From 4a334069beb85654e3cb35aef7e4508e04127036 Mon Sep 17 00:00:00 2001
From: mcentner <mcentner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>
Date: Tue, 26 Jan 2010 16:22:56 +0000
Subject: MOCCA 1.2.11 with SHA-2 enabled.

git-svn-id: https://joinup.ec.europa.eu/svn/mocca/branches/mocca-1.2.11-sha2/mocca-1.2.11@599 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
---
 BKUFonts/.classpath                                |  2 +-
 BKUFonts/.project                                  |  4 +-
 BKULocal/src/main/resources/log4j.properties       |  2 +
 BKUOnline/src/main/webapp/PINManagement.jsp        |  3 +-
 .../src/main/webapp/WEB-INF/applicationContext.xml | 83 +++++++++++--------
 .../gv/egiz/bku/binding/DataUrlConnectionImpl.java |  7 +-
 .../gv/egiz/bku/slcommands/SLCommandFactory.java   | 54 ++++++------
 .../impl/AbstractInfoboxCommandImpl.java           | 21 ++++-
 .../egiz/bku/slcommands/impl/InfoboxFactory.java   | 95 ++++------------------
 .../java/moaspss/TestCreateAndVerifySignature.java |  4 +-
 bkucommon/src/test/resources/MOA-SPSS-1.3.wsdl     |  2 +-
 11 files changed, 128 insertions(+), 149 deletions(-)

diff --git a/BKUFonts/.classpath b/BKUFonts/.classpath
index d2236dff..54382402 100644
--- a/BKUFonts/.classpath
+++ b/BKUFonts/.classpath
@@ -2,7 +2,7 @@
 <classpath>
 	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/fonts"/>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
-	<classpathentry kind="con" path="org.maven.ide.eclipse.MAVEN2_CLASSPATH_CONTAINER"/>
 	<classpathentry kind="con" path="org.eclipse.jst.j2ee.internal.module.container"/>
+	<classpathentry kind="con" path="org.maven.ide.eclipse.MAVEN2_CLASSPATH_CONTAINER"/>
 	<classpathentry kind="output" path="target/classes"/>
 </classpath>
diff --git a/BKUFonts/.project b/BKUFonts/.project
index 484ff825..62c74cfb 100644
--- a/BKUFonts/.project
+++ b/BKUFonts/.project
@@ -16,12 +16,12 @@
 			</arguments>
 		</buildCommand>
 		<buildCommand>
-			<name>org.maven.ide.eclipse.maven2Builder</name>
+			<name>org.eclipse.wst.validation.validationbuilder</name>
 			<arguments>
 			</arguments>
 		</buildCommand>
 		<buildCommand>
-			<name>org.eclipse.wst.validation.validationbuilder</name>
+			<name>org.maven.ide.eclipse.maven2Builder</name>
 			<arguments>
 			</arguments>
 		</buildCommand>
diff --git a/BKULocal/src/main/resources/log4j.properties b/BKULocal/src/main/resources/log4j.properties
index 86ddc7b4..a56f2683 100644
--- a/BKULocal/src/main/resources/log4j.properties
+++ b/BKULocal/src/main/resources/log4j.properties
@@ -17,6 +17,8 @@
 # loglever DEBUG, appender STDOUT
 log4j.rootLogger=DEBUG, STDOUT
 
+log4j.logger.at.gv.egiz.smcc=TRACE
+
 # STDOUT appender
 log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender
 log4j.appender.STDOUT.layout=org.apache.log4j.PatternLayout
diff --git a/BKUOnline/src/main/webapp/PINManagement.jsp b/BKUOnline/src/main/webapp/PINManagement.jsp
index 3555f99e..e48b8405 100644
--- a/BKUOnline/src/main/webapp/PINManagement.jsp
+++ b/BKUOnline/src/main/webapp/PINManagement.jsp
@@ -75,7 +75,8 @@
                         HelpURL : '../help/',
                         SessionID : '<%=request.getSession().getId()%>',
                         RedirectURL : '../',
-                        RedirectTarget: '_parent'
+                        RedirectTarget: '_parent',
+                        EnforceRecommendedPINLength: 'true'
                     };
                     var version = '1.6.0_04';
                     deployJava.runApplet(attributes, parameters, version);
diff --git a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml
index 0324030e..fb3cae63 100644
--- a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml
@@ -30,47 +30,64 @@
 
