diff options
Diffstat (limited to 'utils/src/main/java/at/gv/egiz/idlink')
6 files changed, 1342 insertions, 0 deletions
diff --git a/utils/src/main/java/at/gv/egiz/idlink/CompressedIdentityLinkFactory.java b/utils/src/main/java/at/gv/egiz/idlink/CompressedIdentityLinkFactory.java new file mode 100644 index 00000000..5f4e5d92 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/idlink/CompressedIdentityLinkFactory.java @@ -0,0 +1,416 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.idlink;
+
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.security.PublicKey;
+import java.security.cert.X509Certificate;
+import java.util.List;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
+import javax.xml.bind.PropertyException;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.transform.Source;
+import javax.xml.transform.dom.DOMResult;
+
+import org.w3._2000._09.xmldsig_.KeyValueType;
+import org.w3c.dom.Attr;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType;
+import at.gv.e_government.reference.namespace.persondata._20020228_.AbstractPersonType;
+import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType;
+import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType;
+import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType.Value;
+import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType.FamilyName;
+import at.gv.egiz.idlink.ans1.CitizenPublicKey;
+import at.gv.egiz.idlink.ans1.IdentityLink;
+import at.gv.egiz.idlink.ans1.PersonData;
+import at.gv.egiz.idlink.ans1.PhysicalPersonData;
+import at.gv.egiz.xmldsig.KeyTypeNotSupportedException;
+import at.gv.egiz.xmldsig.KeyValueFactory;
+
+public class CompressedIdentityLinkFactory {
+
+ /**
+ * The instance returned by {@link #getInstance()}.
+ */
+ private static CompressedIdentityLinkFactory instance;
+
+ /**
+ * The <code>JAXBContext</code>.
+ */
+ private static JAXBContext jaxbContext;
+
+ /**
+ * The <code>KeyValueFactory</code>.
+ */
+ private static KeyValueFactory keyValueFactory;
+
+ /**
+ * Get an instance of this <code>CompressedIdentityLinkFactory</code>.
+ *
+ * @return an instance of this <code>CompressedIdentityLinkFactory</code>
+ */
+ public synchronized static CompressedIdentityLinkFactory getInstance() {
+ if (instance == null) {
+ instance = new CompressedIdentityLinkFactory();
+ }
+ return instance;
+ }
+
+ /**
+ * Private constructor.
+ */
+ private CompressedIdentityLinkFactory() {
+
+ keyValueFactory = new KeyValueFactory();
+
+ StringBuffer packageNames = new StringBuffer();
+ packageNames.append(at.gv.e_government.reference.namespace.persondata._20020228_.ObjectFactory.class.getPackage().getName());
+ packageNames.append(":");
+ packageNames.append(org.w3._2000._09.xmldsig_.ObjectFactory.class.getPackage().getName());
+ packageNames.append(":");
+ packageNames.append(org.w3._2001._04.xmldsig_more_.ObjectFactory.class.getPackage().getName());
+ packageNames.append(":");
+ packageNames.append(at.buergerkarte.namespaces.personenbindung._20020506_.ObjectFactory.class.getPackage().getName());
+
+ try {
+ jaxbContext = JAXBContext.newInstance(packageNames.toString());
+ } catch (JAXBException e) {
+ // we should not get an JAXBException initializing the JAXBContext
+ throw new RuntimeException(e);
+ }
+
+ }
+
+ public IdentityLink createIdLink(CompressedIdentityLinkType compressedIdentityLinkType) {
+
+ // IssuerTemplate
+ String issuerTemplate = compressedIdentityLinkType.getIssuerTemplate();
+
+ // AssertionId
+ String assertionID = compressedIdentityLinkType.getAssertionID();
+
+ // IssueInstant
+ String issueInstant = compressedIdentityLinkType.getIssueInstant();
+
+ AbstractPersonType personDataType = compressedIdentityLinkType.getPersonData();
+
+ String baseId = null;
+
+ List<IdentificationType> identifications = personDataType.getIdentification();
+ for (IdentificationType identificationType : identifications) {
+ String type = identificationType.getType();
+ if ("urn:publicid:gv.at:baseid".equals(type)) {
+ baseId = identificationType.getValue().getValue();
+ }
+ }
+
+ String givenName = null;
+ String familyName = null;
+ String dateOfBirth = null;
+
+ if (personDataType instanceof PhysicalPersonType) {
+ PhysicalPersonType physicalPersonType = (PhysicalPersonType) personDataType;
+ PersonNameType name = physicalPersonType.getName();
+ List<String> givenNames = name.getGivenName();
+ if (!givenNames.isEmpty()) {
+ givenName = givenNames.get(0);
+ }
+ List<FamilyName> familyNames = name.getFamilyName();
+ if (!familyNames.isEmpty()) {
+ familyName = familyNames.get(0).getValue();
+ }
+ dateOfBirth = physicalPersonType.getDateOfBirth();
+ }
+
+ PhysicalPersonData physicalPersonData = new PhysicalPersonData(baseId, givenName, familyName, dateOfBirth);
+ PersonData personData = new PersonData(physicalPersonData);
+
+ int numKeys = compressedIdentityLinkType.getCitizenPublicKey().size();
+ CitizenPublicKey[] citizenPublicKeys = new CitizenPublicKey[numKeys];
+ for (int i = 0; i < numKeys;) {
+ citizenPublicKeys[i] = new CitizenPublicKey(++i);
+ }
+
+ byte[] signatureValue = compressedIdentityLinkType.getSignatureValue();
+ byte[] referenceDigest = compressedIdentityLinkType.getReferenceDigest();
+ byte[] referenceManifestDigest = compressedIdentityLinkType.getReferenceManifestDigest();
+ byte[] manifestReferenceDigest = compressedIdentityLinkType.getManifestReferenceDigest();
+
+ IdentityLink idLink = new IdentityLink(issuerTemplate, assertionID, issueInstant, personData, citizenPublicKeys, signatureValue);
+ idLink.setReferenceDigest(referenceDigest);
+ idLink.setReferenceManifestDigest(referenceManifestDigest);
+ idLink.setManifestReferenceDigest(manifestReferenceDigest);
+
+ return idLink;
+
+ }
+
+ /**
+ * Creates a new <code>CompressedIdentityLink</code> element from the given
+ * ASN.1 representation of an <code>idLink</code>.
