summaryrefslogtreecommitdiff
path: root/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java
diff options
context:
space:
mode:
Diffstat (limited to 'bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java')
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java320
1 files changed, 249 insertions, 71 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java
index b6745e1f..4d64ae36 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java
@@ -16,55 +16,66 @@
*/
package at.gv.egiz.bku.slcommands.impl;
-import iaik.asn1.CodingException;
-import iaik.asn1.DerCoder;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.JAXBException;
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.transform.Result;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.TransformerConfigurationException;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactory;
-import javax.xml.transform.dom.DOMResult;
-import javax.xml.transform.dom.DOMSource;
-import javax.xml.transform.stream.StreamResult;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.w3c.dom.Document;
-import org.w3c.dom.Node;
-
-import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType;
-import at.buergerkarte.namespaces.securitylayer._1.AnyChildrenType;
-import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsBinaryFileType;
-import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType;
-import at.gv.egiz.bku.slcommands.InfoboxReadCommand;
-import at.gv.egiz.bku.slcommands.SLCommand;
-import at.gv.egiz.bku.slcommands.SLCommandContext;
-import at.gv.egiz.bku.slcommands.SLResult;
-import at.gv.egiz.bku.slexceptions.SLCommandException;
-import at.gv.egiz.bku.slexceptions.SLExceptionMessages;
-import at.gv.egiz.bku.slexceptions.SLRuntimeException;
-import at.gv.egiz.idlink.CompressedIdentityLinkFactory;
-import at.gv.egiz.idlink.IdentityLinkTransformer;
-import at.gv.egiz.idlink.ans1.IdentityLink;
-import at.gv.egiz.stal.InfoboxReadRequest;
-import at.gv.egiz.stal.InfoboxReadResponse;
-import at.gv.egiz.stal.STALRequest;
+import iaik.asn1.CodingException;
+import iaik.asn1.DerCoder;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.regex.Pattern;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.Result;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.w3c.dom.Document;
+import org.w3c.dom.Node;
+
+import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType;
+import at.buergerkarte.namespaces.securitylayer._1.AnyChildrenType;
+import at.buergerkarte.namespaces.securitylayer._1.InfoboxAssocArrayPairType;
+import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadDataAssocArrayType;
+import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType;
+import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsBinaryFileType;
+import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType;
+import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory;
+import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadKeys;
+import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadPairs;
+import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadValue;
+import at.gv.egiz.bku.slcommands.InfoboxReadCommand;
+import at.gv.egiz.bku.slcommands.SLCommand;
+import at.gv.egiz.bku.slcommands.SLCommandContext;
+import at.gv.egiz.bku.slcommands.SLResult;
+import at.gv.egiz.bku.slexceptions.SLCommandException;
+import at.gv.egiz.bku.slexceptions.SLExceptionMessages;
+import at.gv.egiz.bku.slexceptions.SLRuntimeException;
+import at.gv.egiz.idlink.CompressedIdentityLinkFactory;
+import at.gv.egiz.idlink.IdentityLinkTransformer;
+import at.gv.egiz.idlink.ans1.IdentityLink;
+import at.gv.egiz.stal.InfoboxReadRequest;
+import at.gv.egiz.stal.InfoboxReadResponse;
+import at.gv.egiz.stal.STALRequest;
/**
* This class implements the security layer command
@@ -82,23 +93,45 @@ public class InfoboxReadCommandImpl extends SLCommandImpl<InfoboxReadRequestType
/**
* Logging facility.
*/
- protected static Log log = LogFactory.getLog(InfoboxReadCommandImpl.class);
-
- public static final String INFOBOX_IDENTIFIER_CERTIFICATES = "Certificates";
-
- public static final String BOX_SPECIFIC_PARAMETER_IDENTITY_LINK_DOMAIN_IDENTIFIER = "IdentityLinkDomainIdentifier";
-
- public static final String INFOBOX_IDENTIFIER_IDENTITY_LINK = "IdentityLink";
+ protected static Log log = LogFactory.getLog(InfoboxReadCommandImpl.class);
+
+ public static final String SEARCH_STRING_PATTERN = ".&&[^/](/.&&[^/])*";
+ public static final String INFOBOX_IDENTIFIER_CERTIFICATES = "Certificates";
+
+ public static final String BOX_SPECIFIC_PARAMETER_IDENTITY_LINK_DOMAIN_IDENTIFIER = "IdentityLinkDomainIdentifier";
+
+ public static final String INFOBOX_IDENTIFIER_IDENTITY_LINK = "IdentityLink";
+
+ public static final String[] INFOXBOX_CERTIFICATES_KEYS = new String[] {
+ "SecureSignatureKeypair",
+ "CertifiedKeypair" };
+
+ private static final int ASSOC_ARRAY_READ_KEYS = 1;
+
+ private static final int ASSOC_ARRAY_READ_PAIRS = 2;
+
+ private static final int ASSOC_ARRAY_READ_VALUE = 3;
+
/**
* The <code>InfoboxIdentifier</code>
*/
protected String infoboxIdentifier;
/**
- * The <code>IdentityLinkDomainIdentifier</code> value of an IdentyLink infobox.