 	<bean id="slCommandFactory" class="at.gv.egiz.bku.slcommands.SLCommandFactory"
 		factory-method="getInstance">
-		<property name="commandImpl">
-			<map>
-				<entry
-					key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:NullOperationRequest"
-					value="at.gv.egiz.bku.slcommands.impl.NullOperationCommandImpl" />
-				<entry
-					key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:InfoboxReadRequest"
-					value="at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandImpl" />
-				<entry
-					key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:InfoboxUpdateRequest"
-					value="at.gv.egiz.bku.slcommands.impl.InfoboxUpdateCommandImpl" />
-				<entry
-					key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:CreateXMLSignatureRequest"
-					value="at.gv.egiz.bku.slcommands.impl.CreateXMLSignatureCommandImpl" />
-				<entry
-					key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:GetStatusRequest"
-					value="at.gv.egiz.bku.slcommands.impl.GetStatusCommandImpl" />
-			</map>
+		<property name="concreteFactories">
+		  <map>
+        <entry key-ref="nullOperationRequest" value-ref="nullOperationCommandFactory"/>
+		    <entry key-ref="infoboxReadRequest" value-ref="infoboxReadCommandFactory"/>
+        <entry key-ref="infoboxUpdateRequest" value-ref="infoboxUpdateCommandFactory"/>
+        <entry key-ref="createXMLSignatureRequest" value-ref="createXMLSignatureCommandFactory"/>
+        <entry key-ref="getStatusRequest" value-ref="getStatusCommandFactory"/>
+		  </map>
 		</property>
 	</bean>
 
-  <bean id="infoboxFactory" class="at.gv.egiz.bku.slcommands.impl.InfoboxFactory"
-    factory-method="getInstance">
-    <property name="infoboxImpl">
+  <bean id="nullOperationCommandFactory" class="at.gv.egiz.bku.slcommands.impl.NullOperationCommandFactory"/>
+  <bean id="nullOperationRequest" class="javax.xml.namespace.QName">
+    <constructor-arg value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#"/>
+    <constructor-arg value="NullOperationRequest"/>
+  </bean>
+  <bean id="infoboxReadCommandFactory" class="at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandFactory">
+    <property name="infoboxFactory" ref="infoboxFactory"/>
+  </bean>
+  <bean id="infoboxReadRequest" class="javax.xml.namespace.QName">
+    <constructor-arg value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#"/>
+    <constructor-arg value="InfoboxReadRequest"/>
+  </bean>
+  <bean id="infoboxUpdateCommandFactory" class="at.gv.egiz.bku.slcommands.impl.InfoboxUpdateCommandFactory">
+    <property name="infoboxFactory" ref="infoboxFactory"/>
+  </bean>
+  <bean id="infoboxUpdateRequest" class="javax.xml.namespace.QName">
+    <constructor-arg value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#"/>
+    <constructor-arg value="InfoboxUpdateRequest"/>
+  </bean>
+  <bean id="createXMLSignatureCommandFactory" class="at.gv.egiz.bku.slcommands.impl.CreateXMLSignatureCommandFactory"/>
+  <bean id="createXMLSignatureRequest" class="javax.xml.namespace.QName">
+    <constructor-arg value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#"/>
+    <constructor-arg value="CreateXMLSignatureRequest"/>
+  </bean>
+  <bean id="getStatusCommandFactory" class="at.gv.egiz.bku.slcommands.impl.GetStatusCommandFactory"/>
+  <bean id="getStatusRequest" class="javax.xml.namespace.QName">
+    <constructor-arg value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#"/>
+    <constructor-arg value="GetStatusRequest"/>
+  </bean>
+
+  <bean id="infoboxFactory" class="at.gv.egiz.bku.slcommands.impl.InfoboxFactory">
+    <property name="infoboxFactories">
       <map>
-        <entry
-          key="Certificates"
-          value="at.gv.egiz.bku.slcommands.impl.CertificatesInfoboxImpl" />
-        <entry
-          key="IdentityLink"
-          value="at.gv.egiz.bku.slcommands.impl.IdentityLinkInfoboxImpl" />
-        <entry
-          key="CardChannel"
-          value="at.gv.egiz.bku.slcommands.impl.CardChannelInfoboxImpl" />
-        <entry
-          key="SV-Personendaten"
-          value="at.gv.egiz.bku.slcommands.impl.SVPersonendatenInfoboxImpl" />
+        <entry key="Certificates" value-ref="certificatesInfoboxFactory"/>
+        <entry key="IdentityLink" value-ref="identityLinkInfoboxFactory"/>
+        <entry key="CardChannel" value-ref="cardChannelInfoboxFactory"/>
+        <entry key="SV-Personendaten" value-ref="svPersonendatenInfoboxFactory"/>
       </map>
     </property>
   </bean>
 