+ *
+ * @param idLink
+ * the ASN.1 representation of an <code>IdentityLink</code>
+ * @param certificates
+ * a list of {@link X509Certificate}s containing the corresponding
+ * public keys
+ * @param domainId TODO
+ * @return a new <code>CompressedIdentityLink</code> element
+ *
+ * @throws NullPointerException
+ * if <code>idLink</code> or <code>certificates</code> is
+ * <code>null</code>
+ * @throws IllegalArgumentException
+ * if <code>idLink</code> references certificates not in the range
+ * of the <code>certificates</code> list
+ */
+ public JAXBElement<CompressedIdentityLinkType> createCompressedIdentityLink(
+ at.gv.egiz.idlink.ans1.IdentityLink idLink,
+ List<X509Certificate> certificates, String domainId) {
+
+ at.gv.e_government.reference.namespace.persondata._20020228_.ObjectFactory prFactory =
+ new at.gv.e_government.reference.namespace.persondata._20020228_.ObjectFactory();
+
+ at.buergerkarte.namespaces.personenbindung._20020506_.ObjectFactory pbFactory =
+ new at.buergerkarte.namespaces.personenbindung._20020506_.ObjectFactory();
+
+ org.w3._2000._09.xmldsig_.ObjectFactory dsFactory = new org.w3._2000._09.xmldsig_.ObjectFactory();
+
+ // PersonData
+ PhysicalPersonData __physicalPersonData = idLink.getPersonData()
+ .getPhysicalPerson();
+
+ Value identificationTypeValue = prFactory.createIdentificationTypeValue();
+ identificationTypeValue.setValue(__physicalPersonData.getBaseId());
+ IdentificationType identificationType = prFactory
+ .createIdentificationType();
+ identificationType.setValue(identificationTypeValue);
+ if (domainId != null) {
+ identificationType.setType(domainId);
+ } else {
+ identificationType.setType("urn:publicid:gv.at:baseid");
+ }
+
+ PersonNameType personNameType = prFactory.createPersonNameType();
+ FamilyName personNameTypeFamilyName = prFactory
+ .createPersonNameTypeFamilyName();
+ personNameTypeFamilyName.setValue(__physicalPersonData.getFamilyName());
+ personNameType.getFamilyName().add(personNameTypeFamilyName);
+ personNameType.getGivenName().add(__physicalPersonData.getGivenName());
+
+ PhysicalPersonType physicalPersonType = prFactory
+ .createPhysicalPersonType();
+ physicalPersonType.getIdentification().add(identificationType);
+ physicalPersonType.setName(personNameType);
+ physicalPersonType.setDateOfBirth(__physicalPersonData.getDateOfBirth());
+
+ // CompressedIdentityLink
+ CompressedIdentityLinkType compressedIdentityLinkType = pbFactory
+ .createCompressedIdentityLinkType();
+ compressedIdentityLinkType.setIssuerTemplate(idLink.getIssuerTemplate());
+ compressedIdentityLinkType.setAssertionID(idLink.getAssertionID());
+ compressedIdentityLinkType.setIssueInstant(idLink.getIssueInstant());
+ compressedIdentityLinkType.setPersonData(physicalPersonType);
+
+ // CitizenPublicKey
+ CitizenPublicKey[] __citizenPublicKeys = idLink.getCitizenPublicKeys();
+ for (CitizenPublicKey __citizenPublicKey : __citizenPublicKeys) {
+
+ X509Certificate certificate = certificates.get(__citizenPublicKey.getOnToken());
+ PublicKey publicKey = certificate.getPublicKey();
+
+ JAXBElement<?> keyValue;
+ try {
+ keyValue = keyValueFactory.createKeyValue(publicKey);
+ } catch (KeyTypeNotSupportedException e) {
+ // TODO: handle exception properly
+ throw new RuntimeException(e);
+ }
+
+ KeyValueType keyValueType = dsFactory.createKeyValueType();
+ keyValueType.getContent().add(keyValue);
+
+ compressedIdentityLinkType.getCitizenPublicKey().add(keyValueType);
+ }
+
+ compressedIdentityLinkType.setSignatureValue(idLink.getSignatureValue());
+ compressedIdentityLinkType.setReferenceDigest(idLink.getReferenceDigest());
+ compressedIdentityLinkType.setReferenceManifestDigest(idLink
+ .getReferenceManifestDigest());
+ compressedIdentityLinkType.setManifestReferenceDigest(idLink
+ .getManifestReferenceDigest());
+ JAXBElement<CompressedIdentityLinkType> compressedIdentityLink = pbFactory
+ .createCompressedIdentityLink(compressedIdentityLinkType);
+
+ return compressedIdentityLink;
+
+ }
+
+ /**
+ * Marshall the given <code>compressedIdentityLink</code> into a DOM document
+ * with the given Nodes as <code>parent</code> and <code>nextSibling</code>
+ * nodes.
