignatureVerificationResult plainResult;
- XMLSignatureVerificationProfile profile;
- ReferencesCheckResult signatureManifestCheck;
- DataObjectFactory dataObjFactory;
- XMLDataObject signatureEnvironment;
- Node signatureEnvironmentParent = null;
- Element requestElement = null;
- XMLSignature xmlSignature;
- Date signingTime;
- List supplements;
- List dataObjectList;
-
- // get the supplements
- supplements = getSupplements(request);
-
- // build XMLSignature
- dataObjFactory = DataObjectFactory.getInstance();
- signatureEnvironment = dataObjFactory
- .createSignatureEnvironment(request.getSignatureInfo().getVerifySignatureEnvironment(), supplements);
- xmlSignature = buildXMLSignature(signatureEnvironment, request);
-
- // build the list of DataObjects
- dataObjectList = buildDataObjectList(supplements);
-
- // build profile
- profile = profileFactory.createProfile();
-
- // get the signingTime
- signingTime = request.getDateTime();
-
- // make the signature environment the root of the document, if it is not
- // a
- // separate document anyway; this is done to assure that
- // canonicalization
- // of the signature environment contains the correct namespace
- // declarations
- requestElement = signatureEnvironment.getElement().getOwnerDocument().getDocumentElement();
- if (requestElement != signatureEnvironment.getElement()) {
- signatureEnvironmentParent = signatureEnvironment.getElement().getParentNode();
- requestElement.getOwnerDocument().replaceChild(signatureEnvironment.getElement(), requestElement);
- }
-
- QCSSCDResult qcsscdresult = new QCSSCDResult();
- String tpID = profile.getCertificateValidationProfile().getTrustStoreProfile().getId();
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- TrustProfile tp = config.getTrustProfile(tpID);
-
- // verify the signature
- try {
- XMLSignatureVerificationModule module = XMLSignatureVerificationModuleFactory.getInstance();
-
- module.setLog(new IaikLog(loggingCtx.getNodeID()));
-
- if(request.getExtendedValidaiton()) {
- result = module.verifyXAdESSignature(xmlSignature, dataObjectList, profile, signingTime,
- new TransactionId(context.getTransactionID()));
- plainResult = result.getXMLSignatureVerificationResult();
- } else {
- plainResult = module.verifySignature(xmlSignature, dataObjectList, profile, signingTime,
- new TransactionId(context.getTransactionID()));
- }
- } catch (IAIKException e) {
- MOAException moaException = IaikExceptionMapper.getInstance().map(e);
- throw moaException;
- } catch (IAIKRuntimeException e) {
- MOAException moaException = IaikExceptionMapper.getInstance().map(e);
- throw moaException;
- }
-
- ExtendedCertificateCheckResult extCheckResult;
- if(result != null) {
- List adesResults = null;//
-
- adesResults = AdESResultUtils.getAdESResult(result.getFormVerificationResult());
-
- if (Logger.isDebugEnabled()) {
- if (adesResults != null) {
- Iterator adesIterator = adesResults.iterator();
- while (adesIterator.hasNext()) {
- Logger.debug("ADES Formresults: " + adesIterator.next().toString());
- }
- }
- }
-
- responseBuilder.setAdESFormResults(adesResults);
-
- try {
- //Logger.info("Extended Validation Report: " + result.getName());
- Logger.debug("Extended Validation Code: " + result.getResultCode().toString());
- Logger.debug("Extended Validation Info: " + result.getInfo());
-
- extCheckResult = AdESResultUtils.getExtendedResult(result.getResultCode());
- responseBuilder.setExtendedCertificateCheckResult(extCheckResult);
-
- } catch (NullPointerException e) {
- Logger.info("No extendend validation result available.");
- }
- }
- // QC/SSCD check
- List list = plainResult.getCertificateValidationResult().getCertificateChain();
- if (list != null) {
- X509Certificate[] chain = new X509Certificate[list.size()];
-
- Iterator it = list.iterator();
- int i = 0;
- while (it.hasNext()) {
- chain[i] = (X509Certificate) it.next();
- i++;
- }
-
- qcsscdresult = CertificateUtils.checkQCSSCD(chain, plainResult.getSigningTime(), tp.isTSLEnabled(), config);
- }
-
- // get signer certificate issuer country code
- String issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
-
- // swap back in the request as root document
- if (requestElement != signatureEnvironment.getElement()) {
- requestElement.getOwnerDocument().replaceChild(requestElement, signatureEnvironment.getElement());
- signatureEnvironmentParent.appendChild(signatureEnvironment.getElement());
- }
-
- // check the result
- signatureManifestCheck = validateSignatureManifest(request, plainResult,
- profile);
-
- // Check if signer certificate is in trust profile's allowed signer
- // certificates pool
- TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId());
- CheckResult certificateCheck = validateSignerCertificate(plainResult,
- trustProfile);
-
- // build the response
- responseBuilder.setResult(plainResult, profile, signatureManifestCheck,
- certificateCheck, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(),
- qcsscdresult.isSSCDSourceTSL(), tp.isTSLEnabled(), issuerCountryCode, qcsscdresult.getTslInfos(), request.getExtendedValidaiton());
- return responseBuilder.getResponse();
- }
-
- /**
- * Checks if the signer certificate matches one of the allowed signer
- * certificates specified in the provided trustProfile.
- *
- * @param result
- * The result produced by the
- * XMLSignatureVerificationModule.
- *
- * @param trustProfile
- * The trust profile the signer certificate is validated against.
- *
- * @return The overal result of the certificate validation for the signer
- * certificate.
- *
- * @throws MOAException
- * if one of the signer certificates specified in the
- * trustProfile cannot be read from the file
- * system.
- */
- private CheckResult validateSignerCertificate(XMLSignatureVerificationResult result,
- TrustProfile trustProfile)
- throws MOAException {
- MessageProvider msg = MessageProvider.getInstance();
-
- int resultCode = result.getCertificateValidationResult().getValidationResultCode().intValue();
-
- if (resultCode == 0 && trustProfile.getSignerCertsUri() != null) {
- X509Certificate signerCertificate = (X509Certificate) result.getCertificateValidationResult()
- .getCertificateChain().get(0);
-
- File signerCertsDir = null;
- try {
- signerCertsDir = new File(new URI(trustProfile.getSignerCertsUri()).getPath());
- } catch (URIException e) {
- throw new MOASystemException("2900", null, e); // Should not
- // happen,
- // already
- // checked at
- // loading the
- // MOA
- // configuration
- }
-
- File[] files = signerCertsDir.listFiles();
- if (files == null)
- resultCode = 1;
- int i;
- for (i = 0; i < files.length; i++) {
- if (!files[i].isDirectory()) {
- FileInputStream currentFIS = null;
- try {
- currentFIS = new FileInputStream(files[i]);
- } catch (FileNotFoundException e) {
- throw new MOASystemException("2900", null, e);
- }
-
- try {
- X509Certificate currentCert = new X509Certificate(currentFIS);
- currentFIS.close();
- if (currentCert.equals(signerCertificate))
- break;
- } catch (Exception e) {
- // Simply ignore file if it cannot be interpreted as
- // certificate
- String logMsg = msg.getMessage("invoker.03",
- new Object[] { trustProfile.getId(), files[i].getName() });
- Logger.warn(logMsg);
- try {
- currentFIS.close();
- } catch (IOException e1) {
- // If clean-up fails, do nothing
- }
- }
- }
- }
- if (i >= files.length) {
- resultCode = 1; // No signer certificate from the trustprofile
- // pool matches the actual signer certificate
- }
- }
-
- SPSSFactory factory = SPSSFactory.getInstance();
- return factory.createCheckResult(resultCode, null);
- }
-
- /**
- * Select the dsig:Signature DOM element within the signature
- * environment.
- *
- * @param signatureEnvironment
- * The signature environment containing the
- * dsig:Signature.
- * @param request
- * The VerifyXMLSignatureRequest containing the
- * signature environment.
- * @return The dsig:Signature element wrapped in a
- * XMLSignature object.
- * @throws MOAApplicationException
- * An error occurred locating the dsig:Signature.
- */
- private XMLSignature buildXMLSignature(XMLDataObject signatureEnvironment, VerifyXMLSignatureRequest request)
- throws MOAApplicationException {
-
- VerifySignatureLocation signatureLocation = request.getSignatureInfo().getVerifySignatureLocation();
- Element signatureParent;
-
- // evaluate the VerifySignatureLocation to get the signature parent
- signatureParent = InvokerUtils.evaluateSignatureLocation(signatureEnvironment.getElement(), signatureLocation);
-
- // check for signatureParent to be a dsig:Signature element
- if (!"Signature".equals(signatureParent.getLocalName())
- || !Constants.DSIG_NS_URI.equals(signatureParent.getNamespaceURI())) {
- throw new MOAApplicationException("2266", null);
- }
-
- return new XMLSignatureImpl(signatureParent);
- }
-
- /**
- * Build the supplemental data objects contained in the
- * VerifyXMLSignatureRequest.
- *
- * @param supplements
- * A List of XMLDataObjectAssociations
- * containing the supplement data.
- * @return A List of DataObjects representing the
- * supplemental data objects.
- * @throws MOASystemException
- * A system error occurred building one of the data objects.
- * @throws MOAApplicationException
- * An error occurred building one of the data objects.
- */
- private List buildDataObjectList(List supplements) throws MOASystemException, MOAApplicationException {
- List dataObjectList = new ArrayList();
-
- DataObjectFactory factory = DataObjectFactory.getInstance();
- DataObject dataObject;
- Iterator iter;
-
- if (supplements != null) {
- for (iter = supplements.iterator(); iter.hasNext();) {
- XMLDataObjectAssociation supplement = (XMLDataObjectAssociation) iter.next();
- dataObject = factory.createFromXmlDataObjectAssociation(supplement, true, false);
- dataObjectList.add(dataObject);
- }
- }
-
- return dataObjectList;
-
- }
-
- /**
- * Get the supplemental data contained in the
- * VerifyXMLSignatureRequest.
- *
- * @param request
- * The VerifyXMLSignatureRequest containing the
- * supplemental data.
- * @return A List of XMLDataObjectAssociation
- * objects containing the supplemental data.
- * @throws MOAApplicationException
- * An error occurred resolving one of the supplement profiles.