+  <bean id="certificatesInfoboxFactory" class="at.gv.egiz.bku.slcommands.impl.CertificatesInfoboxFactory"/>
+  <bean id="identityLinkInfoboxFactory" class="at.gv.egiz.bku.slcommands.impl.IdentityLinkInfoboxFactory"/>
+  <bean id="cardChannelInfoboxFactory" class="at.gv.egiz.bku.slcommands.impl.CardChannelInfoboxFactory"/>
+  <bean id="svPersonendatenInfoboxFactory" class="at.gv.egiz.bku.slcommands.impl.SVPersonendatenInfoboxFactory"/>
+
+
 	<bean id="bindingProcessorManager" class="at.gv.egiz.bku.binding.BindingProcessorManagerImpl"
 		scope="singleton">
 		<constructor-arg ref="STALFactory"></constructor-arg>
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java
index 93e5bb1c..82c1be53 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java
@@ -274,7 +274,12 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI {
         InputStreamReader reader = new InputStreamReader(formParameter.getData(), 
             (formParameter.getCharSet() != null) 
                 ? formParameter.getCharSet()
-                : "UTF-8");  // assume request was application/x-www-form-urlencoded, formParam therefore UTF-8
+                : "UTF-8"); 
+        // Note, using UTF-8 as fallback for decoding is safe.
+        // If the request was x-www-form-urlencoded, 
+        // UTF-8 has been used for encoding of non-ASCII characters.
+        // If the request was multipart/form-data and contains any transfer parameters,
+        // the data URL request is going to be multipart/form-data encoded (see below).
         while ((len = reader.read(cbuf)) != -1) {
           urlEnc.write(cbuf, 0, len);
         }
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java
index 8e3f6ece..6e84867e 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java
@@ -87,6 +87,11 @@ public class SLCommandFactory {
      */
     private Map<String, Class<? extends SLCommand>> slRequestTypeMap = new HashMap<String, Class<? extends SLCommand>>();
     
+    /**
+     * The mapping of a requests's qualified name to a concrete command factories.   
+     */
+    private Map<QName, AbstractSLCommandFactory> slCommandFactories = new HashMap<QName, AbstractSLCommandFactory>();
+
     /**
      * Configures the singleton instance with command implementations
      * @param commandImplMap
@@ -101,7 +106,19 @@ public class SLCommandFactory {
         slRequestTypeMap.put(key, impl);
       }
     }
-
+    
+    public void setConcreteFactories(Map<QName, AbstractSLCommandFactory> factories) {
+      if (log.isDebugEnabled()) {
+        StringBuilder sb = new StringBuilder();
+        sb.append("Registered sl command factory for");
+        for (QName qname : factories.keySet()) {
+          sb.append("\n  " + qname + " : " + factories.get(qname).getClass());
+        }
+        log.debug(sb);
+      }
+      slCommandFactories = factories;
+    }
+    
     /**
      * Register an {@link SLCommand} implementation class of a Security Layer
      * command with the given <code>namespaceUri</code> and <code>localname</code>
@@ -363,37 +380,16 @@ public class SLCommandFactory {
           log.info("Unsupported security layer request version : " + qName.getNamespaceURI());
           throw new SLVersionException(qName.getNamespaceURI());
         }
-        
-        Class<? extends SLCommand> implClass = getImplClass(qName);
-        if (implClass == null) {
-            // command not supported
-            log.info("Unsupported command received: " + qName.toString());
-            throw new SLCommandException(4011,
-              SLExceptionMessages.EC4011_NOTIMPLEMENTED, new Object[]{qName.toString()});
-        }
 