+ *
+ * @param compressedIdentityLink
+ * the <code>CompressedIdentityLink</code> element
+ * @param parent
+ * the parent node
+ * @param nextSibling
+ * the next sibling node (may be <code>null</code>)
+ * @param applyWorkarounds
+ * apply workarounds as spefiyed by
+ * {@link #applyWorkarounds(Element, int)}
+ *
+ * @throws JAXBException
+ * if an unexpected error occurs while marshalling
+ * @throws NullPointerException
+ * if <code>compressdIdentityLink</code> or <code>parent</code> is
+ * <code>null</code>
+ */
+ public void marshallCompressedIdentityLink(
+ JAXBElement<CompressedIdentityLinkType> compressedIdentityLink,
+ Node parent, Node nextSibling, boolean applyWorkarounds) throws JAXBException {
+
+ DOMResult result = new DOMResult(parent, nextSibling);
+
+
+ try {
+ Marshaller marshaller = jaxbContext.createMarshaller();
+
+ marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
+
+ marshaller.marshal(compressedIdentityLink, result);
+ } catch (PropertyException e) {
+ throw new RuntimeException(e);
+ }
+
+ if (applyWorkarounds) {
+ Element element = (Element) ((nextSibling != null)
+ ? nextSibling.getPreviousSibling()
+ : parent.getFirstChild());
+ applyWorkarounds(element, 76);
+ }
+
+ }
+
+ @SuppressWarnings("unchecked")
+ public CompressedIdentityLinkType unmarshallCompressedIdentityLink(Source source) throws JAXBException {
+
+ Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
+
+ return ((JAXBElement<CompressedIdentityLinkType>) unmarshaller.unmarshal(source)).getValue();
+
+ }
+
+ /**
+ * Apply some workarounds to the given CompressedIdentityLink
+ * <code>element</code> to achieve compatibility with IdentityLink
+ * transformation stylesheets that have been designed for a (buggy) form of
+ * the CompressedIdentityLink as produced by a well-known citizen card
+ * environment implementation.
+ *
+ * <ol>
+ * <li>Replace the attribute node <code>URN</code> of the
+ * <code>NamedCurve</code> element of an <code>ECDSAKeyValue</code> element by
+ * a child text-node with the same content.</li>
+ * <li>Replace the attribute nodes <code>Value</code> of the <code>X</code>
+ * and <code>Y</code> elements of an <code>ECDSAKeyValue</code> element by a
+ * child text-node with the same content.</li>
+ * <li>Insert "\n" at <code>base64LineLength</code> into the Base64
+ * content of the <code>Modulus</code> element of an <code>RSAKeyValue</code>
+ * element.
+ * </ol>
+ *
+ * @param element
+ * the <code>CompressedIdentityLink</code> element
+ * @param base64LineLength
+ * the line length of Base64 content
+ */
+ public void applyWorkarounds(Element element, int base64LineLength) {
+
+ Document document = element.getOwnerDocument();
+
+ NodeList nodeList = element.getElementsByTagNameNS(
+ "http://www.w3.org/2001/04/xmldsig-more#", "NamedCurve");
+ for (int i = 0; i < nodeList.getLength(); i++) {
+ Node ecdsaNameCurve = nodeList.item(i);
+ Attr attrNode = ((Element) ecdsaNameCurve).getAttributeNodeNS(null,
+ "URN");
+ ecdsaNameCurve
+ .appendChild(document.createTextNode(attrNode.getValue()));
+ ((Element) ecdsaNameCurve).removeAttributeNode(attrNode);
+ }
+ nodeList = document.getElementsByTagNameNS(
+ "http://www.w3.org/2001/04/xmldsig-more#", "X");
+ for (int i = 0; i < nodeList.getLength(); i++) {
+ Node x = nodeList.item(i);
+ Attr attrNode = ((Element) x).getAttributeNodeNS(null, "Value");
+ x.appendChild(document.createTextNode(attrNode.getValue()));
+ ((Element) x).removeAttributeNode(attrNode);
+ }
+ nodeList = document.getElementsByTagNameNS(
+ "http://www.w3.org/2001/04/xmldsig-more#", "Y");
+ for (int i = 0; i < nodeList.getLength(); i++) {
+ Node y = nodeList.item(i);
+ Attr attrNode = ((Element) y).getAttributeNodeNS(null, "Value");
+ y.appendChild(document.createTextNode(attrNode.getValue()));
+ ((Element) y).removeAttributeNode(attrNode);
+ }
+
+ if (base64LineLength > 0) {
+ nodeList = document.getElementsByTagNameNS(
+ "http://www.w3.org/2000/09/xmldsig#", "Modulus");
+ for (int i = 0; i < nodeList.getLength(); i++) {
+ Node modulus = nodeList.item(i);
+ String value = ((Element) modulus).getTextContent();
+ BufferedReader reader = new BufferedReader(new InputStreamReader(
+ new ByteArrayInputStream(value.getBytes())));
+ char[] buff = new char[base64LineLength];
+ StringBuffer newValue = new StringBuffer();
+ int found = 0;
+ try {
+ while ((found = reader.read(buff)) > 0) {
+ newValue.append(buff, 0, found);
+ if (found == base64LineLength)
+ newValue.append('\n');
+ }
+ } catch (IOException e) {
+ // this should never happen, as we are reading from a ByteArrayInputStream
+ throw new RuntimeException(e);
+ }
+ ((Element) modulus).setTextContent(newValue.toString());
+ }
+
+ }
+
+
+ }
+
+}
diff --git a/utils/src/main/java/at/gv/egiz/idlink/IdentityLinkTransformer.java b/utils/src/main/java/at/gv/egiz/idlink/IdentityLinkTransformer.java new file mode 100644 index 00000000..7886b07d --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/idlink/IdentityLinkTransformer.java @@ -0,0 +1,285 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.idlink;
+
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.transform.Result;
+import javax.xml.transform.Source;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.stream.StreamSource;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.w3c.dom.Text;
+
+public class IdentityLinkTransformer {
+
+ private class IdLTransformer {
+
+ /**
+ * Is transformer in use?