- */
- private List getSupplements(VerifyXMLSignatureRequest request) throws MOAApplicationException {
- TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- List supplementProfiles = request.getSupplementProfiles();
-
- List supplements = new ArrayList();
-
- if (supplementProfiles != null) {
-
- List mappedProfiles = ProfileMapper.mapSupplementProfiles(supplementProfiles, config);
- Iterator iter;
-
- for (iter = mappedProfiles.iterator(); iter.hasNext();) {
- SupplementProfileExplicit profile = (SupplementProfileExplicit) iter.next();
- supplements.add(profile.getSupplementProfile());
- }
-
- }
- return supplements;
- }
-
- /**
- * Perform additional validations of the
- * XMLSignatureVerificationResult.
- *
- *
- * In particular, it is verified that:
- *
- * - Each
ReferenceData object contains transformation chain
- * that matches one of the Transforms given in the
- * corresponding SignatureManifestCheckParams/ReferenceInfo
- *
- * - The hash values of the
TransformParameters are valid.
- *
- *
- *
- *
- * @param request
- * The VerifyXMLSignatureRequest containing the
- * signature to verify.
- * @param result
- * The result produced by
- * XMLSignatureVerificationModule.
- * @param profile
- * The profile used for validating the request.
- * @return The result of additional validations of the signature manifest.
- * @throws MOAApplicationException
- * Post-validation of the
- * XMLSignatureVerificaitonResult failed.
- */
- private ReferencesCheckResult validateSignatureManifest(VerifyXMLSignatureRequest request,
- XMLSignatureVerificationResult result, XMLSignatureVerificationProfile profile)
- throws MOAApplicationException {
-
- SPSSFactory factory = SPSSFactory.getInstance();
- MessageProvider msg = MessageProvider.getInstance();
-
- // validate that each ReferenceData object contains transforms specified
- // in the corresponding SignatureManifestCheckParams/ReferenceInfo
- if (request.getSignatureManifestCheckParams() != null) {
- List refInfos = request.getSignatureManifestCheckParams().getReferenceInfos();
- List refDatas = filterReferenceInfos(result.getReferenceDataList());
- List failedReferencesList = new ArrayList();
- Iterator refInfoIter;
- Iterator refDataIter;
-
- if (refInfos.size() != refDatas.size()) {
- return factory.createReferencesCheckResult(1, null);
- }
-
- refInfoIter = refInfos.iterator();
- refDataIter = filterReferenceInfos(result.getReferenceDataList()).iterator();
-
- while (refInfoIter.hasNext()) {
- ReferenceInfo refInfo = (ReferenceInfo) refInfoIter.next();
- ReferenceData refData = (ReferenceData) refDataIter.next();
- List transforms = buildTransformsList(refInfo);
- boolean found = false;
- Iterator trIter;
-
- for (trIter = transforms.iterator(); trIter.hasNext() && !found;) {
- found = trIter.next().equals(refData.getTransformationList());
- }
-
- if (!found) {
- Integer refIndex = new Integer(refData.getReferenceIndex());
- String logMsg = msg.getMessage("invoker.01", new Object[] { refIndex });
-
- failedReferencesList.add(refIndex);
- Logger.debug(new LogMsg(logMsg));
- }
- }
-
- if (!failedReferencesList.isEmpty()) {
- // at least one reference failed - return their indexes and
- // check code 1
- int[] failedReferences = CollectionUtils.toIntArray(failedReferencesList);
- ReferencesCheckResultInfo checkInfo = factory.createReferencesCheckResultInfo(null, failedReferences);
-
- return factory.createReferencesCheckResult(1, checkInfo);
- }
- }
-
- // validate the hashes contained in all the ReferenceInfo objects of the
- // security layer manifest
- if (request.getSignatureManifestCheckParams() != null && result.containsSecurityLayerManifest()) {
- Map hashValues = buildTransformParameterHashValues(request);
- Set transformParameterURIs = buildTransformParameterURIs(profile.getTransformationSupplements());
- List referenceInfoList = result.getSecurityLayerManifest().getReferenceDataList();
- Iterator refIter;
-
- for (refIter = referenceInfoList.iterator(); refIter.hasNext();) {
- iaik.server.modules.xmlverify.ReferenceInfo ref = (iaik.server.modules.xmlverify.ReferenceInfo) refIter
- .next();
- byte[] hash = (byte[]) hashValues.get(ref.getURI());
-
- if (!transformParameterURIs.contains(ref.getURI())
- || (hash != null && !Arrays.equals(hash, ref.getHashValue()))) {
-
- // the transform parameter doesn't exist or the hashs do not
- // match
- // return the index of the failed reference and check code 1
- int[] failedReferences = new int[] { ref.getReferenceIndex() };
- ReferencesCheckResultInfo checkInfo = factory.createReferencesCheckResultInfo(null,
- failedReferences);
- String logMsg = msg.getMessage("invoker.02", new Object[] { new Integer(ref.getReferenceIndex()) });
-
- Logger.debug(new LogMsg(logMsg));
-
- return factory.createReferencesCheckResult(1, checkInfo);
- }
- }
- }
-
- return factory.createReferencesCheckResult(0, null);
- }
-
- /**
- * Get all Transforms contained in all the
- * VerifyTransformsInfoProfiles of the given
- * ReferenceInfo.
- *
- * @param refInfo
- * The ReferenceInfo object containing the
- * transformations.
- * @return A List of Lists. Each of the
- * Lists contains Transformation objects.
- * @throws MOAApplicationException
- * An error occurred building one of the
- * Transformations.
- */
- private List buildTransformsList(ReferenceInfo refInfo) throws MOAApplicationException {
-
- TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- List profiles = refInfo.getVerifyTransformsInfoProfiles();
- List mappedProfiles = ProfileMapper.mapVerifyTransformsInfoProfiles(profiles, config);
- List transformsList = new ArrayList();
- TransformationFactory factory = TransformationFactory.getInstance();
- Iterator iter;
-
- for (iter = mappedProfiles.iterator(); iter.hasNext();) {
- VerifyTransformsInfoProfileExplicit profile = (VerifyTransformsInfoProfileExplicit) iter.next();
- List transforms = profile.getTransforms();
-
- if (transforms != null) {
- transformsList.add(factory.createTransformationList(transforms));
- }
- }
-
- return transformsList;
- }
-
- /**
- * Build the Set of all TransformParameter URIs.
- *
- * @param transformParameters
- * The List of TransformParameters, as
- * provided to the verification.
- * @return The Set of all TransformParameter URIs.
- */
- private Set buildTransformParameterURIs(List transformParameters) {
- Set uris = new HashSet();
- Iterator iter;
-
- for (iter = transformParameters.iterator(); iter.hasNext();) {
- DataObject transformParameter = (DataObject) iter.next();
- uris.add(transformParameter.getURI());
- }
-
- return uris;
- }
-
- /**
- * Build a mapping between TransformParameter URIs (a
- * String and dsig:HashValue (a
- * byte[]).
- *
- * @param request
- * The VerifyXMLSignatureRequest.
- * @return Map The resulting mapping.
- * @throws MOAApplicationException
- * An error occurred accessing one of the profiles.
- */
- private Map buildTransformParameterHashValues(VerifyXMLSignatureRequest request) throws MOAApplicationException {
-
- TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- Map hashValues = new HashMap();
- List refInfos = request.getSignatureManifestCheckParams().getReferenceInfos();
- Iterator refIter;
-
- for (refIter = refInfos.iterator(); refIter.hasNext();) {
- ReferenceInfo refInfo = (ReferenceInfo) refIter.next();
- List profiles = refInfo.getVerifyTransformsInfoProfiles();
- List mappedProfiles = ProfileMapper.mapVerifyTransformsInfoProfiles(profiles, config);
- Iterator prIter;
-
- for (prIter = mappedProfiles.iterator(); prIter.hasNext();) {
- VerifyTransformsInfoProfileExplicit profile = (VerifyTransformsInfoProfileExplicit) prIter.next();
- List trParameters = profile.getTransformParameters();
- Iterator trIter;
-
- for (trIter = trParameters.iterator(); trIter.hasNext();) {
- TransformParameter transformParameter = (TransformParameter) trIter.next();
- String uri = transformParameter.getURI();
-
- if (transformParameter.getTransformParameterType() == TransformParameter.HASH_TRANSFORMPARAMETER) {
- hashValues.put(uri, ((TransformParameterHash) transformParameter).getDigestValue());
- }
-
- }
- }
- }
- return hashValues;
- }
-
- /**
- * Filter the ReferenceInfos returned by the
- * VerifyXMLSignatureResult for comparison with the
- * ReferenceInfo elements in the request.
- *
- * @param referenceInfos
- * The ReferenceInfos from the
- * VerifyXMLSignatureResult.
- * @return A List of all ReferenceInfos whose type
- * is not a XMLDsig manifest, Security Layer manifest, or ETSI
- * signed property.
- */
- private List filterReferenceInfos(List referenceInfos) {
- List filtered = new ArrayList();
- Iterator iter;
-
- for (iter = referenceInfos.iterator(); iter.hasNext();) {
- iaik.server.modules.xmlverify.ReferenceInfo refInfo = (iaik.server.modules.xmlverify.ReferenceInfo) iter
- .next();
- String refType = refInfo.getReferenceType();
-
- if (refType == null || !FILTERED_REF_TYPES.contains(refType)) {
- filtered.add(refInfo);
- }
- }
-
- return filtered;
- }
-
- private List getAdESResult(ExtendedXMLSignatureVerificationResult adesFormVerification) throws ConfigurationException {
- if (adesFormVerification == null) {
- // no form information
- return null;
- }
-
- List adesList = new ArrayList();
-
- /*
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
- SignatureVerificationProfile.LEVEL_LTA, adesList);
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT),
- SignatureVerificationProfile.LEVEL_LT, adesList);
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T),
- SignatureVerificationProfile.LEVEL_T, adesList);
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B),
- SignatureVerificationProfile.LEVEL_B, adesList);
- */
-
- AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.LONG_TERM_VALIDATION),
- SignatureVerificationProfile.LEVEL_LT, adesList);
- AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.ADES_T_VALIDATION),
- SignatureVerificationProfile.LEVEL_T, adesList);
- AdESResultUtils.checkSubResult(adesFormVerification.getSubResult("basic report"),
- SignatureVerificationProfile.LEVEL_B, adesList);
-
- return adesList;
- }
+ /** The single instance of this class. */
+ private static XMLSignatureVerificationInvoker instance = null;
+
+ private static Set FILTERED_REF_TYPES;
+
+ static {
+ FILTERED_REF_TYPES = new HashSet();
+ FILTERED_REF_TYPES.add(DsigManifest.XML_DSIG_MANIFEST_TYPE);
+ FILTERED_REF_TYPES.add(SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE);
+ FILTERED_REF_TYPES.add(SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE_OLD);
+ FILTERED_REF_TYPES.add(XMLConstants.NAMESPACE_ETSI_STRING + "SignedProperties");
+ FILTERED_REF_TYPES.add("http://uri.etsi.org/01903#SignedProperties");
+ }
+
+ /**
+ * Get the single instance of this class.