-        
-        
-        // try to instantiate
-        SLCommand slCommand;
-        try {
-            slCommand = implClass.newInstance();
-            log.debug("SLCommand " + slCommand.getName() + " created.");
-        } catch (InstantiationException e) {
-            // unexpected error
-            log.error("Failed to instantiate security layer command implementation.",
-              e);
-            throw new SLRuntimeException(e);
-        } catch (IllegalAccessException e) {
-            // unexpected error
-            log.error("Failed to instantiate security layer command implementation.",
-              e);
-            throw new SLRuntimeException(e);
+        AbstractSLCommandFactory concreteFactory = slCommandFactories.get(qName);
+        if (concreteFactory == null) {
+          // command not supported
+          log.info("Unsupported command received: " + qName.toString());
+          throw new SLCommandException(4011,
+            SLExceptionMessages.EC4011_NOTIMPLEMENTED, new Object[]{qName.toString()});
         }
 
-        slCommand.init(context, (JAXBElement) object);
-
-        return slCommand;
+        return concreteFactory.createSLCommand(context, (JAXBElement<?>) object);
 
     }
 }
\ No newline at end of file
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java
index 8a7edb71..b8e4030d 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java
@@ -32,6 +32,25 @@ public abstract class AbstractInfoboxCommandImpl<T> extends SLCommandImpl<T> {
    * The infobox implementation.
    */
   protected Infobox infobox;
+
+  /**
+   * The infobox factory.
+   */
+  protected InfoboxFactory infoboxFactory;
+  
+  /**
+   * @return the infoboxFactory
+   */
+  public InfoboxFactory getInfoboxFactory() {
+    return infoboxFactory;
+  }
+
+  /**
+   * @param infoboxFactory the infoboxFactory to set
+   */
+  public void setInfoboxFactory(InfoboxFactory infoboxFactory) {
+    this.infoboxFactory = infoboxFactory;
+  }
   
   @Override
   public void init(SLCommandContext ctx, Object request)
@@ -40,7 +59,7 @@ public abstract class AbstractInfoboxCommandImpl<T> extends SLCommandImpl<T> {
     
     String infoboxIdentifier = getInfoboxIdentifier(getRequestValue());
     
-    infobox = InfoboxFactory.getInstance().createInfobox(infoboxIdentifier);
+    infobox = infoboxFactory.createInfobox(infoboxIdentifier);
   }
   
   /**
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java
index e9736f6d..fdf94297 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java
@@ -17,7 +17,6 @@
 package at.gv.egiz.bku.slcommands.impl;
 
 import java.util.HashMap;
-import java.util.Map;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -39,68 +38,24 @@ public class InfoboxFactory {
   private static Log log = LogFactory.getLog(InfoboxFactory.class);
   
   /**
-   * The singleton instance of this InfoboxFactory.
+   * The mapping of Infobox name to concrete Infobox factory.
    */
-  private static InfoboxFactory instance;
-
-  /**
-   * @return an instance of this InfoboxFactory
-   */
-  public synchronized static InfoboxFactory getInstance() {
-    if (instance == null) {
-      instance = new InfoboxFactory();
-    }
-    return instance;
-  }
- 
-  /**
-   * The mapping of infobox identifier to implementation class.
-   */
-  private HashMap<String, Class<? extends Infobox>> implementations;
-
-  /**
-   * Private constructor.
-   */
-  private InfoboxFactory() {
-  }
-
-  /**
-   * Sets the mapping of infobox identifier to implementation class name.
-   * 
-   * @param infoboxImplMap
-   *          a mapping of infobox identifiers to implementation class names
-   * 
-   * @throws ClassNotFoundException
-   *           if implementation class is not an instance of {@link Infobox}
-   */
-  @SuppressWarnings("unchecked")
-  public void setInfoboxImpl(Map<String, String> infoboxImplMap) throws ClassNotFoundException {
-    HashMap<String, Class<? extends Infobox>> implMap = new HashMap<String, Class<? extends Infobox>>();
-    ClassLoader cl = getClass().getClassLoader();
-    for (String key : infoboxImplMap.keySet()) {
-      Class<? extends Infobox> impl = (Class<? extends Infobox>) cl.loadClass(infoboxImplMap.get(key));
-      log.debug("Registering infobox '" + key + "' implementation '" + impl.getCanonicalName() + "'.");
-      implMap.put(key, impl);
-    }
-    implementations = implMap;
-  }
-
+  private HashMap<String, AbstractInfoboxFactory> infoboxFactories = new HashMap<String, AbstractInfoboxFactory>();
+  
   /**
-   * Returns the configured implementation class for the given
-   * <code>infoboxIdentifier</code>.
-   * 
-   * @param infoboxIdentifier
-   *          the infobox identifier
-   * 
-   * @return the implementation class for the given infobox identifier or
-   *         <code>null</code> if there is no implementation class configured
+   * @param infoboxFactories the infoboxFactories to set
    */
-  public Class<? extends Infobox> getImplClass(String infoboxIdentifier) {
-    if (implementations != null) {
-      return implementations.get(infoboxIdentifier);
-    } else {
-      return null;
+  public void setInfoboxFactories(
+      HashMap<String, AbstractInfoboxFactory> factories) {
+    if (log.isDebugEnabled()) {
+      StringBuilder sb = new StringBuilder();
+      sb.append("Registered infobox factories for");
+      for (String name : factories.keySet()) {
+        sb.append("\n  " + name + " : " + factories.get(name).getClass());
+      }
+      log.debug(sb);
     }
+    this.infoboxFactories = factories;
   }
 