+ */
+ private boolean inUse = false;
+
+ /**
+ * How often has this transformer been used?
+ */
+ private int timesUsed = 0;
+
+ /**
+ * The time this transformer has been created.
+ */
+ private long created;
+
+ /**
+ * When has this transformer been used the last time?
+ */
+ private long lastTimeUsed;
+
+ /**
+ * Average performance in milliseconds.
+ */
+ private long time;
+
+ /**
+ * Time used for initialization.
+ */
+ private long initTime;
+
+ /**
+ * The stylesheet transformer.
+ */
+ private Transformer transformer;
+
+ /**
+ * Stylesheet URL.
+ */
+ private String stylesheetURL;
+
+ /**
+ *
+ * @param stylesheetURL
+ * @throws IOException
+ * @throws TransformerConfigurationException
+ */
+ public IdLTransformer(String stylesheetURL) throws IOException, TransformerConfigurationException {
+
+ created = System.currentTimeMillis();
+
+ // TODO: implement stylesheet cache
+ this.stylesheetURL = stylesheetURL;
+ URL url = new URL(stylesheetURL);
+
+ if (!"http".equalsIgnoreCase(url.getProtocol()) && !"https".equalsIgnoreCase(url.getProtocol())) {
+ throw new MalformedURLException("Protocol " + url.getProtocol() + " not supported for IssuerTemplate URL.");
+ }
+ StreamSource source = new StreamSource(url.openStream());
+
+ transformer = factory.newTransformer(source);
+
+ initTime = System.currentTimeMillis() - created;
+
+ }
+
+ public void transform(Source xmlSource, Result outputTarget) throws TransformerException {
+ long t0 = System.currentTimeMillis();
+ try {
+ transformer.transform(xmlSource, outputTarget);
+ } catch (TransformerException e) {
+ throw e;
+ } finally {
+ inUse = false;
+ long t1 = System.currentTimeMillis();
+ time += (t1 - t0);
+ timesUsed++;
+ lastTimeUsed = System.currentTimeMillis();
+ }
+ }
+
+ /**
+ * @return <code>true</code> if this transformer is in use, or <code>false</code> otherwise
+ */
+ public boolean isInUse() {
+ return inUse;
+ }
+
+ @Override
+ public String toString() {
+ StringBuffer str = new StringBuffer();
+ str.append("Transformer ").append(stylesheetURL)
+ .append("\n created ").append(new Date(created)).append(" used ").append(
+ timesUsed).append(" times, (init ").append(initTime).append("ms / ")
+ .append(((float) time) / timesUsed).append("ms avg) last time ").append(new Date(lastTimeUsed));
+ return str.toString();
+ }
+
+ }
+
+ /**
+ * The transfomer factory.
+ */
+ private static TransformerFactory factory;
+
+ /**
+ * The instance to be returned by {@link #getInstance()}.
+ */
+ private static IdentityLinkTransformer instance;
+
+ /**
+ * Returns an instance of this <code>IdentityLinkTransfomer</code>.
+ *
+ * @return an instance of this <code>IdentityLinkTransformer</code>
+ */
+ public static IdentityLinkTransformer getInstance() {
+ if (instance == null) {
+ instance = new IdentityLinkTransformer();
+ factory = TransformerFactory.newInstance();
+ }
+ return instance;
+ }
+
+ /**
+ * Sets the given <code>domainIdentifier</code> on the corresponding
+ * node of the given <code>idLink</code>.
+ * <p>This method may be used to cope with a flaw in the IssuerTemplate-Stylesheets
+ * used to transform a <code>CompressedIdentitiyLink</code> into an
+ * <code>IdentityLink</code>. Some IssuerTemplate-Stylesheets do not
+ * consider the <code>pr:Type</code> element value of the
+ * <code>CompressedIdentityLink</code> and render a <code>pr:Type</code>
+ * element value of <code>urn:publicid:gv.at:baseid</code>
+ * into the <code>IdentityLink</code> structure. This method allows to
+ * set the <code>pr:Type</code> element value on the given <code>idLink</code>
+ * after the transformation.
+ * </p>
+ *
+ * @param idLink the <code>IdentityLink</code> element or one of it's ancestors.
+ * Must not be <code>null</code>.