+ *
+ * @return The single instance of this class.
+ */
+ public static synchronized XMLSignatureVerificationInvoker getInstance() {
+ if (instance == null) {
+ instance = new XMLSignatureVerificationInvoker();
+ }
+ return instance;
+ }
+
+ /**
+ * Create a new XMLSignatureCreationInvoker.
+ *
+ * Protected to disallow multiple instances.
+ */
+ protected XMLSignatureVerificationInvoker() {
+ }
+
+ /**
+ * Process the VerifyXMLSignatureRequest message and invoke the
+ * XMLSignatureVerificationModule.
+ *
+ * @param request A VerifyXMLSignatureRequest API object
+ * containing the data for verifying an XML signature.
+ * @return A VerifyXMLSignatureResponse containing the answert
+ * to the VerifyXMLSignatureRequest. MOA schema
+ * definition.
+ * @throws MOAException An error occurred during signature verification.
+ */
+ public VerifyXMLSignatureResponse verifyXMLSignature(VerifyXMLSignatureRequest request)
+ throws MOAException {
+
+ final TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ final LoggingContext loggingCtx = LoggingContextManager.getInstance().getLoggingContext();
+ final XMLSignatureVerificationProfileFactory profileFactory = new XMLSignatureVerificationProfileFactory(
+ request);
+ final VerifyXMLSignatureResponseBuilder responseBuilder = new VerifyXMLSignatureResponseBuilder();
+ ExtendedXMLSignatureVerificationResult result = null;
+ XMLSignatureVerificationResult plainResult;
+ XMLSignatureVerificationProfile profile;
+ ReferencesCheckResult signatureManifestCheck;
+ DataObjectFactory dataObjFactory;
+ XMLDataObject signatureEnvironment;
+ Node signatureEnvironmentParent = null;
+ Element requestElement = null;
+ XMLSignature xmlSignature;
+ Date signingTime;
+ List supplements;
+ List dataObjectList;
+
+ // get the supplements
+ supplements = getSupplements(request);
+
+ // build XMLSignature
+ dataObjFactory = DataObjectFactory.getInstance();
+ signatureEnvironment = dataObjFactory
+ .createSignatureEnvironment(request.getSignatureInfo().getVerifySignatureEnvironment(), supplements);
+ xmlSignature = buildXMLSignature(signatureEnvironment, request);
+
+ // build the list of DataObjects
+ dataObjectList = buildDataObjectList(supplements);
+
+ // build profile
+ profile = profileFactory.createProfile();
+
+ // get the signingTime
+ signingTime = request.getDateTime();
+
+ // make the signature environment the root of the document, if it is not
+ // a
+ // separate document anyway; this is done to assure that
+ // canonicalization
+ // of the signature environment contains the correct namespace
+ // declarations
+ requestElement = signatureEnvironment.getElement().getOwnerDocument().getDocumentElement();
+ if (requestElement != signatureEnvironment.getElement()) {
+ signatureEnvironmentParent = signatureEnvironment.getElement().getParentNode();
+ requestElement.getOwnerDocument().replaceChild(signatureEnvironment.getElement(), requestElement);
+ }
+
+ QCSSCDResult qcsscdresult = new QCSSCDResult();
+ final String tpID = profile.getCertificateValidationProfile().getTrustStoreProfile().getId();
+ final ConfigurationProvider config = ConfigurationProvider.getInstance();
+ final TrustProfile tp = config.getTrustProfile(tpID);
+
+ // verify the signature
+ try {
+ final XMLSignatureVerificationModule module = XMLSignatureVerificationModuleFactory.getInstance();
+
+ module.setLog(new IaikLog(loggingCtx.getNodeID()));
+
+ if (request.getExtendedValidaiton()) {
+ result = module.verifyXAdESSignature(xmlSignature, dataObjectList, profile, signingTime,
+ new TransactionId(context.getTransactionID()));
+ plainResult = result.getXMLSignatureVerificationResult();
+ } else {
+ plainResult = module.verifySignature(xmlSignature, dataObjectList, profile, signingTime,
+ new TransactionId(context.getTransactionID()));
+ }
+ } catch (final IAIKException e) {
+ final MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+ throw moaException;
+ } catch (final IAIKRuntimeException e) {
+ final MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+ throw moaException;
+ }
+
+ ExtendedCertificateCheckResult extCheckResult;
+ if (result != null) {
+ List adesResults = null;//
+
+ adesResults = AdESResultUtils.getAdESResult(result.getFormVerificationResult());
+
+ if (Logger.isDebugEnabled()) {
+ if (adesResults != null) {
+ final Iterator adesIterator = adesResults.iterator();
+ while (adesIterator.hasNext()) {
+ Logger.debug("ADES Formresults: " + adesIterator.next().toString());
+ }
+ }
+ }
+
+ responseBuilder.setAdESFormResults(adesResults);
+
+ try {
+ // Logger.info("Extended Validation Report: " + result.getName());
+ Logger.debug("Extended Validation Code: " + result.getResultCode().toString());
+ Logger.debug("Extended Validation Info: " + result.getInfo());
+
+ extCheckResult = AdESResultUtils.getExtendedResult(result.getResultCode());
+ responseBuilder.setExtendedCertificateCheckResult(extCheckResult);
+
+ } catch (final NullPointerException e) {
+ Logger.info("No extendend validation result available.");
+ }
+ }
+ // QC/SSCD check
+ final List list = plainResult.getCertificateValidationResult().getCertificateChain();
+ if (list != null) {
+ final X509Certificate[] chain = new X509Certificate[list.size()];
+
+ final Iterator it = list.iterator();
+ int i = 0;
+ while (it.hasNext()) {
+ chain[i] = (X509Certificate) it.next();
+ i++;
+ }
+
+ qcsscdresult = CertificateUtils.checkQCSSCD(chain, plainResult.getSigningTime(), tp.isTSLEnabled(),
+ config);
+ }
+
+ // get signer certificate issuer country code
+ final String issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
+
+ // swap back in the request as root document
+ if (requestElement != signatureEnvironment.getElement()) {
+ requestElement.getOwnerDocument().replaceChild(requestElement, signatureEnvironment.getElement());
+ signatureEnvironmentParent.appendChild(signatureEnvironment.getElement());
+ }
+
+ // check the result
+ signatureManifestCheck = validateSignatureManifest(request, plainResult,
+ profile);
+
+ // Check if signer certificate is in trust profile's allowed signer
+ // certificates pool
+ final TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId());
+ final CheckResult certificateCheck = validateSignerCertificate(plainResult,
+ trustProfile);
+
+ // build the response
+ responseBuilder.setResult(plainResult, profile, signatureManifestCheck,
+ certificateCheck, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(),
+ qcsscdresult.isSSCDSourceTSL(), tp.isTSLEnabled(), issuerCountryCode, qcsscdresult.getTslInfos(),
+ request.getExtendedValidaiton());
+ return responseBuilder.getResponse();
+ }
+
+ /**
+ * Checks if the signer certificate matches one of the allowed signer
+ * certificates specified in the provided trustProfile.
+ *
+ * @param result The result produced by the
+ * XMLSignatureVerificationModule.
+ *
+ * @param trustProfile The trust profile the signer certificate is validated
+ * against.
+ *
+ * @return The overal result of the certificate validation for the signer
+ * certificate.
+ *
+ * @throws MOAException if one of the signer certificates specified in the
+ * trustProfile cannot be read from the file
+ * system.
+ */
+ private CheckResult validateSignerCertificate(XMLSignatureVerificationResult result,
+ TrustProfile trustProfile)
+ throws MOAException {
+ final MessageProvider msg = MessageProvider.getInstance();
+
+ int resultCode = result.getCertificateValidationResult().getValidationResultCode().intValue();
+
+ if (resultCode == 0 && trustProfile.getSignerCertsUri() != null) {
+ final X509Certificate signerCertificate = (X509Certificate) result.getCertificateValidationResult()
+ .getCertificateChain().get(0);
+
+ File signerCertsDir = null;
+ try {
+ signerCertsDir = new File(new URI(trustProfile.getSignerCertsUri()).getPath());
+ } catch (final URIException e) {
+ throw new MOASystemException("2900", null, e); // Should not
+ // happen,
+ // already
+ // checked at
+ // loading the
+ // MOA
+ // configuration
+ }
+
+ final File[] files = signerCertsDir.listFiles();
+ if (files == null) {
+ resultCode = 1;
+ }
+ int i;
+ for (i = 0; i < files.length; i++) {
+ if (!files[i].isDirectory()) {
+ FileInputStream currentFIS = null;
+ try {
+ currentFIS = new FileInputStream(files[i]);
+ } catch (final FileNotFoundException e) {
+ throw new MOASystemException("2900", null, e);
+ }
+
+ try {
+ final X509Certificate currentCert = new X509Certificate(currentFIS);
+ currentFIS.close();
+ if (currentCert.equals(signerCertificate)) {
+ break;
+ }
+ } catch (final Exception e) {
+ // Simply ignore file if it cannot be interpreted as
+ // certificate
+ final String logMsg = msg.getMessage("invoker.03",
+ new Object[] { trustProfile.getId(), files[i].getName() });
+ Logger.warn(logMsg);
+ try {
+ currentFIS.close();
+ } catch (final IOException e1) {
+ // If clean-up fails, do nothing
+ }
+ }
+ }
+ }
+ if (i >= files.length) {
+ resultCode = 1; // No signer certificate from the trustprofile
+ // pool matches the actual signer certificate
+ }
+ }
+
+ final SPSSFactory factory = SPSSFactory.getInstance();
+ return factory.createCheckResult(resultCode, null);
+ }
+
+ /**
+ * Select the dsig:Signature DOM element within the signature
+ * environment.
+ *
+ * @param signatureEnvironment The signature environment containing the
+ * dsig:Signature.
+ * @param request The VerifyXMLSignatureRequest
+ * containing the signature environment.
+ * @return The dsig:Signature element wrapped in a
+ * XMLSignature object.
+ * @throws MOAApplicationException An error occurred locating the
+ * dsig:Signature.