+ * The <code>IdentityLinkDomainIdentifier</code> value of an <code>IdentyLink</code> infobox.
*/
- protected String identityLinkDomainIdentifier;
+ protected String identityLinkDomainIdentifier;
+
+ /**
+ * The list of certificates to be read from an <code>Certificates</code> infobox.
+ */
+ protected List<String> certificates;
+
+ /**
+ * The result type.
+ */
+ protected int assocArrayResult;
/**
* Is content XML entity?
@@ -125,12 +158,6 @@ public class InfoboxReadCommandImpl extends SLCommandImpl<InfoboxReadRequestType
infoboxIdentifier = req.getInfoboxIdentifier();
- InfoboxReadParamsBinaryFileType binaryFileParameters = req.getBinaryFileParameters();
- if (binaryFileParameters != null) {
- isXMLEntity = binaryFileParameters.isContentIsXMLEntity();
- log.debug("Got ContentIsXMLEntity=" + isXMLEntity + ".");
- }
-
if (INFOBOX_IDENTIFIER_IDENTITY_LINK.equals(infoboxIdentifier)) {
if (req.getAssocArrayParameters() != null) {
@@ -138,6 +165,11 @@ public class InfoboxReadCommandImpl extends SLCommandImpl<InfoboxReadRequestType
throw new SLCommandException(4010);
}
+ InfoboxReadParamsBinaryFileType binaryFileParameters = req.getBinaryFileParameters();
+ if (binaryFileParameters != null) {
+ isXMLEntity = binaryFileParameters.isContentIsXMLEntity();
+ log.debug("Got ContentIsXMLEntity=" + isXMLEntity + ".");
+ }
AnyChildrenType boxSpecificParameters = req.getBoxSpecificParameters();
@@ -158,6 +190,74 @@ public class InfoboxReadCommandImpl extends SLCommandImpl<InfoboxReadRequestType
throw new SLCommandException(4010);
}
}
+
+ } else if (INFOBOX_IDENTIFIER_CERTIFICATES.equals(infoboxIdentifier)) {
+
+ if (req.getBinaryFileParameters() != null) {
+ log.info("Got BinaryFileParameters but Infobox type is AssocArray.");
+ throw new SLCommandException(4010);
+ }
+
+ if (req.getBoxSpecificParameters() != null) {
+ log.info("Got invalid BoxSpecificParameters.");
+ throw new SLCommandException(4010);
+ }
+
+ InfoboxReadParamsAssocArrayType assocArrayParameters = req
+ .getAssocArrayParameters();
+ if (assocArrayParameters == null) {
+ log.info("Infobox type is AssocArray but got no AssocArrayParameters.");
+ throw new SLCommandException(4010);
+ }
+
+ // RreadKeys?
+ if (assocArrayParameters.getReadKeys() != null) {
+ assocArrayResult = ASSOC_ARRAY_READ_KEYS;
+ ReadKeys readKeys = assocArrayParameters.getReadKeys();
+ certificates = findCertificates(readKeys.getSearchString());
+ if (readKeys.isUserMakesUnique() && certificates.size() > 1) {
+ log.info("UserMakesUnique not supported");
+ // TODO: give more specific error message
+ throw new SLCommandException(4010);
+ }
+ }
+
+ // ReadPairs?