+ *
+ * @param domainIdentifier the value to be set for the <code>pr:Type</code> element
+ *
+ * @throws NullPointerException if <code>idLink</code> is <code>null</code>.
+ */
+ public static void setDomainIdentifier(Node idLink, String domainIdentifier) {
+
+ Element element;
+ if (idLink instanceof Element) {
+ element = (Element) idLink;
+ } else if (idLink instanceof Document) {
+ element = ((Document) idLink).getDocumentElement();
+ } else if (idLink != null) {
+ Document document = idLink.getOwnerDocument();
+ element = document.getDocumentElement();
+ } else {
+ throw new NullPointerException("Parameter 'idLink' must no be null.");
+ }
+
+ NodeList nodeList = element.getElementsByTagNameNS(
+ "http://reference.e-government.gv.at/namespace/persondata/20020228#",
+ "Type");
+
+ for (int i = 0; i < nodeList.getLength(); i++) {
+ if (nodeList.item(i) instanceof Element) {
+ Element typeElement = (Element) nodeList.item(i);
+ NodeList children = typeElement.getChildNodes();
+ for (int j = 0; j < children.getLength(); j++) {
+ if (children.item(j) instanceof Text) {
+ ((Text) children.item(j)).setNodeValue(domainIdentifier);
+ }
+ }
+ }
+ }
+
+ }
+
+ /**
+ * The pool of <code>Transformer</code>.
+ */
+ private Map<String, List<IdLTransformer>> pool;
+
+ /**
+ * Private constructor.
+ */
+ private IdentityLinkTransformer() {
+ pool = new HashMap<String, List<IdLTransformer>>();
+ }
+
+ private synchronized IdLTransformer getFreeTransfomer(String stylesheetURL) throws TransformerConfigurationException, IOException {
+
+ IdLTransformer transformer = null;
+
+ List<IdLTransformer> transfomerList = pool.get(stylesheetURL);
+ if (transfomerList == null) {
+ transfomerList = new ArrayList<IdLTransformer>();
+ pool.put(stylesheetURL, transfomerList);
+ }
+
+ for (IdLTransformer candTransformer : transfomerList) {
+ if (!candTransformer.inUse) {
+ transformer = candTransformer;
+ break;
+ }
+ }
+
+ if (transformer == null) {
+ transformer = new IdLTransformer(stylesheetURL);
+ transfomerList.add(transformer);
+ }
+
+ transformer.inUse = true;
+ return transformer;
+
+ }
+
+ public void transformIdLink(String stylesheetURL, Source source, Result result) throws IOException, TransformerException {
+ IdLTransformer transformer = getFreeTransfomer(stylesheetURL);
+ transformer.transform(source, result);
+ }
+
+ public String getStatistics() {
+
+ StringBuffer str = new StringBuffer();
+ Iterator<String> keys = pool.keySet().iterator();
+ int count = 0;
+ while (keys.hasNext()) {
+ String stylesheetURL = (String) keys.next();
+ str.append("Stylesheet URL: ").append(stylesheetURL);
+ Iterator<IdLTransformer> transformer = pool.get(stylesheetURL).iterator();
+ while (transformer.hasNext()) {
+ IdLTransformer idLTransformer = (IdLTransformer) transformer.next();
+ str.append("\n ").append(idLTransformer);
+ count++;
+ }
+ }
+ str.append("\n(").append(count).append(" transformer)");
+ return str.toString();
+ }
+
+}
diff --git a/utils/src/main/java/at/gv/egiz/idlink/ans1/CitizenPublicKey.java b/utils/src/main/java/at/gv/egiz/idlink/ans1/CitizenPublicKey.java new file mode 100644 index 00000000..c32cf2b9 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/idlink/ans1/CitizenPublicKey.java @@ -0,0 +1,92 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.idlink.ans1; + +import java.math.BigInteger; + +import iaik.asn1.*; + +/** + * This class implements the ASN.1 representation of the + * <code>CitizenPublicKey</code> of a compressed identity link. + * + * <pre>CitizenPublicKey ::= CHOICE { + onToken [0] INTEGER, + referenceURL [1] UTF8String, + x509Data [2] SubjectPublicKeyInfo +} +</pre> + * + * @author mivkovic@egiz.gv.at, mcentner@egiz.gv.at + */ +public class CitizenPublicKey implements ASN1Type { + + /** + * <code>onToken</code> + */ + private int onToken; // INTEGER + + /** + * Creates a new <code>CitizenPublicKey</code> with the given + * <code>onToken</code> value. + * + * @param onToken + */ + public CitizenPublicKey(int onToken) { + this.onToken = onToken; + } + + /** + * Creates a new <code>CitizenPublicKey</code> from the given ASN.1 representation. + * + * @param obj + * @throws CodingException + */ + public CitizenPublicKey(ASN1Object obj) throws CodingException { + decode(obj); + } + + @Override + public void decode(ASN1Object obj) throws CodingException { + try { + BigInteger Value = (BigInteger)(obj.getValue()); + onToken = Value.intValue(); + } catch (Exception ex) { + throw new CodingException(ex.toString()); + } + } + + @Override + public ASN1Object toASN1Object() { + INTEGER ot = new INTEGER(onToken); + return ot; + } + + /** + * Returns the DER encoding of this <code>CitizenPublicKey</code>. + * + * @return the DER encoding of this <code>CitizenPublicKey</code> + */ + public byte[] getEncoded() { + return DerCoder.encode(toASN1Object()); + } + + public int getOnToken() { + return onToken; + } + +}
\ No newline at end of file diff --git a/utils/src/main/java/at/gv/egiz/idlink/ans1/IdentityLink.java b/utils/src/main/java/at/gv/egiz/idlink/ans1/IdentityLink.java new file mode 100644 index 00000000..37e4b240 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/idlink/ans1/IdentityLink.java @@ -0,0 +1,315 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.idlink.ans1;
+
+import iaik.asn1.ASN1Object;
+import iaik.asn1.ASN1Type;
+import iaik.asn1.BIT_STRING;
+import iaik.asn1.CON_SPEC;
+import iaik.asn1.CodingException;
+import iaik.asn1.DerCoder;
+import iaik.asn1.INTEGER;
+import iaik.asn1.SEQUENCE;
+import iaik.asn1.UTF8String;
+
+/**
+ * This class impelments an ASN.1 representation of the compressed <code>IdentiyLink</code>.