+ */
+ private XMLSignature buildXMLSignature(XMLDataObject signatureEnvironment,
+ VerifyXMLSignatureRequest request)
+ throws MOAApplicationException {
+
+ final VerifySignatureLocation signatureLocation = request.getSignatureInfo().getVerifySignatureLocation();
+ Element signatureParent;
+
+ // evaluate the VerifySignatureLocation to get the signature parent
+ signatureParent = InvokerUtils.evaluateSignatureLocation(signatureEnvironment.getElement(),
+ signatureLocation);
+
+ // check for signatureParent to be a dsig:Signature element
+ if (!"Signature".equals(signatureParent.getLocalName())
+ || !Constants.DSIG_NS_URI.equals(signatureParent.getNamespaceURI())) {
+ throw new MOAApplicationException("2266", null);
+ }
+
+ return new XMLSignatureImpl(signatureParent);
+ }
+
+ /**
+ * Build the supplemental data objects contained in the
+ * VerifyXMLSignatureRequest.
+ *
+ * @param supplements A List of
+ * XMLDataObjectAssociations containing the
+ * supplement data.
+ * @return A List of DataObjects representing the
+ * supplemental data objects.
+ * @throws MOASystemException A system error occurred building one of the
+ * data objects.
+ * @throws MOAApplicationException An error occurred building one of the data
+ * objects.
+ */
+ private List buildDataObjectList(List supplements) throws MOASystemException, MOAApplicationException {
+ final List dataObjectList = new ArrayList();
+
+ final DataObjectFactory factory = DataObjectFactory.getInstance();
+ DataObject dataObject;
+ Iterator iter;
+
+ if (supplements != null) {
+ for (iter = supplements.iterator(); iter.hasNext();) {
+ final XMLDataObjectAssociation supplement = (XMLDataObjectAssociation) iter.next();
+ dataObject = factory.createFromXmlDataObjectAssociation(supplement, true, false);
+ dataObjectList.add(dataObject);
+ }
+ }
+
+ return dataObjectList;
+
+ }
+
+ /**
+ * Get the supplemental data contained in the
+ * VerifyXMLSignatureRequest.
+ *
+ * @param request The VerifyXMLSignatureRequest containing the
+ * supplemental data.
+ * @return A List of XMLDataObjectAssociation objects
+ * containing the supplemental data.
+ * @throws MOAApplicationException An error occurred resolving one of the
+ * supplement profiles.
+ */
+ private List getSupplements(VerifyXMLSignatureRequest request) throws MOAApplicationException {
+ final TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final List supplementProfiles = request.getSupplementProfiles();
+
+ final List supplements = new ArrayList();
+
+ if (supplementProfiles != null) {
+
+ final List mappedProfiles = ProfileMapper.mapSupplementProfiles(supplementProfiles, config);
+ Iterator iter;
+
+ for (iter = mappedProfiles.iterator(); iter.hasNext();) {
+ final SupplementProfileExplicit profile = (SupplementProfileExplicit) iter.next();
+ supplements.add(profile.getSupplementProfile());
+ }
+
+ }
+ return supplements;
+ }
+
+ /**
+ * Perform additional validations of the
+ * XMLSignatureVerificationResult.
+ *
+ *
+ * In particular, it is verified that:
+ *
+ * - Each
ReferenceData object contains transformation chain that
+ * matches one of the Transforms given in the corresponding
+ * SignatureManifestCheckParams/ReferenceInfo
+ * - The hash values of the
TransformParameters are valid.
+ *
+ *
+ *
+ * @param request The VerifyXMLSignatureRequest containing the
+ * signature to verify.
+ * @param result The result produced by
+ * XMLSignatureVerificationModule.
+ * @param profile The profile used for validating the request.
+ * @return The result of additional validations of the signature manifest.
+ * @throws MOAApplicationException Post-validation of the
+ * XMLSignatureVerificaitonResult
+ * failed.
+ */
+ private ReferencesCheckResult validateSignatureManifest(VerifyXMLSignatureRequest request,
+ XMLSignatureVerificationResult result, XMLSignatureVerificationProfile profile)
+ throws MOAApplicationException {
+
+ final SPSSFactory factory = SPSSFactory.getInstance();
+ final MessageProvider msg = MessageProvider.getInstance();
+
+ // validate that each ReferenceData object contains transforms specified
+ // in the corresponding SignatureManifestCheckParams/ReferenceInfo
+ if (request.getSignatureManifestCheckParams() != null) {
+ final List refInfos = request.getSignatureManifestCheckParams().getReferenceInfos();
+ final List refDatas = filterReferenceInfos(result.getReferenceDataList());
+ final List failedReferencesList = new ArrayList();
+ Iterator refInfoIter;
+ Iterator refDataIter;
+
+ if (refInfos.size() != refDatas.size()) {
+ return factory.createReferencesCheckResult(1, null);
+ }
+
+ refInfoIter = refInfos.iterator();
+ refDataIter = filterReferenceInfos(result.getReferenceDataList()).iterator();
+
+ while (refInfoIter.hasNext()) {
+ final ReferenceInfo refInfo = (ReferenceInfo) refInfoIter.next();
+ final ReferenceData refData = (ReferenceData) refDataIter.next();
+ final List transforms = buildTransformsList(refInfo);
+ boolean found = false;
+ Iterator trIter;
+
+ for (trIter = transforms.iterator(); trIter.hasNext() && !found;) {
+ found = trIter.next().equals(refData.getTransformationList());
+ }
+
+ if (!found) {
+ final Integer refIndex = new Integer(refData.getReferenceIndex());
+ final String logMsg = msg.getMessage("invoker.01", new Object[] { refIndex });
+
+ failedReferencesList.add(refIndex);
+ Logger.debug(new LogMsg(logMsg));
+ }
+ }
+
+ if (!failedReferencesList.isEmpty()) {
+ // at least one reference failed - return their indexes and
+ // check code 1
+ final int[] failedReferences = CollectionUtils.toIntArray(failedReferencesList);
+ final ReferencesCheckResultInfo checkInfo = factory.createReferencesCheckResultInfo(null,
+ failedReferences);
+
+ return factory.createReferencesCheckResult(1, checkInfo);
+ }
+ }
+
+ // validate the hashes contained in all the ReferenceInfo objects of the
+ // security layer manifest
+ if (request.getSignatureManifestCheckParams() != null && result.containsSecurityLayerManifest()) {
+ final Map hashValues = buildTransformParameterHashValues(request);
+ final Set transformParameterURIs = buildTransformParameterURIs(profile.getTransformationSupplements());
+ final List referenceInfoList = result.getSecurityLayerManifest().getReferenceDataList();
+ Iterator refIter;
+
+ for (refIter = referenceInfoList.iterator(); refIter.hasNext();) {
+ final iaik.server.modules.xmlverify.ReferenceInfo ref =
+ (iaik.server.modules.xmlverify.ReferenceInfo) refIter
+ .next();
+ final byte[] hash = (byte[]) hashValues.get(ref.getURI());
+
+ if (!transformParameterURIs.contains(ref.getURI())
+ || hash != null && !Arrays.equals(hash, ref.getHashValue())) {
+
+ // the transform parameter doesn't exist or the hashs do not
+ // match
+ // return the index of the failed reference and check code 1
+ final int[] failedReferences = new int[] { ref.getReferenceIndex() };
+ final ReferencesCheckResultInfo checkInfo = factory.createReferencesCheckResultInfo(null,
+ failedReferences);
+ final String logMsg = msg.getMessage("invoker.02", new Object[] { new Integer(ref
+ .getReferenceIndex()) });
+
+ Logger.debug(new LogMsg(logMsg));
+
+ return factory.createReferencesCheckResult(1, checkInfo);
+ }
+ }
+ }
+
+ return factory.createReferencesCheckResult(0, null);
+ }
+
+ /**
+ * Get all Transforms contained in all the
+ * VerifyTransformsInfoProfiles of the given
+ * ReferenceInfo.
+ *
+ * @param refInfo The ReferenceInfo object containing the
+ * transformations.
+ * @return A List of Lists. Each of the
+ * Lists contains Transformation objects.
+ * @throws MOAApplicationException An error occurred building one of the
+ * Transformations.
+ */
+ private List buildTransformsList(ReferenceInfo refInfo) throws MOAApplicationException {
+
+ final TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final List profiles = refInfo.getVerifyTransformsInfoProfiles();
+ final List mappedProfiles = ProfileMapper.mapVerifyTransformsInfoProfiles(profiles, config);
+ final List transformsList = new ArrayList();
+ final TransformationFactory factory = TransformationFactory.getInstance();
+ Iterator iter;
+
+ for (iter = mappedProfiles.iterator(); iter.hasNext();) {
+ final VerifyTransformsInfoProfileExplicit profile = (VerifyTransformsInfoProfileExplicit) iter.next();
+ final List transforms = profile.getTransforms();
+
+ if (transforms != null) {
+ transformsList.add(factory.createTransformationList(transforms));
+ }
+ }
+
+ return transformsList;
+ }
+
+ /**
+ * Build the Set of all TransformParameter URIs.
+ *
+ * @param transformParameters The List of
+ * TransformParameters, as provided to
+ * the verification.
+ * @return The Set of all TransformParameter URIs.
+ */
+ private Set buildTransformParameterURIs(List transformParameters) {
+ final Set uris = new HashSet();
+ Iterator iter;
+
+ for (iter = transformParameters.iterator(); iter.hasNext();) {
+ final DataObject transformParameter = (DataObject) iter.next();
+ uris.add(transformParameter.getURI());
+ }
+
+ return uris;
+ }
+
+ /**
+ * Build a mapping between TransformParameter URIs (a
+ * String and dsig:HashValue (a byte[]).
+ *
+ * @param request The VerifyXMLSignatureRequest.
+ * @return Map The resulting mapping.
+ * @throws MOAApplicationException An error occurred accessing one of the
+ * profiles.
+ */
+ private Map buildTransformParameterHashValues(VerifyXMLSignatureRequest request)
+ throws MOAApplicationException {
+
+ final TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final Map hashValues = new HashMap();
+ final List refInfos = request.getSignatureManifestCheckParams().getReferenceInfos();
+ Iterator refIter;
+
+ for (refIter = refInfos.iterator(); refIter.hasNext();) {
+ final ReferenceInfo refInfo = (ReferenceInfo) refIter.next();
+ final List profiles = refInfo.getVerifyTransformsInfoProfiles();
+ final List mappedProfiles = ProfileMapper.mapVerifyTransformsInfoProfiles(profiles, config);
+ Iterator prIter;
+
+ for (prIter = mappedProfiles.iterator(); prIter.hasNext();) {
+ final VerifyTransformsInfoProfileExplicit profile = (VerifyTransformsInfoProfileExplicit) prIter
+ .next();
+ final List trParameters = profile.getTransformParameters();
+ Iterator trIter;
+
+ for (trIter = trParameters.iterator(); trIter.hasNext();) {
+ final TransformParameter transformParameter = (TransformParameter) trIter.next();
+ final String uri = transformParameter.getURI();
+
+ if (transformParameter.getTransformParameterType() == TransformParameter.HASH_TRANSFORMPARAMETER) {
+ hashValues.put(uri, ((TransformParameterHash) transformParameter).getDigestValue());
+ }
+
+ }
+ }
+ }
+ return hashValues;
+ }
+
+ /**
+ * Filter the ReferenceInfos returned by the
+ * VerifyXMLSignatureResult for comparison with the
+ * ReferenceInfo elements in the request.