+ if (assocArrayParameters.getReadPairs() != null) {
+ assocArrayResult = ASSOC_ARRAY_READ_PAIRS;
+ ReadPairs readPairs = assocArrayParameters.getReadPairs();
+ if (readPairs.isValuesAreXMLEntities()) {
+ log.info("Got valuesAreXMLEntities but infobox type is binary.");
+ throw new SLCommandException(4010);
+ }
+ certificates = findCertificates(readPairs.getSearchString());
+ if (readPairs.isUserMakesUnique() && certificates.size() > 1) {
+ log.info("UserMakesUnique not supported");
+ // TODO: give more specific error message
+ throw new SLCommandException(4010);
+ }
+ }
+
+ // ReadValue
+ if (assocArrayParameters.getReadValue() != null) {
+ assocArrayResult = ASSOC_ARRAY_READ_VALUE;
+ ReadValue readValue = assocArrayParameters.getReadValue();
+ if (readValue.isValueIsXMLEntity()) {
+ log.info("Got valuesAreXMLEntities but infobox type is binary.");
+ throw new SLCommandException(4010);
+ }
+ String key = readValue.getKey();
+ if (Arrays.asList(INFOXBOX_CERTIFICATES_KEYS).contains(key)) {
+ certificates = Collections.singletonList(key);
+ } else {
+ certificates = Collections.emptyList();
+ }
+ }
+
+ if (assocArrayResult == 0) {
+ log.info("Infobox type is AssocArray but got invalid AssocArrayParameters.");
+ throw new SLCommandException(4010);
+ }
} else {
throw new SLCommandException(4002,
@@ -168,9 +268,15 @@ public class InfoboxReadCommandImpl extends SLCommandImpl<InfoboxReadRequestType
}
@Override
- public SLResult execute() {
+ public SLResult execute() {
try {
- return readIdentityLink();
+ if (INFOBOX_IDENTIFIER_IDENTITY_LINK.equals(infoboxIdentifier)) {
+ return readIdentityLink();
+ } else if (INFOBOX_IDENTIFIER_CERTIFICATES.equals(infoboxIdentifier)) {
+ return readCertificates();
+ } else {
+ throw new SLCommandException(4000);
+ }
} catch (SLCommandException e) {
return new ErrorResultImpl(e);
}
@@ -302,7 +408,7 @@ public class InfoboxReadCommandImpl extends SLCommandImpl<InfoboxReadRequestType
new Object[] { INFOBOX_IDENTIFIER_IDENTITY_LINK });
}
- InfoboxReadResultImpl result = new InfoboxReadResultImpl();
+ InfoboxReadResultFileImpl result = new InfoboxReadResultFileImpl();
ByteArrayOutputStream resultBytes = null;
Result xmlResult = (isXMLEntity || identityLinkDomainIdentifier != null)
? result.getXmlResult(true)
@@ -406,9 +512,81 @@ public class InfoboxReadCommandImpl extends SLCommandImpl<InfoboxReadRequestType
return result;
}
+
+ protected List<String> findCertificates(String searchString) throws SLCommandException {
+
+ if ("*".equals(searchString) || "**".equals(searchString)) {
+ return Arrays.asList(INFOXBOX_CERTIFICATES_KEYS);
+ }
+
+ if (Pattern.matches(SEARCH_STRING_PATTERN, searchString)) {
+
+// for (int i = 0; i < searchString.length(); i++) {
+// int codePoint = searchString.codePointAt(i);
+//
+// }
+
+ // TODO : build pattern
+ return Collections.emptyList();
+ } else {
+ log.info("Got invalid search string '" + searchString + "'");
+ throw new SLCommandException(4010);
+ }
+
+ }
+
+ private SLResult readCertificates() throws SLCommandException {
+
+ ObjectFactory objectFactory = new ObjectFactory();
+
+ InfoboxReadDataAssocArrayType infoboxReadDataAssocArrayType = objectFactory
+ .createInfoboxReadDataAssocArrayType();
+
+ if (assocArrayResult == ASSOC_ARRAY_READ_KEYS) {
- @Override
- public String getIdentityLinkDomainId() {
- return identityLinkDomainIdentifier;
- }
+ List<String> keys = infoboxReadDataAssocArrayType.getKey();
+ keys.addAll(certificates);
+
+ } else {
+
+ if (certificates != null && !certificates.isEmpty()) {
+
+ List<STALRequest> stalRequests = new ArrayList<STALRequest>();
+
+ // get certificates
+ InfoboxReadRequest infoboxReadRequest;
+ for (int i = 0; i < certificates.size(); i++) {
+ infoboxReadRequest = new InfoboxReadRequest();
+ infoboxReadRequest.setInfoboxIdentifier(certificates.get(i));
+ stalRequests.add(infoboxReadRequest);
+ }
+
+ requestSTAL(stalRequests);
+
+ List<X509Certificate> x509Certs = getCertificatesFromResponses();
+
+ for (int i = 0; i < certificates.size(); i++) {
+ InfoboxAssocArrayPairType infoboxAssocArrayPairType = objectFactory.createInfoboxAssocArrayPairType();
+ infoboxAssocArrayPairType.setKey(certificates.get(i));
+ try {
+ infoboxAssocArrayPairType.setBase64Content(x509Certs.get(i).getEncoded());
+ } catch (CertificateEncodingException e) {
+ log.error("Failed to encode certificate.", e);
+ throw new SLCommandException(4000);
+ }
+ infoboxReadDataAssocArrayType.getPair().add(infoboxAssocArrayPairType);
+ }
+
+ }
+
+ }
+
+ return new InfoboxReadResultImpl(infoboxReadDataAssocArrayType);
+
+ }
+
+ @Override
+ public String getIdentityLinkDomainId() {
+ return identityLinkDomainIdentifier;
+ }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-27 02:01:06 +0000