+ * <pre>
+PersonenBindung ::= SEQUENCE {
+ version INTEGER,
+ issuerTemplate UTF8String,
+ assertionID UTF8String,
+ issueInstant UTF8String,
+ personData PersonData,
+ citizenPublicKey SEQUENCE SIZE (1..MAX) OF CitizenPublicKey,
+ signatureValue BIT STRING,
+ referenceDigest [0] BIT STRING OPTIONAL,
+ referenceManifestDigest [1] BIT STRING OPTIONAL,
+ manifestReferenceDigest [2] BIT STRING OPTIONAL
+}
+</pre>
+ *
+ * @author mivkovic@egiz.gv.at, mcentner@egiz.gv.at
+ */
+public class IdentityLink implements ASN1Type {
+
+ private int version = 1; // INTEGER
+ private String issuerTemplate; // UTF8String
+ private String assertionID; // UTF8String
+ private String issueInstant; // UTF8String
+ private PersonData personData; // PersonData
+ private CitizenPublicKey[] citizenPublicKeys; // SEQUENCE SIZE (1..MAX) OF
+ private byte[] signatureValue; // BIT STRING
+ private byte[] referenceDigest; // BIT STRING OPTIONAL
+ private byte[] referenceManifestDigest; // BIT STRING OPTIONAL
+ private byte[] manifestReferenceDigest; // BIT STRING OPTIONAL
+
+ /**
+ * Creates a new <code>IdentityLink</code> with the given
+ * <code>issuerTemplate</code>, <code>assertionID</code>,
+ * <code>issueInstant</code>, <code>personData</code>,
+ * <code>citizenPublicKeys</code> and <code>signatureValue</code>.
+ *
+ * @param issuerTemplate
+ * @param assertionID
+ * @param issueInstant
+ * @param personData
+ * @param citizenPublicKeys
+ * @param signatureValue
+ */
+ public IdentityLink(String issuerTemplate, String assertionID,
+ String issueInstant, PersonData personData,
+ CitizenPublicKey[] citizenPublicKeys, byte[] signatureValue) {
+ this.issuerTemplate = issuerTemplate;
+ this.assertionID = assertionID;
+ this.issueInstant = issueInstant;
+ this.personData = personData;
+ this.citizenPublicKeys = citizenPublicKeys;
+ this.signatureValue = signatureValue;
+ }
+
+ /**
+ * Create a new IdentityLink from an ASN1Object.
+ *
+ * @param identiyLink
+ * @throws CodingException
+ */
+ public IdentityLink(ASN1Object identiyLink) throws CodingException {
+ decode(identiyLink);
+ }
+
+ @Override
+ public void decode(ASN1Object obj) throws CodingException {
+ issuerTemplate = (String) ((ASN1Object) obj.getComponentAt(1)).getValue();
+ assertionID = (String) ((ASN1Object) obj.getComponentAt(2)).getValue();
+ issueInstant = (String) ((ASN1Object) obj.getComponentAt(3)).getValue();
+
+ if (((CON_SPEC) obj.getComponentAt(4)).getAsnType().getTag() == 0)
+ personData = new PersonData((ASN1Object) obj.getComponentAt(4).getValue());
+ else {
+ throw new CodingException("CorporateBodyData currently not supported.");
+ }
+
+ SEQUENCE publicKeySequence = (SEQUENCE) obj.getComponentAt(5);
+ int anz = publicKeySequence.countComponents();
+ citizenPublicKeys = new CitizenPublicKey[anz];
+ for (int i = 0; i < citizenPublicKeys.length; i++) {
+ CON_SPEC tmp = (CON_SPEC) publicKeySequence.getComponentAt(i);
+ if (tmp.getAsnType().getTag() == 0) {
+ citizenPublicKeys[i] = new CitizenPublicKey((ASN1Object) tmp.getValue());
+ } else {
+ throw new CodingException(
+ "Currently only PublicKeys on token are supported.");
+ }
+ }
+
+ signatureValue = (byte[]) ((ASN1Object) obj.getComponentAt(6)).getValue();
+
+ for (int i = 7; i < obj.countComponents(); i++) {
+ CON_SPEC tmp = (CON_SPEC) obj.getComponentAt(i);
+ switch (tmp.getAsnType().getTag()) {
+ case 0:
+ referenceDigest = (byte[]) ((BIT_STRING) tmp.getValue()).getValue();
+ break;
+ case 1:
+ referenceManifestDigest = (byte[]) ((BIT_STRING) tmp.getValue())
+ .getValue();
+ break;
+ case 2:
+ manifestReferenceDigest = (byte[]) ((BIT_STRING) tmp.getValue())
+ .getValue();
+ break;
+ }
+
+ }
+
+ }
+
+ @Override
+ public ASN1Object toASN1Object() {
+ SEQUENCE pb = new SEQUENCE();
+ pb.addComponent(new INTEGER(version));
+ pb.addComponent(new UTF8String(issuerTemplate));
+ pb.addComponent(new UTF8String(assertionID));
+ pb.addComponent(new UTF8String(issueInstant));
+
+ pb.addComponent(new CON_SPEC(0, personData.toASN1Object()));
+ SEQUENCE seq = new SEQUENCE();
+ for (int i = 0; i < citizenPublicKeys.length; i++) {
+ seq.addComponent(new CON_SPEC(0, citizenPublicKeys[i].toASN1Object()));
+ }
+ pb.addComponent(seq);
+ pb.addComponent(new BIT_STRING(signatureValue));
+ if (referenceDigest != null)