+ *
+ * @param referenceInfos The ReferenceInfos from the
+ * VerifyXMLSignatureResult.
+ * @return A List of all ReferenceInfos whose type is
+ * not a XMLDsig manifest, Security Layer manifest, or ETSI signed
+ * property.
+ */
+ private List filterReferenceInfos(List referenceInfos) {
+ final List filtered = new ArrayList();
+ Iterator iter;
+
+ for (iter = referenceInfos.iterator(); iter.hasNext();) {
+ final iaik.server.modules.xmlverify.ReferenceInfo refInfo =
+ (iaik.server.modules.xmlverify.ReferenceInfo) iter
+ .next();
+ final String refType = refInfo.getReferenceType();
+
+ if (refType == null || !FILTERED_REF_TYPES.contains(refType)) {
+ filtered.add(refInfo);
+ }
+ }
+
+ return filtered;
+ }
+
+ private List getAdESResult(ExtendedXMLSignatureVerificationResult adesFormVerification)
+ throws ConfigurationException {
+ if (adesFormVerification == null) {
+ // no form information
+ return null;
+ }
+
+ final List adesList = new ArrayList();
+
+ /*
+ * checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile
+ * .LEVEL_LTA), SignatureVerificationProfile.LEVEL_LTA, adesList);
+ * checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile
+ * .LEVEL_LT), SignatureVerificationProfile.LEVEL_LT, adesList);
+ * checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile
+ * .LEVEL_T), SignatureVerificationProfile.LEVEL_T, adesList);
+ * checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile
+ * .LEVEL_B), SignatureVerificationProfile.LEVEL_B, adesList);
+ */
+
+ AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(
+ iaik.esi.sva.util.Constants.LONG_TERM_VALIDATION),
+ SignatureVerificationProfile.LEVEL_LT, adesList);
+ AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(
+ iaik.esi.sva.util.Constants.ADES_T_VALIDATION),
+ SignatureVerificationProfile.LEVEL_T, adesList);
+ AdESResultUtils.checkSubResult(adesFormVerification.getSubResult("basic report"),
+ SignatureVerificationProfile.LEVEL_B, adesList);
+
+ return adesList;
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationProfileFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationProfileFactory.java
index 3e4c712..7fcd0e9 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationProfileFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationProfileFactory.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.invoke;
import java.util.ArrayList;
@@ -29,8 +28,6 @@ import java.util.Collections;
import java.util.Iterator;
import java.util.List;
-import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile;
-
import at.gv.egovernment.moa.spss.MOAApplicationException;
import at.gv.egovernment.moa.spss.MOASystemException;
import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo;
@@ -43,26 +40,29 @@ import at.gv.egovernment.moa.spss.server.iaik.pki.PKIProfileImpl;
import at.gv.egovernment.moa.spss.server.iaik.xmlverify.XMLSignatureVerificationProfileImpl;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile;
/**
* A factory to create a XMLSignatureVerificationProfile from a
* VerifyXMLSignatureRequest, based on the current MOA
* configuration.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class XMLSignatureVerificationProfileFactory {
- /** The VerifyXMLSignatureRequest for which to create profile
- * information. */
- private VerifyXMLSignatureRequest request;
+ /**
+ * The VerifyXMLSignatureRequest for which to create profile
+ * information.
+ */
+ private final VerifyXMLSignatureRequest request;
/**
* Create a new XMLSignatureVerificationProfileFactory.
- *
- * @param request The VerifyXMLSignatureRequest to extract
- * profile data from.
+ *
+ * @param request The VerifyXMLSignatureRequest to extract profile
+ * data from.
*/
public XMLSignatureVerificationProfileFactory(VerifyXMLSignatureRequest request) {
this.request = request;
@@ -71,19 +71,19 @@ public class XMLSignatureVerificationProfileFactory {
/**
* Create a XMLSignatureCreationProfile from the
* VerifyXMLSignaturesRequest and the current MOA configuration.
- *
+ *
* @return The XMLSignatureVerificationProfile containing
- * additional information for verifying an XML signature.
- * @throws MOASystemException A system error occurred building the profile.
+ * additional information for verifying an XML signature.
+ * @throws MOASystemException A system error occurred building the profile.
* @throws MOAApplicationException An error occurred building the profile.
*/
public XMLSignatureVerificationProfile createProfile()
- throws MOASystemException, MOAApplicationException {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- XMLSignatureVerificationProfileImpl profile =
- new XMLSignatureVerificationProfileImpl();
+ throws MOASystemException, MOAApplicationException {
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final XMLSignatureVerificationProfileImpl profile =
+ new XMLSignatureVerificationProfileImpl();
SignatureManifestCheckParams checkParams;
String trustProfileID;
@@ -93,49 +93,50 @@ public class XMLSignatureVerificationProfileFactory {
// set the certificate validation profile
trustProfileID = request.getTrustProfileId();
profile.setCertificateValidationProfile(
- new PKIProfileImpl(config, trustProfileID));
+ new PKIProfileImpl(config, trustProfileID));
// set whether hash input data is to be included
profile.setIncludeHashInputData(request.getReturnHashInputData());
// set the security layer manifest check parameters
- // and transformation supplements (if present)
+ // and transformation supplements (if present)
checkParams = request.getSignatureManifestCheckParams();
profile.setCheckSecurityLayerManifest(true);
- profile.setIncludeReferenceInputData(checkParams != null ? checkParams.getReturnReferenceInputData() : false);
+ profile.setIncludeReferenceInputData(checkParams != null ? checkParams.getReturnReferenceInputData()
+ : false);
if (checkParams != null) {
- List transformationSupplements;
- transformationSupplements = buildTransformationSupplements();
- profile.setTransformationSupplements(transformationSupplements);
+ List transformationSupplements;
+ transformationSupplements = buildTransformationSupplements();
+ profile.setTransformationSupplements(transformationSupplements);
} else {
- profile.setTransformationSupplements(Collections.EMPTY_LIST);
+ profile.setTransformationSupplements(Collections.EMPTY_LIST);
}
-
+
profile.setPermitFileURIs(config.getPermitFileURIs());
-
+
return profile;
}
/**
* Build supplemental data objects used in the transformations.
- *
+ *
* @return A List of DataObjects providing
- * supplemental data to the transformations.
- * @throws MOASystemException A system error occurred building one of the
- * transformations.
+ * supplemental data to the transformations.
+ * @throws MOASystemException A system error occurred building one of the
+ * transformations.
* @throws MOAApplicationException An error occurred building one of the
- * transformations.
+ * transformations.
*/
public List buildTransformationSupplements()
- throws MOASystemException, MOAApplicationException {
- TransactionContext context =
- TransactionContextManager.getInstance().getTransactionContext();
- ConfigurationProvider config = context.getConfiguration();
- SignatureManifestCheckParams checkParams =
- request.getSignatureManifestCheckParams();
- List transformsProfiles = new ArrayList();
- List transformationSupplements = new ArrayList();
- DataObjectFactory factory = DataObjectFactory.getInstance();
+ throws MOASystemException, MOAApplicationException {
+ final TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ final ConfigurationProvider config = context.getConfiguration();
+ final SignatureManifestCheckParams checkParams =
+ request.getSignatureManifestCheckParams();
+ final List transformsProfiles = new ArrayList();
+ final List transformationSupplements = new ArrayList();
+ final DataObjectFactory factory = DataObjectFactory.getInstance();
List refInfos = checkParams.getReferenceInfos();
Iterator refIter;
Iterator prIter;
@@ -144,26 +145,26 @@ public class XMLSignatureVerificationProfileFactory {
// build the list of all VerifyTransformsInfoProfiles in all ReferenceInfos
refInfos = checkParams.getReferenceInfos();
for (refIter = refInfos.iterator(); refIter.hasNext();) {
- ReferenceInfo refInfo = (ReferenceInfo) refIter.next();
- List profiles = refInfo.getVerifyTransformsInfoProfiles();
+ final ReferenceInfo refInfo = (ReferenceInfo) refIter.next();
+ final List profiles = refInfo.getVerifyTransformsInfoProfiles();
transformsProfiles.addAll(
- ProfileMapper.mapVerifyTransformsInfoProfiles(profiles, config));
+ ProfileMapper.mapVerifyTransformsInfoProfiles(profiles, config));
}
// build the DataObjects
for (prIter = transformsProfiles.iterator(); prIter.hasNext();) {
- VerifyTransformsInfoProfileExplicit profile =
- (VerifyTransformsInfoProfileExplicit) prIter.next();
- List transformParameters = profile.getTransformParameters();
+ final VerifyTransformsInfoProfileExplicit profile =
+ (VerifyTransformsInfoProfileExplicit) prIter.next();
+ final List transformParameters = profile.getTransformParameters();
for (trIter = transformParameters.iterator(); trIter.hasNext();) {
- TransformParameter trParam = (TransformParameter) trIter.next();
+ final TransformParameter trParam = (TransformParameter) trIter.next();
transformationSupplements.add(
- factory.createFromTransformParameter(trParam));
+ factory.createFromTransformParameter(trParam));
}
}
-
+
return transformationSupplements;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java
index dcb1397..f477588 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java
@@ -21,20 +21,17 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.logging;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import iaik.logging.TransactionId;
/**
- * An implementation of the iaik.logging.Log
- * interface that is based on Jakarta Commons-Logging.
- *
+ * An implementation of the iaik.logging.Log interface that is
+ * based on Jakarta Commons-Logging.
+ *
* @author Fatemeh Philippi
* @version $Id$
*/
@@ -45,11 +42,11 @@ public class IaikLog implements iaik.logging.Log {
private static Logger log = LoggerFactory.getLogger(IAIK_LOG_HIERARCHY);
/** The node ID to use. */
private String nodeId;
-
+
/**
* Create a new IaikLog.
- *
- * @param nodeId The node ID for this Log object.
+ *
+ * @param nodeId The node ID for this Log object.