   /**
@@ -119,31 +74,15 @@ public class InfoboxFactory {
    */
   public Infobox createInfobox(String infoboxIdentifier) throws SLCommandException, SLRuntimeException {
     
-    Class<? extends Infobox> implClass = getImplClass(infoboxIdentifier);
-    if (implClass == null) {
-      // infobox not supported
+    AbstractInfoboxFactory factory = infoboxFactories.get(infoboxIdentifier);
+    if (factory == null) {
       log.info("Unsupported infobox '" + infoboxIdentifier + ".");
       throw new SLCommandException(4002,
           SLExceptionMessages.EC4002_INFOBOX_UNKNOWN,
           new Object[] { infoboxIdentifier });
     }
     
-    // try to instantiate
-    Infobox infobox;
-    try {
-      infobox = implClass.newInstance();
-      log.debug("Infobox '" + infobox.getIdentifier() + "' created.");
-    } catch (InstantiationException e) {
-      // unexpected error
-      log.error("Failed to instantiate infobox implementation.", e);
-      throw new SLRuntimeException(e);
-    } catch (IllegalAccessException e) {
-      // unexpected error
-      log.error("Failed to instantiate infobox implementation.", e);
-      throw new SLRuntimeException(e);
-    }
-    
-    return infobox;
+    return factory.createInfobox();
     
   }
   
diff --git a/bkucommon/src/test/java/moaspss/TestCreateAndVerifySignature.java b/bkucommon/src/test/java/moaspss/TestCreateAndVerifySignature.java
index 8d995530..a9397d31 100644
--- a/bkucommon/src/test/java/moaspss/TestCreateAndVerifySignature.java
+++ b/bkucommon/src/test/java/moaspss/TestCreateAndVerifySignature.java
@@ -33,7 +33,7 @@ import org.xml.sax.SAXException;
 
 import at.buergerkarte.namespaces.securitylayer._1.ErrorResponseType;
 
-@Ignore
+//@Ignore
 public class TestCreateAndVerifySignature {
 
   protected Element parseCreateXMLSignatureRequest(InputStream is)
@@ -141,7 +141,7 @@ public class TestCreateAndVerifySignature {
     }
 
     MOASPClient spClient = new MOASPClient();
-    JAXBElement<VerifyXMLSignatureResponseType> verifySignature = spClient.verifySignature(cxsResp, ".", "qualifiedSignature");
+    JAXBElement<VerifyXMLSignatureResponseType> verifySignature = spClient.verifySignature(cxsResp, ".", "qualifiedSignature+Test");
     VerifyXMLSignatureResponseType vxsResp = verifySignature.getValue();
     int signatureCheck = vxsResp.getSignatureCheck().getCode().intValue();
     if (signatureCheck != 0) {
diff --git a/bkucommon/src/test/resources/MOA-SPSS-1.3.wsdl b/bkucommon/src/test/resources/MOA-SPSS-1.3.wsdl
index 8ec61420..25accfce 100644
--- a/bkucommon/src/test/resources/MOA-SPSS-1.3.wsdl
+++ b/bkucommon/src/test/resources/MOA-SPSS-1.3.wsdl
@@ -51,7 +51,7 @@
     </binding>
     <service name="SignatureVerificationService">
         <port name="SignatureVerificationPort" binding="tns:SignatureVerificationBinding">
-            <soap:address location="http://localhost:8088/moa-spss/services/SignatureVerification"/>
+            <soap:address location="http://localhost:8080/moa-spss/services/SignatureVerification"/>
         </port>
     </service>
 </definitions>
-- 
cgit v1.2.3