+ pb.addComponent(new CON_SPEC(0, new BIT_STRING(referenceDigest)));
+ if (referenceManifestDigest != null)
+ pb.addComponent(new CON_SPEC(1, new BIT_STRING(referenceManifestDigest)));
+ if (manifestReferenceDigest != null)
+ pb.addComponent(new CON_SPEC(2, new BIT_STRING(manifestReferenceDigest)));
+ return pb;
+ }
+
+ /**
+ * Returns the DER encoding of this <code>IdentityLink</code>.
+ *
+ * @return the DER encoding of this <code>IdentityLink</code>
+ */
+ public byte[] toByteArray() {
+ return DerCoder.encode(toASN1Object());
+ }
+
+ /**
+ * @return the version
+ */
+ public int getVersion() {
+ return version;
+ }
+
+ /**
+ * @param version the version to set
+ */
+ public void setVersion(int version) {
+ this.version = version;
+ }
+
+ /**
+ * @return the issuerTemplate
+ */
+ public String getIssuerTemplate() {
+ return issuerTemplate;
+ }
+
+ /**
+ * @param issuerTemplate the issuerTemplate to set
+ */
+ public void setIssuerTemplate(String issuerTemplate) {
+ this.issuerTemplate = issuerTemplate;
+ }
+
+ /**
+ * @return the assertionID
+ */
+ public String getAssertionID() {
+ return assertionID;
+ }
+
+ /**
+ * @param assertionID the assertionID to set
+ */
+ public void setAssertionID(String assertionID) {
+ this.assertionID = assertionID;
+ }
+
+ /**
+ * @return the issueInstant
+ */
+ public String getIssueInstant() {
+ return issueInstant;
+ }
+
+ /**
+ * @param issueInstant the issueInstant to set
+ */
+ public void setIssueInstant(String issueInstant) {
+ this.issueInstant = issueInstant;
+ }
+
+ /**
+ * @return the personData
+ */
+ public PersonData getPersonData() {
+ return personData;
+ }
+
+ /**
+ * @param personData the personData to set
+ */
+ public void setPersonData(PersonData personData) {
+ this.personData = personData;
+ }
+
+ /**
+ * @return the citizenPublicKeys
+ */
+ public CitizenPublicKey[] getCitizenPublicKeys() {
+ return citizenPublicKeys;
+ }
+
+ /**
+ * @param citizenPublicKeys the citizenPublicKeys to set
+ */
+ public void setCitizenPublicKeys(CitizenPublicKey[] citizenPublicKeys) {
+ this.citizenPublicKeys = citizenPublicKeys;
+ }
+
+ /**
+ * @return the signatureValue
+ */
+ public byte[] getSignatureValue() {
+ return signatureValue;
+ }
+
+ /**
+ * @param signatureValue the signatureValue to set
+ */
+ public void setSignatureValue(byte[] signatureValue) {
+ this.signatureValue = signatureValue;
+ }
+
+ /**
+ * @return the referenceDigest
+ */
+ public byte[] getReferenceDigest() {
+ return referenceDigest;
+ }
+
+ /**
+ * @param referenceDigest the referenceDigest to set
+ */
+ public void setReferenceDigest(byte[] referenceDigest) {
+ this.referenceDigest = referenceDigest;
+ }
+
+ /**
+ * @return the referenceManifestDigest
+ */
+ public byte[] getReferenceManifestDigest() {
+ return referenceManifestDigest;
+ }
+
+ /**
+ * @param referenceManifestDigest the referenceManifestDigest to set
+ */
+ public void setReferenceManifestDigest(byte[] referenceManifestDigest) {
+ this.referenceManifestDigest = referenceManifestDigest;
+ }
+
+ /**
+ * @return the manifestReferenceDigest
+ */
+ public byte[] getManifestReferenceDigest() {
+ return manifestReferenceDigest;
+ }
+
+ /**
+ * @param manifestReferenceDigest the manifestReferenceDigest to set
+ */
+ public void setManifestReferenceDigest(byte[] manifestReferenceDigest) {
+ this.manifestReferenceDigest = manifestReferenceDigest;
+ }
+
+}
diff --git a/utils/src/main/java/at/gv/egiz/idlink/ans1/PersonData.java b/utils/src/main/java/at/gv/egiz/idlink/ans1/PersonData.java new file mode 100644 index 00000000..2a537eb3 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/idlink/ans1/PersonData.java @@ -0,0 +1,91 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.idlink.ans1; + +import iaik.asn1.