*/
public IaikLog(String nodeId) {
this.nodeId = nodeId;
@@ -58,6 +55,7 @@ public class IaikLog implements iaik.logging.Log {
/**
* @see iaik.logging.Log#isDebugEnabled()
*/
+ @Override
public boolean isDebugEnabled() {
return log.isDebugEnabled();
}
@@ -65,8 +63,9 @@ public class IaikLog implements iaik.logging.Log {
/**
* @see iaik.logging.Log#debug(TransactionId, Object, Throwable)
*/
+ @Override
public void debug(TransactionId transactionId, Object message, Throwable t) {
- IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+ final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
log.debug(msg.toString(), t);
}
@@ -74,6 +73,7 @@ public class IaikLog implements iaik.logging.Log {
/**
* @see iaik.logging.Log#isInfoEnabled()
*/
+ @Override
public boolean isInfoEnabled() {
return log.isInfoEnabled();
}
@@ -81,8 +81,9 @@ public class IaikLog implements iaik.logging.Log {
/**
* @see iaik.logging.Log#info(TransactionId, Object, Throwable)
*/
+ @Override
public void info(TransactionId transactionId, Object message, Throwable t) {
- IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+ final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
log.info(msg.toString(), t);
}
@@ -90,6 +91,7 @@ public class IaikLog implements iaik.logging.Log {
/**
* @see iaik.logging.Log#isWarnEnabled()
*/
+ @Override
public boolean isWarnEnabled() {
return log.isWarnEnabled();
}
@@ -97,8 +99,9 @@ public class IaikLog implements iaik.logging.Log {
/**
* @see iaik.logging.Log#warn(TransactionId, Object, Throwable)
*/
+ @Override
public void warn(TransactionId transactionId, Object message, Throwable t) {
- IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+ final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
log.warn(msg.toString(), t);
}
@@ -106,6 +109,7 @@ public class IaikLog implements iaik.logging.Log {
/**
* @see iaik.logging.Log#isErrorEnabled()
*/
+ @Override
public boolean isErrorEnabled() {
return log.isErrorEnabled();
}
@@ -113,8 +117,9 @@ public class IaikLog implements iaik.logging.Log {
/**
* @see iaik.logging.Log#error(TransactionId, Object, Throwable)
*/
+ @Override
public void error(TransactionId transactionId, Object message, Throwable t) {
- IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+ final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
log.error(msg.toString(), t);
}
@@ -122,6 +127,7 @@ public class IaikLog implements iaik.logging.Log {
/**
* @see iaik.logging.Log#isFatalEnabled()
*/
+ @Override
public boolean isFatalEnabled() {
return log.isErrorEnabled();
}
@@ -129,8 +135,9 @@ public class IaikLog implements iaik.logging.Log {
/**
* @see iaik.logging.Log#fatal(TransactionId, Object, Throwable)
*/
+ @Override
public void fatal(TransactionId transactionId, Object message, Throwable t) {
- IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+ final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
log.error(msg.toString(), t);
}
@@ -138,6 +145,7 @@ public class IaikLog implements iaik.logging.Log {
/**
* @see iaik.logging.Log#setNodeId(String)
*/
+ @Override
public void setNodeId(String nodeId) {
this.nodeId = nodeId;
}
@@ -145,6 +153,7 @@ public class IaikLog implements iaik.logging.Log {
/**
* @see iaik.logging.Log#getNodeId()
*/
+ @Override
public String getNodeId() {
return nodeId;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogFactory.java
index 9989087..e0a4ea6 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogFactory.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.logging;
import at.gv.egovernment.moaspss.logging.LoggingContext;
@@ -31,36 +30,40 @@ import iaik.logging.LogConfigurationException;
import iaik.logging.LogFactory;
/**
- * An implementation of the iaik.logging.LogFactory abstract
- * class to log messages to the MOA logging subsystem.
- *
+ * An implementation of the iaik.logging.LogFactory abstract class
+ * to log messages to the MOA logging subsystem.
+ *
* @author Patrick Peck
* @version $Id$
*/
public class IaikLogFactory extends LogFactory {
+ @Override
public Log getInstance(Class clazz) throws LogConfigurationException {
return getInstanceImpl(clazz.getName());
}
+ @Override
public Log getInstance(String name) throws LogConfigurationException {
return getInstanceImpl(name);
}
/**
* Return an instance of iaik.logging.Log.
- *
+ *
* @return The iaik.logging.Log object to log messages to.
- */
+ */
private Log getInstanceImpl(String name) {
- LoggingContext context = LoggingContextManager.getInstance().getLoggingContext();
- if (context != null)
- return new IaikLog(context.getNodeID());
- else
- return new IaikLog("Internal");
-
+ final LoggingContext context = LoggingContextManager.getInstance().getLoggingContext();
+ if (context != null) {
+ return new IaikLog(context.getNodeID());
+ } else {
+ return new IaikLog("Internal");
+ }
+
}
+ @Override
public void release() {
// we do not hold any resources
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogMsg.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogMsg.java
index 7e4ff84..d096b2e 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogMsg.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogMsg.java
@@ -21,34 +21,33 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.logging;
import iaik.logging.TransactionId;
/**
* A unified message type to log messages from the IAIK subsystem.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class IaikLogMsg {
-
+
/** The transaction ID of this message. */
- private TransactionId transactionId;
+ private final TransactionId transactionId;
/** The node ID of this message. */
- private String nodeId;
+ private final String nodeId;
/** The message to log. */
- private Object message;
-
+ private final Object message;
+
/**
* Create a IaikLogMsg object.
- *
- * @param transactionId The transaction id of the transaction which
- * generated this log message. May be null.
- * @param nodeId The node id where this message was generated. May be
- * null.
- * @param message The actual message to log. May be null.
+ *
+ * @param transactionId The transaction id of the transaction which generated
+ * this log message. May be null.
+ * @param nodeId The node id where this message was generated. May be
+ * null.
+ * @param message The actual message to log. May be null.
*/
public IaikLogMsg(TransactionId transactionId, String nodeId, Object message) {
this.transactionId = transactionId;
@@ -56,22 +55,22 @@ public class IaikLogMsg {
this.message = message;
}
-
/**
* Convert this log message to a String.
- *
- * @return The String representation of this log message.
+ *
+ * @return The String representation of this log message.
*/
+ @Override
public String toString() {
- StringBuffer msg = new StringBuffer();
-
+ final StringBuffer msg = new StringBuffer();
+
msg.append("TID=");
msg.append(transactionId != null ? transactionId.getLogID() : "");
msg.append(" NID=");
msg.append(nodeId != null ? nodeId : "");
msg.append(" MSG=");
msg.append(message != null ? message.toString() : "");
-
+
return msg.toString();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/TransactionId.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/TransactionId.java
index ba76c0b..75623fd 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/TransactionId.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/TransactionId.java
@@ -21,25 +21,24 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.logging;
/**
* An implementation of the iaik.logging.TransactionId interface.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class TransactionId implements iaik.logging.TransactionId {
-
+
/** The String representation for logging the transaction ID. */
- private String logID;
-
+ private final String logID;
+
/**
* Create a TransactionId object.
- *
+ *
* @param logID The transaction id as it should be presented to the logging
- * subsystem.
+ * subsystem.
*/
public TransactionId(String logID) {
this.logID = logID;
@@ -48,13 +47,15 @@ public class TransactionId implements iaik.logging.TransactionId {
/**
* @see iaik.logging.TransactionId#getLogID()
*/
+ @Override
public String getLogID() {
return logID;
}
-
+
/**
* @see java.lang.Object#toString()
*/
+ @Override
public String toString() {
return getLogID();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/monitoring/ServiceStatusContainer.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/monitoring/ServiceStatusContainer.java
index 3d100a4..9c5bef3 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/monitoring/ServiceStatusContainer.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/monitoring/ServiceStatusContainer.java
@@ -7,37 +7,38 @@ import at.gv.egovernment.moa.spss.tsl.TSLServiceFactory;
public class ServiceStatusContainer {
- public static final String STATUS_NOT_SET = "no status message";
- public static final String STATUS_OK = "ok";
-
- private static boolean TSLStatusValid = false;
- private static String TSLStatusMsg = STATUS_NOT_SET;
- private static List tslDetailStatus = null;
-
- public static boolean getStatus() {
- return TSLStatusValid;
-
- }
-
- public static String getStatusMsg() {
- return TSLStatusMsg;
-
- }
-
- public static List getTslDetailStatus() {
- return tslDetailStatus;
- }
-
- public static void setStatus(boolean currentStatus) {
- TSLStatusValid = currentStatus;
-
- if (TSLServiceFactory.isInitialized())
- tslDetailStatus = TSLServiceFactory.getTSLServiceClient().getCurrentTSLClientStatus();
-
- }
-
- public static void setStatusMsg(String msg) {
- TSLStatusMsg = msg;
- }
-
+ public static final String STATUS_NOT_SET = "no status message";
+ public static final String STATUS_OK = "ok";
+
+ private static boolean TSLStatusValid = false;
+ private static String TSLStatusMsg = STATUS_NOT_SET;
+ private static List tslDetailStatus = null;
+
+ public static boolean getStatus() {
+ return TSLStatusValid;
+
+ }
+
+ public static String getStatusMsg() {
+ return TSLStatusMsg;
+
+ }
+
+ public static List getTslDetailStatus() {
+ return tslDetailStatus;
+ }
+
+ public static void setStatus(boolean currentStatus) {
+ TSLStatusValid = currentStatus;
+
+ if (TSLServiceFactory.isInitialized()) {
+ tslDetailStatus = TSLServiceFactory.getTSLServiceClient().getCurrentTSLClientStatus();
+ }
+
+ }
+
+ public static void setStatusMsg(String msg) {
+ TSLStatusMsg = msg;
+ }
+
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java
index d3a930c..1d85d66 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java
@@ -21,13 +21,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.service;
-import iaik.pki.revocation.RevocationSourceTypes;
-import iaik.pki.store.revocation.archive.Archive;
-import iaik.pki.store.revocation.archive.ArchiveFactory;
-
import java.util.Date;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
@@ -35,64 +30,67 @@ import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.util.MessageProvider;
import at.gv.egovernment.moaspss.logging.LogMsg;
import at.gv.egovernment.moaspss.logging.Logger;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.pki.store.revocation.archive.Archive;
+import iaik.pki.store.revocation.archive.ArchiveFactory;
/**
- * A Runnable for periodically cleaning up the revocation archive.
+ * A Runnable for periodically cleaning up the revocation archive.
+ *
* @author Patrick Peck
* @version $Id$
*/
public class RevocationArchiveCleaner implements Runnable {
/** The inverval between two clean-ups of the revocation archive. */
- private long archiveCleanupInterval;
+ private final long archiveCleanupInterval;
/**
* Create a new RevocationArchiveCleaner.