*; + +/** + * This class represents the ASN.1 version of the <code>PersonData</code> + * of a compressed identity link. + * + * <pre> +PersonData ::= CHOICE { + physcialPerson [0] PhysicalPersonData, + corporateBody [1] CorporateBodyData +} </pre> + * + * @author mivkovic@egiz.gv.at, mcentner@egiz.gv.at + * + */ +public class PersonData implements ASN1Type { + + /** + * <code>physicalPerson</code> + */ + private PhysicalPersonData physicalPerson; // PhysicalPersonData + + /** + * Creates a new <code>PersonData</code> with the given + * <code>physicalPersonData</code>. + * + * @param physicalPersonData + */ + public PersonData(PhysicalPersonData physicalPersonData) { + physicalPerson = physicalPersonData; + } + + /** + * Creates a new <code>PersonData</code> from its ASN.1 representation. + * + * @param obj + * @throws CodingException + */ + public PersonData(ASN1Object obj) throws CodingException { + decode(obj); + } + + @Override + public void decode(ASN1Object obj) throws CodingException { + try { + physicalPerson = new PhysicalPersonData(obj); + } catch (Exception ex) { + throw new CodingException(ex.toString()); + } + } + + @Override + public ASN1Object toASN1Object() { + return physicalPerson.toASN1Object(); + } + + /** + * Returns the DER encoded representation of this <code>PersonData</code>. + * + * @return the DER encoded representation of this <code>PersonData</code> + */ + public byte[] getEncoded() { + return DerCoder.encode(toASN1Object()); + } + + /** + * @return the physicalPerson + */ + public PhysicalPersonData getPhysicalPerson() { + return physicalPerson; + } + +}
\ No newline at end of file diff --git a/utils/src/main/java/at/gv/egiz/idlink/ans1/PhysicalPersonData.java b/utils/src/main/java/at/gv/egiz/idlink/ans1/PhysicalPersonData.java new file mode 100644 index 00000000..a6aea97e --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/idlink/ans1/PhysicalPersonData.java @@ -0,0 +1,143 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.idlink.ans1; + +import iaik.asn1.*; + +/** + * This class represents the ASN.1 version of the <code>PhysicalPersonData</code> + * of an compressed identity link. + * + * <pre>PhysicalPersonData ::= SEQUENCE { + baseId UTF8String, + givenName UTF8String, + familyName UTF8String, + dateOfBirth UTF8String +}</pre> + * + * @author mivkovic@egiz.gv.at, mcentner@eigz.gv.at + */ +public class PhysicalPersonData implements ASN1Type { + + /** + * <code>baseId</code> + */ + private String baseId; // UTF8String + + /** + * <code>givenName</code> + */ + private String givenName; // UTF8String + + /** + * <code>familyName</code> + */ + private String familyName; // UTF8String + + /** + * <code>dataOfBirth</code> + */ + private String dateOfBirth; // UTF8String + + /** + * Creates a new <code>PhysicalPersonData</code> with the + * given <code>baseId</code>, <code>givenName</code>, <code>familyName</code> + * and <code>dataOfBirth</code>. + * + * @param baseId + * @param givenName + * @param familyName + * @param dateOfBirth + */ + public PhysicalPersonData(String baseId, String givenName, String familyName, String dateOfBirth) { + this.baseId = baseId; + this.givenName = givenName; + this.familyName = familyName; + this.dateOfBirth = dateOfBirth; + } + + /** + * Creates a new <code>PhysicalPersonData</code> from its ASN.1 representation. + * + * @param obj + * + * @throws CodingException + */ + public PhysicalPersonData(ASN1Object obj) throws CodingException { + decode(obj); + } + + @Override + public void decode(ASN1Object obj) throws CodingException { + try { + baseId = (String) ((ASN1Object) obj.getComponentAt(0)).getValue(); + givenName = (String) ((ASN1Object) obj.getComponentAt(1)).getValue(); + familyName = (String) ((ASN1Object) obj.getComponentAt(2)).getValue(); + dateOfBirth = (String) ((ASN1Object) obj.getComponentAt(3)).getValue(); + } catch (Exception ex) { + throw new CodingException(ex.toString()); + } + } + + @Override + public ASN1Object toASN1Object() { + SEQUENCE ppd = new SEQUENCE(); + ppd.addComponent(new UTF8String(baseId)); + ppd.addComponent(new UTF8String(givenName)); + ppd.addComponent(new UTF8String(familyName)); + ppd.addComponent(new UTF8String(dateOfBirth)); + return ppd; + } + + /** + * Returns the DER encoding of this <code>PhysicalPersonData</code>. + * + * @return the DER encoding of this <code>PhysicalPersonData</code> + */ + public byte[] toByteArray() { + return DerCoder.encode(toASN1Object()); + } + + /** + * @return the baseId + */ + public String getBaseId() { + return baseId; + } + + /** + * @return the givenName + */ + public String getGivenName() { + return givenName; + } + + /** + * @return the familyName + */ + public String getFamilyName() { + return familyName; + } + + /** + * @return the dateOfBirth + */ + public String getDateOfBirth() { + return dateOfBirth; + } + +}
\ No newline at end of file |