- *
+ *
* @param archiveCleanupInterval The interval between two clean-ups of the
- * revocation archive.
+ * revocation archive.
*/
public RevocationArchiveCleaner(long archiveCleanupInterval) {
this.archiveCleanupInterval = archiveCleanupInterval;
}
/**
- * Run the RevocationArchiveCleaner in its own
- * Thread.
+ * Run the RevocationArchiveCleaner in its own Thread.
*/
+ @Override
public void run() {
while (true) {
try {
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- boolean enableArchiving = config.getEnableRevocationArchiving();
+ final ConfigurationProvider config = ConfigurationProvider.getInstance();
+ final boolean enableArchiving = config.getEnableRevocationArchiving();
- if (enableArchiving)
- {
- Archive archive = ArchiveFactory.getInstance().getArchive();
- long archiveDurationMillis =
- (long) config.getCRLArchiveDuration() * 86400000;
+ if (enableArchiving) {
+ final Archive archive = ArchiveFactory.getInstance().getArchive();
+ final long archiveDurationMillis =
+ (long) config.getCRLArchiveDuration() * 86400000;
// delete old archive data
if (archiveDurationMillis > 0) {
- Date olderThan =
- new Date(System.currentTimeMillis() - archiveDurationMillis);
+ final Date olderThan =
+ new Date(System.currentTimeMillis() - archiveDurationMillis);
archive.deleteOldArchiveEntries(
- RevocationSourceTypes.CRL,
- olderThan,
- new TransactionId("RevocationArchiveCleaner"));
+ RevocationSourceTypes.CRL,
+ olderThan,
+ new TransactionId("RevocationArchiveCleaner"));
}
}
- } catch (Exception e) {
- MessageProvider msg = MessageProvider.getInstance();
+ } catch (final Exception e) {
+ final MessageProvider msg = MessageProvider.getInstance();
Logger.error(new LogMsg(msg.getMessage("init.02", null)), e);
}
- // sleep
+ // sleep
try {
Thread.sleep(archiveCleanupInterval * 1000);
- } catch (InterruptedException e) {
+ } catch (final InterruptedException e) {
// ok to do nothing here
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/DeleteableDataSource.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/DeleteableDataSource.java
index a5ea592..335bf68 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/DeleteableDataSource.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/DeleteableDataSource.java
@@ -3,5 +3,5 @@ package at.gv.egovernment.moa.spss.server.transaction;
import javax.activation.DataSource;
public interface DeleteableDataSource extends DataSource {
- public void delete();
+ void delete();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java
index 4e0d9f6..5746657 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java
@@ -21,11 +21,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.transaction;
-import iaik.xml.crypto.utils.URI;
-
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
@@ -33,23 +30,23 @@ import java.io.InputStream;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Iterator;
+import java.util.Map.Entry;
import java.util.Vector;
import javax.activation.DataSource;
-import java.util.Map.Entry;
-
import org.w3c.dom.Element;
import at.gv.egovernment.moa.spss.MOAApplicationException;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moaspss.logging.Logger;
+import iaik.xml.crypto.utils.URI;
/**
* Contains information about the current request.
- *
+ *
* @author Stefan Knirsch
- * @author Patrick Peck
+ * @author Patrick Peck
*/
public class TransactionContext {
@@ -69,18 +66,19 @@ public class TransactionContext {
private HashMap resolvedEntities = null;
/** The configuration to use throughout the request. */
private ConfigurationProvider configuration = null;
-
+
/**
* Create a TransactionContext object.
- *
- * @param transactionID A unique ID for this TransactionContext.
+ *
+ * @param transactionID A unique ID for this
+ * TransactionContext.
* @param clientCertificate The client certificate chain.
- * @param configuration The MOA configuration to use for this transaction.
+ * @param configuration The MOA configuration to use for this transaction.
*/
public TransactionContext(
- String transactionID,
- X509Certificate[] clientCertificate,
- ConfigurationProvider configuration) {
+ String transactionID,
+ X509Certificate[] clientCertificate,
+ ConfigurationProvider configuration) {
this.transactionID = transactionID;
this.clientCertificate = clientCertificate;
@@ -89,18 +87,19 @@ public class TransactionContext {
/**
* Create a TransactionContext object.
- *
- * @param transactionID A unique ID for this TransactionContext.
+ *
+ * @param transactionID A unique ID for this
+ * TransactionContext.
* @param clientCertificate The client certificate chain.
- * @param configuration The MOA configuration to use for this transaction.
- * @param attachments to use for this transaction.
+ * @param configuration The MOA configuration to use for this transaction.
+ * @param attachments to use for this transaction.
*/
public TransactionContext(
- String transactionID,
- X509Certificate[] clientCertificate,
- ConfigurationProvider configuration,
- Element request,
- HashMap attachments) {
+ String transactionID,
+ X509Certificate[] clientCertificate,
+ ConfigurationProvider configuration,
+ Element request,
+ HashMap attachments) {
this.transactionID = transactionID;
this.clientCertificate = clientCertificate;
@@ -108,14 +107,14 @@ public class TransactionContext {
this.request = request;
this.attachments = attachments;
}
-
+
/**
* Returns the client certificate.
- *
+ *
* @return The client certificate chain, if SSL client authentication has been
- * configured in the web server and has been used by the client. The 0th
- * element of the array contains the client certificate. null
- * otherwise.
+ * configured in the web server and has been used by the client. The 0th
+ * element of the array contains the client certificate.
+ * null otherwise.
*/
public X509Certificate[] getClientCertificate() {
return clientCertificate;
@@ -123,7 +122,7 @@ public class TransactionContext {
/**
* Returns the unique transaction ID.
- *
+ *
* @return The transaction ID.
*/
public String getTransactionID() {
@@ -132,7 +131,7 @@ public class TransactionContext {
/**
* Returns the name of the request.
- *
+ *
* @return The name of the request.
*/
public String getRequestName() {
@@ -141,7 +140,7 @@ public class TransactionContext {
/**
* Sets the name of the request.
- *
+ *
* @param requestName The request name to set.
*/
public void setRequestName(String requestName) {
@@ -150,7 +149,7 @@ public class TransactionContext {
/**
* Sets the the request.
- *
+ *
* @param request The request to set.
*/
public void setRequest(Element request) {
@@ -159,7 +158,7 @@ public class TransactionContext {
/**
* Returns the request.
- *
+ *
* @return The request.
*/
public Element getRequest() {
@@ -168,7 +167,7 @@ public class TransactionContext {
/**
* Sets the the response.
- *
+ *
* @param response The response to set.
*/
public void setResponse(Element response) {
@@ -177,23 +176,26 @@ public class TransactionContext {
/**
* Returns the response.
- *
+ *
* @return The response.
*/
public Element getResponse() {
return response;
}
-
+
/**
* Adds an attachment to the transactions list of SOAP attachments.
- *
+ *
* @param referenceId Identification value for the SOAP attachment.
* @param contentType MIME type of the SOAP attachment.
- * @param is Handle to the ManagedMemoryDataSource of the SOAP attachment.
+ * @param is Handle to the ManagedMemoryDataSource of the SOAP
+ * attachment.
*/
public void addAttachment(String referenceId, String contentType, DataSource is) {
- if (this.attachments == null) this.attachments = new HashMap();
- Vector entry = new Vector(2);
+ if (this.attachments == null) {
+ this.attachments = new HashMap();
+ }
+ final Vector entry = new Vector(2);
entry.add(contentType);
entry.add(is);
this.attachments.put(referenceId, entry);
@@ -201,185 +203,198 @@ public class TransactionContext {
/**
* Adds an attachment to the transactions list of SOAP attachments.
- *
+ *
* @param referenceId Identification value for the SOAP attachment.
* @param contentType MIME type of the SOAP attachment.
- * @param is Handle to the InputStream of the SOAP attachment.
- * @param filename Filename of the temporary file the InputStream belongs to
+ * @param is Handle to the InputStream of the SOAP attachment.
+ * @param filename Filename of the temporary file the InputStream belongs to
*/
public void addAttachment(String referenceId, String contentType, InputStream is, String filename) {
- if (this.attachments == null) this.attachments = new HashMap();
- Vector entry = new Vector(3);
+ if (this.attachments == null) {
+ this.attachments = new HashMap();
+ }
+ final Vector entry = new Vector(3);
entry.add(contentType);
entry.add(is);
entry.add(filename);
this.attachments.put(referenceId, entry);
}
-
+
/**
- * Returns the ManagedMemoryDataSource to a specific SOAP attachment identified by referenceId.
- *
+ * Returns the ManagedMemoryDataSource to a specific SOAP attachment identified
+ * by referenceId.
+ *
* @param referenceId Identification value for the SOAP attachment.
*/
public DataSource getAttachment(String referenceId) {
- if (attachments==null) {
+ if (attachments == null) {
return null;
}
- Vector entry = (Vector) attachments.get(referenceId);
- if (entry==null) {
+ final Vector entry = (Vector) attachments.get(referenceId);
+ if (entry == null) {
return null;
}
- Object object = entry.get(1);
+ final Object object = entry.get(1);
if (object instanceof DataSource) {
- return (DataSource) object;
+ return (DataSource) object;
} else {
- return null;
+ return null;
}
}
-
+
/**
* Returns the InputStream to a specific SOAP attachment identified by uri.
- *
+ *
* @param uri Identification value for the SOAP attachment.
*/
public InputStream getAttachmentInputStream(URI uri) throws MOAApplicationException {
- if (attachments==null) {
+ if (attachments == null) {
return null;
}
- String referenceId = uri.getPath();
- Vector entry = (Vector) attachments.get(referenceId);
- if (entry==null) {
+ final String referenceId = uri.getPath();
+ final Vector entry = (Vector) attachments.get(referenceId);
+ if (entry == null) {
return null;
}
InputStream attachmentIs = null;
- Object object = entry.get(1);
-
+ final Object object = entry.get(1);
+
if (object instanceof DataSource) {
- try {
- attachmentIs = (InputStream) ( ((DataSource)object).getInputStream());
- } catch (IOException e) {
- throw new MOAApplicationException("2208", new Object[] { uri }, e);
- }
+ try {
+ attachmentIs = ((DataSource) object).getInputStream();
+ } catch (final IOException e) {
+ throw new MOAApplicationException("2208", new Object[] { uri }, e);
+ }
} else {
- attachmentIs = (InputStream) object;
+ attachmentIs = (InputStream) object;
}
return attachmentIs;
- //If we would return the whole mmds: return (ManagedMemoryDataSource) entry.get(1);
+ // If we would return the whole mmds: return (ManagedMemoryDataSource)
+ // entry.get(1);
}
-
+
/**
- * Returns the content type to a specific SOAP attachment identified by referenceId.
- *
+ * Returns the content type to a specific SOAP attachment identified by
+ * referenceId.
+ *
* @param referenceId Identification value for the SOAP attachment.
*/
public String getAttachmentContentType(String referenceId) {
- Vector entry = (Vector) attachments.get(referenceId);
- if (entry==null) {
+ final Vector entry = (Vector) attachments.get(referenceId);
+ if (entry == null) {
return null;
}
return (String) entry.get(0);
}
-
+
/**
* Delete the temporary attachment files.
*/
-public void cleanAttachmentCache() {
- if (null==attachments) {
+ public void cleanAttachmentCache() {
+ if (null == attachments) {
return;
}
- Iterator iterator = attachments.entrySet().iterator();
+ final Iterator iterator = attachments.entrySet().iterator();
while (iterator.hasNext()) {
- Entry hmEntry = (Entry) iterator.next();
- Vector entry = (Vector)hmEntry.getValue();
- Object object = entry.get(1);
+ final Entry hmEntry = (Entry) iterator.next();
+ final Vector entry = (Vector) hmEntry.getValue();
+ final Object object = entry.get(1);
if (object instanceof DataSource) {
- DataSource mmds = (DataSource)object;
- try {
- if (mmds!=null) {
- InputStream is = mmds.getInputStream();
- if (is!=null) is.close();
-// not available in Axis 1.0 to 1.1
+ final DataSource mmds = (DataSource) object;
+ try {
+ if (mmds != null) {
+ final InputStream is = mmds.getInputStream();
+ if (is != null) {
+ is.close();
+ }
+// not available in Axis 1.0 to 1.1
// File f = mmds.getDiskCacheFile();
// if (f!=null) f.delete();
- if(mmds instanceof DeleteableDataSource) {
- ((DeleteableDataSource)mmds).delete();
- }
- //mmds..delete();
- }
- } catch (IOException e) {
- // ok to do nothing here
- }
+ if (mmds instanceof DeleteableDataSource) {
+ ((DeleteableDataSource) mmds).delete();
+ }
+ // mmds..delete();
+ }
+ } catch (final IOException e) {
+ // ok to do nothing here
+ }
} else if (object instanceof InputStream) {
- InputStream is = (InputStream)object;
- try {
- if (is!=null) is.close();
- String tempFile = (String) entry.get(2);
- if (tempFile!=null){
- File f = new File(tempFile);
- f.delete();
- }
- } catch (IOException e) {
- // ok to do nothing here
- }
+ final InputStream is = (InputStream) object;
+ try {
+ if (is != null) {
+ is.close();
+ }
+ final String tempFile = (String) entry.get(2);
+ if (tempFile != null) {
+ final File f = new File(tempFile);
+ f.delete();
+ }
+ } catch (final IOException e) {
+ // ok to do nothing here
+ }
}
}
}
-
+
/**
* Returns the ConfigurationProvider associated with this
* transaction.
- *
- * @return The ConfigurationProvider associated with this transaction.
+ *
+ * @return The ConfigurationProvider associated with this transaction.
*/
public ConfigurationProvider getConfiguration() {
return configuration;
}
-
+
/**
* Search an uri content in cashed map.
- *
+ *
* @param uri The value to look for.
* @return If found the cached entity, null otherwise.
*/
public Vector FindResolvedEntity(String uri) {
- if (resolvedEntities==null) return null;
- return (Vector) resolvedEntities.get(uri);
+ if (resolvedEntities == null) {
+ return null;
+ }
+ return (Vector) resolvedEntities.get(uri);
}
-
+
/**
* Get a new InputStream of a cached entity.
- *
+ *
* @param uri The value to look for.
* @return A new InputStream of the cached entity.
*/
public InputStream ResolveURI(String uri) {
- InputStream is = null;
- Vector entity = FindResolvedEntity(uri);
- if (entity!=null) {
- byte[] contentBytes = (byte[]) entity.get(0);
- if (contentBytes!=null) {
- is = new ByteArrayInputStream(contentBytes);
- }
- }
- return is;
+ InputStream is = null;
+ final Vector entity = FindResolvedEntity(uri);
+ if (entity != null) {
+ final byte[] contentBytes = (byte[]) entity.get(0);
+ if (contentBytes != null) {
+ is = new ByteArrayInputStream(contentBytes);
+ }
+ }
+ return is;
}
/**
- * Put a read entity (supplement, detached content, data object) on
- * transactions entity cash, to prevent repeated reading on slower channels.
- *
- * @param uri A transaction-wide unique URI used as key of the entity cash
- * table.
+ * Put a read entity (supplement, detached content, data object) on transactions
+ * entity cash, to prevent repeated reading on slower channels.
+ *
+ * @param uri A transaction-wide unique URI used as key of the entity
+ * cash table.
* @param contentBytes The cached content belonging to the uri.
- * @param contentType If known, the MIME-type of the cashed content.
+ * @param contentType If known, the MIME-type of the cashed content.
*/
public void PutResolvedEntity(String uri, byte[] contentBytes, String contentType) {
- Logger.trace(" storing uri content of uri \"" + uri + "\" for future references");
- if (resolvedEntities==null) resolvedEntities = new HashMap();
- Vector entity = new Vector();
- entity.add(contentBytes);
- entity.add(contentType);
- resolvedEntities.put(uri, entity);
+ Logger.trace(" storing uri content of uri \"" + uri + "\" for future references");
+ if (resolvedEntities == null) {
+ resolvedEntities = new HashMap();
+ }
+ final Vector entity = new Vector();
+ entity.add(contentBytes);
+ entity.add(contentType);
+ resolvedEntities.put(uri, entity);
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContextManager.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContextManager.java
index 8a45ddf..080f801 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContextManager.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContextManager.java
@@ -21,30 +21,29 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.transaction;
/**
* Provides each thread with an instance of TransactionContext.
- *
+ *
* The single instance of the TransactionContextManager should be
* used to access contextual information for each web service transaction, e.g.
* the transaction ID, MOA configuration, client certificate, etc.
- *
+ *
* @author Stefan Knirsch
* @author Patrick Peck
*/
public class TransactionContextManager {
- /** The single instance of TransactionContextManager */
+ /** The single instance of TransactionContextManager */
private static TransactionContextManager instance = null;
-
+
/** Contains a single TransactionContext for each thread. */
private ThreadLocal context = null;
/**
* Get the single instance of TransactionContextManager.
- *
+ *
* @return The single instanc of TransactionContextManager.
*/
public static synchronized TransactionContextManager getInstance() {
@@ -56,7 +55,7 @@ public class TransactionContextManager {
/**
* Creates a new TransactionContextManager.
- *
+ *
* Protected to disallow direct instantiation.
*/
protected TransactionContextManager() {
@@ -65,7 +64,7 @@ public class TransactionContextManager {
/**
* Set the TransactionContext for the current thread.
- *
+ *
* @param txContext The TransactionContext for this thread.
*/
public void setTransactionContext(TransactionContext txContext) {
@@ -74,10 +73,10 @@ public class TransactionContextManager {
/**
* Get the TransactionContext for the current thread.
- *
+ *
* @return The TransactionContext for the current thread or
- * null, if none has been set (or if this method is being invoked
- * outside the bounds of a transaction).
+ * null, if none has been set (or if this method is being
+ * invoked outside the bounds of a transaction).
*/
public TransactionContext getTransactionContext() {
return (TransactionContext) context.get();
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionIDGenerator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionIDGenerator.java
index b173308..463785b 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionIDGenerator.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionIDGenerator.java
@@ -21,27 +21,28 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.transaction;
-
/**
* A generator for unique transaction IDs.
- *
- * The transaction IDs are of the form "", where:
- *
+ *
+ *
+ * The transaction IDs are of the form "", where:
+ *
* base is initialized with the system time when this class is
* being loadedcounter is incremented sequentially on each call to
* nextID()
*
- *
- * Assuming that it is highly unlikely that MOA servers are started at
- * exactly the same time instant, the mechanism provided by this class should
- * guarantee unique transaction IDs across multiple restarts and/or instances of
- * the server.
- *
+ *
+ *
+ * Assuming that it is highly unlikely that MOA servers are started at exactly
+ * the same time instant, the mechanism provided by this class should guarantee
+ * unique transaction IDs across multiple restarts and/or instances of the
+ * server.
+ *
+ *
* @author Patrick Peck
* @author Stefan Knirsch
*/
@@ -63,13 +64,13 @@ public class TransactionIDGenerator {
/**
* Returns the next transaction ID.
- *
+ *
* @return The next transaction ID.
*/
public static synchronized String nextID() {
counter++;
- return (base + "-" + counter);
+ return base + "-" + counter;
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/util/IdGenerator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/util/IdGenerator.java
index a8d9e1b..a6bc653 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/util/IdGenerator.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/util/IdGenerator.java
@@ -21,65 +21,66 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.util;
import java.util.Set;
/**
* Generate unique ID values for various objects in the response.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class IdGenerator {
/** The base value to append the counter to. */
- private String base;
+ private final String base;
/** The Set of reserved ID values. */
- private Set reserved;
+ private final Set reserved;
/** The sequence number. */
private int count;
-
+
/**
* Create a new IdGenerator.
- *
- * @param base A base value to append the IDs to. The creator of this object
- * should provide a base value, so that appending the counter leads to unique
- * IDs.
- * @param reserved The Set of reserved IDs. A call to
- * uniqueId() will respect the reserved IDs.
+ *
+ * @param base A base value to append the IDs to. The creator of this object
+ * should provide a base value, so that appending the counter
+ * leads to unique IDs.
+ * @param reserved The Set of reserved IDs. A call to
+ * uniqueId() will respect the reserved IDs.
*/
public IdGenerator(String base, Set reserved) {
this.base = base;
this.reserved = reserved;
count = 1;
}
-
+
/**
* Create the next ID value in the sequence.
- *
+ *
* @return The next ID value in the sequence.
*/
protected String nextId() {
return base + "-" + count++;
}
-
+
/**
* Create the next unique ID value which is unique in the reserved ID set.
- *
+ *
* The created ID is added to the set of reserved IDs.
- *
+ *
* @return The next ID value.
*/
public String uniqueId() {
String nextId;
- while (reserved.contains(nextId = nextId()));
-
+ while (reserved.contains(nextId = nextId())) {
+ ;
+ }
+
reserved.add(nextId);
-
+
return nextId;
-
+
}
-
+
}
--
cgit v1.2.3